Commits

Anonymous committed 4a40146

Fixed #8310 -- Actually use the SystemRandom RNG, if available, which fixes an
oversight from [8340]. The previous code worked, but this is what I really
intended.

Comments (0)

Files changed (1)

django/contrib/sessions/backends/base.py

 
 # Use the system (hardware-based) random number generator if it exists.
 if hasattr(random, 'SystemRandom'):
-    randint = random.SystemRandom().randint
+    randrange = random.SystemRandom().randrange
 else:
-    randint = random.randint
+    randrange = random.randrange
 MAX_SESSION_KEY = 18446744073709551616L     # 2 << 63
 
 class CreateError(Exception):
             pid = 1
         while 1:
             session_key = md5_constructor("%s%s%s%s"
-                    % (random.randrange(0, MAX_SESSION_KEY), pid, time.time(),
+                    % (randrange(0, MAX_SESSION_KEY), pid, time.time(),
                        settings.SECRET_KEY)).hexdigest()
             if not self.exists(session_key):
                 break