Fix missing cookie hashing

src/lib/server/eliommod_datasess.ml

@@ -120,29 +120,22 @@ let rec find_or_create_data_cookie ?set_session_group
     in
     let fullsessgrp = fullsessgrp ~cookie_level ~sp set_session_group in
 
-    let rec aux () =
-      let c = Eliommod_cookies.make_new_session_id () in
-      (* Just to be sure it is not already used.
-         Actually not needed for the cookies we use *)
-      if Eliom_common.SessionCookies.mem table c
-      then aux ()
-      else c
-    in
-    let c = aux () in
+    let c = Eliommod_cookies.make_new_session_id () in
+    let hc = Eliom_common.hash_cookie c in
     let usertimeout = ref Eliom_common.TGlobal (* See global table *) in
     let serverexp = ref None (* Some 0. *) (* None = never. We'll change it later. *) in
     let fullsessgrpref = ref fullsessgrp in
-    let node = Eliommod_sessiongroups.Data.add sitedata c fullsessgrp in
+    let node = Eliommod_sessiongroups.Data.add sitedata hc fullsessgrp in
     Eliom_common.SessionCookies.replace
       (* actually it will add the cookie *)
       table
-      c
+      hc
       (full_st_name,
        serverexp (* exp on server *),
        usertimeout,
        fullsessgrpref,
        node);
-    {Eliom_common.dc_hvalue= Eliom_common.hash_cookie c;
+    {Eliom_common.dc_hvalue= hc;
      Eliom_common.dc_set_value= Some c;
      Eliom_common.dc_timeout= usertimeout;
      Eliom_common.dc_exp= serverexp;

src/lib/server/eliommod_persess.ml

@@ -138,10 +138,11 @@ let rec find_or_create_persistent_cookie_
     let fullsessgrp = fullsessgrp ~cookie_level ~sp set_session_group in
 
     let c = Eliommod_cookies.make_new_session_id () in
+    let hc = Eliom_common.hash_cookie c in
   (* We do not need to verify if it already exists.
      make_new_session_id does never generate twice the same cookie. *)
     let usertimeout = ref Eliom_common.TGlobal (* See global table *) in
-    Persistent_cookies.add c
+    Persistent_cookies.add hc
       (full_st_name,
        None (* Some 0. *) (* exp on server - We'll change it later *),
        Eliom_common.TGlobal (* timeout - see global config *),
@@ -150,13 +151,13 @@ let rec find_or_create_persistent_cookie_
     Eliommod_sessiongroups.Pers.add
       ?set_max:set_max_in_group
       (fst sitedata.Eliom_common.max_persistent_data_sessions_per_group)
-      c fullsessgrp >>= fun l ->
+      hc fullsessgrp >>= fun l ->
     Lwt_list.iter_p (close_persistent_state2
                      ~scope:(cookie_scope :> Eliom_common.user_scope)
                      sitedata None) l
     >>= fun () ->
     Lwt.return
-      { Eliom_common.pc_hvalue= Eliom_common.hash_cookie c;
+      { Eliom_common.pc_hvalue= hc;
         Eliom_common.pc_set_value= Some c;
         Eliom_common.pc_timeout= usertimeout;
         Eliom_common.pc_cookie_exp =

src/lib/server/eliommod_sersess.ml

@@ -116,31 +116,24 @@ let rec find_or_create_service_cookie_ ?set_session_group
     in
     let fullsessgrp = fullsessgrp ~cookie_level ~sp set_session_group in
 
-    let rec aux () =
-      let c = Eliommod_cookies.make_new_session_id () in
-      (* Just to be sure it is not already used.
-         Actually not needed for the cookies we use *)
-      if Eliom_common.SessionCookies.mem table c
-      then aux ()
-      else c
-    in
-    let c = aux () in
+    let c = Eliommod_cookies.make_new_session_id () in
+    let hc = Eliom_common.hash_cookie c in
     let str = ref (Eliom_common.new_service_session_tables sitedata) in
     let usertimeout = ref Eliom_common.TGlobal (* See global table *) in
     let serverexp = ref None (*Some 0.*) (* None = never. We'll change it later. *) in
     let fullsessgrpref = ref fullsessgrp in
-    let node = Eliommod_sessiongroups.Serv.add sitedata c fullsessgrp in
+    let node = Eliommod_sessiongroups.Serv.add sitedata hc fullsessgrp in
     Eliom_common.SessionCookies.replace
       (* actually it will add the cookie *)
       table
-      c
+      hc
       (full_st_name,
        !str,
        serverexp (* exp on server *),
        usertimeout,
        fullsessgrpref,
        node);
-    {Eliom_common.sc_hvalue= Eliom_common.hash_cookie c;
+    {Eliom_common.sc_hvalue= hc;
      Eliom_common.sc_set_value= Some c;
      Eliom_common.sc_table= str;
      Eliom_common.sc_timeout= usertimeout;