gcrypt: prefer the OS RNG

by default, gcrypt defaults to an userspace RNG, this is the wrong thing (tm) to do on linux. Switch to the SYSTEM rng instead. (cherry picked from commit 80f9673)
systemd · Aug 8, 2022 · ca0ed3a · ca0ed3a
1 parent e7d635f
commit ca0ed3a
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/basic/gcrypt-util.c b/src/basic/gcrypt-util.c
@@ -15,6 +15,8 @@ void initialize_libgcrypt(bool secmem) {
          * feature should initialize the library manually */
         if (!secmem)
                 gcry_control(GCRYCTL_DISABLE_SECMEM);
+
+        gcry_control(GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
         gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
 }