Opened 11 years ago
Closed 11 years ago
#456 closed enhancement (fixed)
ngx_random: random number generator initialized (srandom) to same value for all processes
Reported by: | Thomas Lochmatter | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | nginx-core | Version: | 1.3.x |
Keywords: | ngx_random, random number generator, random, srandom, rng, prng | Cc: | |
uname -a: | Linux croppola 3.2.45-xenU-7899-x86_64 #6 SMP Tue May 21 12:39:46 UTC 2013 x86_64 GNU/Linux | ||
nginx -V: |
nginx version: nginx/1.5.7
built by gcc 4.7.2 (Debian 4.7.2-5) TLS SNI support enabled configure arguments: --with-http_stub_status_module --with-http_ssl_module --with-http_spdy_module --add-module=/path/to/croppola/module |
Description
In src/os/unix/ngx_posix_init.c, the line
srandom(ngx_time());
is used to initialize the PRNG. Since all worker processes are started at roughly the same time, ngx_time() is very likely to return the same value. Hence, the processes are likely to use the same initial PRNG value, and therefore produce the same random sequence.
Suggestion:
srandom((ngx_getpid() << 16) ^ ngx_time());
to combine the process ID and the time.
Note:
See TracTickets
for help on using tickets.
Initialization in question is done in a master process, and changing it to use pid won't help. Something like this should do the trick: