[Dovecot] Dovecot + SSL + Fedora
Timo Sirainen
tss at iki.fi
Mon May 24 19:50:54 EEST 2004
On 24.5.2004, at 10:43, David Keegel wrote:
> I've been seeing the Dovecot/SSL/Fedora 1 problem.
>
> I have a dovecot server which tends to die at least once a day,
> with messages like these :-
> May 24 13:44:44 mail pop3-login: RAND_bytes() failed:
> error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
> seeded
> May 24 13:44:44 mail dovecot: Login process died too early - shutting
> down
>
> I noticed Timo's email about this at:
> http://www.dovecot.org/list/dovecot/2004-May/003316.html
> with the patch that just ignores the return code of RAND_bytes().
That fixes the crashes, but probably still causes occational problems
with SSL connection handshakes failing.
> Would disabling SSL in dovecot.conf also be a reasonable way of
> avoiding the problem of dovecot crashing?
>
> My plan is to set
> ssl_disable = yes
If you don't need SSL, it's a good solution.
> and also take out pops and imaps from protocols. That is a lot
> easier for me than getting source, patching it, re-compiling and
> re-installing.
>
> We are using
> Fedora Core 1 (fedora-release-1-3 i386 rpm)
> Dovecot 0.99.10 (dovecot-0.99.10-4 i386 rpm)
> OpenSSL 0.9.7a (openssl-0.9.7a-33.10 i386 rpm)
This could also be fixed by patching OpenSSL (I think). Patch in
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=115284
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20040524/2ce1fff3/attachment-0001.bin>
More information about the dovecot
mailing list