Alberto Gomez created GEODE-10371:
-------------------------------------
Summary: C++ Native client: Improve dispersion on connections
expiration
Key: GEODE-10371
URL: https://issues.apache.org/jira/browse/GEODE-10371
Project: Geode
Issue Type: Improvement
Components: native client
Reporter: Alberto Gomez
The dispersion on connections expirations in the C++ native client works in
such a way that it adds a dispersion (variance) between -9% and 9% over the
time for a connection to expire due to load-conditioning so that, in the event
of having many connections being created at the same, they do not expire at the
right exact time.
Nevertheless, the current implementation has two problems:
- The randomness of the variance depends on the current time in seconds. As a
result, for connections created in the same second, the variance will be the
same and, therefore, the expiration time too.
- The randomness is created using the C standard's library "rand()" function
which is considered not secure.
It is recommended to change the library used to generate the random variance to
a secure one and also to make sure that for the time in seconds it does not
return the same variance.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
