summaryrefslogtreecommitdiff
path: root/init_dir.go
diff options
context:
space:
mode:
authorSebastian Lackner2017-11-19 13:30:04 +0100
committerrfjakob2017-11-21 23:37:06 +0100
commitf3c777d5eaa682d878c638192311e52f9c204294 (patch)
treedc3fcf616371479abec93ab93688f9e2937e7d9d /init_dir.go
parent1b0426bcb23a1850f3a03619a15413281dc733e3 (diff)
main: Add '-devrandom' commandline option
Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy.
Diffstat (limited to 'init_dir.go')
-rw-r--r--init_dir.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/init_dir.go b/init_dir.go
index 20c9fd9..f057bf4 100644
--- a/init_dir.go
+++ b/init_dir.go
@@ -39,7 +39,7 @@ func initDir(args *argContainer) {
password := readpassword.Twice(args.extpass)
readpassword.CheckTrailingGarbage()
creator := tlog.ProgramName + " " + GitVersion
- err = configfile.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, creator, args.aessiv)
+ err = configfile.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, creator, args.aessiv, args.devrandom)
if err != nil {
tlog.Fatal.Println(err)
os.Exit(exitcodes.WriteConf)