Module: kamailio Branch: master Commit: 4e9f49a5e8ebd90d6b6913310402acea7f5a3ca9 URL: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402acea...
Author: Daniel-Constantin Mierla miconda@gmail.com Committer: Daniel-Constantin Mierla miconda@gmail.com Date: 2019-10-07T15:07:41+02:00
tls: docs - relocated the note about krand and fastrand from default value paragraph
- rephrased a bit to avoid eventual confusion they are not production ready
---
Modified: src/modules/tls/doc/params.xml
---
Diff: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402acea... Patch: https://github.com/kamailio/kamailio/commit/4e9f49a5e8ebd90d6b6913310402acea...
---
diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index 72d3278ed7..dc6494c2db 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -1259,13 +1259,16 @@ end <itemizedlist> <listitem><para>krand - use internal kam_rand() function</para></listitem> <listitem><para>fastrand - use internal fastrand function</para></listitem> - <listitem><para>cryptorand - use internal cryptorand function</para></listitem> + <listitem><para>cryptorand - use internal cryptorand (fortuna) function</para></listitem> </itemizedlist> + <para> + Note: the krand and fastrand engines are not recommended for use on + systems requiring strong security, as they may not generate numbers + with enough randomness. + </para> <para> The default value is empty (not set) for libssl v1.0.x or older, and - "cryptorand" for libssl v1.1.x or newer. The krand and fastrand engines are - not recommended for production use, as they will not generate secure enough - random numbers. + "cryptorand" for libssl v1.1.x or newer. </para> <example> <title>Set <varname>rand_engine</varname> parameter</title>