Refs #27635 -- Removed fallback when SystemRandom() isn't available that doesn't work.

Fallback was untested and likely never triggered.

django/utils/crypto.py

@@ -4,21 +4,10 @@ Django's standard crypto functions and utilities.
 import hashlib
 import hmac
 import random
-import time
 
 from django.conf import settings
 from django.utils.encoding import force_bytes
 
-# Use the system PRNG if possible
-try:
-    random = random.SystemRandom()
-    using_sysrandom = True
-except NotImplementedError:
-    import warnings
-    warnings.warn('A secure pseudo-random number generator is not available '
-                  'on your system. Falling back to Mersenne Twister.')
-    using_sysrandom = False
-
 
 def salted_hmac(key_salt, value, secret=None):
     """
@@ -54,18 +43,6 @@ def get_random_string(length=12,
     The default length of 12 with the a-z, A-Z, 0-9 character set returns
     a 71-bit value. log_2((26+26+10)^12) =~ 71 bits
     """
-    if not using_sysrandom:
-        # This is ugly, and a hack, but it makes things better than
-        # the alternative of predictability. This re-seeds the PRNG
-        # using a value that is hard for an attacker to predict, every
-        # time a random string is required. This may change the
-        # properties of the chosen random sequence slightly, but this
-        # is better than absolute predictability.
-        random.seed(
-            hashlib.sha256(
-                ('%s%s%s' % (random.getstate(), time.time(), settings.SECRET_KEY)).encode()
-            ).digest()
-        )
     return ''.join(random.choice(allowed_chars) for i in range(length))