From d26ee9e7ed47255c832d1f78b2575bd7b8274557 Mon Sep 17 00:00:00 2001 From: Unrud Date: Sun, 17 May 2020 01:35:44 +0200 Subject: [PATCH] Revert "Use secure RNG for auth delay" This reverts commit 7b79c00ae21347146916722cd53f0be7164b179a. --- radicale/app/__init__.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/radicale/app/__init__.py b/radicale/app/__init__.py index d8fc6e4..5b083e9 100644 --- a/radicale/app/__init__.py +++ b/radicale/app/__init__.py @@ -55,8 +55,6 @@ from radicale.app.put import ApplicationPutMixin from radicale.app.report import ApplicationReportMixin from radicale.log import logger -secure_random = random.SystemRandom() - VERSION = pkg_resources.get_distribution("radicale").version @@ -254,7 +252,7 @@ class Application( # Random delay to avoid timing oracles and bruteforce attacks delay = self.configuration.get("auth", "delay") if delay > 0: - random_delay = delay * (0.5 + secure_random.random()) + random_delay = delay * (0.5 + random.random()) logger.debug("Sleeping %.3f seconds", random_delay) time.sleep(random_delay)