From b425b5041cf784b7c24abcc82e5573cd79304bf7 Mon Sep 17 00:00:00 2001
From: Igor Pashev <pashev.igor@gmail.com>
Date: Sat, 28 Apr 2018 10:16:13 +0300
Subject: Use 64 bytes long key by default

It is padded with zeros to 64 bytes anyway if the length is less.
---
 sproxy.example.yml   | 5 ++---
 src/Sproxy/Server.hs | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/sproxy.example.yml b/sproxy.example.yml
index f87d97b..e71b23a 100644
--- a/sproxy.example.yml
+++ b/sproxy.example.yml
@@ -105,11 +105,10 @@ ssl_key: /path/key.pem
 
 
 # Arbitrary string used to sign sproxy cookie and other things (secret!).
-# Optional. If not specified, a random key is generated on startup, and
-# as a consequence, restaring sproxy will invalidate existing user sessions.
+# Optional. If not specified, a random key of length 64 is generated on startup,
+# and as a consequence, restaring sproxy will invalidate existing user sessions.
 # This option could be useful for load-balancing with multiple sproxy instances,
 # when all instances must understand cookies created by each other.
-# This should not be very large, a few random bytes are fine.
 #
 # key: !include /run/keys/sproxy.secret
 
diff --git a/src/Sproxy/Server.hs b/src/Sproxy/Server.hs
index 809d242..6d8b19c 100644
--- a/src/Sproxy/Server.hs
+++ b/src/Sproxy/Server.hs
@@ -75,7 +75,7 @@ server configFile = do
   db <- DB.start (cfHome cf) ds
   key <-
     maybe
-      (Log.info "using new random key" >> getEntropy 32)
+      (Log.info "using new random key" >> getEntropy 64)
       (return . pack)
       (cfKey cf)
   let settings =
-- 
cgit v1.2.3