[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] gnutls_rsa_params_init hangs. Is regenerating rsa-params on
[gnutls-dev] gnutls_rsa_params_init hangs. Is regenerating rsa-params once a day to frequent?
Tue, 14 Dec 2004 12:03:21 +0100
exim4 uses gnutls for TLS/SSL and we (on Debian) have chosen to
configure it to regenerate rsa and dh params once a day. However
promptly after this change we received a bug-report telling us that
exim just hang. Further analysis showed that
got stuck on his system, waiting indefinitely for new data to appear
I am a little bit at loss on how to deal with this. Is "once a day"
too frequent as a default value?
Can (Should) gnutls_rsa_params_generate2 deal more gracefully with
systems with little data in /dev/random (by using urandom after a
timeout or supporting alternative entropy gathering devices?)
Is exim faulty for running gnutls_rsa_params_generate2 while handling
an incoming connection? (Not faulty as in in "not optimal" but as in
"the stupiest idea I've ever heard of, everybody using gnutls seriously
knows that you put running gnutls_rsa_params_generate2 in a separate
The bug submitter is running Linux kernel 2.6.8-something if that is
of any help.
thanks, cu andreas
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
Description: Digital signature
- [gnutls-dev] gnutls_rsa_params_init hangs. Is regenerating rsa-params once a day to frequent?,
Andreas Metzler <=