Mercurial Repository: p/roundup/code: roundup/scripts/roundup

comparison roundup/scripts/roundup_server.py @ 5356:91954be46a66

A real fix for the problem where: import random would result in every call to random() returning the same value in the web interface. While cgi/client.py:Client::__init.py__ was calling random.seed(), on most systems random was SystemRandom and not the default random. As a result the random as you would get from: import random was never being seeded. I added a function to access and seed the random bound instance of random.Random that is called during init. This fixes all three places where I saw the broken randomness. It should also fix: http://psf.upfronthosting.co.za/roundup/meta/issue644 I also removed the prior code that would bail if systemRandom was not available.

author	John Rouillard <rouilj@ieee.org>
date	Sun, 08 Jul 2018 11:34:42 -0400
parents	66a17c80e035
children	64b05e24dbd8 8e3df461d316

comparison

equal deleted inserted replaced

-:f3446541e72b
+:91954be46a66
 MULTIPROCESS_TYPES.append("fork")
 DEFAULT_MULTIPROCESS = MULTIPROCESS_TYPES[-1]
 def auto_ssl():
 print _('WARNING: generating temporary SSL certificate')
-import OpenSSL
+import OpenSSL, random
-try:
-# Use the cryptographic source of randomness if available
-from random import SystemRandom
-random=SystemRandom()
-except ImportError:
-raise
-from random import Random
-random=Random()
 pkey = OpenSSL.crypto.PKey()
 pkey.generate_key(OpenSSL.crypto.TYPE_RSA, 768)
 cert = OpenSSL.crypto.X509()
 cert.set_serial_number(random.randint(0, sys.maxint))
 cert.gmtime_adj_notBefore(0)

Mercurial > p > roundup > code

comparison roundup/scripts/roundup_server.py @ 5356:91954be46a66