[sr-dev] git:master:4e9f49a5: tls: docs - relocated the note about krand and fastrand from default value paragraph

Module: kamailio Branch: master Commit: 4e9f49a5e8ebd90d6b6913310402acea7f5a3ca9 URL: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402ace… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: 2019-10-07T15:07:41+02:00 tls: docs - relocated the note about krand and fastrand from default value paragraph - rephrased a bit to avoid eventual confusion they are not production ready --- Modified: src/modules/tls/doc/params.xml --- Diff: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402ace… Patch: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402ace… --- diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index 72d3278ed7..dc6494c2db 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -1259,13 +1259,16 @@ end <itemizedlist> <listitem><para>krand - use internal kam_rand() function</para></listitem> <listitem><para>fastrand - use internal fastrand function</para></listitem> - <listitem><para>cryptorand - use internal cryptorand function</para></listitem> + <listitem><para>cryptorand - use internal cryptorand (fortuna) function</para></listitem> </itemizedlist> + <para> + Note: the krand and fastrand engines are not recommended for use on + systems requiring strong security, as they may not generate numbers + with enough randomness. + </para> <para> The default value is empty (not set) for libssl v1.0.x or older, and - "cryptorand" for libssl v1.1.x or newer. The krand and fastrand engines are - not recommended for production use, as they will not generate secure enough - random numbers. + "cryptorand" for libssl v1.1.x or newer. </para> <example> <title>Set <varname>rand_engine</varname> parameter</title>