diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-12-17 12:19:27 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-12-17 12:19:27 +0000 |
commit | 099e9b655e912193ffc9a5c200884501cc3a758f (patch) | |
tree | 4cad74f5bbb732569a426fecf7e03252008ff1d3 /sys-apps/rng-tools | |
parent | Version bump. (diff) | |
download | historical-099e9b655e912193ffc9a5c200884501cc3a758f.tar.gz historical-099e9b655e912193ffc9a5c200884501cc3a758f.tar.bz2 historical-099e9b655e912193ffc9a5c200884501cc3a758f.zip |
Remove direct uses of /dev/urandom — if the user wants to, they can do it explicitly; also update the upper limit for the watermark in the comment so that users know to check the poolsize (hardened can be much bigger than 4k). No revision bump since it's non-default behaviour anyway.
Package-Manager: portage-2.2.0_alpha149/cvs/Linux x86_64
Manifest-Sign-Key: 0x1CD13C8AD4301342
Diffstat (limited to 'sys-apps/rng-tools')
-rw-r--r-- | sys-apps/rng-tools/ChangeLog | 9 | ||||
-rw-r--r-- | sys-apps/rng-tools/Manifest | 20 | ||||
-rw-r--r-- | sys-apps/rng-tools/files/rngd-confd-4.1 | 10 | ||||
-rw-r--r-- | sys-apps/rng-tools/files/rngd-initd-4.1 | 3 |
4 files changed, 20 insertions, 22 deletions
diff --git a/sys-apps/rng-tools/ChangeLog b/sys-apps/rng-tools/ChangeLog index e742ef3615a9..282c4078908d 100644 --- a/sys-apps/rng-tools/ChangeLog +++ b/sys-apps/rng-tools/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/rng-tools # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/ChangeLog,v 1.38 2012/12/17 11:19:35 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/ChangeLog,v 1.39 2012/12/17 12:19:19 flameeyes Exp $ + + 17 Dec 2012; Diego E. Pettenò <flameeyes@gentoo.org> files/rngd-confd-4.1, + files/rngd-initd-4.1: + Remove direct uses of /dev/urandom — if the user wants to, they can do it + explicitly; also update the upper limit for the watermark in the comment so + that users know to check the poolsize (hardened can be much bigger than 4k). + No revision bump since it's non-default behaviour anyway. *rng-tools-4-r5 (17 Dec 2012) diff --git a/sys-apps/rng-tools/Manifest b/sys-apps/rng-tools/Manifest index 2e8f9e568b54..f6f58316f27b 100644 --- a/sys-apps/rng-tools/Manifest +++ b/sys-apps/rng-tools/Manifest @@ -5,10 +5,10 @@ AUX 2/rngd 1488 SHA256 00f8d05292565feb750d20af4ff6ff8ee20a14ae09c0164ec7b6b4b1e AUX 2/rngd-conf 259 SHA256 4dff7a0c8406f5344f71d236e755877388e93ff6728eedfdfe6921b3de41d137 SHA512 68e08ff2dbcbb6b4dc6235ba86070b296aa6439f17dbf61d8d992e08790a57d52cece0fc2c3b384b10df66868676ae2202621eb2fc18154eb2c7ba2cd8f74ee5 WHIRLPOOL 58f6e9e8975bf8abee0ef944ce48e4eced5c0d06e157b3e3fafdb55dee218399a47d2f7bbd04376e6d4d20e426ec7d2f75e1729f854e8062c997b3a972d801e8 AUX rngd-confd-3 714 SHA256 542ef931152a71888b8d1ebb2c1f5d43edefcd2902d616d635e1d15a0e742519 SHA512 398c31775d10e8f54717c05228bfc9166d260ae51e90c9819109ffd6086d41c7b48236e3c56dd71e0dacb6f10a881349bb14cf02e942933093fd15ca0068bd0a WHIRLPOOL 0e2d71c005452c865dee38bded6a9ddea048e28c09ee17160fd7da51913987d38e7a96d4ff517105b567e6f25783441834ca4621f590227747a4b55e29519b85 AUX rngd-confd-4 625 SHA256 f2d91a9a3ae1d765bf705a5498cbb201427f9ef475e3eb31aa43b1eb8b88af42 SHA512 9a0f938e7df70a4dbc5eaed48fe6f7713fae17b32993da500bc3066e9b55e9e59b646eb2c730e5cd57ce7f966d90c4a91a046d070c456f0dcb7f7032ef61ef80 WHIRLPOOL 2b8e9a9a157a922837e525fdca398f0c5de63e9fe3dfe7673320731d5bf359ada4b47cfb05f37b3e7fdb3099c334101a9fb0147a46cb7e4f6d11955b076a2ef1 -AUX rngd-confd-4.1 900 SHA256 7323dfcc7964e026eebfdf4df3fa68fc575df1954bf69901c61bb6fe9d5a8830 SHA512 d415d466e8ef40d3d8460aaab4449dae73d24ed1f821652f1cba31041c9defee7d2ff1471a0394b4084ccc205622db3d9272c3d6c1cc3458ff4ed85d788f01e2 WHIRLPOOL b7a76d24d3f8a3289d6ae5fc0b8d2478c4463b5ce9f541b46f28a6e3d274806225fd8ef901f4dcc0b2ad7c23e89ea579713133fde4cb14c4bf04900a1cf57be7 +AUX rngd-confd-4.1 562 SHA256 cdbd39f7446f12a9b78e87e9f135cfd0f6f364c4fa4ade0c96084b85c32afc38 SHA512 45e0e9cbe0180162f659bf05c15ee99fb8c1b80274cd8744384ba7f791b1c9a46a63e81eea665b4f492c13b7d5cc1fdb6e524a49a25af77f3791f527b31f688b WHIRLPOOL 87634cea70a1c8ffa7598cc8b0d93c79578433cc21b58bb13bc9144502b9502e2c4f151bcf282ad4ccef44a931f1be5d1e87ff7b9b6d07cfa0a4c288b4172ec3 AUX rngd-initd-3 1822 SHA256 39ddbbe1caaa1404799b535ef2af63ccefc9150aa0cfa7ae43716f7f890f84fd SHA512 f21b850db5098cdf64dbfdba3c22198bfbd3d513db9c217c6a3242c85d6374d8c66697b61aef4f7536e95dce8f639ee224d0a517f2d85cddae661419e7b1f5b7 WHIRLPOOL d99393693d6034b6d2a49c3d0ae2cff7bf14632e132a69470dc2a339efaa53ac8f600410b50c2f744d0dd17fa90271f72fcae04da437f23af9efe872a7127af3 AUX rngd-initd-4 1598 SHA256 3984d71b14ec46ea15a14fa5a05f821b2d7dbd76059617e77964326a5c62060e SHA512 c5bc6753a055af0f94966eedcd4289fe5cd5d82fbe96f731e5f0f80f6d2deb9818913843f8adfa8b38b6b67f71ef03544c3ed79865decaf54cb96c24104dc6a7 WHIRLPOOL 8be1f62c4cf8d5f9929a515bbcf7b29f28c809624e940561121f9f1d0feb1659278fab9be4e721c70b43ec2b2c6fa6355df83f537e9cc51c95d155c4428da03a -AUX rngd-initd-4.1 982 SHA256 e653aedffb4b985f193e2e780176f91f2934301f4ec42bb3ffd0a7c5d90d39ac SHA512 c275c02faa39bc1733f8889c44b4e992a5d4dfc2079e84b9b7a8abc1f1eb1ccc424c2006fdfb4e16e0451f8cd07d1c4b99e194672a7315a50ac669cbce3f3093 WHIRLPOOL e8e80839ffc507cae3e550d46118af9f5659e955c9d8c458f550b7dfebc9ecfc01b248825affab73ebd066cefea92d82e50ff5f8161466bdcd076d1cd5bb479e +AUX rngd-initd-4.1 899 SHA256 5e4d5bd476cb714c6b4ad21e56d512ad0f992d9f0114fabb6acd2d456b2c62f0 SHA512 d9092bafa134d14057f214b4c9048ef99a9c939cf6c28e7d188808f2ed50a7d400119bd23e7f169ab9c4b9ca9bf1c80b57d8e4cf12d6122ad6595084616dc007 WHIRLPOOL 6c4f36611c088b2ea29254c46d00bb0d515e6f9d21014e1958b2856a8360e0b28b4c40eaf5f66d3bd5cbbf1a5bde686c2aadeb1febe6ac91694a858b37390daf AUX test-for-argp.patch 1318 SHA256 222ee3b8bfbe4827140a67af4b8d170aaa135d5317e3a40b236f8d79a06c4274 SHA512 9418bea246052391e9dab1583a7e44c47f87c34d39860c76bf11090fd397ea70ec76cb7e4c91afbe1f18a19c6f8767e0e6ceec02fbd7ef8204e8ab168f3077d8 WHIRLPOOL a54d1e8f4d3e1070cda067120318d775f0a768836984c831cc84929801d29e5f7c694e90e96926e52af57d509a52d4340c3cf9ee847782927d3dfa16fa3f758b DIST rng-tools-2.tar.gz 86429 SHA256 1126f0ecc8cab3af14a562cddc5d8ffeef47df7eba34a7aadcdee35a25ec2b1e SHA512 9a4835c0a9f1e9cef05ebaad98658bd4a405b3cd644f7330a308958337d089263409a5920f7533bf24c0b4d9edf7cc809152cc954148832c31896c1084fa93b1 WHIRLPOOL 8a4e9d054405ac93be6df1b1ae6c63f1bfad8082bd0515100d87a8f49b54d913fc8363d2d7d513ace506096961cbbb66cf18f1191c8561c8c613c1ba345d7ecf DIST rng-tools-3.tar.gz 102366 SHA256 27f8041836f74342268aed4acdc28bcc0438b8461695d277cb81096d7ecaf4cc SHA512 37818c4c77627828e7d6527d18b7fb3a810dc68e6c2138bbccd470ceba0e497e91d2f1b96af2264494f36216eb81efd79a1eb35f3134dca9928d838db585e295 WHIRLPOOL 716258c1fb24ac129e7041d619560029bf0b1a68d1587374e8057af429d08b58f0563d2ea693980185a2828b67a24bc9b4febf4d3279e22710948c817678f96e @@ -18,16 +18,16 @@ EBUILD rng-tools-3-r1.ebuild 812 SHA256 2dfc702529144467a9c468fc82c9c4dc95dd5cd7 EBUILD rng-tools-3.ebuild 760 SHA256 643394e8733c3004af0326658d6a0795f69d9fa65b39ee9e63ed0ce19a472206 SHA512 254406e4647b4ea176bc12e822916e2b807852731c7ab932181e7c65dbb447b827840fe7f8bdf79f450cb261d6e1a3226e923110ea20c547d1907e2ff21ba21b WHIRLPOOL 08e6099eb5194ab5e28ba7ac8af7ed5907bb8c374fd9a28b53e2c42c64c2a20d9814d3c50b44a858827fc8fc8d52b3e6551353ac992cba657a7a3f3868c02105 EBUILD rng-tools-4-r1.ebuild 792 SHA256 38f15cf03a21bf6360a66fcdb346767d361f5f1f6dafdf517f168e0310294324 SHA512 ab99f62ca397099fa2953759e4528729cf78e5c701d8689a9fbe41f3015f5c2d35196e2729e77916bef376f6b2697458b196a4b5dac240e590fadeff6d7c28f4 WHIRLPOOL 66e403e660ef5a144698237c27da8f5a16ca700898080cd285ef99ab4ac9e83b97ca873d7c4ad9479ce1e6d715be1da7bc2482782a8fff19e0d98043ffc8ec99 EBUILD rng-tools-4-r5.ebuild 799 SHA256 d8280eee46c38ca1021435fe10c8151152c68f82ede4c1dabac36ae50e3fa3ec SHA512 6c73b8867c909b12f49477bb5d8dafdd05c6b7b4389ccd798c9c1ebeff5c825447a1a0d44cef94c6763197967d819b6d0c585a0612fa1bf98562c7f1203dc83b WHIRLPOOL 0285500ba0dfe770aaab50e797bacb86abecbefa75eaf857be8bc5bb34c4aecac10ed34acbe833267d2ccb8d22b53e6e9e57bfe00da154c7894a973458d8c951 -MISC ChangeLog 6309 SHA256 490324f229f9ccc905f726207337a1b7962694f50194607f6e813566a3c3feb8 SHA512 6eaa3f1f6c3c990d3e33553516cf28a18022c11c93ab3924a52589b601441a6cb177eb84208092d5d6f33f870ccde7b0360023f0b67de6142373697896603914 WHIRLPOOL a3726c42bd86b8d6332d1f65324a400572818e0ba6d4b50691d7889783100caddae1b9644819a3211a959dd60369a8412d7964f5ccddf3a82caa20e0404847a7 +MISC ChangeLog 6707 SHA256 7ade67ec7576771b5be606d8af0d70505eb3ad3795067f2a754dbd64455d1944 SHA512 73fb7a28aa90cd3200e6446e58d110bffb6f9670a283e3961abf861cbe9bfbaa1ba474890cf8264bde28d2a580b5e9493c746e978ad3e266416f6a351a76b3ec WHIRLPOOL 31708314015916720c9b11bda1bbe1d75ceea33a7081a2016e57f05819af152353f2e52974fec7bdd442a78b214960959ce30d24c4f6a99058364adb7302e212 MISC metadata.xml 165 SHA256 23a8851c12bd4cf7cf0528250ad5605be6b0780bbec0c51331d6d2c618c13f6a SHA512 3f1bee5d098a4e5874df3af56169397cc3ed526f9c56004b9ccaa4c5cf02d4affd894400b88f50f3c19bf5ba3ae06f3d4d2cfa5c15e97b7d4c33053e5f0f63c5 WHIRLPOOL 070ba3ff0b1ea000c90d8af13cdac14693dc5d9dcc8d8ba89cf9bdbe91196e3cf9e72bd2f01cd5efc1ddab63b83184159298d1ee891bc123107ea6891ad612d2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iQEcBAEBCAAGBQJQzv/OAAoJEBzRPIrUMBNCip8H/37UwcGjua/+4u9g2CDHMgD4 -za+Xivxd2OK1DnxDyxCCN2XG/5L6LYwfGLOMe6Y14XU+Q1W6RGEFaNGuvG/tYGKG -39lkNjT7T9BDx3bhC/7jL/XdkWMZnQrx7JFsRv5/hkI1bZK5R751WPG8Wlql7LBo -UCG+jMgL4O0XntLzUpx35BGcfv5JXyykQSB116xVYq8v40rAF938cH0EfreYwzEd -+1uTnKuhMbSBpFW5LwImqCDt1CifIFbAufaMZFd8x8zdzlfsCnv2t4cJv3S2wJ9O -Q+Re1HO+YJCmve93oAUUm2mFJFMFUGgKOPEpowQxP3gBQ97PE2Pqlk9/psXAjgk= -=jFF1 +iQEcBAEBCAAGBQJQzw3PAAoJEBzRPIrUMBNC9y4H/iQmq/OpHilbOmqy0w4twWw0 +YBC/Y1OrMDRy9vAl02FBbSIO1yZd9mQLDOjbVo6ycaQLDqvBGQ7+TsmanQK1CazB +zkNfU9RYr5IyhUw2jKpTkUbev912F70Di2YDlXHYHqCXh4DH8cQkuSbmaa3ohTBl +WMS+FmCkwVsOu+Rt74y9FptUiZOn0i5GjtR5xOcwP0gv00gEWK5UgpzSGZ505tBl +W13rTWTc3xuDBi9560mvGAYPJTVUPBXaEVkbVwCQ1jmccoDN4e+3YlPTr6NclnuN +T6ZTLmwuwDyz+BVPXjPf4DuDRXlyj5xdfv3yhkEorLFd9cieGhHx8AQhpifguko= +=26jk -----END PGP SIGNATURE----- diff --git a/sys-apps/rng-tools/files/rngd-confd-4.1 b/sys-apps/rng-tools/files/rngd-confd-4.1 index c4303ba5448a..77e5db583458 100644 --- a/sys-apps/rng-tools/files/rngd-confd-4.1 +++ b/sys-apps/rng-tools/files/rngd-confd-4.1 @@ -18,13 +18,5 @@ STEP=64 # NO_DRNG=1 # Fill watermark -# 0 <= n <= 4096 +# 0 <= n <= `sysctl kernel.random.poolsize` WATERMARK=2048 - -# Bug #292239: Remixing /dev/urandom back into /dev/random is -# considered a security vulnerability in some cases where not enough -# entropy is present on systems. If you don't have a real random -# hardware generator, you're suggested to use a software designed for -# the particular task of creating new entropy, such as -# sys-apps/haveged. -DO_NOT_REMIX_URANDOM=1 diff --git a/sys-apps/rng-tools/files/rngd-initd-4.1 b/sys-apps/rng-tools/files/rngd-initd-4.1 index 54debbfbccf6..12ca56e595f9 100644 --- a/sys-apps/rng-tools/files/rngd-initd-4.1 +++ b/sys-apps/rng-tools/files/rngd-initd-4.1 @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/files/rngd-initd-4.1,v 1.4 2012/12/17 11:19:35 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/files/rngd-initd-4.1,v 1.5 2012/12/17 12:19:19 flameeyes Exp $ depend() { need localmount @@ -11,7 +11,6 @@ depend() { # Do NOT add /dev/tpm to this. DEFAULT_DEVICE="/dev/hw_random* /dev/hwrandom* /dev/i810_rng /dev/hwrng*" -[ $DO_NOT_REMIX_URANDOM -eq 0 ] && DEFAULT_DEVICE="${DEFAULT_DEVICE} /dev/urandom" find_device() { local d |