Use getrandom syscall for nonces

* admin/merge-gnulib (GNULIB_MODULES): Add getrandom.
* doc/lispref/text.texi (Format of GnuTLS Cryptography Inputs):
Don’t say that iv-auto uses GNUTLS_RND_NONCE.  Also, don’t say
that it returns the IV’s actual value, as it never has done that.
* src/fns.c, src/sysdep.c: Include sys/random.h, for getrandom.
* src/fns.c (Fsecure_hash_algorithms): Use getrandom so that this
function does not depend on HAVE_GNUTLS3.
* src/sysdep.c: Do not include <gnutls/crypto.h>.
(random_seed) [HAVE_LRAND48]: Can be long int now.
(init_random) [!WINDOWSNT]: Use getrandom syscall instead
of opening /dev/urandom, as this works even on GNU/Linux
hosts that lack /dev/urandom.  Don’t bother with gnutls_rnd
as it’s not needed now that we have getrandom.

1 files changed, 3 insertions, 5 deletions

diff --git a/doc/lispref/text.texi b/doc/lispref/text.texi
index 10e8246a5fa..0c3813ff1d0 100644
--- a/doc/lispref/text.texi
+++ b/doc/lispref/text.texi
@@ -4813,11 +4813,9 @@ When @var{noerror} is non-@code{nil}, this function silently uses
 @code{raw-text} coding instead.
 
 @item (@code{iv-auto} @var{length})
-This will generate an IV (Initialization Vector) of the specified
-length using the GnuTLS @code{GNUTLS_RND_NONCE} generator and pass it
-to the function.  This ensures that the IV is unpredictable and
-unlikely to be reused in the same session.  The actual value of the IV
-is returned by the function as described below.
+This generates a random IV (Initialization Vector) of the specified
+length and passes it to the function.  This ensures that the IV is
+unpredictable and unlikely to be reused in the same session.
 
 @end table