From f8b5879fed1d5185a931206fd2784825567947ae Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@baturin.org>
Date: Mon, 16 Jan 2017 20:07:50 +0700
Subject: Add a function for making secure session tokens. Right now it uses a
 SHA-1 sum of 30 random bits. I hope that's secure enough.

---
 src/vyconfd.ml | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src')

diff --git a/src/vyconfd.ml b/src/vyconfd.ml
index f8dde8c..0e3340f 100644
--- a/src/vyconfd.ml
+++ b/src/vyconfd.ml
@@ -2,6 +2,9 @@ open Lwt
 open Defaults
 open Vyconf_config
 
+(* On UNIX, self_init uses /dev/random for seed *)
+let () = Random.self_init ()
+
 let () = Lwt_log.add_rule "*" Lwt_log.Info
 
 (* Default VyConf configuration *)
@@ -11,6 +14,7 @@ let log_file = ref None
 
 (* Global data *)
 
+
 (* Command line arguments *)
 let args = [
     ("--no-daemon", Arg.Unit (fun () -> daemonize := false),
@@ -23,6 +27,9 @@ let args = [
     ]
 let usage = "Usage: " ^ Sys.argv.(0) ^ " [options]"
 
+let make_session_token () =
+    Sha1.string (string_of_int (Random.bits ())) |> Sha1.to_hex
+
 let rec handle_connection ic oc () =
     let open Vyconf_pb in
     try%lwt
-- 
cgit v1.2.3