Use uuid4 instead of uuid1 as a base for passwords

uuid1 is intended to be uniq but not unpredictable. Knowing the mac address of the host generating the uuid and what time it was roughly generated at essentially reduces the parts of this uuid that have to be guessed from 128 bits down to less then 48, still a big number but there is no reason not to use the bigger of the two. Change-Id: If5d230a650c267247dc3a98c02a8d3021bb9eaab
2015-05-28 07:01:30 +01:00 · 2015-05-28 07:01:30 +01:00 · cf8efabe0c
commit cf8efabe0c
parent aad3455086
1 changed files with 1 additions and 1 deletions
--- a/instack_undercloud/undercloud.py
+++ b/instack_undercloud/undercloud.py
@ -327,7 +327,7 @@ def _generate_password(length=40):
    Copied from rdomanager-oscplugin.  This should eventually live in
    tripleo-common.
    """
-    uuid_str = six.text_type(uuid.uuid1()).encode("UTF-8")
+    uuid_str = six.text_type(uuid.uuid4()).encode("UTF-8")
    return hashlib.sha1(uuid_str).hexdigest()[:length]