From 6791fa41e06beab23bc7832a3bfa9ab28adf1e34 Mon Sep 17 00:00:00 2001 From: Ollie Leahy Date: Fri, 30 May 2014 11:57:02 +0000 Subject: [PATCH] Use os.urandom in volume transfer This patch replaces a call to random.random() with a call to os.urandom(), which generates a higher quality random number. Closes-Bug: #1319643 Change-Id: Ifaa2216d4905f5286884629beac52b25249d621f --- cinder/transfer/api.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/cinder/transfer/api.py b/cinder/transfer/api.py index cc65edd5b..1ec533aa5 100644 --- a/cinder/transfer/api.py +++ b/cinder/transfer/api.py @@ -18,10 +18,9 @@ Handles all requests relating to transferring ownership of volumes. """ -import datetime import hashlib import hmac -import random +import os from oslo.config import cfg @@ -81,9 +80,13 @@ class API(base.Base): def _get_random_string(self, length): """Get a random hex string of the specified length.""" rndstr = "" - random.seed(datetime.datetime.now().microsecond) + + # Note that the string returned by this function must contain only + # characters that the recipient can enter on their keyboard. The + # function ssh224().hexdigit() achieves this by generating a hash + # which will only contain hexidecimal digits. while len(rndstr) < length: - rndstr += hashlib.sha224(str(random.random())).hexdigest() + rndstr += hashlib.sha224(os.urandom(255)).hexdigest() return rndstr[0:length] -- 2.45.2