From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] del_rand: Deletion of RAND file in openssl config
Date: Tue, 29 Jan 2019 13:52:45 +0000
Message-ID: <B7D11732-FAFF-443E-BD01-BAF4BFBA52D9@ipfire.org>
In-Reply-To: <7F378D72-5CB1-4911-ABA9-008F72ECF87C@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7583204825577650213=="
List-Id: <development.lists.ipfire.org>

--===============7583204825577650213==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

I merged it.

For some reason I thought this was part of the OpenSSL patchset.

Best,
-Michael

> On 29 Jan 2019, at 13:51, Michael Tremer <michael.tremer(a)ipfire.org> wrot=
e:
>=20
> What is the reason that openssl.cnf is excluded in the updater?
>=20
>> On 29 Jan 2019, at 13:17, ummeegge <ummeegge(a)ipfire.org> wrote:
>>=20
>> Just as a reminder cause i haven=C2=B4t found it in Git, this one might be
>> important for the OpenSSL update and IPSec.
>>=20
>> Best,
>>=20
>> Erik
>>=20
>>=20
>> Am Dienstag, den 08.01.2019, 20:33 +0100 schrieb Erik Kapfer:
>>> Fixes #11943
>>>=20
>>> Since the kernel RNG should do this, there is no need for this
>>> anymore.
>>>=20
>>> Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org>
>>> ---
>>> config/ovpn/openssl/ovpn.cnf | 2 --
>>> config/ssl/openssl.cnf       | 2 --
>>> 2 files changed, 4 deletions(-)
>>>=20
>>> diff --git a/config/ovpn/openssl/ovpn.cnf
>>> b/config/ovpn/openssl/ovpn.cnf
>>> index 40daf2a0a..96c3dcb09 100644
>>> --- a/config/ovpn/openssl/ovpn.cnf
>>> +++ b/config/ovpn/openssl/ovpn.cnf
>>> @@ -1,5 +1,4 @@
>>> HOME				=3D .
>>> -RANDFILE			=3D /var/ipfire/ovpn/ca/.rnd
>>> oid_section			=3D new_oids
>>>=20
>>> [ new_oids ]
>>> @@ -17,7 +16,6 @@ certificate			=3D $dir/ca/cacert.pem
>>> serial				=3D $dir/certs/serial
>>> crl				=3D $dir/crl.pem
>>> private_key			=3D $dir/ca/cakey.pem
>>> -RANDFILE			=3D $dir/ca/.rand
>>> x509_extensions			=3D usr_cert
>>> default_days			=3D 999999
>>> default_crl_days		=3D 30
>>> diff --git a/config/ssl/openssl.cnf b/config/ssl/openssl.cnf
>>> index 9d1e6e1ff..3b980fcd4 100644
>>> --- a/config/ssl/openssl.cnf
>>> +++ b/config/ssl/openssl.cnf
>>> @@ -1,5 +1,4 @@
>>> HOME		=3D .
>>> -RANDFILE	=3D /var/tmp/.rnd
>>> oid_section	=3D new_oids
>>>=20
>>> [ new_oids ]
>>> @@ -17,7 +16,6 @@ certificate	=3D $dir/ca/cacert.pem
>>> serial		=3D $dir/certs/serial
>>> crl		=3D $dir/crls/cacrl.pem
>>> private_key	=3D $dir/private/cakey.pem
>>> -RANDFILE	=3D $dir/tmp/.rand
>>> x509_extensions	=3D usr_cert
>>> default_days	=3D 999999
>>> default_crl_days=3D 30
>>=20
>=20


--===============7583204825577650213==--