Merge pull request #79 from YunoHost/crypto_random

[fix] uses a cryptographically secure source of randomness
This commit is contained in:
Laurent Peuch 2017-05-17 21:37:55 +02:00 committed by GitHub
commit 96b077fe02

View file

@ -27,12 +27,17 @@ local config = require "config"
flashs = {} flashs = {}
i18n = {} i18n = {}
-- convert a string to a hex
function tohex(str)
return (str:gsub('.', function (c)
return string.format('%02X', string.byte(c))
end))
end
-- Efficient function to get a random string -- Efficient function to get a random string
function random_string() function random_string()
math.randomseed( tonumber(tostring(socket.gettime()*10000):reverse()) ) local random_bytes = io.open("/dev/urandom"):read(64);
str = tostring(math.random()):sub(3) return tohex(random_bytes);
socket.sleep(1e-400)
return str
end end
-- Load translations in the "i18n" above table -- Load translations in the "i18n" above table