Skip to content

O
Openfire
Commit 8073bab7 authored by Guus der Kinderen's avatar Guus der Kinderen
Browse files
Options

Improve random distribution of generated stream IDs 

Stream ID generation should be based on a strong random number generator,
should use a wider variety of characters than just hexadecimals, and
could be a bit larger for reduced chance of duplicates.
parent 08eb2993
Show whitespace changes
Inline Side-by-side
Showing with 11 additions and 3 deletions
src/java/org/jivesoftware/openfire/spi/BasicStreamIDFactory.java
View file @ 8073bab7
......@@ -22,6 +22,9 @@ package org.jivesoftware.openfire.spi;
import org.jivesoftware.openfire.StreamID;
import org.jivesoftware.openfire.StreamIDFactory;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Random;
/**
......@@ -33,13 +36,18 @@ import java.util.Random;
public class BasicStreamIDFactory implements StreamIDFactory {
/**
* The random number to use, someone with Java can predict stream IDs if they can guess the current seed *
* The maximum amount of characters in a stream ID that's generated by this implementation.
*/
private static final int MAX_STRING_SIZE = 10;
/**
* The random number to use, someone with Java can predict stream IDs if they can guess the current seed
*/
Random random = new Random();
Random random = new SecureRandom();
@Override
public StreamID createStreamID() {
return new BasicStreamID(Integer.toHexString(random.nextInt()));
return new BasicStreamID(new BigInteger( MAX_STRING_SIZE * 5, random ).toString( 36 ));
}
public StreamID createStreamID(String name) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023