On 24.5.2004, at 10:43, David Keegel wrote:
I've been seeing the Dovecot/SSL/Fedora 1 problem.
I have a dovecot server which tends to die at least once a day, with messages like these :- May 24 13:44:44 mail pop3-login: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded May 24 13:44:44 mail dovecot: Login process died too early - shutting down
I noticed Timo's email about this at: http://www.dovecot.org/list/dovecot/2004-May/003316.html with the patch that just ignores the return code of RAND_bytes().
That fixes the crashes, but probably still causes occational problems with SSL connection handshakes failing.
Would disabling SSL in dovecot.conf also be a reasonable way of avoiding the problem of dovecot crashing?
My plan is to set ssl_disable = yes
If you don't need SSL, it's a good solution.
and also take out pops and imaps from protocols. That is a lot easier for me than getting source, patching it, re-compiling and re-installing.
We are using Fedora Core 1 (fedora-release-1-3 i386 rpm) Dovecot 0.99.10 (dovecot-0.99.10-4 i386 rpm) OpenSSL 0.9.7a (openssl-0.9.7a-33.10 i386 rpm)
This could also be fixed by patching OpenSSL (I think). Patch in https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=115284