Make named and the rest of BIND seed their RNG from /dev/urandom, not /dev/random. Better would be to rip the enormous gonkulating RNG machinery out of libisc entirely. Later.
This commit is contained in:
parent
7d10db2303
commit
916085404d
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $NetBSD: named,v 1.24 2014/07/08 07:04:07 spz Exp $
|
||||
# $NetBSD: named,v 1.25 2014/07/13 22:06:56 tls Exp $
|
||||
#
|
||||
|
||||
# PROVIDE: named
|
||||
|
@ -101,7 +101,7 @@ named_precmd()
|
|||
;;
|
||||
esac
|
||||
|
||||
for i in null random; do
|
||||
for i in null random urandom; do
|
||||
if [ ! -c "${named_chrootdir}/dev/$i" ]; then
|
||||
rm -f "${named_chrootdir}/dev/$i"
|
||||
(cd /dev &&
|
||||
|
|
|
@ -14049,7 +14049,7 @@ $as_echo "unspecified" >&6; }
|
|||
devrandom=/dev/arandom
|
||||
;;
|
||||
*)
|
||||
devrandom=/dev/random
|
||||
devrandom=/dev/urandom
|
||||
;;
|
||||
esac
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $devrandom" >&5
|
||||
|
|
|
@ -930,7 +930,7 @@ case "$use_randomdev" in
|
|||
devrandom=/dev/arandom
|
||||
;;
|
||||
*)
|
||||
devrandom=/dev/random
|
||||
devrandom=/dev/urandom
|
||||
;;
|
||||
esac
|
||||
AC_MSG_RESULT($devrandom)
|
||||
|
|
|
@ -132,7 +132,7 @@ int sigwait(const unsigned int *set, int *sig);
|
|||
#endif /** SHUTUP_STDARG_CAST && __GNUC__ */
|
||||
|
||||
/** define if the system has a random number generating device */
|
||||
#define PATH_RANDOMDEV "/dev/random"
|
||||
#define PATH_RANDOMDEV "/dev/urandom"
|
||||
|
||||
/** define if pthread_attr_getstacksize() is available */
|
||||
#define HAVE_PTHREAD_ATTR_GETSTACKSIZE 1
|
||||
|
|
Loading…
Reference in New Issue