Ruby on Rails | Screencasts | Download | Documentation | Weblog | Community | Source

Changeset 7966

Show
Ignore:
Timestamp:
10/18/07 18:25:31 (1 year ago)
Author:
bitsweat
Message:

Use SecureRandom to generate unique ids, if available.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/actionpack/lib/action_controller/cgi_ext/session.rb

    r6733 r7966  
    77  # * Don't require 'digest/md5' whenever a new session id is generated. 
    88  class Session #:nodoc: 
    9     # Generate an MD5 hash including the time, a random number, the process id, 
    10     # and a constant string. This is used to generate session ids but may be 
    11     # reused elsewhere. 
    12     def self.generate_unique_id(constant = 'foobar') 
    13       md5 = Digest::MD5.new 
    14       now = Time.now 
    15       md5 << now.to_s 
    16       md5 << String(now.usec) 
    17       md5 << String(rand(0)) 
    18       md5 << String($$) 
    19       md5 << constant 
    20       md5.hexdigest 
     9    begin 
     10      require 'securerandom' 
     11 
     12      # Generate a 32-character unique id using SecureRandom. 
     13      # This is used to generate session ids but may be reused elsewhere. 
     14      def self.generate_unique_id(constant = nil) 
     15        SecureRandom.hex(16) 
     16      end 
     17    rescue LoadError 
     18      # Generate an 32-character unique id based on a hash of the current time, 
     19      # a random number, the process id, and a constant string. This is used 
     20      # to generate session ids but may be reused elsewhere. 
     21      def self.generate_unique_id(constant = 'foobar') 
     22        md5 = Digest::MD5.new 
     23        now = Time.now 
     24        md5 << now.to_s 
     25        md5 << String(now.usec) 
     26        md5 << String(rand(0)) 
     27        md5 << String($$) 
     28        md5 << constant 
     29        md5.hexdigest 
     30      end 
    2131    end 
    2232