Mercurial > p > roundup > code
view roundup/cgi/engine_chameleon.py @ 5350:66a17c80e035
Force all uses of random to use SystemRandom and abort if
pseudorandom random.Random would be used rather than
Random.SystemRandom.
random.Random is returning the same value time after time. Even when
being seeded after instantiation, calls to the random.random()
function return the same value like it's not advanceing the state of
the generator.
So "fix" is to force use of system random generator to generate:
one time keys for password reset (action.py)
random passwords when resetting passwords (password.py)
serial number for auto ssl cert generation (roundup_server.py)
Message-ID's in email: mailgw.py, client.py
anti-csrf nonces (templating.py)
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 07 Jul 2018 22:02:41 -0400 |
| parents | 0421390b3094 |
| children | 56c9bcdea47f |
line wrap: on
line source
"""Templating engine adapter for the Chameleon.""" __docformat__ = 'restructuredtext' import os.path import chameleon from roundup.cgi.templating import StringIO, context, TALLoaderBase class Loader(TALLoaderBase): def __init__(self, dir): self.dir = dir self.loader = chameleon.PageTemplateLoader(dir) def load(self, tplname): src, filename = self._find(tplname) return RoundupPageTemplate(self.loader.load(src)) class RoundupPageTemplate(object): def __init__(self, pt): self._pt = pt def render(self, client, classname, request, **options): c = context(client, self, classname, request) c.update({'options': options}) def translate(msgid, domain=None, mapping=None, default=None): result = client.translator.translate(domain, msgid, mapping=mapping, default=default) return unicode(result, client.translator.OUTPUT_ENCODING) output = self._pt.render(None, translate, **c) return output.encode(client.charset) def __getitem__(self, name): return self._pt[name] def __getattr__(self, name): return getattr(self._pt, name)