Red Hat Bugzilla – Bug 103378
sasl server code hung up reading /dev/random
Last modified: 2007-04-18 12:57:15 EDT
Description of problem:
This is same thing as reported for httpd server
at bug #103049.
Please don't use /dev/random in operational authentication applications.
Version-Release number of selected component (if applicable):
Current RawHide (or maybe couple weeks old)
Steps to Reproduce:
1. Cyrus SASL server code running without any particular configuration
2. Commence authentication exchange with CRAM-MD5
3. Observe process hanging, when /dev/random blocks after entropy
reservoir estimate goes to zero.
Server process hanging on read() of /dev/random.
(That can be debated about, but not hanging.)
A dirty fix is what I did for bug #103049, namely cloning
/dev/urandom with name /dev/random.
It isn't kosher, nor pretty, but avoids unnecessary service tie-ups.
The Apache (httpd-2.0) is switching to use /dev/urandom, why the
Cyrus-SASL library could not do the same ?
Fixing for 2.1.15-6. Thanks!
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.