On Aug 21, 2007, at 10:02 AM, Rainer Jung wrote:
Followup to self:
There's an addition in tcnative 1.1.10:
Looks like this went through further refactoring in:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?r1=524725&r2=525163
I just checked HEAD on trunk
On Aug 22, 2007, at 11:32 AM, Markus Schönhaber wrote:
2. If tcnative < 1.1.10 is used, set the environment variable RANDFILE
to point to some random source which can be accessed without danger of
blocking (for example /dev/urandom) or create a static random file in
the home dir of the user Tomc
Jim Jagielski wrote:
> Well, the comment doesn't seem to match what the code is doing :)
OK, this statement of yours might relativize the impression of dumbness
I have given here a little bit. Or maybe not ;-)
> I'm guessing that the problem the patch was trying to solve was
> due to the /dev/ra
On Aug 21, 2007, at 11:26 AM, Markus Schönhaber wrote:
Rainer Jung wrote:
There's an addition in tcnative 1.1.10:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?view=diff&rev=524725&r1=524724&r2=524725
=
Rainer Jung wrote:
> Markus Schönhaber wrote:
>> Just to confirm that I don't get it wrong again: it is to be expected
>> that the value of RANDFILE is ignored in my case since im using tcnative
>> 1.10?
>
> That's my expectation too.
Fine, thanks.
Regards
mks
---
Markus Schönhaber wrote:
Just to confirm that I don't get it wrong again: it is to be expected
that the value of RANDFILE is ignored in my case since im using tcnative
1.10?
That's my expectation too.
-
To start a new topic,
Rainer Jung schrieb:
> Let's see: doesn't this *remove* the RAND_file_name() line? Man page of
> RAND_file_name() says, that it returns a file for andomness and respects
> variable RANDFILE. I neither know the code well, nor did I check now,
> if there are other references to RANDFILE. Mladen
Markus Schönhaber wrote:
Rainer Jung wrote:
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
-file = RAND_file_name(buffer, sizeof(buffer));
+return -1;
else if ((n = RAND_egd(file)) > 0) {
return n;
}
Didn't check, but th
Rainer Jung wrote:
> There's an addition in tcnative 1.1.10:
>
> Author: mturk
> Date: Sun Apr 1 22:22:42 2007
> New Revision: 524725
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=524725
> Log:
> In case we don't specify the global randFile use like mod_ssl does with
> builtin. This fixes
Christopher Schultz wrote:
> Markus Schönhaber wrote:
>> I'll have to find out why for me the value RANDFILE is set to doesn't
>> seem to have any effect - or, for that matter, whether it really doesn't
>> have any effect.
>
> Perhaps by configuring with --randfile=/dev/urandom (which it sounds
>
Followup to self:
There's an addition in tcnative 1.1.10:
Author: mturk
Date: Sun Apr 1 22:22:42 2007
New Revision: 524725
URL: http://svn.apache.org/viewvc?view=rev&rev=524725
Log:
In case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init on some p
Markus Schönhaber wrote:
Adrian Sutton wrote:
RANDFILE is definitely honored and it does work well setting it as /
dev/urandom. I've restarted Tomcat a number of times and it stayed
fast, plus:
cat /proc/sys/kernel/random/entropy_avail
consistently returns low values. Generating activity. In
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Schönhaber wrote:
> I'll have to find out why for me the value RANDFILE is set to doesn't
> seem to have any effect - or, for that matter, whether it really doesn't
> have any effect.
Perhaps by configuring with --randfile=/dev/urandom
Adrian Sutton wrote:
> RANDFILE is definitely honored and it does work well setting it as /
> dev/urandom. I've restarted Tomcat a number of times and it stayed
> fast, plus:
> cat /proc/sys/kernel/random/entropy_avail
> consistently returns low values. Generating activity. In fact, with
> hi
I had just re-read Mladen's mail and experimented with RANDFILE
myself,
thinking that setting it to /dev/urandom might be the easiest
solution.
I strace'd Tomcat but couldn't find any hint that the value of
RANDFILE
is honored. Since my APR is built to use /dev/urandom I can't be sure,
but i
Markus Schönhaber wrote:
> Does Tomcat start still fast if you do something like
> dd if=/dev/random of=/dev/null bs=1
> let that run for a couple of seconds and start Tomcat immediately after
> interrupting it?
I think that's phrased a bit confusingly. What I tried to say is the
following: If yo
Adrian Sutton wrote:
> In the end, ~root/.rnd and ~tomcat55/.rnd were both ignored but
> setting the RANDFILE environment variable worked. Not sure what it
> was defaulting to.
>
> Anyway, everything now starts up lightning fast. Thanks for the help.
I had just re-read Mladen's mail and expe
On 21/08/2007, at 5:39 PM, Markus Schönhaber wrote:
WAG: your APR uses /dev/random as random source which blocks when it
runs out of entropy.
You could re-build APR after you ./configure'd it with
--with-devrandom=/dev/urandom
or you could try Mladen's advice here
http://marc.info/?l=tomcat-user&
Adrian Sutton schrieb:
> I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
> with a lot of success and just one problem - Tomcat seems to take a
> long time to load. I think the problem started when I installed APR/
> tomcat native and enabled SSL through it but it's hard t
Hi all,
I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
with a lot of success and just one problem - Tomcat seems to take a
long time to load. I think the problem started when I installed APR/
tomcat native and enabled SSL through it but it's hard to pin point
because t
20 matches
Mail list logo
