diff options
author | Steffan Karger | 2017-07-25 23:02:34 +0200 |
---|---|---|
committer | David Sommerseth | 2017-08-14 15:03:52 +0200 |
commit | cd5a74d0d7c6347b31e261e98ca8984819e594df (patch) | |
tree | 16036acf698708197919182b1ae81d593d3ea0b2 /configure.ac | |
parent | 956bb1c32fa40ee184919b3ce569c90643a01b5b (diff) | |
download | openvpn-cd5a74d0d7c6347b31e261e98ca8984819e594df.zip openvpn-cd5a74d0d7c6347b31e261e98ca8984819e594df.tar.gz |
Move create_temp_file() out of #ifdef ENABLE_CRYPTO
By using get_random() instead of prng_bytes(), we no longer have to place
create_temp_file() inside #ifdef ENABLE_CRYPTO.
The resulting filename now has 62 bits of entropy (2 * [0-INT_MAX])
instead of the previous 128 bits, but that should be plenty. Assuming an
int is 32 bits, we would need about 2**31 (2147483648) files to have a
(roughly) 0.5 chance of failing in one of the 6 attempts we do.
(This is preparing to move the function out of misc.c, where I'd prefer to
not have to add a #include "crypto.h".)
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20170725210234.5673-1-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15146.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
Diffstat (limited to 'configure.ac')
0 files changed, 0 insertions, 0 deletions