[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 898fe209ff2b72dfdc54e8bac8b99d1644b14eb0

[Michael Tremer <git@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 3712 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  898fe209ff2b72dfdc54e8bac8b99d1644b14eb0 (commit)
       via  a946892338329dbee0289132413d4849e3641f7e (commit)
      from  61ee842911ec21254931cd52bd601ee3d28033c6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 898fe209ff2b72dfdc54e8bac8b99d1644b14eb0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Jan 29 13:51:37 2019 +0000

    core128: Ship updated OpenSSL configuration files
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit a946892338329dbee0289132413d4849e3641f7e
Author: Erik Kapfer <ummeegge(a)ipfire.org>
Date:   Tue Jan 8 20:33:32 2019 +0100

    del_rand: Deletion of RAND file in openssl config
    
    Fixes #11943
    
    Since the kernel RNG should do this, there is no need for this anymore.
    
    Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org>
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/ovpn/openssl/ovpn.cnf              | 2 --
 config/rootfiles/core/128/exclude         | 1 -
 config/rootfiles/core/128/filelists/files | 2 ++
 config/ssl/openssl.cnf                    | 2 --
 4 files changed, 2 insertions(+), 5 deletions(-)

Difference in files:
diff --git a/config/ovpn/openssl/ovpn.cnf b/config/ovpn/openssl/ovpn.cnf
index 40daf2a0a..96c3dcb09 100644
--- a/config/ovpn/openssl/ovpn.cnf
+++ b/config/ovpn/openssl/ovpn.cnf
@@ -1,5 +1,4 @@
 HOME				= .
-RANDFILE			= /var/ipfire/ovpn/ca/.rnd
 oid_section			= new_oids
 
 [ new_oids ]
@@ -17,7 +16,6 @@ certificate			= $dir/ca/cacert.pem
 serial				= $dir/certs/serial
 crl				= $dir/crl.pem
 private_key			= $dir/ca/cakey.pem
-RANDFILE			= $dir/ca/.rand
 x509_extensions			= usr_cert
 default_days			= 999999
 default_crl_days		= 30
diff --git a/config/rootfiles/core/128/exclude b/config/rootfiles/core/128/exclude
index b22159878..22cf4a994 100644
--- a/config/rootfiles/core/128/exclude
+++ b/config/rootfiles/core/128/exclude
@@ -11,7 +11,6 @@ etc/ipsec.user.secrets
 etc/localtime
 etc/shadow
 etc/snort/snort.conf
-etc/ssl/openssl.cnf
 etc/sudoers
 etc/sysconfig/firewall.local
 etc/sysconfig/rc.local
diff --git a/config/rootfiles/core/128/filelists/files b/config/rootfiles/core/128/filelists/files
index 007c06ab7..f5a8913b4 100644
--- a/config/rootfiles/core/128/filelists/files
+++ b/config/rootfiles/core/128/filelists/files
@@ -2,6 +2,8 @@ etc/system-release
 etc/issue
 srv/web/ipfire/cgi-bin/credits.cgi
 var/ipfire/langs
+etc/ssl/openssl.cnf
 etc/sysctl.conf
 srv/web/ipfire/cgi-bin/proxy.cgi
 usr/local/bin/xt_geoip_update
+var/ipfire/ovpn/openssl/ovpn.cnf
diff --git a/config/ssl/openssl.cnf b/config/ssl/openssl.cnf
index 9d1e6e1ff..3b980fcd4 100644
--- a/config/ssl/openssl.cnf
+++ b/config/ssl/openssl.cnf
@@ -1,5 +1,4 @@
 HOME		= .
-RANDFILE	= /var/tmp/.rnd
 oid_section	= new_oids
 
 [ new_oids ]
@@ -17,7 +16,6 @@ certificate	= $dir/ca/cacert.pem
 serial		= $dir/certs/serial
 crl		= $dir/crls/cacrl.pem
 private_key	= $dir/private/cakey.pem
-RANDFILE	= $dir/tmp/.rand
 x509_extensions	= usr_cert
 default_days	= 999999
 default_crl_days= 30


hooks/post-receive
--
IPFire 2.x development tree