From: miles.lane@...
Date: 2019-09-22T16:38:47+00:00
Subject: [ruby-core:95034] [Ruby master Bug#14716] SecureRandom throwing an	error in Ruby 2.5.1

Issue #14716 has been updated by miles.lane@gmail.com (Miles Lane).


I am encountering this in a project as well. In my case, I see this while running rspec regression tests:

#<ActionView::Template::Error: failed to get urandom>
./.rvm/rubies/ruby-2.6.3/lib/ruby/2.6.0/securerandom.rb:104:in `urandom'
./.rvm/rubies/ruby-2.6.3/lib/ruby/2.6.0/securerandom.rb:104:in `gen_random_urandom'
./.rvm/rubies/ruby-2.6.3/lib/ruby/2.6.0/securerandom.rb:136:in `random_bytes'
./.rvm/rubies/ruby-2.6.3/lib/ruby/2.6.0/securerandom.rb:180:in `base64'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers.rb:232:in `content_security_policy_nonce'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers.rb:169:in `content_security_policy_script_nonce'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers/view_helper.rb:72:in `_content_security_policy_nonce'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers/view_helper.rb:156:in `nonced_tag'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers/view_helper.rb:32:in `nonced_javascript_tag'
./Projects/app/helpers/ui_helper.rb:17:in `ui_config_html'
./Projects/app/views/layouts/ui.html.haml:26:in `_app_views_layouts_ui_html_haml__1126671116763852577_2479064420'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/template.rb:159:in `block in render'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:170:in `instrument'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/template.rb:354:in `instrument_render_template'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/template.rb:157:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/renderer/template_renderer.rb:66:in `render_with_layout'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/renderer/template_renderer.rb:52:in `render_template'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/renderer/template_renderer.rb:16:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/renderer/renderer.rb:44:in `render_template'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/renderer/renderer.rb:25:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/rendering.rb:103:in `_render_template'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/streaming.rb:219:in `_render_template'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/rendering.rb:84:in `render_to_body'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/rendering.rb:52:in `render_to_body'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/renderers.rb:142:in `render_to_body'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/abstract_controller/rendering.rb:25:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/rendering.rb:36:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:46:in `block (2 levels) in render'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/core_ext/benchmark.rb:14:in `block in ms'
./.rvm/rubies/ruby-2.6.3/lib/ruby/2.6.0/benchmark.rb:308:in `realtime'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/core_ext/benchmark.rb:14:in `ms'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:46:in `block in render'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:87:in `cleanup_view_runtime'
./.rvm/gems/ruby-2.6.3/gems/activerecord-5.2.2.1/lib/active_record/railties/controller_runtime.rb:31:in `cleanup_view_runtime'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:45:in `render'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/implicit_render.rb:35:in `default_render'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/basic_implicit_render.rb:6:in `block in send_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/basic_implicit_render.rb:6:in `tap'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/abstract_controller/base.rb:194:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/rendering.rb:30:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:42:in `block in process_action'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:132:in `run_callbacks'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:41:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/rescue.rb:22:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in `block in instrument'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/notifications/instrumenter.rb:23:in `instrument'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in `instrument'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:32:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal/params_wrapper.rb:256:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/activerecord-5.2.2.1/lib/active_record/railties/controller_runtime.rb:24:in `process_action'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/abstract_controller/base.rb:134:in `process'
./.rvm/gems/ruby-2.6.3/gems/actionview-5.2.2.1/lib/action_view/rendering.rb:32:in `process'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:191:in `dispatch'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:252:in `dispatch'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:52:in `dispatch'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:34:in `serve'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:52:in `block in serve'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:35:in `each'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:35:in `serve'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:840:in `call'
./.rvm/gems/ruby-2.6.3/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:192:in `call!'
./.rvm/gems/ruby-2.6.3/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:169:in `call'
./.rvm/gems/ruby-2.6.3/gems/warden-1.2.8/lib/warden/manager.rb:36:in `block in call'
./.rvm/gems/ruby-2.6.3/gems/warden-1.2.8/lib/warden/manager.rb:34:in `catch'
./.rvm/gems/ruby-2.6.3/gems/warden-1.2.8/lib/warden/manager.rb:34:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/tempfile_reaper.rb:15:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/etag.rb:25:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/conditional_get.rb:25:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/head.rb:12:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/http/content_security_policy.rb:18:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/session/abstract/id.rb:232:in `context'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/session/abstract/id.rb:226:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/cookies.rb:670:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:98:in `run_callbacks'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:26:in `call'
./.rvm/gems/ruby-2.6.3/gems/airbrake-7.3.0/lib/airbrake/rack/middleware.rb:52:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/debug_exceptions.rb:61:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
./.rvm/gems/ruby-2.6.3/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:38:in `call_app'
./.rvm/gems/ruby-2.6.3/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:26:in `block in call'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/tagged_logging.rb:71:in `block in tagged'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/tagged_logging.rb:28:in `tagged'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/tagged_logging.rb:71:in `tagged'
./.rvm/gems/ruby-2.6.3/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:26:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
./.rvm/gems/ruby-2.6.3/gems/request_store-1.4.1/lib/request_store/middleware.rb:19:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/request_id.rb:27:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/method_override.rb:22:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/runtime.rb:22:in `call'
./.rvm/gems/ruby-2.6.3/gems/activesupport-5.2.2.1/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/executor.rb:14:in `call'
./.rvm/gems/ruby-2.6.3/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/static.rb:127:in `call'
./Projects/lib/gitlab/testing/request_inspector_middleware.rb:31:in `call'
./Projects/lib/rack_request_blocker.rb:36:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/sendfile.rb:111:in `call'
./.rvm/gems/ruby-2.6.3/gems/secure_headers-6.1.1/lib/secure_headers/middleware.rb:11:in `call'
./.rvm/gems/ruby-2.6.3/gems/railties-5.2.2.1/lib/rails/engine.rb:524:in `call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/urlmap.rb:68:in `block in call'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/urlmap.rb:53:in `each'
./.rvm/gems/ruby-2.6.3/gems/rack-2.0.7/lib/rack/urlmap.rb:53:in `call'
./.rvm/gems/ruby-2.6.3/gems/capybara-3.29.0/lib/capybara/server/middleware.rb:48:in `call'
./.rvm/gems/ruby-2.6.3/gems/puma-4.1.1/lib/puma/configuration.rb:228:in `call'
./.rvm/gems/ruby-2.6.3/gems/puma-4.1.1/lib/puma/server.rb:664:in `handle_request'
./.rvm/gems/ruby-2.6.3/gems/puma-4.1.1/lib/puma/server.rb:467:in `process_client'
./.rvm/gems/ruby-2.6.3/gems/puma-4.1.1/lib/puma/server.rb:328:in `block in run'
./.rvm/gems/ruby-2.6.3/gems/puma-4.1.1/lib/puma/thread_pool.rb:135:in `block in spawn_thread'

----------------------------------------
Bug #14716: SecureRandom throwing an error in Ruby 2.5.1
https://bugs.ruby-lang.org/issues/14716#change-81665

* Author: snehavas (sneha vasanth)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 2.6.3
* Backport: 2.3: DONTNEED, 2.4: DONTNEED, 2.5: REQUIRED
----------------------------------------
Hi,

We recently upgraded from ruby 2.3.6 to 2.5.1.
We use SecureRandom.uuid to generate a random number for our session.
Post the upgrade we have been getting the following error intermittently

```
app error: failed to get urandom (RuntimeError)
E, [2018-04-27T04:55:08.741859 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:99:in `urandom'
E, [2018-04-27T04:55:08.741898 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:99:in `gen_random_urandom'
E, [2018-04-27T04:55:08.741932 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:129:in `random_bytes'
E, [2018-04-27T04:55:08.741965 #16550] ERROR -- : /usr/lib/ruby/2.5.0/securerandom.rb:219:in `uuid'
E, [2018-04-27T04:55:08.741997 #16550] ERROR -- : /usr/share/nginx/frontend/app/utilities/log.rb:74:in `create_session_info'
E, [2018-04-27T04:55:08.742036 #16550] ERROR -- : /usr/share/nginx/frontend/app/utilities/log.rb:11:in `context'
```

We understand that there was a change in ruby 2.5.1 where we now look at OS sources as the first point of contact to generate random numbers as opposed to OpenSSL.
Any idea why this could be happening?







-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>