backport r32050 by akr

* lib/securerandom.rb (SecureRandom.random_bytes): modify PRNG state
  to prevent random number sequence repeatation at forked
  child process which has same pid.
  reported by Eric Wong.  [ruby-core:35765]

backport r32124 by nahi

* test/test_securerandom.rb: Add testcase.  This testcase does NOT aim
  to test cryptographically strongness and randomness.  It includes
  the test for PID recycle issue of OpenSSL described in #4579 but
  it's disabled by default.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@32128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 8 insertions, 0 deletions

diff --git a/lib/securerandom.rb b/lib/securerandom.rb
index 3fd63e535f..a957687a82 100644
--- a/lib/securerandom.rb
+++ b/lib/securerandom.rb
@@ -50,6 +50,14 @@ module SecureRandom
   def self.random_bytes(n=nil)
     n ||= 16
     if defined? OpenSSL::Random
+      @pid = $$ if !defined?(@pid)
+      pid = $$
+      if @pid != pid
+        now = Time.now
+        ary = [now.to_i, now.usec, @pid, pid]
+        OpenSSL::Random.seed(ary.to_s)
+        @pid = pid
+      end
       return OpenSSL::Random.random_bytes(n)
     end
     if !defined?(@has_urandom) || @has_urandom