diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2019-05-03 15:39:30 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-03 15:39:30 +0100 |
| commit | 1acfb9e9f0aa6a734b11a14d10b037e69679371d (patch) | |
| tree | 1e087b3c0d194c46300b67face5ef03accb00f21 | |
| parent | 0.99.3 (diff) | |
| parent | typo (diff) | |
| download | synapse-1acfb9e9f0aa6a734b11a14d10b037e69679371d.tar.xz | |
Merge pull request #5133 from matrix-org/rav/systemrandom
Use SystemRandom for token generation.
| -rw-r--r-- | changelog.d/5133.bugfix | 1 | ||||
| -rw-r--r-- | synapse/util/stringutils.py | 9 |
2 files changed, 8 insertions, 2 deletions
diff --git a/changelog.d/5133.bugfix b/changelog.d/5133.bugfix new file mode 100644 index 0000000000..be6474a692 --- /dev/null +++ b/changelog.d/5133.bugfix @@ -0,0 +1 @@ +Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue! diff --git a/synapse/util/stringutils.py b/synapse/util/stringutils.py index fdcb375f95..69dffd8244 100644 --- a/synapse/util/stringutils.py +++ b/synapse/util/stringutils.py @@ -24,14 +24,19 @@ _string_with_symbols = ( string.digits + string.ascii_letters + ".,;:^&*-_+=#~@" ) +# random_string and random_string_with_symbols are used for a range of things, +# some cryptographically important, some less so. We use SystemRandom to make sure +# we get cryptographically-secure randoms. +rand = random.SystemRandom() + def random_string(length): - return ''.join(random.choice(string.ascii_letters) for _ in range(length)) + return ''.join(rand.choice(string.ascii_letters) for _ in range(length)) def random_string_with_symbols(length): return ''.join( - random.choice(_string_with_symbols) for _ in range(length) + rand.choice(_string_with_symbols) for _ in range(length) ) |