commit | 9f95ae888589dfddfe1fd325d0fb2f8361f03fab | [log] [tgz] |
---|---|---|
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Wed Jul 01 08:34:16 2015 +0200 |
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Wed Jul 01 08:34:16 2015 +0200 |
tree | e2e7e132ea1a0483c1b7bec4910aa4f99e1fd8e6 | |
parent | 8ee53ed9ec5e5f045778ab8b30f10cb86ec55c4a [diff] |
nat: Use RAND_bytes instead of /dev/urandom We don't need to consume all the entropy of the kernel but can use libcrypto (OpenSSL) to generate random data. It is not clear if we need to call RAND_load_file but I think we can assume that our Unices have a /dev/urandom. This takes less CPU time, provides good enough entropy (in theory) and leaves some in the kernel entropy pool.