[email protected] wrote:
> On Wednesday, April 20, 2011, Eric Wong <[email protected]> wrote:
> > Changes:
> >
> > Mainly small fixes, improvements, and workarounds for fork() issues
> > with pseudo-random number generators shipped with Ruby (Kernel#rand,
> > OpenSSL::Random (used by SecureRandom and also by Rails).
> >
> > The PRNG issues are documented in depth here (and links to Ruby Redmine):
> >
> > http://bogomips.org/unicorn.git/commit?id=1107ede7
> > http://bogomips.org/unicorn.git/commit?id=b3241621
(top-posting corrected)
> Is it possible there is a problem with this change? Since I upgraded
> to 3.6.0 I have encountered two collisions on
> ActiveSupport::SecureRandom.hex(64), which seems very unlikely, since
> it has never happened in the history of my app otherwise.
Oops, the return value of srand shouldn't be relied on, I need to call
Kernel#rand instead. My attempt to fix things actually made the problem
worse (which is why I pushed upstream Ruby to fix the problem, first :).
The following should fix it (3.6.1 release coming):
diff --git a/lib/unicorn/http_server.rb b/lib/unicorn/http_server.rb
index d70de45..3077b95 100644
--- a/lib/unicorn/http_server.rb
+++ b/lib/unicorn/http_server.rb
@@ -492,11 +492,11 @@ class Unicorn::HttpServer
def after_fork_internal
@ready_pipe.close if @ready_pipe
self.ready_pipe = nil # XXX Rainbows! compat, change for Unicorn 4.x
- tmp = srand # http://redmine.ruby-lang.org/issues/4338
+ srand # http://redmine.ruby-lang.org/issues/4338
# The OpenSSL PRNG is seeded with only the pid, and apps with frequently
# dying workers can recycle pids
- OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
+ OpenSSL::Random.seed(rand.to_s) if defined?(OpenSSL::Random)
end
def spawn_missing_workers
--
Eric Wong
_______________________________________________
Unicorn mailing list - [email protected]
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying
