From f3c777d5eaa682d878c638192311e52f9c204294 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner
Date: Sun, 19 Nov 2017 13:30:04 +0100
Subject: main: Add '-devrandom' commandline option

Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:

* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
  getrandom() syscall would be blocking (Go Bug #19274)

* Kernel versions prior to 3.17 do not support getrandom(), and there
  is no check if the random generator has been properly initialized
  before reading from /dev/urandom

This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
---
 init_dir.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'init_dir.go')

diff --git a/init_dir.go b/init_dir.go
index 20c9fd9..f057bf4 100644
--- a/init_dir.go
+++ b/init_dir.go
@@ -39,7 +39,7 @@ func initDir(args *argContainer) {
 	password := readpassword.Twice(args.extpass)
 	readpassword.CheckTrailingGarbage()
 	creator := tlog.ProgramName + " " + GitVersion
-	err = configfile.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, creator, args.aessiv)
+	err = configfile.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, creator, args.aessiv, args.devrandom)
 	if err != nil {
 		tlog.Fatal.Println(err)
 		os.Exit(exitcodes.WriteConf)
-- 
cgit v1.2.3