summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/zorglub/session.rb34
1 files changed, 34 insertions, 0 deletions
diff --git a/lib/zorglub/session.rb b/lib/zorglub/session.rb
index 583b142..157c786 100644
--- a/lib/zorglub/session.rb
+++ b/lib/zorglub/session.rb
@@ -74,6 +74,40 @@ module Zorglub
@instance[idx] = v
end
#
+ def generate_sid
+ begin sid = sid_algorithm end while Session.kls.sid_exists? sid
+ sid
+ end
+ #
+ begin
+ require 'securerandom'
+ # Using SecureRandom, optional length.
+ # SecureRandom is available since Ruby 1.8.7.
+ # For Ruby versions earlier than that, you can require the uuidtools gem,
+ # which has a drop-in replacement for SecureRandom.
+ def sid_algorithm; SecureRandom.hex(Session.sid_length); end
+ rescue LoadError
+ require 'openssl'
+ # Using OpenSSL::Random for generation, this is comparable in performance
+ # with stdlib SecureRandom and also allows for optional length, it should
+ # have the same behaviour as the SecureRandom::hex method of the
+ # uuidtools gem.
+ def sid_algorithm
+ OpenSSL::Random.random_bytes(Session.sid_length / 2).unpack('H*')[0]
+ end
+ rescue LoadError
+ # Digest::SHA2::hexdigest produces a string of length 64, although
+ # collisions are not very likely, the entropy is still very low and
+ # length is not optional.
+ #
+ # Replacing it with OS-provided random data would take a lot of code and
+ # won't be as cross-platform as Ruby.
+ def sid_algorithm
+ entropy = [ srand, rand, Time.now.to_f, rand, $$, rand, object_id ]
+ Digest::SHA2.hexdigest(entropy.join)
+ end
+ end
+ #
end
#
end