apr ports devrandom option
in [Ports]
|
From: RW on 16 Jun 2010 19:01 The devel/apr* ports have an option to use /dev/random, which is on by default. I was wondering under what circumstances anyone would turn that off. As far as I can see switching it off doesn't replace /dev/random with anything else. _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Chuck Swiger on 16 Jun 2010 19:07 On Jun 16, 2010, at 4:01 PM, RW wrote: > The devel/apr* ports have an option to use /dev/random, which is on by > default. > > I was wondering under what circumstances anyone would turn that off. As > far as I can see switching it off doesn't replace /dev/random with > anything else. On some platforms, /dev/random and /dev/urandom used to provide different quality of random numbers-- FreeBSD simply uses Yarrow or a hardware RNG source if available. Even if you disable it, it's likely to just fall back to OpenSSL's source of random numbers, which probably is /dev/random anyway.... Regards, -- -Chuck _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: RW on 16 Jun 2010 20:00 On Wed, 16 Jun 2010 16:07:34 -0700 Chuck Swiger <cswiger(a)mac.com> wrote: > On Jun 16, 2010, at 4:01 PM, RW wrote: > > The devel/apr* ports have an option to use /dev/random, which is on > > by default. > > > > I was wondering under what circumstances anyone would turn that > > off. As far as I can see switching it off doesn't > > replace /dev/random with anything else. > > On some platforms, /dev/random and /dev/urandom used to provide > different quality of random numbers-- FreeBSD simply uses Yarrow or a > hardware RNG source if available. Even if you disable it, it's > likely to just fall back to OpenSSL's source of random numbers, which > probably is /dev/random anyway.... Right, but I'm asking about the "make config" port option, not the configure options to apr itself. OPTIONS= ... DEVRANDOM "Use /dev/random or compatible in apr" on \ .... ..if defined(WITHOUT_DEVRANDOM) CONFIGURE_ARGS+= --without-devrandom ..else CONFIGURE_ARGS+= --with-devrandom ..if defined(PKGNAMESUFFIX) PKGNAMESUFFIX:= ${PKGNAMESUFFIX}-devrandom ..else PKGNAMESUFFIX= -devrandom ..endif ..endif _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Chuck Swiger on 16 Jun 2010 20:45 On Jun 16, 2010, at 5:00 PM, RW wrote: > Right, but I'm asking about the "make config" port option, not the configure options to apr itself. When you enable the option via make config, apr's ./configure gets fed the appropriate flag: > OPTIONS= ... > DEVRANDOM "Use /dev/random or compatible in apr" on \ > ... > .if defined(WITHOUT_DEVRANDOM) > CONFIGURE_ARGS+= --without-devrandom > .else > CONFIGURE_ARGS+= --with-devrandom > .if defined(PKGNAMESUFFIX) > PKGNAMESUFFIX:= ${PKGNAMESUFFIX}-devrandom > .else > PKGNAMESUFFIX= -devrandom > .endif > .endif Regards, -- -Chuck _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: RW on 16 Jun 2010 21:14 On Wed, 16 Jun 2010 17:45:53 -0700 Chuck Swiger <cswiger(a)mac.com> wrote: > On Jun 16, 2010, at 5:00 PM, RW wrote: > > Right, but I'm asking about the "make config" port option, not the > > configure options to apr itself. > > When you enable the option via make config, apr's ./configure gets > fed the appropriate flag: Right, but my question was about why anyone would set the option to "off". On the face of it, it's a pointless option since turning it off either does nothing or it makes Apache less secure. _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
|
Next
|
Last
Pages: 1 2 Prev: stuff I'd like to have committed in time to make it into 8.1 Next: KDE 4.4.4 won't build |