From 9a40d51162b541d64384d5a8cd84a1eaeb10fb23 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Tue, 3 Dec 2024 13:33:18 +0100
Subject: [PATCH] gcrypt: Store random numbers in secure memory

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/libgcrypt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index f0ac3404..e87bf0e9 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -966,6 +966,7 @@ int ssh_crypto_init(void)
     gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
 
     if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P, 0)) {
+        gcry_control(GCRYCTL_USE_SECURE_RNDPOOL);
         gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
         gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
     }