Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 103378

Summary: sasl server code hung up reading /dev/random
Product: [Retired] Red Hat Raw Hide Reporter: matti aarnio <matti.aarnio>
Component: cyrus-saslAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-05-12 02:22:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 100644    

Description matti aarnio 2003-08-29 15:08:05 UTC 
Description of problem:
 This is same thing as reported for  httpd  server
 at bug #103049.

 Please don't use  /dev/random  in operational authentication applications.


Version-Release number of selected component (if applicable):
 Current RawHide (or maybe couple weeks old)

How reproducible:
 Always

Steps to Reproduce:
1. Cyrus SASL server code running without any particular configuration
2. Commence authentication exchange with CRAM-MD5
3. Observe process hanging, when  /dev/random  blocks after entropy
   reservoir estimate goes to zero.
    

Actual Results:
  Server process hanging on read() of /dev/random.

Expected Results:
  Successfull authentication.
  (That can be debated about, but not hanging.)


Additional info:

  A dirty fix is what I did for bug #103049, namely cloning
  /dev/urandom  with name  /dev/random.

  It isn't kosher, nor pretty, but avoids unnecessary service tie-ups.

  The Apache (httpd-2.0) is switching to use  /dev/urandom,  why the
  Cyrus-SASL library could not do the same ?
Comment 1 Nalin Dahyabhai 2003-10-23 18:42:54 UTC 
Fixing for 2.1.15-6.  Thanks!
Comment 2 John Flanagan 2004-05-12 02:22:44 UTC 
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2004-206.html