ruby-changes:42619
From: usa <ko1@a...>
Date: Fri, 22 Apr 2016 17:21:21 +0900 (JST)
Subject: [ruby-changes:42619] usa:r54693 (ruby_2_2): merge revision(s) 54144: [Backport #12139]
usa 2016-04-22 18:17:57 +0900 (Fri, 22 Apr 2016) New Revision: 54693 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=54693 Log: merge revision(s) 54144: [Backport #12139] * lib/securerandom.rb (gen_random): to avoid blocking on Windows. On Windows OpenSSL RAND_bytes (underlying implementation is RAND_poll in crypto/rand/rand_win.c) may be blocked at NetStatisticsGet. https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues Instead of this, use Random.raw_seed directory (whose implementation CryptGenRandom is one of the source of entropy of RAND_poll on Windows). https://wiki.openssl.org/index.php/Random_Numbers Note: CryptGenRandom function is PRNG and doesn't check its entropy, so it won't block. [Bug #12139] https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx https://tools.ietf.org/html/rfc4086#section-7.1.3 https://eprint.iacr.org/2007/419.pdf http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf Modified directories: branches/ruby_2_2/ Modified files: branches/ruby_2_2/ChangeLog branches/ruby_2_2/lib/securerandom.rb branches/ruby_2_2/version.h Index: ruby_2_2/ChangeLog =================================================================== --- ruby_2_2/ChangeLog (revision 54692) +++ ruby_2_2/ChangeLog (revision 54693) @@ -1,3 +1,21 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ChangeLog#L1 +Fri Apr 22 18:16:51 2016 NARUSE, Yui <naruse@r...> + + * lib/securerandom.rb (gen_random): to avoid blocking on Windows. + On Windows OpenSSL RAND_bytes (underlying implementation is + RAND_poll in crypto/rand/rand_win.c) may be blocked at + NetStatisticsGet. + https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues + Instead of this, use Random.raw_seed directory (whose implementation + CryptGenRandom is one of the source of + entropy of RAND_poll on Windows). + https://wiki.openssl.org/index.php/Random_Numbers + Note: CryptGenRandom function is PRNG and doesn't check its entropy, + so it won't block. [Bug #12139] + https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx + https://tools.ietf.org/html/rfc4086#section-7.1.3 + https://eprint.iacr.org/2007/419.pdf + http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf + Fri Apr 22 18:13:22 2016 Hiroshi Shirosaki <h.shirosaki@g...> * lib/rubygems/test_case.rb: Fix test on Windows for inconsistent temp path. Index: ruby_2_2/lib/securerandom.rb =================================================================== --- ruby_2_2/lib/securerandom.rb (revision 54692) +++ ruby_2_2/lib/securerandom.rb (revision 54693) @@ -40,7 +40,7 @@ end https://github.com/ruby/ruby/blob/trunk/ruby_2_2/lib/securerandom.rb#L40 # p SecureRandom.random_bytes(10) #=> "\016\t{\370g\310pbr\301" # p SecureRandom.random_bytes(10) #=> "\323U\030TO\234\357\020\a\337" module SecureRandom - if !defined?(OpenSSL::Random) && /mswin|mingw/ =~ RUBY_PLATFORM + if /mswin|mingw/ =~ RUBY_PLATFORM require "fiddle/import" module AdvApi32 # :nodoc: @@ -110,7 +110,7 @@ module SecureRandom https://github.com/ruby/ruby/blob/trunk/ruby_2_2/lib/securerandom.rb#L110 gen_random(n) end - if defined? OpenSSL::Random + if defined?(OpenSSL::Random) && !defined?(AdvApi32) def self.gen_random(n) @pid = 0 unless defined?(@pid) pid = $$ Index: ruby_2_2/version.h =================================================================== --- ruby_2_2/version.h (revision 54692) +++ ruby_2_2/version.h (revision 54693) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/version.h#L1 #define RUBY_VERSION "2.2.5" #define RUBY_RELEASE_DATE "2016-04-22" -#define RUBY_PATCHLEVEL 307 +#define RUBY_PATCHLEVEL 308 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 4 Property changes on: ruby_2_2 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r54144 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/