diff options
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | lib/securerandom.rb | 8 |
2 files changed, 15 insertions, 0 deletions
@@ -1,3 +1,10 @@ +Mon Jun 13 18:33:04 2011 Tanaka Akira <akr@fsij.org> + + * lib/securerandom.rb (SecureRandom.random_bytes): modify PRNG state + to prevent random number sequence repeatation at forked child + process which has same pid. + reported by Eric Wong. [ruby-core:35765] + Mon Jun 13 17:02:34 2011 NARUSE, Yui <naruse@ruby-lang.org> * lib/net/http.rb (Net::HTTP#use_ssl?): require 'openssl' only when diff --git a/lib/securerandom.rb b/lib/securerandom.rb index e04251bb67..d238a35406 100644 --- a/lib/securerandom.rb +++ b/lib/securerandom.rb @@ -57,6 +57,14 @@ module SecureRandom n ||= 16 if defined? OpenSSL::Random + @pid = $$ if !defined?(@pid) + pid = $$ + if @pid != pid + now = Time.now + ary = [now.to_i, now.nsec, @pid, pid] + OpenSSL::Random.seed(ary.to_s) + @pid = pid + end return OpenSSL::Random.random_bytes(n) end |