Re: Upgrade to Debian stretch (stable) breaks my unique token

demerphq Thu, 01 Mar 2018 23:17:02 -0800

On 2 Mar 2018 03:26, "John Dunlap" <j...@lariat.co> wrote:

Have you tried this in your Apache config?
PerlChildInitHandler "sub { srand }"


Citation: http://blogs.perl.org/users/brian_phillips/2010/
06/when-rand-isnt-random.html

On Thu, Mar 1, 2018 at 1:55 PM, Vincent Veyron <vv.li...@wanadoo.fr> wrote:

> Hi all,
>
> I'm using the code below in a PerlResponseHandler; it generates a unique
> token for the request, if _token_id is not already present in the request's
> arguments. It's been working for months, and broke after my upgrade to
> stretch a week ago. I added a couple Data::Dumper calls to see what is
> going on;
>
> As you can see, _token_id is being reused across different requests, and
> across different apache children, even though it's absent from the
> request's arguments.
>
> To add insult to injury, this is happening on my production machine
> (kimsufi server) but not on the backup server (online)
>
> Any idea what might cause this?
>

Just to add context, perl has a flag that says whether srand was called or
not, and rand automatically calls srand if this flag has not been set.

If this flag is not set prefork the end result is that each process gets
their RNG state independetly initialized in the child processes. On the
other hand if it is set prefork then each child ends up with identical
state for the random number generator.

When you upgraded some of your modules probably changed and something
started calling rand prefork.


>
> Code :
>
> $content .= edit_entry( $r, \%args ) ;
>
> sub edit_entry {
>
>     my ( $r, $args ) = @_ ;
>
>     use Data::Dumper;
>     warn Dumper($args);
>
>     $args->{_token_id} ||= join "", map 
> +(0..9,"a".."z","A".."Z")[rand(10+26*2)],
> 1..32 ;



>     warn '_token_id -> ' . $args->{_token_id} ;
>     warn 'pid -> ' . $$;
>
> ....
>
> }
>
>
> Logs :
>
> $VAR1 = {
>           'mois' => '02',
>           'id_entry' => '17734',
>           'open_journal' => 'Fournisseurs'
>         };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21313 at /home/lib/Compta/Base/Handler/entry.pm line 165.
> $VAR1 = {
>           'mois' => '02',
>           'id_entry' => '17734',
>           'open_journal' => 'Fournisseurs'
>         };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21314 at /home/lib/Compta/Base/Handler/entry.pm line 165.
>
>
>
> Installation:
>
> # dpkg -l apache2*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=
> semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom                      Version           Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii  apache2                  2.4.25-3+deb9u3   amd64             Apache
> HTTP Server
> un  apache2-api-20120211     <aucune>          <aucune>          (aucune
> description n'est disponible)
> ii  apache2-bin              2.4.25-3+deb9u3   amd64             Apache
> HTTP Server (modules and other binary files)
> ii  apache2-data             2.4.25-3+deb9u3   all               Apache
> HTTP Server (common files)
> un  apache2-doc              <aucune>          <aucune>          (aucune
> description n'est disponible)
> un  apache2-suexec-custom    <aucune>          <aucune>          (aucune
> description n'est disponible)
> un  apache2-suexec-pristine  <aucune>          <aucune>          (aucune
> description n'est disponible)
> ii  apache2-utils            2.4.25-3+deb9u3   amd64             Apache
> HTTP Server (utility programs for web servers)
> un  apache2.2-bin            <aucune>          <aucune>          (aucune
> description n'est disponible)
> un  apache2.2-common         <aucune>          <aucune>          (aucune
> description n'est disponible)
>
> # dpkg -l libapach*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=
> semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom                      Version           Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii  libapache-dbi-perl       1.12-1            all               interface
> connecting apache server to database via per
> un  libapache-mod-perl       <aucune>          <aucune>          (aucune
> description n'est disponible)
> ii  libapache-session-perl   1.93-2            all               modules
> for keeping persistent user data across HTTP r
> ii  libapache2-mod-apreq2    2.13-5+b1         amd64             generic
> Apache request library - Apache module
> un  libapache2-mod-passenger <aucune>          <aucune>          (aucune
> description n'est disponible)
> ii  libapache2-mod-perl2     2.0.10-2          amd64
>  Integration of perl with the Apache2 web server
> un  libapache2-reload-perl   <aucune>          <aucune>          (aucune
> description n'est disponible)
> ii  libapache2-request-perl  2.13-5+b1         amd64             generic
> Apache request library - Perl modules
> root@kimsufi_1:/home/vincent#
>
>
>
>
>
> --
>                                         Bien à vous, Vincent Veyron
>
> https://marica.fr/
> Logiciel de gestion des sinistres assurances, des dossiers contentieux et
> des contrats pour le service juridique
>



-- 
John Dunlap
*CTO | Lariat *

*Direct:*
*j...@lariat.co <j...@lariat.co>*

*Customer Service:*
877.268.6667
supp...@lariat.co

Re: Upgrade to Debian stretch (stable) breaks my unique token

Reply via email to