tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeffrey Janner <Jeffrey.Jan...@PolyDyne.com>
Subject RE: Windows Path Not Found for urandom
Date Wed, 29 Aug 2012 20:04:34 GMT


> -----Original Message-----
> From: Christopher Schultz [mailto:chris@christopherschultz.net]
> Sent: Wednesday, August 29, 2012 1:44 PM
> To: Tomcat Users List
> Subject: Re: Windows Path Not Found for urandom
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Jeffrey,
> 
> On 8/29/12 1:57 PM, Jeffrey Janner wrote:
> > Aug 29, 2012 11:52:29 AM org.apache.catalina.session.ManagerBase
> > setRandomFile WARNING: Error reading /dev/urandom
> java.io.EOFException
> > at
> > java.io.DataInputStream.readFully(DataInputStream.java:180) at
> > java.io.DataInputStream.readLong(DataInputStream.java:399) at
> >
> org.apache.catalina.session.ManagerBase.setRandomFile(ManagerBase.java
> > :548)
> >
> >
> at
> org.apache.catalina.session.ManagerBase.getRandomBytes(ManagerBase.java
> :993)
> > at
> > org.apache.catalina.session.ManagerBase.init(ManagerBase.java:767)
> > at
> >
> org.apache.catalina.session.StandardManager.start(StandardManager.java
> > :630)
> 
> ManagerBase
> >
> uses whatever it has been configured to use for the "random file" and
> defaults to "/dev/urandom".
> 
> The code in question should not execute unless /dev/urandom actually
> exists -- see line 546 here:
> http://svn.apache.org/viewvc/tomcat/tc6.0.x/tags/TOMCAT_6_0_33/java/org
> /apache/catalina/session/ManagerBase.java?view=markup
> 
> So, does /dev/urandom exist? Or, rather, does a file-exists check for
> that path return true? Try this:
> 
> System.out.println(new File("/dev/urandom").exists());
> 
> ...and see what happens.
> 
> There is a setRandomFile(String s) method on ManagerBase, but it is not
> documented anywhere in the Tomcat 6 documentation (nor can it be found
> in the Tomcat 7 documentation).
> 
> You could try to set the "randomFile" attribute on your <Manager>
> element to point to some other file-based source of randomness, but I
> doubt it will work. On Microsoft Windows, I think you want to have that
> set to a path that does not exist so that java.security.SecureRandom
> (by default) gets used for randomness.
> 
> - -chris

Chris -
This was on a test of what would happen if the C:\dev\urandom did exist on a Windows system,
for some strange reason. It didn't seem to do anything operationally by being there and empty.
But it did find the source of the initial 6 PNFs being reported by the Process Monitor tool.
 Why 6?  Beats me, I haven't studied the code.
My big question now is what's in my company's code that generates the PNF during login verification/error
reporting.
Leaning toward something to do with generating a new sessionid, but I've not had the chance
to look (or get a programmer to check it).
Jeff
Mime
View raw message