Subject: pkg/19275: cyrus-sasl1 is still using /dev/random
To: None <>
From: None <>
List: netbsd-bugs
Date: 12/04/2002 11:36:32
>Number:         19275
>Category:       pkg
>Synopsis:       cyrus-sasl1 is still using  /dev/random
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Dec 04 11:37:00 PST 2002
>Originator:     Ron Roskens
>Release:        NetBSD 1.6
NetBSD 1.6 NetBSD 1.6 (GENERIC) #5: Mon Sep  9 13:08:22 CDT 2002 i386
NetBSD-pkgsrc 12/03/2002
I'm using cyrus-imapd on my mail server with TLS, and periodically my mail client will "hang" when opening a new folder. I've tracked it down to the imapd process reading from /dev/random with not enough entropy in the pool to keep it from sleeping.

This is coming through from cyrus-sasl. In cyrus-sasl, there are patches to acconfig.h which cause it to define DEV_RANDOM to SASL_DEV_RANDOM, but no patches for config.h. 

During the build, the following output is displayed:
cd . && autoheader
WARNING: `autoheader' is missing on your system.  You should only need it if
         you modified `acconfig.h' or `'.  You might want
         to install the `Autoconf' and `GNU m4' packages.  Grab them
         from any GNU archive site.

This is incorrect, as I do have autoconf and automake installed:
# pkg_info -e 'auto*'

A hacky way to get around this is to:
# cd pkgsrc/security/cyrus-sasl
# make configure
# vi work/cyrus-sasl-1.5.27/config.h
  -- change DEV_RANDOM=/dev/urandom
# make install
# cd pkgsrc/security/cyrus-sasl
# make
# cd work/cyrus-sasl-1.5.27
# find . -xdev -type f | xargs grep -l "/dev/random"