CGI-MxScreen
view release on metacpan or search on metacpan
Makefile.PL view on Meta::CPAN
use ExtUtils::MakeMaker;
eval q(use Carp::Datum::MakeMaker;);
WriteMakefile(
'NAME' => 'CGI::MxScreen',
'VERSION_FROM' => 'MxScreen.pm', # finds $VERSION
'PREREQ_PM' => {
'CGI::Test' => '0.103',
'Carp::Datum' => '0',
'Crypt::Blowfish' => '0',
'Crypt::CBC' => '1.22',
'Digest::MD5' => '0',
'Getargs::Long' => '0.103',
'LockFile::Simple' => '0.205',
'Log::Agent' => '0.208',
'Log::Agent::Logger' => '0.101',
'Log::Agent::Rotate' => '0.103',
'Storable' => '1.011',
'Time::HiRes' => '0',
},
'LIBS' => [''], # e.g., '-lm'
MxScreen/Session/Medium/Browser.pm view on Meta::CPAN
my ($id) = @_;
DREQUIRE $id == NO_SESSION_ID, "session ID unused";
DREQUIRE defined $self->serializer, "already called set_serializer()";
my $md5 = CGI::param(MX_MD5);
DASSERT length $md5, "session MD5 checksum exists";
CGI::delete(MX_MD5);
require MIME::Base64;
require Crypt::CBC;
require Digest::MD5;
my $decoded = MIME::Base64::decode(CGI::param(MX_CONTEXT));
my $cipher = new Crypt::CBC($self->key, CRYPT_ALGO);
my $decrypted = $cipher->decrypt($decoded);
CGI::delete(MX_CONTEXT);
#
# Before attempting to de-serialize, check the MD5 certificate.
# Deserialization would fail anyway if the context was "corrupted".
#
my $digest = Digest::MD5::md5_base64($decrypted);
if ($digest ne $md5) {
MxScreen/Session/Medium/Browser.pm view on Meta::CPAN
DFEATURE my $f_;
my $self = shift;
my ($id, $context) = @_;
DREQUIRE $id == NO_SESSION_ID, "session ID unused";
DREQUIRE defined $self->serializer, "already called set_serializer()";
my $frozen = $self->serializer->serialize($context);
require MIME::Base64;
require Crypt::CBC;
require Digest::MD5;
#
# Compute MD5 checksum and encrypt context.
#
# XXX add logging support, when we have a log object:
# XXX
# XXX $self->log->debug("context size: $ls -> $le ($rate%)");
# XXX
# XXX With: my ($ls, $lc, $le) = (length $serialized, length $compressed,
# XXX length $encoded);
#
my $md5 = Digest::MD5::md5_base64($frozen);
my $cipher = new Crypt::CBC($self->key, CRYPT_ALGO);
my $crypted = $cipher->encrypt($frozen);
my $encoded = MIME::Base64::encode($crypted);
#
# Return the hidden parameters to generate in the HTML output.
#
my $ret = {
&MX_MD5 => $md5,
&MX_CONTEXT => $encoded,
MxScreen/Session/Medium/Browser.pm view on Meta::CPAN
=head1 SYNOPSIS
# Not meant to be used directly
=head1 DESCRIPTION
This saves the session within the browser, and therefore does not require
any storage on the server side, compared to other session media.
The context is serialized within a hidden parameter, along with an MD5
checksum. The whole thing is encrypted with C<Crypt::CBC(Blowfish)> to
prevent accidental user peeking and/or tampering.
The creation routine takes the following mandatory argument:
=over 4
=item C<-key> => I<string>
The encryption key to protect the context.
( run in 1.814 second using v1.01-cache-2.11-cpan-e1769b4cff6 )