diff options
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2015-06-08 11:56:59 +0200 |
---|---|---|
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2015-07-01 08:16:40 +0200 |
commit | fce6971fe3673e8269414188fda0ce3b28b5cf03 (patch) | |
tree | 607c53e0006cd7b8e8033325c34d7ddd2926dda9 /openbsc/include/openbsc/bsc_nat.h | |
parent | 8a8df80772a4bac0f3cb4d384f45a5d4c463fe11 (diff) |
nat: Provide access to /dev/urandom for the code
Instead of doing open/read/close all the time, open the
FD in the beginning and keep it open. To scare me even
more I have seen /dev/urandom actually providing a short
read and then blocking but it seems to be the best way
to get the random byes we need for authentication.
So one should/could run the cheap random generator on
the system (e.g. haveged) or deal with the NAT process
to block.
Diffstat (limited to 'openbsc/include/openbsc/bsc_nat.h')
-rw-r--r-- | openbsc/include/openbsc/bsc_nat.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h index 69214419b..103593780 100644 --- a/openbsc/include/openbsc/bsc_nat.h +++ b/openbsc/include/openbsc/bsc_nat.h @@ -304,6 +304,9 @@ struct bsc_nat { /* control interface */ struct ctrl_handle *ctrl; + + /* for random values */ + int random_fd; }; struct bsc_nat_ussd_con { |