diff options
author | akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-10-10 14:37:42 +0000 |
---|---|---|
committer | akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-10-10 14:37:42 +0000 |
commit | f1a422e837e823d1b76e7e41887a00146296b8d5 (patch) | |
tree | e217fa94611b066a4e40d4d505937e09b59cf41a /lib/cgi | |
parent | 8183265212cab122fb7564d9e17c3b04f8d2b974 (diff) |
* lib/securerandom.rb: new file.
* lib/cgi/session.rb (create_new_id): use securerandom if available.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@13672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/cgi')
-rw-r--r-- | lib/cgi/session.rb | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/lib/cgi/session.rb b/lib/cgi/session.rb index 82eb7534d8..63d8cc97b2 100644 --- a/lib/cgi/session.rb +++ b/lib/cgi/session.rb @@ -174,16 +174,22 @@ class CGI # is used internally for automatically generated # session ids. def create_new_id - require 'digest/md5' - md5 = Digest::MD5::new - now = Time::now - md5.update(now.to_s) - md5.update(String(now.usec)) - md5.update(String(rand(0))) - md5.update(String($$)) - md5.update('foobar') + require 'securerandom' + begin + session_id = SecureRandom.hex(16) + rescue NotImplementedError + require 'digest/md5' + md5 = Digest::MD5::new + now = Time::now + md5.update(now.to_s) + md5.update(String(now.usec)) + md5.update(String(rand(0))) + md5.update(String($$)) + md5.update('foobar') + session_id = md5.hexdigest + end @new_session = true - md5.hexdigest + session_id end private :create_new_id |