From 89bebc6b037faf9c593c12568e48538cd541b239 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= <ondra@ondrovo.com>
Date: Sun, 9 Feb 2020 21:51:16 +0100
Subject: [PATCH] change rng to OsRng, version bump

---
 CHANGELOG.md | 7 +++++++
 Cargo.toml   | 4 ++--
 src/lib.rs   | 4 ++--
 3 files changed, 11 insertions(+), 4 deletions(-)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..0accbe0
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,7 @@
+# [unreleased]
+
+- ...
+
+# [0.2.1]
+
+- change from `thread_rng` to `OsRng` for better session ID entropy
diff --git a/Cargo.toml b/Cargo.toml
index 875017f..ddbb4ff 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "rocket_session"
-version = "0.2.0"
+version = "0.2.1"
 authors = ["Ondřej Hruška <ondra@ondrovo.com>"]
 edition = "2018"
 license = "MIT"
@@ -16,6 +16,6 @@ categories = [
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-rand = "0.7.2"
+rand = "0.7.3"
 rocket = "0.4.2"
 parking_lot = "0.10.0"
diff --git a/src/lib.rs b/src/lib.rs
index 3d8d3d1..dfc7d1d 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,5 +1,5 @@
 use parking_lot::{Mutex, RwLock, RwLockUpgradableReadGuard};
-use rand::Rng;
+use rand::{Rng, rngs::OsRng};
 
 use rocket::{
     fairing::{self, Fairing, Info},
@@ -176,7 +176,7 @@ where
 
                     // Find a new unique ID - we are still safely inside the write guard
                     let new_id = SessionID(loop {
-                        let token: String = rand::thread_rng()
+                        let token: String = OsRng
                             .sample_iter(&rand::distributions::Alphanumeric)
                             .take(store.config.cookie_len)
                             .collect();