From 7ea4576392b014490e6308ad82d695cc85a0b8bd Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <dborkman@redhat.com>
Date: Tue, 4 Jun 2013 12:01:56 +0200
Subject: rnd: move entropy source definition to rnd

It's better off there anyway.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
 rnd.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'rnd.c')

diff --git a/rnd.c b/rnd.c
index ad32175..3a7481d 100644
--- a/rnd.c
+++ b/rnd.c
@@ -13,7 +13,7 @@ static void randombytes(unsigned char *x, unsigned long long xlen)
 
 	if (fd_rnd == -1) {
 		for (;;) {
-			fd_rnd = open("/dev/urandom", O_RDONLY);
+			fd_rnd = open(LOW_ENTROPY_SOURCE, O_RDONLY);
 			if (fd_rnd != -1)
 				break;
 			sleep(1);
@@ -37,10 +37,6 @@ static void randombytes(unsigned char *x, unsigned long long xlen)
 	}
 }
 
-/* Note: it's not really secure, but the name only suggests it's better to use
- * than rand(3) when transferring bytes over the network in non-security
- * critical structure members. secrand() is only used to fill up salts actually.
- */
 int secrand(void)
 {
 	int ret;
-- 
cgit v1.2.3-54-g00ecf