Use system random where applicable

One of the bandit checks is to attempt to use the system random library (which is better at producing randomness) vs using the default random class, this change uses the system random where applicable. See: https://wiki.openstack.org/wiki/Security/Projects/Bandit Change-Id: I15ae3c99267b2dd9dc9ceccd427f6c0aef6ae8da
2015-09-14 12:23:33 -07:00 · 2015-09-14 12:23:33 -07:00 · 6e2b0f7799
commit 6e2b0f7799
parent 04582bc219
2 changed files with 6 additions and 5 deletions
--- a/ironic_python_agent/backoff.py
+++ b/ironic_python_agent/backoff.py
@ -75,6 +75,7 @@ class BackOffLoopingCall(loopingcall.LoopingCallBase):
             timeout.
    """

+    _RNG = random.SystemRandom()
    _KIND = 'Dynamic backoff interval looping call'
    _RUN_ONLY_ONE_MESSAGE = ("A dynamic backoff interval looping call can"
                             " only run one function at a time")
@ -94,7 +95,7 @@ class BackOffLoopingCall(loopingcall.LoopingCallBase):
        self._interval = starting_interval

        def _idle_for(success, _elapsed):
-            random_jitter = random.gauss(jitter, 0.1)
+            random_jitter = self._RNG.gauss(jitter, 0.1)
            if success:
                # Reset error state now that it didn't error...
                self._interval = starting_interval
--- a/ironic_python_agent/tests/unit/test_backoff.py
+++ b/ironic_python_agent/tests/unit/test_backoff.py
@ -21,7 +21,7 @@ from ironic_python_agent import backoff


 class TestBackOffLoopingCall(unittest.TestCase):
-    @mock.patch('random.gauss')
+    @mock.patch('random.SystemRandom.gauss')
    @mock.patch('eventlet.greenthread.sleep')
    def test_exponential_backoff(self, sleep_mock, random_mock):
        def false():
@ -45,7 +45,7 @@ class TestBackOffLoopingCall(unittest.TestCase):
                          mock.call(109.95116277760006)]
        self.assertEqual(expected_times, sleep_mock.call_args_list)

-    @mock.patch('random.gauss')
+    @mock.patch('random.SystemRandom.gauss')
    @mock.patch('eventlet.greenthread.sleep')
    def test_no_backoff(self, sleep_mock, random_mock):
        random_mock.return_value = 1
@ -60,7 +60,7 @@ class TestBackOffLoopingCall(unittest.TestCase):
        self.assertEqual(expected_times, sleep_mock.call_args_list)
        self.assertTrue(retvalue, 'return value')

-    @mock.patch('random.gauss')
+    @mock.patch('random.SystemRandom.gauss')
    @mock.patch('eventlet.greenthread.sleep')
    def test_no_sleep(self, sleep_mock, random_mock):
        # Any call that executes properly the first time shouldn't sleep
@ -73,7 +73,7 @@ class TestBackOffLoopingCall(unittest.TestCase):
        self.assertFalse(sleep_mock.called)
        self.assertTrue(retvalue, 'return value')

-    @mock.patch('random.gauss')
+    @mock.patch('random.SystemRandom.gauss')
    @mock.patch('eventlet.greenthread.sleep')
    def test_max_interval(self, sleep_mock, random_mock):
        def false():