Moving sha256 in the core is fine, my remark was about fortuna-prng. If there are many
files I would look for a solution with a module that register to some core API that we can
define for PRNG functions. In this way, other PRNG engines can be added in the future,
even when they have external dependencies. A similar approach was done also for dnssec.
Anyhow, for 5.3 I would do a self-contained PRNG solution for tls. Relocating sha256 code
will require touching other parts of code, so I would avoid it. Or if is too complex, then
we can skip it and use existing random variants.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2077#issuecomment-537849278