From kroupware Fri Nov 17 08:24:22 2006 From: Bernhard Reiter Date: Fri, 17 Nov 2006 08:24:22 +0000 To: kroupware Subject: SSL/TLS entropy problem, aka pops timeouts (was: sasl ldap problem) Message-Id: <200611170924.26118.bernhard () intevation ! de> X-MARC-Message: https://marc.info/?l=kroupware&m=116375188915536 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--===============1648209343==" --===============1648209343== Content-Type: multipart/signed; boundary="nextPart14376963.hprLhOYtLo"; protocol="application/pkcs7-signature"; micalg=sha1 Content-Transfer-Encoding: 7bit --nextPart14376963.hprLhOYtLo Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi Divan, On Friday 17 November 2006 08:46, Divan Santana wrote: > I am glad to contribute this fix back. I hope someone finds it useful. > I think it might be kubuntu specific. > > http://www.kolab.org/pipermail/kolab-users/2006-February/004394.html > mv /dev/random /dev/random.backup > ln -s /dev/urandom /dev/random note that doing this is likely to weaken the encryption of your SSL and TLS connections. The applications that need higher quality entropy will use /dev/random and might now get lower quality. See http://en.wikipedia.org/wiki//dev/random for the differences of /dev/random and /dev/urandom. A better fix probably is to add a hardware entropy generator or to find out why the entropy is empty. > Can't believe that fixed it. I don't quite understand but at least its > working. > > Now POP doesn't time out randomly etc. If /dev/random does not have enough entropy ready it will block and thus cause a timeout. Bernhard =2D-=20 Managing Director - Owner, www.intevation.net (Free Software Company) Germany Coordinator, fsfeurope.org (Non-Profit Org for Free Software) www.kolab-konsortium.com (Email/Groupware Solution, Professional Service) --nextPart14376963.hprLhOYtLo Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDdTCCA3Ew ggLaoAMCAQICARgwDQYJKoZIhvcNAQEEBQAwNjELMAkGA1UEBhMCREUxGDAWBgNVBAoMD0ludGV2 YXRpb24gR21iSDENMAsGA1UEAwwEWlMgNDAeFw0wNTA3MTMxMzA2MDBaFw0wNzA3MTMxMzA2MDBa MEExCzAJBgNVBAYTAkRFMRgwFgYDVQQKEw9JbnRldmF0aW9uIEdtYkgxGDAWBgNVBAMTD0Jlcm5o YXJkIFJlaXRlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAp6cMiiZpKTE4dsuWPNDadP8z EZgXlMieBLD7IbJ+R01Te6FueHyLmSJ9QLD+KPLOOW/sbVd1y1GTBS5pfGkH6o7AXZCN0RvqiRsc DLwhB6ZNOsf0mH4DhDi8T8vMwpdPWFpB9ONczflQtTp2CCrRsYEg3fl05nvA1YI0noCbBwsCAwEA AaOCAYIwggF+MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMGQGA1UdHwRdMFswWaBXoFWG U2xkYXA6Ly9jYS5pbnRldmF0aW9uLm9yZy9jbj1aUyA0LCBvPUludGV2YXRpb24gR21iSCwgYz1E RT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0ME8GCWCGSAGG+EIBDQRCFkBFLU1haWwgQ2VydGlm aWNhdGVzIGZvciBJbnRldmF0aW9uIGFuZCBmcmllbmRzIChub24tcHJvZHVjdGlvbikuMB0GA1Ud DgQWBBT5ppI6jLkeKfCgqC0YpPmY44REjjBlBgNVHSMEXjBcgBTpC2Y1APybXfobl6bvbeeiCAqf FqFBpD8wPTELMAkGA1UEBhMCREUxGDAWBgNVBAoMD0ludGV2YXRpb24gR21iSDEUMBIGA1UEAwwL V3VyemVsIFpTIDOCAQEwIQYDVR0RBBowGIEWYmVybmhhcmRAaW50ZXZhdGlvbi5kZTANBgkqhkiG 9w0BAQQFAAOBgQA5iCFfCzwwjv8fdQdB97ccWppijG48GRYN2Xhp7/klz8gwLV/lspuqIo0hiQ/7 P6x6H7PfQkIHPFrs+ixPIIuI/pzNHAzHUKD+GE+GPFvhCkcW62niP1Kfyx419lqEqvV3b85qsM1A P/da2SzaSp0MyxLBm5SOXaHkrPaieZ4eiDGCAWswggFnAgEBMDswNjELMAkGA1UEBhMCREUxGDAW BgNVBAoMD0ludGV2YXRpb24gR21iSDENMAsGA1UEAwwEWlMgNAIBGDAHBgUrDgMCGqCBizAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjExMTcwODI0MjJaMCMGCSqG SIb3DQEJBDEWBBSEaFwE94aveevAjUhliv/xpI04wjAsBgkqhkiG9w0BCQ8xHzAdMA0GCWCGSAFl AwQBAgUAMAwGCCqGSIb3DQMHBQAwCwYJKoZIhvcNAQEBBIGAC2tE/8bGmA6OHo1N5PT3J0fEwtBK OvVcGtlGeMqLsAwNgLfh6RcTVqVi+u9zuznhaus00ko7oReJSP/vGaoxun/SkoRIjfDS+KhqQxVM 3DcYtedemnjDjC6KuTb5sPBj/Jw++Q2434yg/K2o+iQ7QqB7sVAWRdnlWrknQLXkzUMAAAAAAAA= --nextPart14376963.hprLhOYtLo-- --===============1648209343== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Kolab-users mailing list Kolab-users@kolab.org https://kolab.org/mailman/listinfo/kolab-users --===============1648209343==--