git.ipfire.org Git - thirdparty/patchwork.git/commit

author	Jeremy Cline <jcline@redhat.com>
	Wed, 9 Oct 2019 19:03:45 +0000 (15:03 -0400)
committer	Stephen Finucane <stephen@that.guru>
	Thu, 17 Oct 2019 13:07:55 +0000 (14:07 +0100)
commit	bb7626b2f257852f426723de551418753e3dd692
tree	82fec46366fdaeec96b72c15ddf6ea636f918e55	tree \| snapshot
parent	b4f4c8554c1168ffe177dc11ddf9ff1535c1ff31	commit \| diff

Use secrets and fall back to random.SystemRandom for keys

The random module uses the Mersenne Twister pseudorandom number
generator and is not a cryptographically secure random number
generator[0]. The secrets[1] module is intended for generating
cryptographically strong random numbers, so recommend using that to
generate the secret key. It's new in Python 3, so if it's unavailable
fall back to using the ``os.urandom()`` backed implementation of random.

NOTE(stephenfin): Modified to include change to 'config.yaml'. Also
renamed reno to just stick with hyphens for filenames.

[0] https://docs.python.org/3/library/random.html
[1] https://docs.python.org/3/library/secrets.html

Signed-off-by: Jeremy Cline <jcline@redhat.com>
Signed-off-by: Stephen Finucane <stephen@that.guru>

docs/deployment/installation.rst		diff \| blob \| blame \| history
patchwork/settings/production.example.py		diff \| blob \| blame \| history
releasenotes/config.yaml		diff \| blob \| blame \| history
releasenotes/notes/use-secrets-and-fall-back-to-random-SystemRandom-for-keys-9ceb496919a1bb6f.yaml	[new file with mode: 0644]	blob