Strange startup problem with Apache 2.0.44

Thu, 27 Feb 2003 10:54:44 -0800 

Dear all,

first the properties of my box: Solaris 7 (hence no /dev/random) and gcc 3.0.1.
I compiled Apache 2.0.44 with the following options:

./configure --prefix=/usr/local/apache-2.0.44-ssl --enable-info --enable-ssl \
--with-egd=/var/adm/entropy

My SSL is 0.9.7a, and /var/adm/entropy is a socket serviced by PRNG (I tested it
with egc.pl and it delivers the desired data, but this is not the problem)

When I try to start the server error_log writes:
[Thu Feb 27 13:24:41 2003] [info] Init: Initializing OpenSSL library
[Thu Feb 27 13:24:41 2003] [info] Init: Seeding PRNG with 0 bytes of entropy
[Thu Feb 27 13:24:41 2003] [warn] Init: PRNG still contains insufficient entropy!
[Thu Feb 27 13:24:41 2003] [info] Init: Generating temporary RSA private keys 
(512/1024 bits)
[Thu Feb 27 13:24:41 2003] [error] Init: Failed to generate temporary 512 bit RSA 
private key
Configuration Failed

The relevant portions of my httpd.conf:
<IfModule mod_ssl.c>
    Include conf/test-ssl.conf
</IfModule>

And in test-ssl.conf:
SSLRandomSeed startup builtin
SSLRandomSeed startup egd:/var/adm/entropy 512
SSLRandomSeed connect builtin
SSLRandomSeed connect egd:/var/adm/entropy 512

The rest is more or less standard. Whatever I write into test-ssl.conf the error
message shown above comes again. Even if I comment out SSL in httpd.conf:
#<IfModule mod_ssl.c>
#    Include conf/test-ssl.conf
#</IfModule>

the same message appears. A truss on the process (with or without outcommented
mod_ssl.c) yields the same:

14566:  open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT
14566:  open("/dev/random", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT
14566:  open("/dev/srandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT

What is happening here? My Solaris box has none of these /dev/*random, but
why are they called when I a) specify /var/adm/entropy and b) even when
I don't want to start SSL at all?


Thank a lot in advance for your input,
Beat
--
Beat M�ller
Institut f�r Elektronik
ETH Z�rich - Schweiz
[EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to