On 2016/01/11 12:53, Henrik Friedrichsen wrote:
> Hey,
>
> this patch will update prosody to version 0.9.9 coming with security
> and other improvements.
>
> Included is a new patch from upstreaming disabling /dev/urandom entropy
> feeding as the prosody user has no write access to it, therefore
> crashing prosody when this code is enabled. This was also discussed with
> upstream developers.
>
> More information regarding this:
> - https://prosody.im/issues/issue/585
> - https://hg.prosody.im/0.9/rev/ad9e683b8f0b
>
> OK?
> Henrik
> --# First, `make yourhost.cnf` which creates a openssl config file.
> -+# First, `${MAKE_PROGRAM} yourhost.cnf` which creates a openssl config file.
Committed, but I've re-added the make/${MAKE_PROGRAM} parts,
certs/Makefile (which gets installed and maybe run by the user)
still needs gmake. It would be nicer to convert this particular
Makefile to avoid GNU extensions but I'm not sure how.
(btw, as a general rule I'd prefer it if we didn't include
pre-generated cert/keys in packages, even if they're just meant
as examples, what do you think about removing them?).
