Rainer Jung wrote:
Markus Schönhaber wrote:
Just to confirm that I don't get it wrong again: it is to be expected
that the value of RANDFILE is ignored in my case since im using tcnative
1.10?
That's my expectation too.
Fine, thanks.
Regards
mks
On Aug 21, 2007, at 11:26 AM, Markus Schönhaber wrote:
Rainer Jung wrote:
There's an addition in tcnative 1.1.10:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?view=diffrev=524725r1=524724r2=524725
Jim Jagielski wrote:
Well, the comment doesn't seem to match what the code is doing :)
OK, this statement of yours might relativize the impression of dumbness
I have given here a little bit. Or maybe not ;-)
I'm guessing that the problem the patch was trying to solve was
due to the
On Aug 22, 2007, at 11:32 AM, Markus Schönhaber wrote:
2. If tcnative 1.1.10 is used, set the environment variable RANDFILE
to point to some random source which can be accessed without danger of
blocking (for example /dev/urandom) or create a static random file in
the home dir of the user
On Aug 21, 2007, at 10:02 AM, Rainer Jung wrote:
Followup to self:
There's an addition in tcnative 1.1.10:
Looks like this went through further refactoring in:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?r1=524725r2=525163
I just checked HEAD on trunk
Adrian Sutton schrieb:
I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
with a lot of success and just one problem - Tomcat seems to take a
long time to load. I think the problem started when I installed APR/
tomcat native and enabled SSL through it but it's hard to
On 21/08/2007, at 5:39 PM, Markus Schönhaber wrote:
WAG: your APR uses /dev/random as random source which blocks when it
runs out of entropy.
You could re-build APR after you ./configure'd it with
--with-devrandom=/dev/urandom
or you could try Mladen's advice here
Adrian Sutton wrote:
In the end, ~root/.rnd and ~tomcat55/.rnd were both ignored but
setting the RANDFILE environment variable worked. Not sure what it
was defaulting to.
Anyway, everything now starts up lightning fast. Thanks for the help.
I had just re-read Mladen's mail and
Markus Schönhaber wrote:
Does Tomcat start still fast if you do something like
dd if=/dev/random of=/dev/null bs=1
let that run for a couple of seconds and start Tomcat immediately after
interrupting it?
I think that's phrased a bit confusingly. What I tried to say is the
following: If you
-
I had just re-read Mladen's mail and experimented with RANDFILE
myself,
thinking that setting it to /dev/urandom might be the easiest
solution.
I strace'd Tomcat but couldn't find any hint that the value of
RANDFILE
is honored. Since my APR is built to use /dev/urandom I can't be sure,
but
Adrian Sutton wrote:
RANDFILE is definitely honored and it does work well setting it as /
dev/urandom. I've restarted Tomcat a number of times and it stayed
fast, plus:
cat /proc/sys/kernel/random/entropy_avail
consistently returns low values. Generating activity. In fact, with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Schönhaber wrote:
I'll have to find out why for me the value RANDFILE is set to doesn't
seem to have any effect - or, for that matter, whether it really doesn't
have any effect.
Perhaps by configuring with --randfile=/dev/urandom
Markus Schönhaber wrote:
Adrian Sutton wrote:
RANDFILE is definitely honored and it does work well setting it as /
dev/urandom. I've restarted Tomcat a number of times and it stayed
fast, plus:
cat /proc/sys/kernel/random/entropy_avail
consistently returns low values. Generating activity.
Followup to self:
There's an addition in tcnative 1.1.10:
Author: mturk
Date: Sun Apr 1 22:22:42 2007
New Revision: 524725
URL: http://svn.apache.org/viewvc?view=revrev=524725
Log:
In case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init on some
Christopher Schultz wrote:
Markus Schönhaber wrote:
I'll have to find out why for me the value RANDFILE is set to doesn't
seem to have any effect - or, for that matter, whether it really doesn't
have any effect.
Perhaps by configuring with --randfile=/dev/urandom (which it sounds
like you
Rainer Jung wrote:
There's an addition in tcnative 1.1.10:
Author: mturk
Date: Sun Apr 1 22:22:42 2007
New Revision: 524725
URL: http://svn.apache.org/viewvc?view=revrev=524725
Log:
In case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init
Markus Schönhaber wrote:
Rainer Jung wrote:
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
-file = RAND_file_name(buffer, sizeof(buffer));
+return -1;
else if ((n = RAND_egd(file)) 0) {
return n;
}
Didn't check, but
Rainer Jung schrieb:
Let's see: doesn't this *remove* the RAND_file_name() line? Man page of
RAND_file_name() says, that it returns a file for andomness and respects
variable RANDFILE. I neither know the code well, nor did I check now,
if there are other references to RANDFILE. Mladen's
Markus Schönhaber wrote:
Just to confirm that I don't get it wrong again: it is to be expected
that the value of RANDFILE is ignored in my case since im using tcnative
1.10?
That's my expectation too.
-
To start a new topic,
Hi all,
I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
with a lot of success and just one problem - Tomcat seems to take a
long time to load. I think the problem started when I installed APR/
tomcat native and enabled SSL through it but it's hard to pin point
because
20 matches
Mail list logo