From 89bebc6b037faf9c593c12568e48538cd541b239 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Sun, 9 Feb 2020 21:51:16 +0100 Subject: [PATCH] change rng to OsRng, version bump --- CHANGELOG.md | 7 +++++++ Cargo.toml | 4 ++-- src/lib.rs | 4 ++-- 3 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..0accbe0 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,7 @@ +# [unreleased] + +- ... + +# [0.2.1] + +- change from `thread_rng` to `OsRng` for better session ID entropy diff --git a/Cargo.toml b/Cargo.toml index 875017f..ddbb4ff 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rocket_session" -version = "0.2.0" +version = "0.2.1" authors = ["Ondřej Hruška "] edition = "2018" license = "MIT" @@ -16,6 +16,6 @@ categories = [ # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -rand = "0.7.2" +rand = "0.7.3" rocket = "0.4.2" parking_lot = "0.10.0" diff --git a/src/lib.rs b/src/lib.rs index 3d8d3d1..dfc7d1d 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,5 +1,5 @@ use parking_lot::{Mutex, RwLock, RwLockUpgradableReadGuard}; -use rand::Rng; +use rand::{Rng, rngs::OsRng}; use rocket::{ fairing::{self, Fairing, Info}, @@ -176,7 +176,7 @@ where // Find a new unique ID - we are still safely inside the write guard let new_id = SessionID(loop { - let token: String = rand::thread_rng() + let token: String = OsRng .sample_iter(&rand::distributions::Alphanumeric) .take(store.config.cookie_len) .collect();