I recently had a problem with a web server mysteriously blocking
sometimes, especially if I would restart it often. As I run somewhat
complex config with mod_perl and other stuff I thought there might be
some compatibility problem, but then I found that it was blocking
on read from /dev/random. I should have known.
As a tip for others: if you seed your random numbers (SSLRandomSeed)
from /dev/random, you risk your server startup and connections
blocking undeterministically when not enough randomness is
available. Just use /dev/urandom and you'll be fine (although you
loose a bit in security).
Actually this problem is more severe on lightly used servers because
idleness provides few sources of randomness.
Perhaps the comments in httpd.conf.default of mod_ssl should clearly
mention the consequences of using /dev/random.
--Sampo
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
