remove dangling references to --enable-crypto-rand in doc and comments

doc/arm/Bv9ARM-book.xml

@@ -4950,20 +4950,6 @@ badresp:1,adberr:0,findfail:0,valfail:0]
 		effect during the initial configuration load at server
 		startup time and is ignored on subsequent reloads.
 	      </para>
-	      <para>
-		If BIND is built with
-		<command>configure --disable-crypto-rand</command>, then
-		entropy is <emphasis>not</emphasis> sourced from the
-		cryptographic library. In this case, if
-		<command>random-device</command> is not specified, the
-		default value is the system random device,
-		<filename>/dev/random</filename> or the equivalent.
-		This default can be overridden with
-		<command>configure --with-randomdev</command>.
-		If no system random device exists, then no entropy source
-		will be configured, and <command>named</command> will only
-		be able to use pseudo-random numbers.
-	      </para>
 	    </listitem>
 	  </varlistentry>
 

lib/dns/include/dst/dst.h

@@ -158,7 +158,7 @@ dst_random_getdata(void *data, unsigned int length,
 		   unsigned int *returned, unsigned int flags);
 /*%<
  * Gets random data from the random generator provided by the
- * crypto library, if BIND was built with --enable-crypto-rand.
+ * crypto library.
  *
  * See isc_entropy_getdata() for parameter usage. Normally when
  * this function is available, it will be set up as a hook in the
@@ -167,7 +167,6 @@ dst_random_getdata(void *data, unsigned int length,
  *
  * Returns:
  * \li	ISC_R_SUCCESS on success
- * \li	ISC_R_NOTIMPLEMENTED if BIND is built with --disable-crypto-rand
  * \li	DST_R_OPENSSLFAILURE, DST_R_CRYPTOFAILURE, or other codes on error
  */
 

win32utils/Configure

@@ -361,8 +361,7 @@ my @allcond = (@substcond, "NOTYET", "NOLONGER");
 
 # enable-xxx/disable-xxx
 
-my @enablelist = ("crypto-rand",
-                  "developer",
+my @enablelist = ("developer",
                   "fixed-rrset",
                   "intrinsics",
                   "isc-spnego",
@@ -424,7 +423,6 @@ my @help = (
 "\nOptional Features:\n",
 "  enable-intrinsics     enable instrinsic/atomic functions [default=yes]\n",
 "  enable-native-pkcs11  use native PKCS#11 for all crypto [default=no]\n",
-"  enable-crypto-rand    use crypto provider for random [default=yes]\n",
 "  enable-openssl-hash   use OpenSSL for hash functions [default=yes]\n",
 "  enable-isc-spnego     use SPNEGO from lib/dns [default=yes]\n",
 "  enable-fixed-rrset    enable fixed rrset ordering [default=no]\n",
@@ -680,10 +678,6 @@ sub myenable {
         if ($val =~ /^yes$/i) {
             $enable_native_pkcs11 = "yes";
         }
-    } elsif ($key =~ /^crypto-rand$/i) {
-        if ($val =~ /^no$/i) {
-            $enable_crypto_rand = "no";
-        }
     } elsif ($key =~ /^openssl-hash$/i) {
         if ($val =~ /^yes$/i) {
             $enable_openssl_hash = "yes";
@@ -970,11 +964,6 @@ if ($verbose) {
     } else {
         print "native-pkcs11: disabled\n";
     }
-    if ($enable_crypto_rand eq "yes") {
-        print "crypto-rand: enabled\n";
-    } else {
-        print "crypto-rand: disabled\n";
-    }
     if ($enable_openssl_hash eq "yes") {
         print "openssl-hash: enabled\n";
     } else {
@@ -3399,7 +3388,6 @@ exit 0;
 #  --enable-developer partially supported
 #  --enable-newstats (9.9/9.9sub only)
 #  --enable-native-pkcs11 supported
-#  --enable-crypto-rand supported
 #  --enable-openssl-version-check included without a way to disable it
 #  --enable-openssl-hash supported
 #  --enable-threads included without a way to disable it