diff options
| -rw-r--r-- | sproxy.example.yml | 5 | ||||
| -rw-r--r-- | src/Sproxy/Server.hs | 2 |
2 files changed, 3 insertions, 4 deletions
diff --git a/sproxy.example.yml b/sproxy.example.yml index f87d97b..e71b23a 100644 --- a/sproxy.example.yml +++ b/sproxy.example.yml @@ -105,11 +105,10 @@ ssl_key: /path/key.pem # Arbitrary string used to sign sproxy cookie and other things (secret!). -# Optional. If not specified, a random key is generated on startup, and -# as a consequence, restaring sproxy will invalidate existing user sessions. +# Optional. If not specified, a random key of length 64 is generated on startup, +# and as a consequence, restaring sproxy will invalidate existing user sessions. # This option could be useful for load-balancing with multiple sproxy instances, # when all instances must understand cookies created by each other. -# This should not be very large, a few random bytes are fine. # # key: !include /run/keys/sproxy.secret diff --git a/src/Sproxy/Server.hs b/src/Sproxy/Server.hs index 809d242..6d8b19c 100644 --- a/src/Sproxy/Server.hs +++ b/src/Sproxy/Server.hs @@ -75,7 +75,7 @@ server configFile = do db <- DB.start (cfHome cf) ds key <- maybe - (Log.info "using new random key" >> getEntropy 32) + (Log.info "using new random key" >> getEntropy 64) (return . pack) (cfKey cf) let settings = |