Quoting Philip Hazel (ph10@???):
> > I have succesfully built Exim 4.12 with GnuTLS (0.8.1) but for some
> > reason this Exim is incapable of getting enough entropy no matter what I
> > do on my system, it seems like it doesn't check for new random bytes...
> I suspect you may be the first real user to try Exim with GnuTLS.
> Support for GnuTLS was a very recent addition. I tested it myself, and
> it seemed to work, but I am pretty ignorant about it.
It seems there is nothing wrong with your GnuTLS implementation (I never
implied that either ;)).
On the system I was testing Exim 4.12 with GnuTLS on, I run kernel
2.5.53. I just tested an older 2.4.x kernel and it works with that one.
So it *has* to be the kernel not seeding or not supporting dev/random...
What wonders me is that OpenSSL uses /dev/urandom, and libgcrypt uses
/dev/random by default unless you specify --disable-dev-random at
compile time...
[ exim not creating gnutls.params ] > I don't recall any problems with that on my system (Solaris 8). I
> installed /dev/random so that I could test it, and although it grumbled
> once about lack of entropy (this is a very quiet system), it mostly
> seemed to work.
Yeah. On normal systems there should at least be enough entropy to seed
exim's params file, or any other file for that matter. That's why I was
so amazed by it not getting 300 bytes of data ...
