[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim

From: Simon Josefsson
Subject: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Date: Thu, 06 Jul 2006 16:08:21 +0200
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)

Nikos Mavrogiannopoulos <address@hidden> writes:

> On Thu 06 Jul 2006 15:37, Simon Josefsson wrote:
>> > That bug appears to be active, or maybe it should be called a
>> > "known issue," as that is what the debian people call it. Here is a
>> > link to the description of the issue,
>> >
>> > My understanding is that GnuTLS does not generate enough entropy to
>> > satisfy exim's requirements. Can this issue be addressed?
>> I'd love to help on this, but IIRC, the earlier reports were so vague
>> that there wasn't much to work on.
>> One problem was generation of DH or RSA parameters, but the proper
>> solution to that is to generate it in an external process in a cron
>> job every day or similar.  Then an exhausted entropy pool shouldn't
>> hang exim.
> This was a problem in exim, which generated those parameters during a
> connection. But as far as I know this has been solved in debian. The
> parameters are now generated off-line with certtool.

Then presumably the issue can be solved by back-porting the fix to
Debian sarge.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]