On Tue, Dec 29, 2009 at 11:19:11AM -0500, Dennis Putnam wrote:
> Hi Wietse,
>
> I am running OS X (10.6.2) but beyond that I don't know what security
> software might interfere as Apple hides a lot from the admin. However,
> as I stated in an earlier reply, TLS seems to be working without that
> parameter. The only thing that gives me pause, is that I get this warning
> in the log for incoming TLS connections:
>
> postfix/tlsmgr[67966]: warning: no entropy source specified with parameter
> tls_random_source
>
I'll look into this when I get a chance to test Postfix on a 10.6
system. It is possible that /dev/urandom does not support poll(2)
with Snow Leopard. Unlike /dev/random, it is a non-blocking device,
so arguably no polling is required, the poll() should always succeed
immediately of course, failing is anti-social.
We may need a new main.cf option to enable blocking reads of the entropy
device, or a new MacOSX-specific compile-time flag to trigger read()
rather than timed_read() of the entropy device.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
