dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Apache::Session::Generate::SHA256 improvements (#1808)

Browse Source
This commit is contained in:
Xavier 2019-06-19 08:30:38 +02:00
parent c4d4b482a5
commit 4a58de0b92
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/Generate/SHA256.pm
View File

@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
use strict;
use Crypt::URandom;
use Digest::SHA qw(sha256 sha256_hex sha256_base64);
use Digest::SHA qw(sha256_hex);
our $VERSION = '2.0.2';
@ -22,15 +22,17 @@ sub generate {
$length = $session->{args}->{IDLength};
}
$session->{data}->{_session_id} = substr(
Digest::SHA::sha256_hex(
Digest::SHA::sha256_hex(
time() . {} . Crypt::URandom::urandom($length) . $$
)
),
0, $length
);
eval {
$session->{data}->{_session_id} =
substr( Digest::SHA::sha256_hex( Crypt::URandom::urandom(256) ),
0, $length );
};
if ($@) {
print STDERR "Crypt::URandom::urandom failed: $@\n";
$session->{data}->{_session_id} =
substr( Digest::SHA::sha256_hex( time() . {} . rand() . $$ ),
0, $length );
}
}
sub validate {