On 17/01/2006 10:40 a.m., Timo Sirainen wrote:
On Mon, 2006-01-16 at 13:35 -0800, Peter Hessler wrote:
That's silly. The first thing I try with any new install is test it out. The idea of generating the DH key during install is useful.
Well, the problem with this is that there's no standard way to "install Dovecot". Each binary package builder would have to do this separately. For people installing from sources there would have to be some special command for doing this and instructions for doing this.
Unless you mean that it should work exactly as now, except Dovecot shouldn't be left running in background before the DH parameters are generated? I don't see much difference here. And it'd need more code :)
As long as it is documented in the INSTALL file and/or WIKI then anyone who really cares about it will soon find out.
People do read those files, don't they? ;-)
It would be good if the dovecot master process can be started with a flag such as "dovecot -k", a DH key generated (only) and then the master process just die. This would allow things like RPM post scripts to generate the key at package install time before the package properly starts up. squid -z does this sort of thing for Squid too.
On the other hand:
Jan 17 10:52:55 tornado dovecot: Dovecot v1.0.beta1 starting up Jan 17 10:52:55 tornado dovecot: Generating Diffie-Hellman parameters for the first time. This may take a while.. Jan 17 10:53:00 tornado dovecot: SSL parameters regeneration completed
That's about 5s to generate the keys on my P4-2.8Ghz. Which hardly justifies an hour's worth of coding to let people know about a 5s once-off delay.
reuben