subject:"Bug#456667\: marked as done \(pound\: spends too much time generating SSL keys\)"

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

2020-11-04 Thread Debian Bug Tracking System

Your message dated Thu, 05 Nov 2020 01:53:23 +
with message-id 
and subject line Bug#456667: fixed in pound 3.0-1
has caused the Debian Bug report #456667,
regarding pound: spends too much time generating SSL keys
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
456667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pound
Version: 2.2.7-2
Severity: normal

I noticed that pound was using far more CPU time than the backend
servers behind it, which struck me as strange.

Upon investigation it appears that it regenerates 2 x 11 RSA keys every
300 seconds. On my not too shabby system that takes about 5 seconds, or
20 minutes every day.

Now this may be a good thing security-wise, but I'm not even using pound
for SSL connections!  Only plain HTTP connections go through it. It also
removes entropy from the pool for things that need it, which IMHO is
wasteful.

I modified my local copy to only regenerate every 24 hours, and that's
much better. However, a couple of suggestion came to mind:

- only regenerate keys that have actually been used
- make the regeneration period configurable
- why 11 times? Why not 10, or 12, or 16? Make this configurable?


thanks,
Paul Slootman

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (650, 'testing'), (625, 'stable'), (600, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-rc5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


--- End Message ---
--- Begin Message ---
Source: pound
Source-Version: 3.0-1
Done: Carsten Leonhardt 

We believe that the bug you reported is fixed in the latest version of
pound, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 456...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Carsten Leonhardt  (supplier of updated pound package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 05 Nov 2020 01:45:01 +0100
Source: pound
Architecture: source
Version: 3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Leonhardt 
Changed-By: Carsten Leonhardt 
Closes: 456667 490192 733820 861089
Changes:
 pound (3.0-1) unstable; urgency=medium
 .
   [ Carsten Leonhardt ]
   * New upstream version
 As pound 3.0 was rewritten from scratch, also most Ubuntu bug reports
 no longer apply (LP: #1189764, LP: #1398007, LP: #1639888)
   * Upstream is out of beta, upload to unstable
   * Add debian/NEWS to inform about new configuration format and file name
 .
   [ Debian Janitor ]
   * debian/copyright: use spaces rather than tabs to start continuation lines.
   * Remove obsolete fields Contact, Name from debian/upstream/metadata (already
 present in machine-readable debian/copyright).
   * Fix day-of-week for changelog entries 2.5-1.1, 2.4.3-1, 2.4.2-1, 2.4-2.
 .
 pound (3.0~e-1) experimental; urgency=medium
 .
   * Remove session timeout from default configuration, upstream fixed the
 bug this was a workaround for.
   * Add IPv6 listener to default configuration.
 .
 pound (3.0~d-2) experimental; urgency=medium
 .
   * Add a session timeout to default configuration to work around a bug in
 the upstream code
   * Change listening port to 8008 in default configuration, which
 hopefully is less used
 .
 pound (3.0~d-1) experimental; urgency=medium
 .
   * New experimental upstream version.
 Pound was completely rewritten, most bug reports no longer apply
 (Closes: #861089, #490192, #733820, #456667).
   * Update debian/watch file.
   * Adapt much of the packaging to the new version.
   * Complies with standards version 4.5.0
   * Raise debhelper compat level to 13
   * Run as user "_pound"
Checksums-Sha1:
 2c77cd9d9c0fc5624a802051ef58a474393cce04 2220 pound_3.0-1.dsc
 a6e6d88a119d85378d1a679027ab7a765badac06 75905 pound_3.0.orig.tar.gz
 f9e33e2e41d6bacc3474c24437bdf0ed58121bdf 195 pound_3.0.orig.tar.gz.asc
 fa829aec659dc3004a58e34963e98827c8974bfb 9564 pound_3.0-1.debian.tar.xz
Checksums-Sha256:
 510c92c9cbb34252e5f860f057aab03b4908381bff40dcbb8bdd299d558445eb 2220

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

2020-06-07 Thread Debian Bug Tracking System

Your message dated Sun, 07 Jun 2020 21:33:50 +
with message-id 
and subject line Bug#456667: fixed in pound 3.0~d-1
has caused the Debian Bug report #456667,
regarding pound: spends too much time generating SSL keys
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
456667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pound
Version: 2.2.7-2
Severity: normal

I noticed that pound was using far more CPU time than the backend
servers behind it, which struck me as strange.

Upon investigation it appears that it regenerates 2 x 11 RSA keys every
300 seconds. On my not too shabby system that takes about 5 seconds, or
20 minutes every day.

Now this may be a good thing security-wise, but I'm not even using pound
for SSL connections!  Only plain HTTP connections go through it. It also
removes entropy from the pool for things that need it, which IMHO is
wasteful.

I modified my local copy to only regenerate every 24 hours, and that's
much better. However, a couple of suggestion came to mind:

- only regenerate keys that have actually been used
- make the regeneration period configurable
- why 11 times? Why not 10, or 12, or 16? Make this configurable?


thanks,
Paul Slootman

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (650, 'testing'), (625, 'stable'), (600, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-rc5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


--- End Message ---
--- Begin Message ---
Source: pound
Source-Version: 3.0~d-1
Done: Carsten Leonhardt 

We believe that the bug you reported is fixed in the latest version of
pound, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 456...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Carsten Leonhardt  (supplier of updated pound package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 07 Jun 2020 23:21:44 +0200
Source: pound
Binary: pound pound-dbgsym
Architecture: source amd64
Version: 3.0~d-1
Distribution: experimental
Urgency: medium
Maintainer: Carsten Leonhardt 
Changed-By: Carsten Leonhardt 
Description:
 pound  - reverse proxy, load balancer and HTTPS front-end for Web servers
Closes: 456667 490192 733820 861089
Changes:
 pound (3.0~d-1) experimental; urgency=medium
 .
   * New experimental upstream version.
 Pound was completely rewritten, most bug reports no longer apply
 (Closes: #861089, #490192, #733820, #456667).
   * Update debian/watch file.
   * Adapt much of the packaging to the new version.
   * Complies with standards version 4.5.0
   * Raise debhelper compat level to 13
   * Run as user "_pound"
Checksums-Sha1:
 b38e4986802cf2dae6054df79ce63cd576559c8c 2242 pound_3.0~d-1.dsc
 c8e371d4c120b8195f4b4c8c3072764dab0f6f06 75820 pound_3.0~d.orig.tar.gz
 2d48e21b4ab9273d010780a8261d4d900348e749 195 pound_3.0~d.orig.tar.gz.asc
 6a374f1738023f8936421ea183a6a1259afd3da4 9032 pound_3.0~d-1.debian.tar.xz
 af2d0ee715b2f9c9274ab1c778b4abb5174396af 103108 pound-dbgsym_3.0~d-1_amd64.deb
 d1e5fd149d5df32082ebe8700b22bcdc618ecb28 7187 pound_3.0~d-1_amd64.buildinfo
 c8b82e5384446324f91465bad4363886a102204e 60796 pound_3.0~d-1_amd64.deb
Checksums-Sha256:
 962cadce9d07aed1fa7bd30d9e0f13a5ec13c0591c551a7493acceebff5936e4 2242 
pound_3.0~d-1.dsc
 d99c127b0b233f500b0936f18afdb7cb01c7a0caf9b612430a56a96303379155 75820 
pound_3.0~d.orig.tar.gz
 e9e4bf03ed85126d141d23a0df6c6e884e9caaa1cdcd4a78b51012d78065fae7 195 
pound_3.0~d.orig.tar.gz.asc
 ea2972cf34d6e0dcda4da559d0258f91500b58745fb2cbd7629466d0dee13bd1 9032 
pound_3.0~d-1.debian.tar.xz
 c6f0885fe2e802a1aa25a08ec9b3fd3d15bebff4f90ffefb909d878596f13bda 103108 
pound-dbgsym_3.0~d-1_amd64.deb
 b6fdb9c99e8632a54e8a2a1020bafc9383562c219b32c0ae9ea51effdcef1757 7187 
pound_3.0~d-1_amd64.buildinfo
 fd9c2c753a883d7677cdafb780d989ffe5bcc95eb352bba9748f610e415c7fb6 60796 
pound_3.0~d-1_amd64.deb
Files:
 82f57f1bce560dccb918b1d69b4d651e 2242 net optional pound_3.0~d-1.dsc
 2a9dc5623ad323a8af6792b8a3b69dcc 75820 net optional

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

2018-02-23 Thread Debian Bug Tracking System

Your message dated Sat, 24 Feb 2018 04:36:04 +
with message-id 
and subject line Bug#891248: Removed package(s) from unstable
has caused the Debian Bug report #456667,
regarding pound: spends too much time generating SSL keys
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
456667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pound
Version: 2.2.7-2
Severity: normal

I noticed that pound was using far more CPU time than the backend
servers behind it, which struck me as strange.

Upon investigation it appears that it regenerates 2 x 11 RSA keys every
300 seconds. On my not too shabby system that takes about 5 seconds, or
20 minutes every day.

Now this may be a good thing security-wise, but I'm not even using pound
for SSL connections!  Only plain HTTP connections go through it. It also
removes entropy from the pool for things that need it, which IMHO is
wasteful.

I modified my local copy to only regenerate every 24 hours, and that's
much better. However, a couple of suggestion came to mind:

- only regenerate keys that have actually been used
- make the regeneration period configurable
- why 11 times? Why not 10, or 12, or 16? Make this configurable?


thanks,
Paul Slootman

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (650, 'testing'), (625, 'stable'), (600, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-rc5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


--- End Message ---
--- Begin Message ---
Version: 2.7-1.3+rm

Dear submitter,

as the package pound has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/891248

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

Bug#456667: marked as done (pound: spends too much time generating SSL keys)

3 matches

Site Navigation

Mail list logo

Footer information