lp:~hloeung/ubuntu/trusty/pollen/depend-on-ent
- Get this branch:
- bzr branch lp:~hloeung/ubuntu/trusty/pollen/depend-on-ent
Branch merges
- Jamie Strandboge: Disapprove
-
Diff: 14 lines (+2/-2)1 file modifieddebian/control (+2/-2)
Related bugs
Related blueprints
Branch information
- Owner:
- Haw Loeung
- Status:
- Abandoned
Recent revisions
- 7. By Dustin Kirkland
-
* pollinate:
- remove sourcing of an rc config file from $HOME, per security
review from Seth Arnold
* pollinate.1:
- update documentation to note that multiple servers can be specified
on the command line
* debian/pollinate. default:
- use the entropy.ubuntu.com beta site for testing
- note that we're specifying the --insecure option here, as this is
very much a work in progress
* debian/pollinate. upstart:
- start pollinate when we have networking up and running, or
when we start ssh
* pollen.go:
- drop the nanosecond timestamp collection on the server
- a good server should have real entropy hardware, and a busy server
will have network traffic entropy already captured by the kernel
- Suggestion by Seth Arnold in a security review
* debian/pollen. default, pollinate:
- drop timestamp based salting, not terribly valuable
- per security review by Seth Arnold
* pollinate:
- drop unused $bin variable - 6. By Dustin Kirkland
-
* README:
- enhance and update design documentation
* debian/copyright:
- update to DEP-5 format - 5. By Dustin Kirkland
-
* check_pollen, debian/control:
- improve the nagios check
- warn if:
+ insufficient bytes are retrieved
+ less than 5-bits-per-byte of entropy are calculated
+ an out of whack arithmetic mean
- have pollen server recommend ent, which is used by the nagios check - 4. By Dustin Kirkland
-
* pollen-
nagios- check:
- added nagios check script
* check_pollen, debian/pollen. install:
- rename check script and install in nagios plugins directory - 3. By Dustin Kirkland
-
* README:
- update design documentation
* pollinate, pollinate.1:
- support printing random seed to standard out
- useful for debugging
- add a -q|--quiet option to silence log messages
* pollinate, pollinate.1:
- add an option for binary data output
* debian/pollen. default, debian/ pollen. upstart, pollen.8, pollen.go:
- re-enable support for both encrypted and non-encrypted connections
- use a go subroutine to serve both out of the same process
- document these changes
- default to 80 and 443, allow admin to override easily via config
* debian/control:
- update package descriptions
* pollinate:
- default to, but do not force, https - 2. By Dustin Kirkland
-
* pollen.go
- use a global for the dev writer
- write a few more timestamps into the mix during the response
handler
- change logging verbiage
* pollinate:
- use a single temp directory, rather than multiple temp files
- use a trap to cleanup the temp directory
- uptdate the logging verbiage
- use an etc default file if available
* debian/pollen. default:
- drop "TCP_" in the TCP_PORT variable
* pollen.go:
- just use two timestamps
* pollinate:
- improve usability; prepend https
* debian/pollinate. cron.d, debian/ pollinate. default,
debian/pollinate. upstart, pollinate, pollinate.1:
- use an upstart job, rather than an @reboot cronjob,
to do the initial prng seeding
- fix the default config file
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/pollen