SYNOPSIS

 use Apache::SessionX::Generate::MD5;

 $id = Apache::SessionX::Generate::MD5::generate($string);

DESCRIPTION

This module fulfills the \s-1ID\s0 generation interface of Apache::SessionX. If you don't give the argument $string, the IDs are generated using a two-round \s-1MD5\s0 of a random number, the time since the epoch, the process \s-1ID\s0, and the address of an anonymous hash. The resultant \s-1ID\s0 number is highly entropic on Linux and other platforms that have good random number generators. You are encouraged to investigate the quality of your system's random number generator if you are using the generated \s-1ID\s0 numbers in a secure environment. If you give $string the \s-1ID\s0 is the \s-1MD5\s0 hash of that string.

This module can also examine session IDs to ensure that they are, indeed, session \s-1ID\s0 numbers and not evil attacks. The reader is encouraged to consider the effect of bogus session \s-1ID\s0 numbers in a system which uses these \s-1ID\s0 numbers to access disks and databases.

This modules takes one argument in the usual Apache::Session style. The argument is IDLength, and the value, between 0 and 32, tells this module where to truncate the session \s-1ID\s0. Without this argument, the session \s-1ID\s0 will be 32 hexadecimal characters long, equivalent to a 128-bit key.

AUTHOR

This module was written by Jeffrey William Baker <[email protected]> and modified by Gerald Richter <[email protected]>.

RELATED TO Apache::SessionX::Generate::MD5…

Apache::Session