* lib/securerandom.rb (SecureRandom.random_bytes): modify PRNG state

  to prevent random number sequence repeatation at forked child
  process which has same pid.
  reported by Eric Wong.  [ruby-core:35765]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32050 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2 files changed, 15 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index ccf154bf0e..87d549d0cc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+Mon Jun 13 18:33:04 2011  Tanaka Akira  <akr@fsij.org>
+
+	* lib/securerandom.rb (SecureRandom.random_bytes): modify PRNG state
+	  to prevent random number sequence repeatation at forked child
+	  process which has same pid.
+	  reported by Eric Wong.  [ruby-core:35765]
+
 Mon Jun 13 17:02:34 2011  NARUSE, Yui  <naruse@ruby-lang.org>
 
 	* lib/net/http.rb (Net::HTTP#use_ssl?): require 'openssl' only when
diff --git a/lib/securerandom.rb b/lib/securerandom.rb
index e04251bb67..d238a35406 100644
--- a/lib/securerandom.rb
+++ b/lib/securerandom.rb
@@ -57,6 +57,14 @@ module SecureRandom
     n ||= 16
 
     if defined? OpenSSL::Random
+      @pid = $$ if !defined?(@pid)
+      pid = $$
+      if @pid != pid
+        now = Time.now
+        ary = [now.to_i, now.nsec, @pid, pid]
+        OpenSSL::Random.seed(ary.to_s)
+        @pid = pid
+      end
       return OpenSSL::Random.random_bytes(n)
     end