Bug#285371: exim4-base: gnutls-params missing and not recreated here either

[Stephen Gran]

--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

This one time, at band camp, Stephen Gran said:
> This is essentially a 'me-too' type post, so sorry about that :)
>=20
> I just wanted to let you know it's not isolated.  This is happening on
> two machines I administer as well, and I have had to make the same
> kludge as the OP.  If I can help in any way with debugging, I would be
> happy to.

A little more investigation today shows that both machines that have a
problem with this are also very low on entropy.  They are fairly idle
servers, so perhaps this is why - not enough events or something to
generate the needed entropy.  So perhaps this is an implementation
detail in gnutls, that it blocks on /dev/random?  I am not sure that I
want gnutls to use /dev/urandom at all times, but maybe there is a way
to make a quick-n-dirty key using /dev/urandom if system entropy is low,
and another to do the right thing and block on /dev/random?

I am going to investigate the gnutls sources for a while, but as I am
no cryptographer, I don't expect inspiration.

Thanks,
--=20
 -----------------------------------------------------------------
|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |
 -----------------------------------------------------------------

--4Ckj6UjgE2iN1+kY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFB+/h1SYIMHOpZA44RAuRcAJ9+cUCfnXPGgI4JnO+r46N/MQGYWACeLLgx
BLCw2gdl19BfKZkfVMVkGtQ=
=JP5k
-----END PGP SIGNATURE-----

--4Ckj6UjgE2iN1+kY--