From f413f0499cd49f25717ff4ec0cc1ef0a3fa33aa0 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Thu, 16 Mar 2017 15:37:04 +0100
Subject: cookie: no need to hash rng

Since 4.8 or so, the RNG uses chacha, so we feel less scared about
exposing its output directly.

(Older kernels will simply suffer the paranoia.)
---
 src/cookie.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/cookie.c b/src/cookie.c
index 779664e..1c188c6 100644
--- a/src/cookie.c
+++ b/src/cookie.c
@@ -176,7 +176,6 @@ void cookie_message_create(struct message_handshake_cookie *dst, struct sk_buff
 	dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_COOKIE);
 	dst->receiver_index = index;
 	get_random_bytes(dst->nonce, COOKIE_NONCE_LEN);
-	blake2s(dst->nonce, dst->nonce, NULL, COOKIE_NONCE_LEN, COOKIE_NONCE_LEN, 0); /* Avoid directly transmitting RNG output. */
 
 	make_cookie(cookie, skb, checker);
 	xchacha20poly1305_encrypt(dst->encrypted_cookie, cookie, COOKIE_LEN, macs->mac1, COOKIE_LEN, dst->nonce, checker->cookie_encryption_key);
-- 
cgit v1.2.3-59-g8ed1b