From owner-svn-src-all@FreeBSD.ORG Sat Oct 12 16:44:18 2013 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6EE82874; Sat, 12 Oct 2013 16:44:18 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 329262611; Sat, 12 Oct 2013 16:44:17 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa07.fnfis.com (8.14.5/8.14.5) with ESMTP id r9CGiHg2026247 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sat, 12 Oct 2013 11:44:17 -0500 Received: from LTCFISWMSGMB21.FNFIS.com ([169.254.1.103]) by LTCFISWMSGHT04.FNFIS.com ([10.132.206.15]) with mapi id 14.02.0309.002; Sat, 12 Oct 2013 11:44:15 -0500 From: "Teske, Devin" To: Mark R V Murray Subject: Re: svn commit: r256377 - in head: etc/defaults etc/rc.d share/examples/kld/random_adaptor share/man/man4 sys/boot/forth sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe ... Thread-Topic: svn commit: r256377 - in head: etc/defaults etc/rc.d share/examples/kld/random_adaptor share/man/man4 sys/boot/forth sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe ... Thread-Index: AQHOx2kWmfQdvUXbBUerN/OTVWaLsg== Date: Sat, 12 Oct 2013 16:44:14 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D720FC5BF0D@LTCFISWMSGMB21.FNFIS.com> References: <201310121257.r9CCvvjO006546@svn.freebsd.org> <13CA24D6AB415D428143D44749F57D720FC5BE74@LTCFISWMSGMB21.FNFIS.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.121] Content-Type: text/plain; charset="iso-8859-1" Content-ID: <3FDE58464F455146BB1DC8A42F667F6C@fisglobal.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-10-12_01:2013-10-11,2013-10-12,1970-01-01 signatures=0 Cc: "svn-src-head@freebsd.org" , "svn-src-all@freebsd.org" , Devin Teske , "src-committers@freebsd.org" , "Teske, Devin" X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Devin Teske List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Oct 2013 16:44:18 -0000 On Oct 12, 2013, at 9:39 AM, Mark R V Murray wrote: >=20 > On 12 Oct 2013, at 17:35, "Teske, Devin" wrot= e: >> Can you maybe test with ZFS + Geli? I'm concerned because we told it to = use random(4) >> instead of urandom(4). I hope there's enough entropy when creating the g= eli stuff that >> said process doesn't hang. I think DES's patch will help there too (not = that anyone >> testing our ZFS patches reported any hangs... including when testing GEL= I -- this was >> before DES's patch). >=20 > urandom is a symlink to random. >=20 Hmmm, interesting ;D You know... for years I've been compiling a custom apache for $work and usi= ng the --with-random=3D/dev/urandom flag. And then recently in the past couple yea= rs in 8.x I recall having problems with a GnuPG related tool that would hang due to l= ack of entropy on a freshly installed box when generating "stuff" using random(4). Are the days of choosing between urandom(4) and random(4) over? Would SSL function great on a freshly installed box even if using random(4)= for apache? (it wants to default to /dev/random anyways) --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.