diff options
Diffstat (limited to 'src/config.c')
| -rw-r--r-- | src/config.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/config.c b/src/config.c index d3b6611..286c874 100644 --- a/src/config.c +++ b/src/config.c @@ -8,6 +8,7 @@ #include "hashtables.h" #include "peer.h" #include "uapi.h" +#include <linux/random.h> static int set_device_port(struct wireguard_device *wg, u16 port) { @@ -134,6 +135,10 @@ int config_set_device(struct wireguard_device *wg, void __user *user_device) void __user *user_peer; bool modified_static_identity = false; + /* It's important that the Linux RNG is fully seeded before we let the user + * actually configure the device, so that we're assured to have good ephemerals. */ + wait_for_random_bytes(); + BUILD_BUG_ON(WG_KEY_LEN != NOISE_PUBLIC_KEY_LEN); BUILD_BUG_ON(WG_KEY_LEN != NOISE_SYMMETRIC_KEY_LEN); |