RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-05-02 07:48:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1c306aa84d
haproxy/include/types
History
Willy Tarreau 1c306aa84d BUG/MEDIUM: random: implement per-thread and per-process random sequences 
As mentioned in previous patch, the random number generator was never
made thread-safe, which used not to be a problem for health checks
spreading, until the uuid sample fetch function appeared. Currently
it is possible for two threads or processes to produce exactly the
same UUID. In fact it's extremely likely that this will happen for
processes, as can be seen with this config:

    global
        nbproc 8

    frontend f
        bind :4445
        mode http
        log stdout daemon format raw
        log-format "%[uuid] %pid"
        redirect location /

It typically produces this log:

  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30645
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30641
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30644
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30639
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30646
  07764439-c24d-4e6f-a5a6-0138be59e7a8 30645
  07764439-c24d-4e6f-a5a6-0138be59e7a8 30639
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30643
  07764439-c24d-4e6f-a5a6-0138be59e7a8 30646
  b6773fdd-678f-4d04-96f2-4fb11ad15d6b 30646
  551ce567-0bfb-4bbd-9b58-cdc7e9365325 30642
  07764439-c24d-4e6f-a5a6-0138be59e7a8 30642

What this patch does is to use a distinct per-thread and per-process
seed to make sure the same sequences will not appear, and will then
extend these seeds by "burning" a number of randoms that depends on
the global random seed, the thread ID and the process ID. This adds
roughly 20 extra bits of randomness, resulting in 52 bits total per
thread and per process.

It only takes a few milliseconds to burn these randoms and given
that threads start with a different seed, we know they will not
catch each other. So these random extra bits are essentially added
to ensure randomness between boots and cluster instances.

This replaces all uses of random() with ha_random() which uses the
thread-local state.

This must be backported as far as 2.0 or any version having the
UUID sample-fetch function since it's the main victim here.

It's important to note that this patch, in addition to depending on
the previous one "BUG/MEDIUM: init: initialize the random pool a bit
better", also depends on the preceeding build fixes to address a
circular dependency issue in the include files that prevented it
from building. Part or all of these patches may need to be backported
or adapted as well.
2020-03-07 06:11:15 +01:00
..
acl.h
action.h MEDIUM: http-rules: Support extra headers for HTTP return actions 2020-02-06 15:13:03 +01:00
activity.h
applet.h MEDIUM: cli: Allow multiple filter entries for "show table" 2020-01-22 14:33:17 +01:00
arg.h
auth.h
backend.h
capture.h
channel.h
checks.h BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h 2020-03-07 06:07:18 +01:00
cli.h MINOR: cli: add an expert mode to hide dangerous commands 2019-10-24 18:38:00 +02:00
compression.h
connection.h MINOR: connection: introduce a new receive flag: CO_RFL_READ_ONCE 2020-02-21 11:22:45 +01:00
counters.h MINOR: counters: Remove failed_secu counter and use denied_resp instead 2020-01-20 15:18:45 +01:00
dict.h
dns.h MEDIUM: dns: use Additional records from SRV responses 2020-01-22 07:19:54 +01:00
fcgi-app.h
fd.h MINOR: fd: merge the read and write error bits into RW error 2020-02-28 07:42:29 +01:00
filters.h MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams 2019-11-15 13:43:08 +01:00
freq_ctr.h
global.h BUG/MEDIUM: random: implement per-thread and per-process random sequences 2020-03-07 06:11:15 +01:00
hlua.h MINOR: lua: Remove the flag HLUA_TXN_HTTP_RDY 2020-03-06 14:13:00 +01:00
http_ana.h BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits 2020-02-27 23:44:41 +01:00
http_htx.h MINOR: http-htx: Add a new section to create groups of custom HTTP errors 2020-01-20 15:18:46 +01:00
lb_chash.h
lb_fas.h
lb_fwlc.h
lb_fwrr.h
lb_map.h
listener.h BUILD: listener: types/listener.h must not include standard.h 2020-03-07 06:07:18 +01:00
log.h BUG/MINOR: log: make "show startup-log" use a ring buffer instead 2019-11-15 15:50:16 +01:00
mailers.h
map.h
obj_type.h
pattern.h CLEANUP: pattern: remove the pat_time definition 2020-01-22 07:44:36 +01:00
peers.h MINOR: peers: Add debugging information to "show peers". 2019-11-19 14:48:28 +01:00
pipe.h
port_range.h
proto_udp.h
protocol_buffers.h
protocol.h
proxy.h MINOR: proxy: Make header_unique_id a struct ist 2020-03-05 19:58:22 +01:00
queue.h
ring.h BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h 2020-03-07 06:07:18 +01:00
sample.h
server.h MEDIUM: dns: use Additional records from SRV responses 2020-01-22 07:19:54 +01:00
session.h
shctx.h
signal.h
sink.h
spoe.h
ssl_sock.h BUILD: ssl: include mini-clist.h 2020-03-07 06:07:18 +01:00
stats.h MINOR: stats: Report internal errors in the proxies/listeners/servers stats 2020-01-20 15:18:45 +01:00
stick_table.h
stream_interface.h
stream.h MEDIUM: stream: Make the unique_id member of struct stream a struct ist 2020-03-05 20:21:58 +01:00
task.h MINOR: task: permanently flag tasklets waking themselves up 2020-01-31 17:45:10 +01:00
template.h
trace.h
vars.h