projects / systemd / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c15d1ac)
gcrypt: prefer the OS RNG
authorCristian Rodríguez <crodriguez@owncloud.com>
Tue, 26 Jul 2022 18:24:12 +0000 (18:24 +0000)
committerLennart Poettering <lennart@poettering.net>
Fri, 29 Jul 2022 14:08:48 +0000 (16:08 +0200)
by default, gcrypt defaults to an userspace RNG, this is
the wrong thing (tm) to do on linux.

Switch to the SYSTEM rng instead.

src/basic/gcrypt-util.c patch | blob | history

diff --git a/src/basic/gcrypt-util.c b/src/basic/gcrypt-util.c
index 64c63cdab1fe07533fedbdcf3a8ffd3fa2b119b3..1927fdfe4608711aa2146cfe8a5ba86bd999abd4 100644 (file)
--- a/src/basic/gcrypt-util.c
+++ b/src/basic/gcrypt-util.c
@@ -15,6 +15,8 @@ void initialize_libgcrypt(bool secmem) {
          * feature should initialize the library manually */
         if (!secmem)
                 gcry_control(GCRYCTL_DISABLE_SECMEM);
+
+        gcry_control(GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
         gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
 }
 
https://github.com/systemd/systemd.git