So secrets.py needs an upgrade; it currently uses random.SysRandom. On Thursday, June 9, 2016, Tim Peters <tim.pet...@gmail.com> wrote:
> [Nikolaus Rath] > >> Aeh, what the tin says is "return random bytes". > > [Larry Hastings] > > What the tin says is "urandom", which has local man pages that dictate > > exactly how it behaves. On Linux the "urandom" man page says: > > > > A read from the /dev/urandom device will not block waiting for more > entropy. > > If there is not sufficient entropy, a pseudorandom number generator > is used > > to create the requested bytes. > > > > os.urandom() needs to behave like that on Linux, which is how it behaved > in > > Python 2.4 through 3.4. > > I agree (with Larry). If the change hadn't already been made, nobody > would get anywhere trying to make it now. So best to pretend it was > never made to begin with ;-) > > The tin that _will_ say "return random bytes" in Python will > be`secrets.token_bytes()`. That's self-evidently (to me) where the > "possibly block forever" implementation belongs. > _______________________________________________ > Python-Dev mailing list > Python-Dev@python.org <javascript:;> > https://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: > https://mail.python.org/mailman/options/python-dev/guido%40python.org > -- --Guido (mobile)
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
