Date: Thu, 17 Jun 2010 01:00:30 +0100 From: RW <rwmaillists@googlemail.com> To: ports@freebsd.org Subject: Re: apr ports devrandom option Message-ID: <20100617010030.3bb02931@gumby.homeunix.com> In-Reply-To: <732B2687-76E1-4693-8658-1C3C9B142542@mac.com> References: <20100617000106.2db70cb4@gumby.homeunix.com> <732B2687-76E1-4693-8658-1C3C9B142542@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Jun 2010 16:07:34 -0700
Chuck Swiger <cswiger@mac.com> wrote:
> On Jun 16, 2010, at 4:01 PM, RW wrote:
> > The devel/apr* ports have an option to use /dev/random, which is on
> > by default.
> >
> > I was wondering under what circumstances anyone would turn that
> > off. As far as I can see switching it off doesn't
> > replace /dev/random with anything else.
>
> On some platforms, /dev/random and /dev/urandom used to provide
> different quality of random numbers-- FreeBSD simply uses Yarrow or a
> hardware RNG source if available. Even if you disable it, it's
> likely to just fall back to OpenSSL's source of random numbers, which
> probably is /dev/random anyway....
Right, but I'm asking about the "make config" port option, not the
configure options to apr itself.
OPTIONS= ...
DEVRANDOM "Use /dev/random or compatible in apr" on \
...
.if defined(WITHOUT_DEVRANDOM)
CONFIGURE_ARGS+= --without-devrandom
.else
CONFIGURE_ARGS+= --with-devrandom
.if defined(PKGNAMESUFFIX)
PKGNAMESUFFIX:= ${PKGNAMESUFFIX}-devrandom
.else
PKGNAMESUFFIX= -devrandom
.endif
.endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100617010030.3bb02931>