Created by Ubuntu Package Importer on 2014-10-22 and last modified on 2015-10-13
Get this branch:
bzr branch lp:ubuntu/trusty-security/pollinate
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

12. By Robie Basak on 2015-10-13

Add "DigiCert Global Root CA" certificate from ca-certificates
package to entropy.ubuntu.com.pem. This is required to correctly
verify against the new entropy.ubuntu.com SSL certificate.

11. By Dustin Kirkland  on 2015-08-11

* entropy.ubuntu.com.pem: LP: #1483762
  - entropy.ubuntu.com SSL is coming up for renewal on 2015-09-15
  - update the certs for the pollinate package
  - Note that this changes the issuing CA to DigiCert, which requires
    a new intermediary.

10. By Dustin Kirkland  on 2014-10-21

* debian/patches/1381359.patch: LP: #1381359
  - update expiring SSL certificate

9. By Dustin Kirkland  on 2014-03-07

  - update documentation; pollinate no longer runs daily
* entropy.ubuntu.com.pem: LP: #1304777
  - entropy.ubuntu.com re-keyed SSL certs due to heartbleed OpenSSL

8. By Dustin Kirkland  on 2014-02-28

* debian/pollinate.default:
  - move the default from POOL to SERVER
  - this way, someone can zero out SERVER, whereas POOL is always additive
* pollinate:
  - save a few forks of hostname
* debian/pollinate.upstart, pollinate: LP: #1286316
  - now that cloud-init itself is calling pollinate, remove the
    "start on starting cloud-init" trigger
  - when running pollinate through cloud-init, we are not guaranteed
    that syslog will be up, and smoser insists on running pollinate --quiet
    thus we will quietly log our pollinate activity in

7. By Dustin Kirkland  on 2014-02-28

* pollinate:
  - fix exit, when in testing mode

6. By Dustin Kirkland  on 2014-02-28

* pollinate:
  - relocate the testing string
* pollinate, pollinate.1:
  - when testing, force the out to stdout

5. By Dustin Kirkland  on 2014-02-17

[ JuanJo Ciarlante and Dustin Kirkland ]
* pollinate, pollinate.1:
  - add a -t|--testing flag, to verify communications with a pollen
    server; useful with the pollen nagios check
  - can run as a non-privileged user
  - does NOT affect the local PRNG

4. By Dustin Kirkland  on 2014-02-11

* debian/pollinate.default:
  - use curl --capath /dev/null by default, to mitigate SSL CA MitM
    attacks, since we're shipping our own public cert

3. By Dustin Kirkland  on 2014-02-11

* pollinate, pollinate.1:
  - remove unused variable f2
  - add support for -n|--no-challenge argument
  - this technically makes it possible to use any arbitrary
    URL as an entropy server
    + e.g. random.org, news.google.com
  - document the option in the manpage
* pollinate:
  - move CURL_OPTS to the end of the line, so that the admin can override
    any curl option, such as the user-agent string in /etc/default/pollinate

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.