Loading ...
Sorry, an error occurred while loading the content.

Re: Random Source Parameter Error

Expand Messages
  • Victor Duchovni
    ... Got the 10.6.2 system up and running mostly. The stock Postfix that comes from Apple has: # postconf -d mail_version tls_random_source mail_version = 2.5.5
    Message 1 of 19 , Dec 29, 2009
    • 0 Attachment
      On Tue, Dec 29, 2009 at 11:35:09AM -0500, Victor Duchovni wrote:

      > I'll look into this when I get a chance to test Postfix on a 10.6
      > system. It is possible that /dev/urandom does not support poll(2)
      > with Snow Leopard. Unlike /dev/random, it is a non-blocking device,
      > so arguably no polling is required, the poll() should always succeed
      > immediately of course, failing is anti-social.

      Got the 10.6.2 system up and running mostly. The stock Postfix that
      comes from Apple has:

      # postconf -d mail_version tls_random_source
      mail_version = 2.5.5
      tls_random_source =

      When I build Postfix from Macports, I get a 2.6.2 build, which also
      defaults to:

      tls_random_source =

      however, setting:

      tls_random_source = dev:/dev/urandom

      works just fine, no noise in the mail log. Looking at tlsmgr(8) with
      "dtruss" shows, Postfix 2.6.2 using select() for timed read.

      open("/dev/urandom\0", 0x0, 0x0) = 7 0
      geteuid(0x100305D1D, 0x100303144, 0x0) = 0 0
      getegid(0x100305D1D, 0x100303144, 0x0) = 0 0
      geteuid(0x1B, 0x1B, 0x0) = 0 0
      setegid(0x1B, 0x1B, 0x0) = 0 0
      setgroups(0x1, 0x7FFF5FBFFB5C, 0x0) = 0 0
      seteuid(0x1B, 0x7FFF5FBFFB5C, 0x0) = 0 0
      stat64("/var/lib/postfix-test\0", 0x7FFF5FBFFA90, 0x74) = 0 0
      open("/var/lib/postfix-test/prng_exch\0", 0x202, 0x180) = 8 0
      geteuid(0x0, 0x0, 0xFC080) = 27 0
      seteuid(0x0, 0x0, 0x0) = 0 0
      setegid(0x0, 0x0, 0x0) = 0 0
      setgroups(0x1, 0x7FFF5FBFFB5C, 0x0) = 0 0
      setgid(0x1B, 0x10030587C, 0x100305890) = 0 0
      initgroups(0x6, 0x7FFF5FBFFB30, 0x1B) = 0 0
      setuid(0x1B, 0x6, 0x0) = 0 0
      select(0x8, 0x7FFF5FBFF940, 0x0, 0x7FFF5FBFF8C0, 0x7FFF5FBFF9C0) = 2 0
      read(0x7, "\341\26103[E\201\221\215\353\260j\207\017\244\031\v\002\n\354\364\374\206+\201\363\2636\031J\205\355\0", 0x20) = 32 0

      The OP's problem is most likely specific to Apple's build of 2.5.5, where
      timed_read() uses poll() but /dev/urandom does not cooperate...

      --
      Viktor.

      Disclaimer: off-list followups get on-list replies or get ignored.
      Please do not ignore the "Reply-To" header.

      To unsubscribe from the postfix-users list, visit
      http://www.postfix.org/lists.html or click the link below:
      <mailto:majordomo@...?body=unsubscribe%20postfix-users>

      If my response solves your problem, the best way to thank me is to not
      send an "it worked, thanks" follow-up. If you must respond, please put
      "It worked, thanks" in the "Subject" so I can delete these quickly.
    Your message has been successfully submitted and would be delivered to recipients shortly.