You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Vincent Veyron <vv...@wanadoo.fr> on 2018/03/01 18:55:50 UTC
Upgrade to Debian stretch (stable) breaks my unique token
Hi all,
I'm using the code below in a PerlResponseHandler; it generates a unique token for the request, if _token_id is not already present in the request's arguments. It's been working for months, and broke after my upgrade to stretch a week ago. I added a couple Data::Dumper calls to see what is going on;
As you can see, _token_id is being reused across different requests, and across different apache children, even though it's absent from the request's arguments.
To add insult to injury, this is happening on my production machine (kimsufi server) but not on the backup server (online)
Any idea what might cause this?
Code :
$content .= edit_entry( $r, \%args ) ;
sub edit_entry {
my ( $r, $args ) = @_ ;
use Data::Dumper;
warn Dumper($args);
$args->{_token_id} ||= join "", map +(0..9,"a".."z","A".."Z")[rand(10+26*2)], 1..32 ;
warn '_token_id -> ' . $args->{_token_id} ;
warn 'pid -> ' . $$;
....
}
Logs :
$VAR1 = {
'mois' => '02',
'id_entry' => '17734',
'open_journal' => 'Fournisseurs'
};
_token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at /home/lib/Compta/Base/Handler/entry.pm line 164.
pid -> 21313 at /home/lib/Compta/Base/Handler/entry.pm line 165.
$VAR1 = {
'mois' => '02',
'id_entry' => '17734',
'open_journal' => 'Fournisseurs'
};
_token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at /home/lib/Compta/Base/Handler/entry.pm line 164.
pid -> 21314 at /home/lib/Compta/Base/Handler/entry.pm line 165.
Installation:
# dpkg -l apache2*
Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
| État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=semi-installé/W=attend-traitement-déclenchements
|/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
||/ Nom Version Architecture Description
+++-========================-=================-=================-======================================================
ii apache2 2.4.25-3+deb9u3 amd64 Apache HTTP Server
un apache2-api-20120211 <aucune> <aucune> (aucune description n'est disponible)
ii apache2-bin 2.4.25-3+deb9u3 amd64 Apache HTTP Server (modules and other binary files)
ii apache2-data 2.4.25-3+deb9u3 all Apache HTTP Server (common files)
un apache2-doc <aucune> <aucune> (aucune description n'est disponible)
un apache2-suexec-custom <aucune> <aucune> (aucune description n'est disponible)
un apache2-suexec-pristine <aucune> <aucune> (aucune description n'est disponible)
ii apache2-utils 2.4.25-3+deb9u3 amd64 Apache HTTP Server (utility programs for web servers)
un apache2.2-bin <aucune> <aucune> (aucune description n'est disponible)
un apache2.2-common <aucune> <aucune> (aucune description n'est disponible)
# dpkg -l libapach*
Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
| État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=semi-installé/W=attend-traitement-déclenchements
|/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
||/ Nom Version Architecture Description
+++-========================-=================-=================-======================================================
ii libapache-dbi-perl 1.12-1 all interface connecting apache server to database via per
un libapache-mod-perl <aucune> <aucune> (aucune description n'est disponible)
ii libapache-session-perl 1.93-2 all modules for keeping persistent user data across HTTP r
ii libapache2-mod-apreq2 2.13-5+b1 amd64 generic Apache request library - Apache module
un libapache2-mod-passenger <aucune> <aucune> (aucune description n'est disponible)
ii libapache2-mod-perl2 2.0.10-2 amd64 Integration of perl with the Apache2 web server
un libapache2-reload-perl <aucune> <aucune> (aucune description n'est disponible)
ii libapache2-request-perl 2.13-5+b1 amd64 generic Apache request library - Perl modules
root@kimsufi_1:/home/vincent#
--
Bien à vous, Vincent Veyron
https://marica.fr/
Logiciel de gestion des sinistres assurances, des dossiers contentieux et des contrats pour le service juridique
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by Vincent Veyron <vv...@wanadoo.fr>.
On Thu, 1 Mar 2018 20:22:50 -0500
John Dunlap <jo...@lariat.co> wrote:
>
> I'm not sure why now and not then or why one machine and not another.
> However, as this has to do with parallelism, I am wondering if you're using
> different MPM's on each installation.
Sorry, mistake on my part. It appeared on all systems, after more thorough testing. Installations are identical, but I suppose because the backup machine does not receive any requests, it just took a bit longer for the problem to appear.
--
Bien à vous, Vincent Veyron
https://compta.libremen.com
Logiciel libre de comptabilité générale en partie double
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by John Dunlap <jo...@lariat.co>.
I'm glad that fixed your problem!
I'm not sure why now and not then or why one machine and not another.
However, as this has to do with parallelism, I am wondering if you're using
different MPM's on each installation.
I've had my share of errors thrown during demos. It's not a good feeling.
You have my sympathy. :(
Cheers!
John
On Mar 1, 2018 5:30 PM, "Vincent Veyron" <vv...@wanadoo.fr> wrote:
> On Thu, 1 Mar 2018 14:26:25 -0500
> John Dunlap <jo...@lariat.co> wrote:
>
> > Have you tried this in your Apache config?
> > PerlChildInitHandler "sub { srand }"
> >
> > Citation:
> > http://blogs.perl.org/users/brian_phillips/2010/06/when-
> rand-isnt-random.html
> >
>
> Yes, that does the trick, good find. Strange that it worked fine up to
> now, and suddenly not at all.
>
> Thank you for the helpful answer, as always, John.
>
> Now, if you happen to know why this _had_ to surface during a demo [:-(
>
>
> --
> Bien à vous, Vincent Veyron
>
> https://compta.libremen.com
> Logiciel libre de comptabilité générale en partie double
>
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by Russell Lundberg <lu...@gmail.com>.
“Demos fall over” is a universal truth.
Glad a fix was found!
Sent from my iPhone
> On Mar 1, 2018, at 17:00, Michael A. Capone <mc...@cablewholesale.com> wrote:
>
>> On 03/01/2018 02:30 PM, Vincent Veyron wrote:
>>
>> Now, if you happen to know why this _had_ to surface during a demo [:-(
>
> The University of Nottingham, School of Mathematical Sciences, published a highly technical paper explaining this phenomenon. Hope this helps: :-)
>
> https://www.maths.nottingham.ac.uk/personal/ibf/some.html
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by "Michael A. Capone" <mc...@cablewholesale.com>.
On 03/01/2018 02:30 PM, Vincent Veyron wrote:
>
> Now, if you happen to know why this _had_ to surface during a demo [:-(
The University of Nottingham, School of Mathematical Sciences, published
a highly technical paper explaining this phenomenon. Hope this helps: :-)
https://www.maths.nottingham.ac.uk/personal/ibf/some.html
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by Vincent Veyron <vv...@wanadoo.fr>.
On Thu, 1 Mar 2018 14:26:25 -0500
John Dunlap <jo...@lariat.co> wrote:
> Have you tried this in your Apache config?
> PerlChildInitHandler "sub { srand }"
>
> Citation:
> http://blogs.perl.org/users/brian_phillips/2010/06/when-rand-isnt-random.html
>
Yes, that does the trick, good find. Strange that it worked fine up to now, and suddenly not at all.
Thank you for the helpful answer, as always, John.
Now, if you happen to know why this _had_ to surface during a demo [:-(
--
Bien à vous, Vincent Veyron
https://compta.libremen.com
Logiciel libre de comptabilité générale en partie double
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by demerphq <de...@gmail.com>.
On 2 Mar 2018 03:26, "John Dunlap" <jo...@lariat.co> wrote:
Have you tried this in your Apache config?
PerlChildInitHandler "sub { srand }"
Citation: http://blogs.perl.org/users/brian_phillips/2010/
06/when-rand-isnt-random.html
On Thu, Mar 1, 2018 at 1:55 PM, Vincent Veyron <vv...@wanadoo.fr> wrote:
> Hi all,
>
> I'm using the code below in a PerlResponseHandler; it generates a unique
> token for the request, if _token_id is not already present in the request's
> arguments. It's been working for months, and broke after my upgrade to
> stretch a week ago. I added a couple Data::Dumper calls to see what is
> going on;
>
> As you can see, _token_id is being reused across different requests, and
> across different apache children, even though it's absent from the
> request's arguments.
>
> To add insult to injury, this is happening on my production machine
> (kimsufi server) but not on the backup server (online)
>
> Any idea what might cause this?
>
Just to add context, perl has a flag that says whether srand was called or
not, and rand automatically calls srand if this flag has not been set.
If this flag is not set prefork the end result is that each process gets
their RNG state independetly initialized in the child processes. On the
other hand if it is set prefork then each child ends up with identical
state for the random number generator.
When you upgraded some of your modules probably changed and something
started calling rand prefork.
>
> Code :
>
> $content .= edit_entry( $r, \%args ) ;
>
> sub edit_entry {
>
> my ( $r, $args ) = @_ ;
>
> use Data::Dumper;
> warn Dumper($args);
>
> $args->{_token_id} ||= join "", map +(0..9,"a".."z","A".."Z")[rand(10+26*2)],
> 1..32 ;
> warn '_token_id -> ' . $args->{_token_id} ;
> warn 'pid -> ' . $$;
>
> ....
>
> }
>
>
> Logs :
>
> $VAR1 = {
> 'mois' => '02',
> 'id_entry' => '17734',
> 'open_journal' => 'Fournisseurs'
> };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21313 at /home/lib/Compta/Base/Handler/entry.pm line 165.
> $VAR1 = {
> 'mois' => '02',
> 'id_entry' => '17734',
> 'open_journal' => 'Fournisseurs'
> };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21314 at /home/lib/Compta/Base/Handler/entry.pm line 165.
>
>
>
> Installation:
>
> # dpkg -l apache2*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=
> semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom Version Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii apache2 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server
> un apache2-api-20120211 <aucune> <aucune> (aucune
> description n'est disponible)
> ii apache2-bin 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server (modules and other binary files)
> ii apache2-data 2.4.25-3+deb9u3 all Apache
> HTTP Server (common files)
> un apache2-doc <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2-suexec-custom <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2-suexec-pristine <aucune> <aucune> (aucune
> description n'est disponible)
> ii apache2-utils 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server (utility programs for web servers)
> un apache2.2-bin <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2.2-common <aucune> <aucune> (aucune
> description n'est disponible)
>
> # dpkg -l libapach*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=
> semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom Version Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii libapache-dbi-perl 1.12-1 all interface
> connecting apache server to database via per
> un libapache-mod-perl <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache-session-perl 1.93-2 all modules
> for keeping persistent user data across HTTP r
> ii libapache2-mod-apreq2 2.13-5+b1 amd64 generic
> Apache request library - Apache module
> un libapache2-mod-passenger <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache2-mod-perl2 2.0.10-2 amd64
> Integration of perl with the Apache2 web server
> un libapache2-reload-perl <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache2-request-perl 2.13-5+b1 amd64 generic
> Apache request library - Perl modules
> root@kimsufi_1:/home/vincent#
>
>
>
>
>
> --
> Bien à vous, Vincent Veyron
>
> https://marica.fr/
> Logiciel de gestion des sinistres assurances, des dossiers contentieux et
> des contrats pour le service juridique
>
--
John Dunlap
*CTO | Lariat *
*Direct:*
*john@lariat.co <jo...@lariat.co>*
*Customer Service:*
877.268.6667
support@lariat.co
Re: Upgrade to Debian stretch (stable) breaks my unique token
Posted by John Dunlap <jo...@lariat.co>.
Have you tried this in your Apache config?
PerlChildInitHandler "sub { srand }"
Citation:
http://blogs.perl.org/users/brian_phillips/2010/06/when-rand-isnt-random.html
On Thu, Mar 1, 2018 at 1:55 PM, Vincent Veyron <vv...@wanadoo.fr> wrote:
> Hi all,
>
> I'm using the code below in a PerlResponseHandler; it generates a unique
> token for the request, if _token_id is not already present in the request's
> arguments. It's been working for months, and broke after my upgrade to
> stretch a week ago. I added a couple Data::Dumper calls to see what is
> going on;
>
> As you can see, _token_id is being reused across different requests, and
> across different apache children, even though it's absent from the
> request's arguments.
>
> To add insult to injury, this is happening on my production machine
> (kimsufi server) but not on the backup server (online)
>
> Any idea what might cause this?
>
>
> Code :
>
> $content .= edit_entry( $r, \%args ) ;
>
> sub edit_entry {
>
> my ( $r, $args ) = @_ ;
>
> use Data::Dumper;
> warn Dumper($args);
>
> $args->{_token_id} ||= join "", map +(0..9,"a".."z","A".."Z")[rand(10+26*2)],
> 1..32 ;
>
> warn '_token_id -> ' . $args->{_token_id} ;
> warn 'pid -> ' . $$;
>
> ....
>
> }
>
>
> Logs :
>
> $VAR1 = {
> 'mois' => '02',
> 'id_entry' => '17734',
> 'open_journal' => 'Fournisseurs'
> };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21313 at /home/lib/Compta/Base/Handler/entry.pm line 165.
> $VAR1 = {
> 'mois' => '02',
> 'id_entry' => '17734',
> 'open_journal' => 'Fournisseurs'
> };
> _token_id -> DzM5x0uvFcykvtGXEkhgeqhp5ZD48jLn at
> /home/lib/Compta/Base/Handler/entry.pm line 164.
> pid -> 21314 at /home/lib/Compta/Base/Handler/entry.pm line 165.
>
>
>
> Installation:
>
> # dpkg -l apache2*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/
> H=semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom Version Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii apache2 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server
> un apache2-api-20120211 <aucune> <aucune> (aucune
> description n'est disponible)
> ii apache2-bin 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server (modules and other binary files)
> ii apache2-data 2.4.25-3+deb9u3 all Apache
> HTTP Server (common files)
> un apache2-doc <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2-suexec-custom <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2-suexec-pristine <aucune> <aucune> (aucune
> description n'est disponible)
> ii apache2-utils 2.4.25-3+deb9u3 amd64 Apache
> HTTP Server (utility programs for web servers)
> un apache2.2-bin <aucune> <aucune> (aucune
> description n'est disponible)
> un apache2.2-common <aucune> <aucune> (aucune
> description n'est disponible)
>
> # dpkg -l libapach*
> Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder
> | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/
> H=semi-installé/W=attend-traitement-déclenchements
> |/ Err?=(aucune)/besoin Réinstallation (État,Err: majuscule=mauvais)
> ||/ Nom Version Architecture
> Description
> +++-========================-=================-=============
> ====-======================================================
> ii libapache-dbi-perl 1.12-1 all interface
> connecting apache server to database via per
> un libapache-mod-perl <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache-session-perl 1.93-2 all modules
> for keeping persistent user data across HTTP r
> ii libapache2-mod-apreq2 2.13-5+b1 amd64 generic
> Apache request library - Apache module
> un libapache2-mod-passenger <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache2-mod-perl2 2.0.10-2 amd64
> Integration of perl with the Apache2 web server
> un libapache2-reload-perl <aucune> <aucune> (aucune
> description n'est disponible)
> ii libapache2-request-perl 2.13-5+b1 amd64 generic
> Apache request library - Perl modules
> root@kimsufi_1:/home/vincent#
>
>
>
>
>
> --
> Bien à vous, Vincent Veyron
>
> https://marica.fr/
> Logiciel de gestion des sinistres assurances, des dossiers contentieux et
> des contrats pour le service juridique
>
--
John Dunlap
*CTO | Lariat *
*Direct:*
*john@lariat.co <jo...@lariat.co>*
*Customer Service:*
877.268.6667
support@lariat.co