projects / tinc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9084df) | patch
Use cryptographically strong random when generating keys.
authorSteffan Karger <steffan@karger.me>
Tue, 29 Apr 2014 18:28:05 +0000 (20:28 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Thu, 1 May 2014 12:56:07 +0000 (14:56 +0200)
commit8794274a30d535d49636fec825a0afbf30d8010d
tree1cce6847af49e94c4a3a1f6691709463ff4dc8eatree | snapshot
parentc9084dfa2654349efcaffd51f120399f903f756acommit | diff
Use cryptographically strong random when generating keys.

From the OpenSSL manual:

"Byte sequences generated by RAND_pseudo_bytes() will be unique
if they are of sufficient length, but are not necessarily unpredictable."

So, replace these call with RAND_bytes() to get cryptographically strong
key material.

Signed-off-by: Steffan Karger <steffan@karger.me>
src/protocol_auth.c diff | blob | history
src/protocol_key.c diff | blob | history
tinc, the VPN daemon