[gnutls-dev] Re: gnutls_rsa_params_init hangs. Is regenerating rsa-params once a day to frequent?
ametzler at downhill.at.eu.org
Wed Dec 15 08:11:00 CET 2004
On 2004-12-14 Simon Josefsson <jas at extundo.com> wrote:
> Andreas Metzler <ametzler at downhill.at.eu.org> writes:
> > gnutls_rsa_params_generate2(rsa_params, 512);
> > got stuck on his system, waiting indefinitely for new data to appear
> > in /dev/random.
> > I am a little bit at loss on how to deal with this. Is "once a day"
> > too frequent as a default value?
> I don't think so.
[hopes for the future]
> > Is exim faulty for running gnutls_rsa_params_generate2 while handling
> > an incoming connection? (Not faulty as in in "not optimal" but as in
> > "the stupiest idea I've ever heard of, everybody using gnutls seriously
> > knows that you put running gnutls_rsa_params_generate2 in a separate
> > little thread/program")
> I wouldn't say faulty, but as you suggest, it may be sub-optimal. You
> could have a stand-alone program that generate dh/rsa parameters, save
> the data to a file and ask the main process to re-load its data. Or
> use a separate thread.
Thanks for the information. This should be easy to do, as exim's
processes are short lived there is no need for complicated
communication, asking proccesses to reload data.
thanks, cu andreas
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
More information about the Gnutls-devel