Yann Leboulanger pushed to branch gajim_0.16 at gajim / gajim
Commits:
3dd35f5e by Yann Leboulanger at 2017-11-28T10:47:56+01:00
remove usage of OpenSSL.rand deprecated module. Fixes #8788
- - - - -
2 changed files:
- src/common/crypto.py
- src/gajim.py
Changes:
=====================================
src/common/crypto.py
=====================================
--- a/src/common/crypto.py
+++ b/src/common/crypto.py
@@ -76,50 +76,8 @@ def base28(n):
else:
return base28_chr[n]
-def add_entropy_sources_OpenSSL():
- # Other possibly variable data. This are very low quality sources of
- # entropy, but some of them are installation dependent and can be hard
- # to guess for the attacker.
- # Data available on all platforms Unix, Windows
- sources = [sys.argv, sys.builtin_module_names,
- sys.copyright, sys.getfilesystemencoding(), sys.hexversion,
- sys.modules, sys.path, sys.version, sys.api_version,
- os.environ, os.getcwd(), os.getpid()]
-
- for s in sources:
- OpenSSL.rand.add(str(s), 1)
-
- # The /proc filesystem on POSIX systems contains many random variables:
- # memory statistics, interrupt counts, network packet counts
- if os.name == 'posix':
- dirs = ['/proc', '/proc/net', '/proc/self']
- for d in dirs:
- if os.access(d, os.R_OK):
- for filename in os.listdir(d):
- OpenSSL.rand.add(filename, 0)
- try:
- with open(d + os.sep + filename, "r") as fp:
- # Limit the ammount of read bytes, in case a memory
- # file was opened
- OpenSSL.rand.add(str(fp.read(5000)), 1)
- except IOError:
- # Ignore all read and access errors
- pass
-
-PYOPENSSL_PRNG_PRESENT = False
-try:
- import OpenSSL.rand
- PYOPENSSL_PRNG_PRESENT = True
-except ImportError:
- # PyOpenSSL PRNG not available
- pass
-
def random_bytes(bytes_):
- if PYOPENSSL_PRNG_PRESENT:
- OpenSSL.rand.add(os.urandom(bytes_), bytes_)
- return OpenSSL.rand.bytes(bytes_)
- else:
- return os.urandom(bytes_)
+ return os.urandom(bytes_)
def generate_nonce():
return random_bytes(8)
=====================================
src/gajim.py
=====================================
--- a/src/gajim.py
+++ b/src/gajim.py
@@ -296,20 +296,6 @@ gajimpaths = configpaths.gajimpaths
pid_filename = gajimpaths['PID_FILE']
config_filename = gajimpaths['CONFIG_FILE']
-# Seed the OpenSSL pseudo random number generator from file and initialize
-RNG_SEED = gajimpaths['RNG_SEED']
-PYOPENSSL_PRNG_PRESENT = False
-try:
- import OpenSSL.rand
- from common import crypto
- PYOPENSSL_PRNG_PRESENT = True
- # Seed from file
- OpenSSL.rand.load_file(str(RNG_SEED))
- crypto.add_entropy_sources_OpenSSL()
- OpenSSL.rand.write_file(str(RNG_SEED))
-except ImportError:
- log.info("PyOpenSSL PRNG not available")
-
import traceback
import errno
import dialogs
@@ -456,9 +442,6 @@ except IOError, e2:
del pid_dir
def on_exit():
- # Save the entropy from OpenSSL PRNG
- if PYOPENSSL_PRNG_PRESENT:
- OpenSSL.rand.write_file(str(RNG_SEED))
# delete pid file on normal exit
if os.path.exists(pid_filename):
os.remove(pid_filename)
View it on GitLab:
https://dev.gajim.org/gajim/gajim/commit/3dd35f5e762dcef2cf05e325705d0e7a2db21917
---
View it on GitLab:
https://dev.gajim.org/gajim/gajim/commit/3dd35f5e762dcef2cf05e325705d0e7a2db21917
You're receiving this email because of your account on dev.gajim.org.
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits
