From 691f278cd4876685033cf7377ee77a3220e3d216 Mon Sep 17 00:00:00 2001
From: Fredrik Tolf <fredrik@dolda2000.com>
Date: Thu, 3 Apr 2014 06:02:40 +0200
Subject: [PATCH] Make session.gennonce more sound.

---
 wrw/session.py | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/wrw/session.py b/wrw/session.py
index 1e615e3..0c585a3 100644
--- a/wrw/session.py
+++ b/wrw/session.py
@@ -3,21 +3,12 @@ import cookie, env
 
 __all__ = ["db", "get"]
 
-def hexencode(str):
-    ret = ""
-    for byte in str:
-        ret += "%02X" % (ord(byte),)
-    return ret
-
 def gennonce(length):
-    nonce = ""
-    for i in xrange(length):
-        nonce += chr(random.randint(0, 255))
-    return nonce
+    return os.urandom(length)
 
 class session(object):
     def __init__(self, lock, expire=86400 * 7):
-        self.id = hexencode(gennonce(16))
+        self.id = gennonce(16).encode("hex")
         self.dict = {}
         self.lock = lock
         self.ctime = self.atime = self.mtime = int(time.time())
-- 
2.11.0