Bug 103378 - sasl server code hung up reading /dev/random
Summary: sasl server code hung up reading /dev/random
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: cyrus-sasl (Show other bugs)
(Show other bugs)
Version: 1.0
Hardware: All Linux
medium
high
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: CambridgeTarget
TreeView+ depends on / blocked
 
Reported: 2003-08-29 15:08 UTC by matti aarnio
Modified: 2007-04-18 16:57 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-05-12 02:22:44 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2004:206 normal SHIPPED_LIVE Updated cyrus-sasl packages available 2004-05-11 04:00:00 UTC

Description matti aarnio 2003-08-29 15:08:05 UTC
Description of problem:
 This is same thing as reported for  httpd  server
 at bug #103049.

 Please don't use  /dev/random  in operational authentication applications.


Version-Release number of selected component (if applicable):
 Current RawHide (or maybe couple weeks old)

How reproducible:
 Always

Steps to Reproduce:
1. Cyrus SASL server code running without any particular configuration
2. Commence authentication exchange with CRAM-MD5
3. Observe process hanging, when  /dev/random  blocks after entropy
   reservoir estimate goes to zero.
    

Actual Results:
  Server process hanging on read() of /dev/random.

Expected Results:
  Successfull authentication.
  (That can be debated about, but not hanging.)


Additional info:

  A dirty fix is what I did for bug #103049, namely cloning
  /dev/urandom  with name  /dev/random.

  It isn't kosher, nor pretty, but avoids unnecessary service tie-ups.

  The Apache (httpd-2.0) is switching to use  /dev/urandom,  why the
  Cyrus-SASL library could not do the same ?

Comment 1 Nalin Dahyabhai 2003-10-23 18:42:54 UTC
Fixing for 2.1.15-6.  Thanks!

Comment 2 John Flanagan 2004-05-12 02:22:44 UTC
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2004-206.html



Note You need to log in before you can comment on or make changes to this bug.