diff options
author | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-10 01:53:20 +0000 |
---|---|---|
committer | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-10 01:53:20 +0000 |
commit | 43759fc1ed8f10fff50b4239089d02c0fbe6895d (patch) | |
tree | c226170945c5252240d4e0508ac93b7b2e9acfd7 /ext/openssl | |
parent | 839dc7d4092c0f53654e9625b71861e888e5a789 (diff) |
* lib/openssl/ssl.rb: Use a simple random number to generate the
session id. MD5, as was used before, causes problems when
using a FIPS version of OpenSSL. Issue was found by Jared
Jennings, thank you!
[ruby-trunk - Bug #6137]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl')
-rw-r--r-- | ext/openssl/lib/openssl/ssl.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb index 70b27f4416..268e8e9d67 100644 --- a/ext/openssl/lib/openssl/ssl.rb +++ b/ext/openssl/lib/openssl/ssl.rb @@ -146,7 +146,9 @@ module OpenSSL @svr = svr @ctx = ctx unless ctx.session_id_context - session_id = OpenSSL::Digest::MD5.hexdigest($0) + # see #6137 - session id may not exceed 32 bytes + prng = ::Random.new($0.hash) + session_id = prng.bytes(16).unpack('H*')[0] @ctx.session_id_context = session_id end @start_immediately = true |