Author: remy.maucherat(a)jboss.com
Date: 2009-03-17 09:26:02 -0400 (Tue, 17 Mar 2009)
New Revision: 959
Modified:
trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
trunk/java/org/apache/catalina/core/StandardServer.java
trunk/java/org/apache/catalina/session/ManagerBase.java
trunk/java/org/apache/tomcat/bayeux/UUIDGenerator.java
trunk/webapps/docs/changelog.xml
Log:
- Base Random seeds on nanoTime, which is apparently better.
Modified: trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
===================================================================
--- trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2009-03-16
17:48:50 UTC (rev 958)
+++ trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2009-03-17
13:26:02 UTC (rev 959)
@@ -629,19 +629,21 @@
protected synchronized Random getRandom() {
if (this.random == null) {
+ // Calculate the new random number generator seed
+ long seed = System.nanoTime();
+ char entropy[] = getEntropy().toCharArray();
+ for (int i = 0; i < entropy.length; i++) {
+ long update = ((byte) entropy[i]) << ((i % 8) * 8);
+ seed ^= update;
+ }
+ // Construct and seed a new random number generator
try {
Class clazz = Class.forName(randomClass);
this.random = (Random) clazz.newInstance();
- long seed = System.currentTimeMillis();
- char entropy[] = getEntropy().toCharArray();
- for (int i = 0; i < entropy.length; i++) {
- long update = ((byte) entropy[i]) << ((i % 8) * 8);
- seed ^= update;
- }
- this.random.setSeed(seed);
} catch (Exception e) {
this.random = new java.util.Random();
}
+ this.random.setSeed(seed);
}
return (this.random);
Modified: trunk/java/org/apache/catalina/core/StandardServer.java
===================================================================
--- trunk/java/org/apache/catalina/core/StandardServer.java 2009-03-16 17:48:50 UTC (rev
958)
+++ trunk/java/org/apache/catalina/core/StandardServer.java 2009-03-17 13:26:02 UTC (rev
959)
@@ -429,7 +429,7 @@
int expected = 1024; // Cut off to avoid DoS attack
while (expected < shutdown.length()) {
if (random == null)
- random = new Random(System.currentTimeMillis());
+ random = new Random();
expected += (random.nextInt() % 1024);
}
while (expected > 0) {
Modified: trunk/java/org/apache/catalina/session/ManagerBase.java
===================================================================
--- trunk/java/org/apache/catalina/session/ManagerBase.java 2009-03-16 17:48:50 UTC (rev
958)
+++ trunk/java/org/apache/catalina/session/ManagerBase.java 2009-03-17 13:26:02 UTC (rev
959)
@@ -543,30 +543,21 @@
public Random getRandom() {
if (this.random == null) {
// Calculate the new random number generator seed
- long seed = System.currentTimeMillis();
- long t1 = seed;
+ long seed = System.nanoTime();
char entropy[] = getEntropy().toCharArray();
for (int i = 0; i < entropy.length; i++) {
long update = ((byte) entropy[i]) << ((i % 8) * 8);
seed ^= update;
}
+ // Construct and seed a new random number generator
try {
- // Construct and seed a new random number generator
Class clazz = Class.forName(randomClass);
this.random = (Random) clazz.newInstance();
- this.random.setSeed(seed);
} catch (Exception e) {
- // Fall back to the simple case
- log.error(sm.getString("managerBase.random", randomClass),
- e);
+ log.warn(sm.getString("managerBase.random", randomClass), e);
this.random = new java.util.Random();
- this.random.setSeed(seed);
}
- if(log.isDebugEnabled()) {
- long t2=System.currentTimeMillis();
- if( (t2-t1) > 100 )
- log.debug(sm.getString("managerBase.seeding", randomClass)
+ " " + (t2-t1));
- }
+ this.random.setSeed(seed);
}
return (this.random);
Modified: trunk/java/org/apache/tomcat/bayeux/UUIDGenerator.java
===================================================================
--- trunk/java/org/apache/tomcat/bayeux/UUIDGenerator.java 2009-03-16 17:48:50 UTC (rev
958)
+++ trunk/java/org/apache/tomcat/bayeux/UUIDGenerator.java 2009-03-17 13:26:02 UTC (rev
959)
@@ -30,7 +30,7 @@
public static final int BITS_PER_BYTE = 8;
protected static SecureRandom secrand = null;
- protected static Random rand = new Random(System.currentTimeMillis());
+ protected static Random rand = new Random();
static {
secrand = new SecureRandom();
secrand.setSeed(rand.nextLong());
Modified: trunk/webapps/docs/changelog.xml
===================================================================
--- trunk/webapps/docs/changelog.xml 2009-03-16 17:48:50 UTC (rev 958)
+++ trunk/webapps/docs/changelog.xml 2009-03-17 13:26:02 UTC (rev 959)
@@ -32,6 +32,15 @@
<update>
Cookie tracking and Servlet 3.0 cookie configuration. (markt, remm)
</update>
+ <update>
+ ServletRegistration and FilterRegistration implementation. (remm)
+ </update>
+ <fix>
+ XML validation fix. (markt)
+ </fix>
+ <fix>
+ <bug>46866</bug>: Use nanoTime rather that a weaker init for the
Random fallback. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
Show replies by date