aboutsummaryrefslogtreecommitdiffstats
path: root/src/build-data
diff options
context:
space:
mode:
authorlloyd <[email protected]>2015-03-23 02:15:45 +0000
committerlloyd <[email protected]>2015-03-23 02:15:45 +0000
commit2d5669770a5723d258703384f905e1d13d6b8696 (patch)
treeec97fee38f319929833486caa168dc8dfffd6ca3 /src/build-data
parente9283c9817949aa27ae97f0c9ec06745fb62240d (diff)
Avoid putting very small values in mlock memory
Diffstat (limited to 'src/build-data')
-rw-r--r--src/build-data/buildh.in8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index f8009cf0b..36b5f3959 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -35,7 +35,11 @@
/* How much to allocate for a buffer of no particular size */
#define BOTAN_DEFAULT_BUFFER_SIZE 1024
-/* Maximum size to allocate out of the mlock pool */
+/* Minimum and maximum sizes to allocate out of the mlock pool (bytes)
+ Default min is 16 as smaller values are easily bruteforceable and thus
+ likely not cryptographic keys.
+*/
+#define BOTAN_MLOCK_ALLOCATOR_MIN_ALLOCATION 16
#define BOTAN_MLOCK_ALLOCATOR_MAX_ALLOCATION 128
/* Multiplier on a block cipher's native parallelism */
@@ -67,7 +71,7 @@
*/
#define BOTAN_RNG_MAX_OUTPUT_BEFORE_RESEED 512
#define BOTAN_RNG_RESEED_POLL_BITS 128
-#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(20)
+#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(10)
#define BOTAN_RNG_RESEED_DEFAULT_TIMEOUT std::chrono::milliseconds(100)
/* Should we use GCC-style inline assembler? */