This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 898fe209ff2b72dfdc54e8bac8b99d1644b14eb0 (commit) via a946892338329dbee0289132413d4849e3641f7e (commit) from 61ee842911ec21254931cd52bd601ee3d28033c6 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 898fe209ff2b72dfdc54e8bac8b99d1644b14eb0 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 29 13:51:37 2019 +0000
core128: Ship updated OpenSSL configuration files
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a946892338329dbee0289132413d4849e3641f7e Author: Erik Kapfer ummeegge@ipfire.org Date: Tue Jan 8 20:33:32 2019 +0100
del_rand: Deletion of RAND file in openssl config
Fixes #11943
Since the kernel RNG should do this, there is no need for this anymore.
Signed-off-by: Erik Kapfer ummeegge@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/ovpn/openssl/ovpn.cnf | 2 -- config/rootfiles/core/128/exclude | 1 - config/rootfiles/core/128/filelists/files | 2 ++ config/ssl/openssl.cnf | 2 -- 4 files changed, 2 insertions(+), 5 deletions(-)
Difference in files: diff --git a/config/ovpn/openssl/ovpn.cnf b/config/ovpn/openssl/ovpn.cnf index 40daf2a0a..96c3dcb09 100644 --- a/config/ovpn/openssl/ovpn.cnf +++ b/config/ovpn/openssl/ovpn.cnf @@ -1,5 +1,4 @@ HOME = . -RANDFILE = /var/ipfire/ovpn/ca/.rnd oid_section = new_oids
[ new_oids ] @@ -17,7 +16,6 @@ certificate = $dir/ca/cacert.pem serial = $dir/certs/serial crl = $dir/crl.pem private_key = $dir/ca/cakey.pem -RANDFILE = $dir/ca/.rand x509_extensions = usr_cert default_days = 999999 default_crl_days = 30 diff --git a/config/rootfiles/core/128/exclude b/config/rootfiles/core/128/exclude index b22159878..22cf4a994 100644 --- a/config/rootfiles/core/128/exclude +++ b/config/rootfiles/core/128/exclude @@ -11,7 +11,6 @@ etc/ipsec.user.secrets etc/localtime etc/shadow etc/snort/snort.conf -etc/ssl/openssl.cnf etc/sudoers etc/sysconfig/firewall.local etc/sysconfig/rc.local diff --git a/config/rootfiles/core/128/filelists/files b/config/rootfiles/core/128/filelists/files index 007c06ab7..f5a8913b4 100644 --- a/config/rootfiles/core/128/filelists/files +++ b/config/rootfiles/core/128/filelists/files @@ -2,6 +2,8 @@ etc/system-release etc/issue srv/web/ipfire/cgi-bin/credits.cgi var/ipfire/langs +etc/ssl/openssl.cnf etc/sysctl.conf srv/web/ipfire/cgi-bin/proxy.cgi usr/local/bin/xt_geoip_update +var/ipfire/ovpn/openssl/ovpn.cnf diff --git a/config/ssl/openssl.cnf b/config/ssl/openssl.cnf index 9d1e6e1ff..3b980fcd4 100644 --- a/config/ssl/openssl.cnf +++ b/config/ssl/openssl.cnf @@ -1,5 +1,4 @@ HOME = . -RANDFILE = /var/tmp/.rnd oid_section = new_oids
[ new_oids ] @@ -17,7 +16,6 @@ certificate = $dir/ca/cacert.pem serial = $dir/certs/serial crl = $dir/crls/cacrl.pem private_key = $dir/private/cakey.pem -RANDFILE = $dir/tmp/.rand x509_extensions = usr_cert default_days = 999999 default_crl_days= 30
hooks/post-receive -- IPFire 2.x development tree