From mboxrd@z Thu Jan 1 00:00:00 1970 From: ummeegge <ummeegge@ipfire.org> To: development@lists.ipfire.org Subject: Re: [PATCH] del_rand: Deletion of RAND file in openssl config Date: Tue, 29 Jan 2019 14:17:09 +0100 Message-ID: <46ec14e20a50fac15924ef1f2dc624882f0d7fbe.camel@ipfire.org> In-Reply-To: <20190108193332.24543-1-ummeegge@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3724659476788406465==" List-Id: <development.lists.ipfire.org> --===============3724659476788406465== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Just as a reminder cause i havenĀ“t found it in Git, this one might be important for the OpenSSL update and IPSec. Best, Erik Am Dienstag, den 08.01.2019, 20:33 +0100 schrieb Erik Kapfer: > Fixes #11943 > > Since the kernel RNG should do this, there is no need for this > anymore. > > Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> > --- > config/ovpn/openssl/ovpn.cnf | 2 -- > config/ssl/openssl.cnf | 2 -- > 2 files changed, 4 deletions(-) > > diff --git a/config/ovpn/openssl/ovpn.cnf > b/config/ovpn/openssl/ovpn.cnf > index 40daf2a0a..96c3dcb09 100644 > --- a/config/ovpn/openssl/ovpn.cnf > +++ b/config/ovpn/openssl/ovpn.cnf > @@ -1,5 +1,4 @@ > HOME = . > -RANDFILE = /var/ipfire/ovpn/ca/.rnd > oid_section = new_oids > > [ new_oids ] > @@ -17,7 +16,6 @@ certificate = $dir/ca/cacert.pem > serial = $dir/certs/serial > crl = $dir/crl.pem > private_key = $dir/ca/cakey.pem > -RANDFILE = $dir/ca/.rand > x509_extensions = usr_cert > default_days = 999999 > default_crl_days = 30 > diff --git a/config/ssl/openssl.cnf b/config/ssl/openssl.cnf > index 9d1e6e1ff..3b980fcd4 100644 > --- a/config/ssl/openssl.cnf > +++ b/config/ssl/openssl.cnf > @@ -1,5 +1,4 @@ > HOME = . > -RANDFILE = /var/tmp/.rnd > oid_section = new_oids > > [ new_oids ] > @@ -17,7 +16,6 @@ certificate = $dir/ca/cacert.pem > serial = $dir/certs/serial > crl = $dir/crls/cacrl.pem > private_key = $dir/private/cakey.pem > -RANDFILE = $dir/tmp/.rand > x509_extensions = usr_cert > default_days = 999999 > default_crl_days= 30 --===============3724659476788406465==--