From: naruse@airemix.jp
To: ruby-core@ruby-lang.org
Subject: [ruby-core:86721] [Ruby trunk Bug#14716] SecureRandom throwing an error in Ruby 2.5.1
Date: Fri, 27 Apr 2018 08:54:58 +0000 (UTC) [thread overview]
Message-ID: <redmine.journal-71678.20180427085457.299166ca69f02692@ruby-lang.org> (raw)
In-Reply-To: redmine.issue-14716.20180427061906@ruby-lang.org
Issue #14716 has been updated by naruse (Yui NARUSE).
naruse (Yui NARUSE) wrote:
> r57307 changed to use __NR_getrandom (kernel header) from SYS_getrandom (glibc header).
> But __NR_getrandom is from v3.17.
> It needs to check both __NR_getrandom and SYS_getrandom for compatibility.
genrandom(2) is introduced at v3.17.
On v3.13 kernel, it should fallback to /dev/urandom.
Maybe your environment doesn't have /dev/urandom?
----------------------------------------
Bug #14716: SecureRandom throwing an error in Ruby 2.5.1
https://bugs.ruby-lang.org/issues/14716#change-71678
* Author: snehavas (sneha vasanth)
* Status: Open
* Priority: Normal
* Assignee:
* Target version:
* ruby -v: 2.5.1
* Backport: 2.3: DONTNEED, 2.4: DONTNEED, 2.5: REQUIRED
----------------------------------------
Hi,
We recently upgraded from ruby 2.3.6 to 2.5.1.
We use SecureRandom.uuid to generate a random number for our session.
Post the upgrade we have been getting the following error intermittently
```
app error: failed to get urandom (RuntimeError)
E, [2018-04-27T04:55:08.741859 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:99:in `urandom'
E, [2018-04-27T04:55:08.741898 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:99:in `gen_random_urandom'
E, [2018-04-27T04:55:08.741932 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:129:in `random_bytes'
E, [2018-04-27T04:55:08.741965 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:219:in `uuid'
E, [2018-04-27T04:55:08.741997 #16550] ERROR -- : /usr/share/nginx/frontend/app/utilities/log.rb:74:in `create_session_info'
E, [2018-04-27T04:55:08.742036 #16550] ERROR -- : /usr/share/nginx/frontend/app/utilities/log.rb:11:in `context'
```
We understand that there was a change in ruby 2.5.1 where we now look at OS sources as the first point of contact to generate random numbers as opposed to OpenSSL.
Any idea why this could be happening?
--
https://bugs.ruby-lang.org/
next prev parent reply other threads:[~2018-04-27 8:55 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <redmine.issue-14716.20180427061906@ruby-lang.org>
2018-04-27 6:19 ` [ruby-core:86709] [Ruby trunk Bug#14716] SecureRandom throwing an error in Ruby 2.5.1 snehavas
2018-04-27 6:29 ` [ruby-core:86711] [Ruby trunk Bug#14716][Feedback] " nobu
2018-04-27 7:34 ` [ruby-core:86714] [Ruby trunk Bug#14716] " snehavas
2018-04-27 7:36 ` [ruby-core:86715] " snehavas
2018-04-27 8:45 ` [ruby-core:86720] [Ruby trunk Bug#14716][Open] " naruse
2018-04-27 8:54 ` naruse [this message]
2018-04-27 9:23 ` [ruby-core:86722] [Ruby trunk Bug#14716] " shyouhei
2018-04-27 9:44 ` [ruby-core:86723] " snehavas
2018-08-01 22:54 ` [ruby-core:88264] " pbrinichlanglois
2018-09-06 17:44 ` [ruby-core:88885] " pbrinichlanglois
2019-03-03 10:33 ` [ruby-core:91655] " ruby-lang
2019-08-20 15:21 ` [ruby-core:94447] [Ruby master " michal.samluk
2019-08-22 11:59 ` [ruby-core:94479] " konstantin.filtschew
2019-08-30 13:41 ` [ruby-core:94684] " emil
2019-09-22 16:38 ` [ruby-core:95034] " miles.lane
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.ruby-lang.org/en/community/mailing-lists/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=redmine.journal-71678.20180427085457.299166ca69f02692@ruby-lang.org \
--to=ruby-core@ruby-lang.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).