projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use cryptographically strong random when generating keys.
[tinc] / src / protocol_auth.c
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index a7a6fe0..385e543 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -215,7 +215,7 @@ bool send_metakey(connection_t *c) {
 
        /* Copy random data to the buffer */
 
-       RAND_pseudo_bytes((unsigned char *)c->outkey, len);
+       RAND_bytes((unsigned char *)c->outkey, len);
 
        /* The message we send must be smaller than the modulus of the RSA key.
           By definition, for a key of k bits, the following formula holds:
@@ -391,7 +391,7 @@ bool send_challenge(connection_t *c) {
 
        /* Copy random data to the buffer */
 
-       RAND_pseudo_bytes((unsigned char *)c->hischallenge, len);
+       RAND_bytes((unsigned char *)c->hischallenge, len);
 
        /* Convert to hex */
 
tinc, the VPN daemon