p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed #8310 -- Actually use the SystemRandom RNG, if available, which fixes an 

oversight from [8340]. The previous code worked, but this is what I really
intended.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8346 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Malcolm Tredinnick 2008-08-14 13:54:22 +00:00
parent 4adf048a51
commit 2da6628519
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
django/contrib/sessions/backends/base.py
View File

@ -15,9 +15,9 @@ from django.utils.hashcompat import md5_constructor
# Use the system (hardware-based) random number generator if it exists. # Use the system (hardware-based) random number generator if it exists.
if hasattr(random, 'SystemRandom'): if hasattr(random, 'SystemRandom'):
randint = random.SystemRandom().randint randrange = random.SystemRandom().randrange
else: else:
randint = random.randint randrange = random.randrange
MAX_SESSION_KEY = 18446744073709551616L # 2 << 63 MAX_SESSION_KEY = 18446744073709551616L # 2 << 63
class CreateError(Exception): class CreateError(Exception):
@ -135,7 +135,7 @@ class SessionBase(object):
pid = 1 pid = 1
while 1: while 1:
session_key = md5_constructor("%s%s%s%s" session_key = md5_constructor("%s%s%s%s"
% (random.randrange(0, MAX_SESSION_KEY), pid, time.time(), % (randrange(0, MAX_SESSION_KEY), pid, time.time(),
settings.SECRET_KEY)).hexdigest() settings.SECRET_KEY)).hexdigest()
if not self.exists(session_key): if not self.exists(session_key):
break break