On Sat, Jul 16, 2005 at 10:37:09PM +0200, Pieter Ennes said:
> Hi list,
>
> For a few days i'm having this problem getting Exim 4.50 to talk TLS on
> a Debian box: The Exim smtp listener process just seems to hang and do
> nothing just after a STARTTLS gets issued by the remote side.
>
> The last few lines of a -d+all listener are:
>
> ---
> 22:19:10 32271 SMTP>> 250-isaac.febe.nl Hello mail.ennes.net [192.168.11.6]
> 22:19:10 32271 250-SIZE 20971520
> 22:19:10 32271 250-STARTTLS
> 22:19:10 32271 250 HELP
> 22:19:10 32271 SMTP<< STARTTLS
> 22:19:10 32271 ---0 Rst 0x81220a0 ** smtp_in.c 800 32800
> 22:19:10 32271 initializing GnuTLS as a server
> 22:19:10 32271 generating 512 bit RSA key...
> ---
>
> And then it just sits there. Even running it with strace doesn't seem to
> show me any activity, so i am guessing that the problem might be GnuTLS
> related. I have created a cert/key with exim-gencert.
>
> Can anyone please point me where to look next?
My guess is you're out of entropy.
cat /proc/sys/kernel/random/entropy_avail
will tell you for sure.
If so, comment out the last line of /etc/cron.daily/exim4-base:
# rm -f /var/spool/exim4/gnutls-params
This is imperfect, but will allow you to keep a working params file
(once you've got enough entropy to generate one in the first place, of
course). You may want to consider changing kernels to one that actually
produces some entropy, as that is the long term (and best) fix. The
advice above is a workaround until that is feasible.
--
--------------------------------------------------------------------------
| Stephen Gran | Drinking coffee for instant relaxation? |
| steve@??? | That's like drinking alcohol for |
| http://www.lobefin.net/~steve | instant motor skills. -- Marc Price |
--------------------------------------------------------------------------