1 files changed, 63 insertions, 0 deletions

diff --git a/actionpack/lib/action_controller/cgi_ext/session.rb b/actionpack/lib/action_controller/cgi_ext/session.rb
new file mode 100644
index 0000000000..0213ce91bd
--- /dev/null
+++ b/actionpack/lib/action_controller/cgi_ext/session.rb
@@ -0,0 +1,63 @@
+require 'digest/md5'
+require 'cgi/session'
+require 'cgi/session/pstore'
+
+class CGI #:nodoc:
+  # * Expose the CGI instance to session stores.
+  # * Don't require 'digest/md5' whenever a new session id is generated.
+  class Session #:nodoc:
+    # Generate an MD5 hash including the time, a random number, the process id,
+    # and a constant string. This is used to generate session ids but may be
+    # reused elsewhere.
+    def self.generate_unique_id(constant = 'foobar')
+      md5 = Digest::MD5.new
+      now = Time.now
+      md5 << now.to_s
+      md5 << String(now.usec)
+      md5 << String(rand(0))
+      md5 << String($$)
+      md5 << constant
+      md5.hexdigest
+    end
+
+    # Make the CGI instance available to session stores.
+    attr_reader :cgi
+    attr_reader :dbman
+    alias_method :initialize_without_cgi_reader, :initialize
+    def initialize(cgi, options = {})
+      @cgi = cgi
+      initialize_without_cgi_reader(cgi, options)
+    end
+
+    private
+      # Create a new session id.
+      def create_new_id
+        @new_session = true
+        self.class.generate_unique_id
+      end
+
+    # * Don't require 'digest/md5' whenever a new session is started.
+    class PStore #:nodoc:
+      def initialize(session, option={})
+        dir = option['tmpdir'] || Dir::tmpdir
+        prefix = option['prefix'] || ''
+        id = session.session_id
+        md5 = Digest::MD5.hexdigest(id)[0,16]
+        path = dir+"/"+prefix+md5
+        path.untaint
+        if File::exist?(path)
+          @hash = nil
+        else
+          unless session.new_session
+            raise CGI::Session::NoSession, "uninitialized session"
+          end
+          @hash = {}
+        end
+        @p = ::PStore.new(path)
+        @p.transaction do |p|
+          File.chmod(0600, p.path)
+        end
+      end
+    end
+  end
+end