about summary refs log tree commit homepage
diff options
context:
space:
mode:
authorEric Wong <normalperson@yhbt.net>2011-04-18 15:34:29 -0700
committerEric Wong <normalperson@yhbt.net>2011-04-18 15:45:22 -0700
commit1107ede716461049033d6a5b311e14c742c9363a (patch)
tree5a121be9cbd53662ac9e643b15df85b2a52cac70
parentb32416211ef30e958ec38c8c99833161cd476dd4 (diff)
downloadunicorn-1107ede7.tar.gz
OpenSSL seeds its PRNG with the process ID, so if a process ID
is recycled, there's a chance of indepedent workers getting
repeated PRNG sequences over a long time period iff the same
PID is used.

This only affects deployments that meet both of the following
conditions:

1) OpenSSL::Random.random_bytes is called before forking
2) worker (but not master) processes are die unexpectedly

The SecureRandom module in Ruby (and Rails) uses the OpenSSL
PRNG if available.  SecureRandom is used by Rails and called
when the application is loaded, so most Rails apps with
frequently dying worker processes are affected.

Of course dying worker processes are bad and entirely the
fault of bad application/library code, not the fault of
Unicorn.

Thanks for Alexander Dymo for reporting this.

ref: http://redmine.ruby-lang.org/issues/4579
-rw-r--r--lib/unicorn/http_server.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/unicorn/http_server.rb b/lib/unicorn/http_server.rb
index 2706568..69feb2f 100644
--- a/lib/unicorn/http_server.rb
+++ b/lib/unicorn/http_server.rb
@@ -487,7 +487,11 @@ class Unicorn::HttpServer
   def after_fork_internal
     @ready_pipe.close if @ready_pipe
     @ready_pipe = nil
-    srand # http://redmine.ruby-lang.org/issues/4338
+    tmp = srand # http://redmine.ruby-lang.org/issues/4338
+
+    # The OpenSSL PRNG is seeded with only the pid, and apps with frequently
+    # dying workers can recycle pids
+    OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
   end
 
   def spawn_missing_workers