[Dovecot] Dovecot + SSL + Fedora
tss at iki.fi
Mon May 24 19:50:54 EEST 2004
On 24.5.2004, at 10:43, David Keegel wrote:
> I've been seeing the Dovecot/SSL/Fedora 1 problem.
> I have a dovecot server which tends to die at least once a day,
> with messages like these :-
> May 24 13:44:44 mail pop3-login: RAND_bytes() failed:
> error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
> May 24 13:44:44 mail dovecot: Login process died too early - shutting
> I noticed Timo's email about this at:
> with the patch that just ignores the return code of RAND_bytes().
That fixes the crashes, but probably still causes occational problems
with SSL connection handshakes failing.
> Would disabling SSL in dovecot.conf also be a reasonable way of
> avoiding the problem of dovecot crashing?
> My plan is to set
> ssl_disable = yes
If you don't need SSL, it's a good solution.
> and also take out pops and imaps from protocols. That is a lot
> easier for me than getting source, patching it, re-compiling and
> We are using
> Fedora Core 1 (fedora-release-1-3 i386 rpm)
> Dovecot 0.99.10 (dovecot-0.99.10-4 i386 rpm)
> OpenSSL 0.9.7a (openssl-0.9.7a-33.10 i386 rpm)
This could also be fixed by patching OpenSSL (I think). Patch in
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 186 bytes
Desc: This is a digitally signed message part
More information about the dovecot