[Pkg-openssl-devel] Bug#922732: Bug#922732: openssl: ~/.rnd (RANDFILE) ignored

Thorsten Glaser tg at mirbsd.de
Wed Apr 15 14:41:58 BST 2020


tags 922732 + upstream
close 922732
thanks

Sebastian Andrzej Siewior dixit:

>| OpenSSL 1.1.1 introduced a new random generator (CSPRNG) with an improved
>| seeding mechanism. The new seeding mechanism makes it unnecessary to

Perhaps unnecessary, but perhaps a user wishes to carry extra state.

>| define a RANDFILE for saving and restoring randomness. This option is
>| retained mainly for compatibility reasons.
>
>The RANDFILE is gone from the default configuration (as shipped with the
>openssl package). If you add it manually, only a few commands, like
>`openssl ca', will continue to read and write that file. The `openssl
>rand' is not one of them.

That is incidentally the one I’d expect it to be present in the most.

Closing anyway, as this is apparently a deliberate change ☹

Thanks for following up,
//mirabilos
-- 
<cnuke> den AGP stecker anfeilen, damit er in den slot aufm 440BX board passt…
oder netzteile, an die man auch den monitor angeschlossen hat und die dann für
ein elektrisch aufgeladenes gehäuse gesorgt haben […] für lacher gut auf jeder
LAN party │ <nvb> damals, als der pizzateig noch auf dem monior "gegangen" ist



More information about the Pkg-openssl-devel mailing list