From da605eb84f7d5de741225ff936447db01690a04f Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justin@fathomdb.com>
Date: Mon, 14 Mar 2011 20:48:33 -0700
Subject: Don't generate insecure passwords where it's easy to use urandom
 instead

---
 nova/console/manager.py |  2 +-
 nova/console/xvp.py     |  4 ----
 nova/utils.py           | 15 ++++++++++-----
 3 files changed, 11 insertions(+), 10 deletions(-)

(limited to 'nova')

diff --git a/nova/console/manager.py b/nova/console/manager.py
index 57c75cf4f..bfa571ea9 100644
--- a/nova/console/manager.py
+++ b/nova/console/manager.py
@@ -69,7 +69,7 @@ class ConsoleProxyManager(manager.Manager):
         except exception.NotFound:
             logging.debug(_("Adding console"))
             if not password:
-                password = self.driver.generate_password()
+                password = utils.generate_password(8)
             if not port:
                 port = self.driver.get_port(context)
             console_data = {'instance_name': name,
diff --git a/nova/console/xvp.py b/nova/console/xvp.py
index 68d8c8565..0cedfbb13 100644
--- a/nova/console/xvp.py
+++ b/nova/console/xvp.py
@@ -91,10 +91,6 @@ class XVPConsoleProxy(object):
         """Trim password to length, and encode"""
         return self._xvp_encrypt(password)
 
-    def generate_password(self, length=8):
-        """Returns random console password"""
-        return os.urandom(length * 2).encode('base64')[:length]
-
     def _rebuild_xvp_conf(self, context):
         logging.debug(_("Rebuilding xvp conf"))
         pools = [pool for pool in
diff --git a/nova/utils.py b/nova/utils.py
index 87e726394..9c8b27d56 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -263,12 +263,17 @@ def generate_mac():
 
 
 def generate_password(length=20):
-    """Generate a random sequence of letters and digits
-    to be used as a password. Note that this is not intended
-    to represent the ultimate in security.
+    """Generate a random alphanumeric password, avoiding 'confusing' O,0,I,1.
+
+    Believed to be reasonably secure (with a reasonable password length!)
     """
-    chrs = string.letters + string.digits
-    return "".join([random.choice(chrs) for i in xrange(length)])
+    # 26 letters, 10 digits = 36
+    # Remove O, 0, I, 1 => 32 digits
+    # 32 digits means we're just using the low 5 bit of each byte
+    chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789"
+
+    random_bytes = os.urandom(length)
+    return "".join([chrs[ord(random_bytes[i]) % 32] for i in xrange(length)])
 
 
 def last_octet(address):
-- 
cgit 


From 3d0cde272e3227978c5875c811c93e1e3df692ed Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justin@fathomdb.com>
Date: Mon, 14 Mar 2011 21:01:48 -0700
Subject: Clarify the logic in using 32 symbols

---
 nova/utils.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'nova')

diff --git a/nova/utils.py b/nova/utils.py
index 9c8b27d56..0510c3cbe 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -267,9 +267,10 @@ def generate_password(length=20):
 
     Believed to be reasonably secure (with a reasonable password length!)
     """
-    # 26 letters, 10 digits = 36
-    # Remove O, 0, I, 1 => 32 digits
-    # 32 digits means we're just using the low 5 bit of each byte
+    # 26 letters, 10 digits = 36 choices
+    # Remove O, 0, I, 1 => 32 choices
+    # 32 choices means we're just using the low 5 bit of each byte,
+    # so there's no bias introduced by using a modulo
     chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789"
 
     random_bytes = os.urandom(length)
-- 
cgit 


From 22aad6700124411aceed0b2bd3953cbbc48b6130 Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justin@fathomdb.com>
Date: Tue, 15 Mar 2011 11:24:07 -0700
Subject: Use random.SystemRandom for easy secure randoms, configurable symbol
 set by default including mixed-case

---
 nova/utils.py | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

(limited to 'nova')

diff --git a/nova/utils.py b/nova/utils.py
index 0510c3cbe..199ee8701 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -262,19 +262,25 @@ def generate_mac():
     return ':'.join(map(lambda x: "%02x" % x, mac))
 
 
-def generate_password(length=20):
-    """Generate a random alphanumeric password, avoiding 'confusing' O,0,I,1.
+# Default symbols to use for passwords. Avoids visually confusing characters.
+# ~6 bits per symbol
+DEFAULT_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0,1
+                            "ABCDEFGHJKLMNPQRSTUVWXYZ"  # Removed: I, O
+                            "abcdefghijkmnopqrstuvwxyz")  # Removed: l
+
+
+# ~5 bits per symbol
+EASIER_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0, 1
+                           "ABCDEFGHJKLMNPQRSTUVWXYZ")  # Removed: I, O
+
+
+def generate_password(length=20, symbols=DEFAULT_PASSWORD_SYMBOLS):
+    """Generate a random password from the supplied symbols.
 
     Believed to be reasonably secure (with a reasonable password length!)
     """
-    # 26 letters, 10 digits = 36 choices
-    # Remove O, 0, I, 1 => 32 choices
-    # 32 choices means we're just using the low 5 bit of each byte,
-    # so there's no bias introduced by using a modulo
-    chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789"
-
-    random_bytes = os.urandom(length)
-    return "".join([chrs[ord(random_bytes[i]) % 32] for i in xrange(length)])
+    r = random.SystemRandom()
+    return "".join([r.choice(symbols) for _i in xrange(length)])
 
 
 def last_octet(address):
-- 
cgit