From e1df22a68fe06a7bc7039b3eb4436d8beeeb7238 Mon Sep 17 00:00:00 2001
From: Daniel Micay <daniel.micay@grapheneos.org>
Date: Wed, 20 Mar 2024 22:43:26 -0400
Subject: [PATCH] clean up session ticket rotation scripts

---
 nginx-create-session-ticket-keys | 7 +++----
 nginx-rotate-session-ticket-keys | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/nginx-create-session-ticket-keys b/nginx-create-session-ticket-keys
index 5c678e4..ea9722c 100755
--- a/nginx-create-session-ticket-keys
+++ b/nginx-create-session-ticket-keys
@@ -9,7 +9,6 @@ mount -t ramfs -o mode=700 ramfs /etc/nginx/session-ticket-keys
 
 cd /etc/nginx/session-ticket-keys
 
-openssl rand -out 1.key 80
-openssl rand -out 2.key 80
-openssl rand -out 3.key 80
-openssl rand -out 4.key 80
+for i in {1..4}; do
+    head -c 80 </dev/random >$i.key
+done
diff --git a/nginx-rotate-session-ticket-keys b/nginx-rotate-session-ticket-keys
index cb93334..58fbada 100755
--- a/nginx-rotate-session-ticket-keys
+++ b/nginx-rotate-session-ticket-keys
@@ -9,7 +9,7 @@ cd /etc/nginx/session-ticket-keys
 rsync -I 2.key 1.key
 rsync -I 3.key 2.key
 rsync -I 4.key 3.key
-openssl rand -out new.key 80
+head -c 80 </dev/urandom >new.key
 rsync -I new.key 4.key
 rm new.key
 nginx -s reload