]> git.ipfire.org Git - thirdparty/openvpn.git/commit
Mbed TLS 3: Remove prediction resistance option
authorMax Fillinger <maximilian.fillinger@sentyron.com>
Mon, 16 Feb 2026 15:10:27 +0000 (16:10 +0100)
committerGert Doering <gert@greenie.muc.de>
Mon, 16 Feb 2026 15:20:55 +0000 (16:20 +0100)
commit880bd69254a3e0975f4da215367be4ae4ef6053c
tree5140e143d46a89434e0f1e83ab36f7d7799eb80b
parent70ab9347f893a34010a0fa39722c597f1754b8da
Mbed TLS 3: Remove prediction resistance option

The option --use-prediction-resistance causes the random number
generator to be reseeded for every call. This is excessive.

This commit removes that option.

Github: closes OpenVPN/openvpn#964

Change-Id: I6298795f140c2c62252638f9e0cd6df19cb3d7ed
Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530
Message-Id: <20260216151033.16585-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35658.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
doc/man-sections/generic-options.rst
doc/man-sections/unsupported-options.rst
src/openvpn/crypto_mbedtls_legacy.c
src/openvpn/crypto_mbedtls_legacy.h
src/openvpn/init.c
src/openvpn/options.c
src/openvpn/options.h
src/openvpn/syshead.h