From: Fredrik Tolf Date: Thu, 3 Apr 2014 04:02:40 +0000 (+0200) Subject: Make session.gennonce more sound. X-Git-Url: http://git.dolda2000.com/gitweb/?a=commitdiff_plain;h=691f278cd4876685033cf7377ee77a3220e3d216;p=wrw.git Make session.gennonce more sound. --- diff --git a/wrw/session.py b/wrw/session.py index 1e615e3..0c585a3 100644 --- a/wrw/session.py +++ b/wrw/session.py @@ -3,21 +3,12 @@ import cookie, env __all__ = ["db", "get"] -def hexencode(str): - ret = "" - for byte in str: - ret += "%02X" % (ord(byte),) - return ret - def gennonce(length): - nonce = "" - for i in xrange(length): - nonce += chr(random.randint(0, 255)) - return nonce + return os.urandom(length) class session(object): def __init__(self, lock, expire=86400 * 7): - self.id = hexencode(gennonce(16)) + self.id = gennonce(16).encode("hex") self.dict = {} self.lock = lock self.ctime = self.atime = self.mtime = int(time.time())