DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40513>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40513 Summary: Seeding PRNG with 0 bytes of entropy Product: Apache httpd-2 Version: 2.3-HEAD Platform: Macintosh OS/Version: Mac OS X 10.4 Status: NEW Severity: normal Priority: P2 Component: mod_ssl AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] I installed apache 2.2 with mod_ssl today on a local computer for development purposes and decided to have a peek at the logs just for fun. When I saw "Seeding PRNG with 0 bytes of entropy" I was amused and at the same time somewhat frightened. Below is a copy of my config file and what follows after that are the relevant log entries for a single fetch of "http://localhost/"; via Safari. =============================================================== =============== ServerRoot "/opt/apache2" Listen 80 Listen 443 User opt-www Group opt-www LoadModule perl_module modules/mod_perl.so LoadModule logio_module modules/mod_logio.so <Directory /> Options None AllowOverride None </Directory> <FilesMatch "^\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> SSLRandomSeed startup file:/dev/random 512 SSLRandomSeed connect file:/dev/random 512 SSLSessionCache shmcb:/opt/apache2/ssl/ssl_scache(512000) SSLSessionCacheTimeout 300 SSLMutex file:/opt/apache2/ssl/ssl_mutex LogLevel info LogFormat "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ssl_log_format LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot /opt/var/www/localhost/htdocs ServerName localhost ServerAlias mini Loglevel debug ErrorLog /opt/var/www/localhost/logs/error_log TransferLog /opt/var/www/localhost/logs/access_log ScriptAlias /cgi-bin/ "/opt/var/www/localhost/cgi-bin/" </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /opt/var/www/localhost-ssl/ssl/server.crt SSLCertificateKeyFile /opt/var/www/localhost-ssl/ssl/server.key ServerAdmin [EMAIL PROTECTED] DocumentRoot /opt/var/www/localhost-ssl/htdocs ServerName localhost ServerAlias mini Loglevel info ErrorLog /opt/var/www/localhost-ssl/logs/error_log TransferLog /opt/var/www/localhost-ssl/logs/access_log CustomLog /opt/var/www/localhost-ssl/logs/ssl_log ssl_log_format <Directory /opt/var/www/localhost-ssl/htdocs> Options Indexes </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> =============================================================== =============== There's no imminent danger since this is just a local dev box but I would like to get to the bottom of this 0 PRNG seed weirdness anyway; just blame human curiosity. (Note: The offending log entry is on the 2nd line of error_log) =============================================================== =============== ==access_log== ::1 - - [14/Sep/2006:12:52:11 -0400] "GET / HTTP/1.1" 200 209 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418.8 (KHTML, like Gecko) Safari/419.3" 569 1359 ::1 - - [14/Sep/2006:12:52:11 -0400] "GET /favicon.ico HTTP/1.1" 200 - "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418.8 (KHTML, like Gecko) Safari/419.3" 320 362 ==error_log== [Thu Sep 14 12:52:11 2006] [info] [client ::1] Connection to child 5 established (server localhost:443) [Thu Sep 14 12:52:11 2006] [info] Seeding PRNG with 0 bytes of entropy [Thu Sep 14 12:52:11 2006] [info] Client requested a 'session-resume' but we have no such session. [Thu Sep 14 12:52:11 2006] [info] Initial (No.1) HTTPS request received for child 5 (server localhost:443) [Thu Sep 14 12:52:11 2006] [info] Subsequent (No.2) HTTPS request received for child 5 (server localhost:443) [Thu Sep 14 12:52:16 2006] [info] [client ::1] (70007)The timeout specified has expired: SSL input filter read failed. [Thu Sep 14 12:52:16 2006] [info] [client ::1] Connection closed to child 5 with standard shutdown (server localhost:443) ==ssl_log== [14/Sep/2006:12:52:11 -0400] ::1 TLSv1 RC4-SHA "GET / HTTP/1.1" 209 [14/Sep/2006:12:52:11 -0400] ::1 TLSv1 RC4-SHA "GET /favicon.ico HTTP/1.1" - =============================================================== =============== -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
