commit | 9549584e5d315f75a446e74a6e028ebd9a7ba823 | [log] [tgz] |
---|---|---|
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Mon Jun 08 11:56:59 2015 +0200 |
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Wed Jul 01 08:16:40 2015 +0200 |
tree | 607c53e0006cd7b8e8033325c34d7ddd2926dda9 | |
parent | b4b23c7351a6192dd3207b53cda25a05d8a71d45 [diff] |
nat: Provide access to /dev/urandom for the code Instead of doing open/read/close all the time, open the FD in the beginning and keep it open. To scare me even more I have seen /dev/urandom actually providing a short read and then blocking but it seems to be the best way to get the random byes we need for authentication. So one should/could run the cheap random generator on the system (e.g. haveged) or deal with the NAT process to block.