From 3b492d4af8c432cc11b11e946b72aaf97cf63c95 Mon Sep 17 00:00:00 2001
From: Bond_009 <bond.009@outlook.com>
Date: Fri, 8 Oct 2021 15:02:58 +0200
Subject: Use static crypto rng

---
 .../Users/DefaultPasswordResetProvider.cs                     | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

(limited to 'Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs')

diff --git a/Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs b/Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs
index 25ef01dce..5e84255f9 100644
--- a/Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs
+++ b/Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs
@@ -93,13 +93,9 @@ namespace Jellyfin.Server.Implementations.Users
         /// <inheritdoc />
         public async Task<ForgotPasswordResult> StartForgotPasswordProcess(User user, bool isInNetwork)
         {
-            string pin;
-            using (var cryptoRandom = RandomNumberGenerator.Create())
-            {
-                byte[] bytes = new byte[4];
-                cryptoRandom.GetBytes(bytes);
-                pin = BitConverter.ToString(bytes);
-            }
+            byte[] bytes = new byte[4];
+            RandomNumberGenerator.Fill(bytes);
+            string pin = BitConverter.ToString(bytes);
 
             DateTime expireTime = DateTime.UtcNow.AddMinutes(30);
             string filePath = _passwordResetFileBase + user.Id + ".json";
@@ -114,7 +110,6 @@ namespace Jellyfin.Server.Implementations.Users
             await using (FileStream fileStream = AsyncFile.OpenWrite(filePath))
             {
                 await JsonSerializer.SerializeAsync(fileStream, spr).ConfigureAwait(false);
-                await fileStream.FlushAsync().ConfigureAwait(false);
             }
 
             user.EasyPassword = pin;
-- 
cgit v1.2.3