tls: no need to initialize rng (tls.lwt does this for us)

albatross.opam

@@ -22,9 +22,9 @@ depends: [
   "astring"
   "jsonm"
   "x509" {>= "0.11.0"}
-  "tls" {>= "0.12.0"}
+  "tls" {>= "0.12.2"}
   "mirage-crypto-pk"
-  "mirage-crypto-rng" {>= "0.7.0"}
+  "mirage-crypto-rng" {>= "0.8.0"}
   "asn1-combinators" {>= "0.2.0"}
   "duration"
   "decompress" {>= "0.9.0" & < "1.0.0"}

client/albatross_client_remote_tls.ml

@@ -15,7 +15,6 @@ let rec read_tls_write_cons t =
     | Error e -> Lwt.return e
 
 let client cas host port cert priv_key =
-  Mirage_crypto_rng_lwt.initialize () >>= fun () ->
   let auth = if Sys.is_directory cas then `Ca_dir cas else `Ca_file cas in
   X509_lwt.authenticator auth >>= fun authenticator ->
   Lwt.catch (fun () ->

tls/albatross_tls_endpoint.ml

@@ -17,8 +17,7 @@ let jump _ cacert cert priv_key port tmpdir =
   Sys.(set_signal sigpipe Signal_ignore);
   Albatross_cli.set_tmpdir tmpdir;
   Lwt_main.run
-    (Mirage_crypto_rng_lwt.initialize () >>= fun () ->
+    (server_socket port >>= fun socket ->
-     server_socket port >>= fun socket ->
      tls_config cacert cert priv_key >>= fun config ->
      let rec loop () =
        Lwt.catch (fun () ->

tls/albatross_tls_inetd.ml

@@ -7,8 +7,7 @@ let jump cacert cert priv_key tmpdir =
   Sys.(set_signal sigpipe Signal_ignore) ;
   Albatross_cli.set_tmpdir tmpdir;
   Lwt_main.run
-    (Mirage_crypto_rng_lwt.initialize () >>= fun () ->
+    (tls_config cacert cert priv_key >>= fun config ->
-     tls_config cacert cert priv_key >>= fun config ->
      let fd = Lwt_unix.of_unix_file_descr Unix.stdin in
      Lwt.catch
        (fun () -> Tls_lwt.Unix.server_of_fd config fd)