coop-cloud-chaos-patchs
/
snikket-server
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improve efficiency of random secret generation 

Reading untold amounts of data and throwing away all except \~86% seems
wasteful.

This method reads exactly 32 bytes from /dev/urandom, while the previous
method would have stuffed pipes full before finding 32 bytes in the
specified range. All of the entropy of those 32 bytes are also kept in
the base64 form, although this is probably insane overkill.
This commit is contained in:
Kim Alvefur 2020-05-21 17:57:26 +02:00 committed by GitHub
parent ec33e74684
commit ffa5d0e24c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker/entrypoint.sh
View File

@ -48,7 +48,7 @@ chown -R letsencrypt:letsencrypt /snikket/letsencrypt
## Generate secret for coturn auth if necessary
if ! test -f /snikket/prosody/turn-auth-secret-v2; then
tr -dc 'a-z0-9' < /dev/urandom | head -c32 > /snikket/prosody/turn-auth-secret-v2;
head -c 32 /dev/urandom | base64 > /snikket/prosody/turn-auth-secret-v2;
fi
# COMPAT w/ alpha.20200513: remove older format