Fixed #8310 -- Actually use the SystemRandom RNG, if available, which fixes an

oversight from [8340]. The previous code worked, but this is what I really
intended.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8346 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Malcolm Tredinnick 2008-08-14 13:54:22 +00:00
parent 4adf048a51
commit 2da6628519
1 changed files with 3 additions and 3 deletions

View File

@ -15,9 +15,9 @@ from django.utils.hashcompat import md5_constructor
# Use the system (hardware-based) random number generator if it exists.
if hasattr(random, 'SystemRandom'):
randint = random.SystemRandom().randint
randrange = random.SystemRandom().randrange
else:
randint = random.randint
randrange = random.randrange
MAX_SESSION_KEY = 18446744073709551616L # 2 << 63
class CreateError(Exception):
@ -135,7 +135,7 @@ class SessionBase(object):
pid = 1
while 1:
session_key = md5_constructor("%s%s%s%s"
% (random.randrange(0, MAX_SESSION_KEY), pid, time.time(),
% (randrange(0, MAX_SESSION_KEY), pid, time.time(),
settings.SECRET_KEY)).hexdigest()
if not self.exists(session_key):
break