diff options
author | Richard van der Hoff <richard@matrix.org> | 2019-05-03 12:38:03 +0100 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2019-05-03 13:02:55 +0100 |
commit | 247dc1bd0bd9ee2b9525495c0dbd819baf10ec1f (patch) | |
tree | 05f2ee2721066eea82e9605b9f5ce32f379e6fda | |
parent | 0.99.2 (diff) | |
download | synapse-247dc1bd0bd9ee2b9525495c0dbd819baf10ec1f.tar.xz |
Use SystemRandom for token generation
Diffstat (limited to '')
-rw-r--r-- | changelog.d/5133.bugfix | 1 | ||||
-rw-r--r-- | synapse/util/stringutils.py | 9 |
2 files changed, 8 insertions, 2 deletions
diff --git a/changelog.d/5133.bugfix b/changelog.d/5133.bugfix new file mode 100644 index 0000000000..12a32a906b --- /dev/null +++ b/changelog.d/5133.bugfix @@ -0,0 +1 @@ +Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for for identifying and responsibly disclosing this issue! diff --git a/synapse/util/stringutils.py b/synapse/util/stringutils.py index fdcb375f95..69dffd8244 100644 --- a/synapse/util/stringutils.py +++ b/synapse/util/stringutils.py @@ -24,14 +24,19 @@ _string_with_symbols = ( string.digits + string.ascii_letters + ".,;:^&*-_+=#~@" ) +# random_string and random_string_with_symbols are used for a range of things, +# some cryptographically important, some less so. We use SystemRandom to make sure +# we get cryptographically-secure randoms. +rand = random.SystemRandom() + def random_string(length): - return ''.join(random.choice(string.ascii_letters) for _ in range(length)) + return ''.join(rand.choice(string.ascii_letters) for _ in range(length)) def random_string_with_symbols(length): return ''.join( - random.choice(_string_with_symbols) for _ in range(length) + rand.choice(_string_with_symbols) for _ in range(length) ) |