LP #1071067: Use a stronger random number generator and a constant time comparison function.

fb54f38a · Hanno Schlichting · ebddcb13 · fb54f38a · fb54f38a · fb54f38a
Commit fb54f38a authored Oct 31, 2012 by Hanno Schlichting
Showing with 36 additions and 9 deletions

doc/CHANGES.rst doc/CHANGES.rst +5 -2

setup.py setup.py +1 -1

src/Products/Sessions/BrowserIdManager.py src/Products/Sessions/BrowserIdManager.py +29 -5

versions.cfg versions.cfg +1 -1

No files found.
--- a/doc/CHANGES.rst
+++ b/doc/CHANGES.rst
@@ -5,12 +5,12 @@ This file contains change information for the current Zope release.
 Change information for previous versions of Zope can be found at
 http://docs.zope.org/zope2/releases/.

-2.13.19 (unreleased)
+2.13.19 (2012-10-31)
 --------------------

 - Updated distributions:

-  - AccessControl = 2.13.11
+  - AccessControl = 2.13.12
  - distribute = 0.6.29
  - mr.developer = 1.22
  - pytz = 2012g
@@ -18,6 +18,9 @@ http://docs.zope.org/zope2/releases/.
  - repoze.tm2 = 1.0
  - tempstorage = 2.12.2

+- LP #1071067: Use a stronger random number generator and a constant time
+  comparison function.
+
 - LP #1061247: Fix ZMI properties edit form for properties named `method`.

 - LP #1058049: Fix support for zoperunner section in zope.conf.

--- a/setup.py
+++ b/setup.py
@@ -23,7 +23,7 @@ if sys.platform[:3].lower() == "win":


 setup(name='Zope2',
-    version='2.13.19dev',
+    version='2.13.19',
    url='http://zope2.zope.org',
    license='ZPL 2.1',
    description='Zope2 application server / web framework',

--- a/src/Products/Sessions/BrowserIdManager.py
+++ b/src/Products/Sessions/BrowserIdManager.py
@@ -10,10 +10,12 @@
 # FOR A PARTICULAR PURPOSE
 #
 ############################################################################
+
 import binascii
 from cgi import escape
+from hashlib import sha256
 import logging
-import random
+import os
 import re
 import string
 import sys
@@ -63,6 +65,29 @@ TRAVERSAL_APPHANDLE = 'BrowserIdManager'

 LOG = logging.getLogger('Zope.BrowserIdManager')

+# Use the system PRNG if possible
+import random
+try:
+    random = random.SystemRandom()
+    using_sysrandom = True
+except NotImplementedError:
+    using_sysrandom = False
+
+
+def _randint(start, end):
+    if not using_sysrandom:
+        # This is ugly, and a hack, but it makes things better than
+        # the alternative of predictability. This re-seeds the PRNG
+        # using a value that is hard for an attacker to predict, every
+        # time a random string is required. This may change the
+        # properties of the chosen random sequence slightly, but this
+        # is better than absolute predictability.
+        random.seed(sha256(
+            "%s%s%s" % (random.getstate(), time.time(), os.getpid())
+        ).digest())
+    return random.randint(start, end)
+
+
 def constructBrowserIdManager(
    self, id=BROWSERID_MANAGER_NAME, title='', idname='_ZopeId',
    location=('cookies', 'form'), cookiepath='/', cookiedomain='',
@@ -555,7 +580,7 @@ def isAWellFormedBrowserId(bid, binerr=binascii.Error):
        return None


-def getNewBrowserId(randint=random.randint, maxint=99999999):
+def getNewBrowserId(randint=_randint, maxint=99999999):
    """ Returns 19-character string browser id
    'AAAAAAAABBBBBBBB'
    where:
@@ -570,5 +595,4 @@ def getNewBrowserId(randint=random.randint, maxint=99999999):

    An example is: 89972317A0C3EHnUi90w
    """
-    return '%08i%s' % (randint(0, maxint-1), getB64TStamp())
-
+    return '%08i%s' % (randint(0, maxint - 1), getB64TStamp())
--- a/versions.cfg
+++ b/versions.cfg
@@ -4,7 +4,7 @@ versions = versions

 [versions]
 # Zope2-specific
-Zope2 =
+Zope2 = 2.13.19
 AccessControl = 2.13.11
 Acquisition = 2.13.8
 DateTime = 2.12.7