-
Thomas Haller authored
_host_id_read() is the only place where we really care to have good random numbers, because that is the secret key that we persist to disk. Previously, we tried only nm_random_get_bytes_full(), which is a best effort to get strong random numbers. If it fails to generate those, it would simply remember the generated key in memory and proceed, but not persist it to disk. nm_random_get_bytes_full() does not block waiting for good numbers. Change that. Now, first call nm_random_get_crypto_bytes(), which would block and try hard to get good random numbers. Only if that fails, fallback to nm_random_get_bytes_full() as before. The difference is of course only in early boot, when we might not yet have entropy. In that case, I think it's better for NetworkManager to block. (cherry picked from commit 67a5cf76)