Apache::Session::Generate::MD5 - Use MD5 to create random object IDs
$id = Apache::SessionX::Generate::MD5::generate($string);
This module fulfills the ID generation interface of Apache::SessionX. If you
don't give the argument $string, the IDs are generated using a two-round MD5
of a random number, the time since the epoch, the process ID, and the address
of an anonymous hash. The resultant ID number is highly entropic on Linux and
other platforms that have good random number generators. You are encouraged to
investigate the quality of your system's random number generator if you are
using the generated ID numbers in a secure environment. If you give $string
the ID is the MD5 hash of that string.
This module can also examine session IDs to ensure that they are, indeed,
session ID numbers and not evil attacks. The reader is encouraged to consider
the effect of bogus session ID numbers in a system which uses these ID numbers
to access disks and databases.
This modules takes one argument in the usual Apache::Session style. The argument
is IDLength, and the value, between 0 and 32, tells this module where to
truncate the session ID. Without this argument, the session ID will be 32
hexadecimal characters long, equivalent to a 128-bit key.
This module was written by Jeffrey William Baker <email@example.com> and
modified by Gerald Richter <firstname.lastname@example.org>.