bug #1177468: don't cache /dev/urandom file descriptor in os.urandom
diff --git a/Lib/os.py b/Lib/os.py
index 5824609..bf1b086 100644
--- a/Lib/os.py
+++ b/Lib/os.py
@@ -715,22 +715,18 @@
pass
if not _exists("urandom"):
- _urandomfd = None
def urandom(n):
"""urandom(n) -> str
Return a string of n random bytes suitable for cryptographic use.
"""
- global _urandomfd
- if _urandomfd is None:
- try:
- _urandomfd = open("/dev/urandom", O_RDONLY)
- except:
- _urandomfd = NotImplementedError
- if _urandomfd is NotImplementedError:
+ try:
+ _urandomfd = open("/dev/urandom", O_RDONLY)
+ except:
raise NotImplementedError("/dev/urandom (or equivalent) not found")
bytes = ""
while len(bytes) < n:
bytes += read(_urandomfd, n - len(bytes))
+ close(_urandomfd)
return bytes
diff --git a/Misc/NEWS b/Misc/NEWS
index 8d86efd..bcc696a 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -150,6 +150,9 @@
Library
-------
+- Bug #1177468: Don't cache the /dev/urandom file descriptor for os.urandom,
+ as this can cause problems with apps closing all file descriptors.
+
- Bug #839151: Fix an attempt to access sys.argv in the warnings module
though this can be missing in embedded interpreters