Openssl issue

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Openssl issue

Stewart, Larry C Sr CTR DISA JITC (US)
I am running Solaris 10 and I downloaded bind 9.12.3 today and compiled it using the enable threads option, the prefix=/ option and the --without-gost option just as I have in the past when compiling 9.10. The compilation seems to go well but when I run named with -t /nithr -u nithr named fails to start and I get daemon.crit openssl_link.c:296: fatal error:and Openssl pseudorandom number generator cannot be initialized (see the 'PRNG not seeded message in the Openssl FAQ). Then exiting (due to fatal error in library).

My chrooted directory does contain /dev/random

Does anyone have any suggestions on how to overcome this issue?

Larry Stewart, CISSP
Contractor - Jacobs Technology
Network Engineer
Office: 520-538-4227
DSN: 879-4227
Cell phone: 520-227-8251
[hidden email]



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Openssl issue

Howard, Christopher
I had that exact same issue. I had to drop down to 9.11 to get it to work.

-Christopher


On Thu, 2018-11-08 at 18:12 +0000, Stewart, Larry C Sr CTR DISA JT (USA) wrote:
I am running Solaris 10 and I downloaded bind 9.12.3 today and compiled it using the enable threads option, the prefix=/ option and the --without-gost option just as I have in the past when compiling 9.10. The compilation seems to go well but when I run named with -t /nithr -u nithr named fails to start and I get daemon.crit openssl_link.c:296: fatal error:and Openssl pseudorandom number generator cannot be initialized (see the 'PRNG not seeded message in the Openssl FAQ). Then exiting (due to fatal error in library).

My chrooted directory does contain /dev/random

Does anyone have any suggestions on how to overcome this issue?

Larry Stewart, CISSP
Contractor - Jacobs Technology
Network Engineer
Office: 520-538-4227
DSN: 879-4227
Cell phone: 520-227-8251
[hidden email]



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

RE: Openssl issue

Stewart, Larry C Sr CTR DISA JITC (US)
In reply to this post by Stewart, Larry C Sr CTR DISA JITC (US)
Please disregard apparently Openssl does not see the /dev/random in my chroot directory as a valid random provider. So its off to google and oracle to see what it will take to make a valid /dev/random available from within the jail.

Larry Stewart, CISSP
Contractor - Jacobs Technology
Network Engineer
Office: 520-538-4227
DSN: 879-4227
Cell phone: 520-227-8251
[hidden email]


-----Original Message-----
From: Stewart, Larry C Sr CTR DISA JT (USA)
Sent: Thursday, November 8, 2018 11:12 AM
To: bind-users <[hidden email]>
Subject: Openssl issue

I am running Solaris 10 and I downloaded bind 9.12.3 today and compiled it using the enable threads option, the prefix=/ option and the --without-gost option just as I have in the past when compiling 9.10. The compilation seems to go well but when I run named with -t /nithr -u nithr named fails to start and I get daemon.crit openssl_link.c:296: fatal error:and Openssl pseudorandom number generator cannot be initialized (see the 'PRNG not seeded message in the Openssl FAQ). Then exiting (due to fatal error in library).

My chrooted directory does contain /dev/random

Does anyone have any suggestions on how to overcome this issue?

Larry Stewart, CISSP
Contractor - Jacobs Technology
Network Engineer
Office: 520-538-4227
DSN: 879-4227
Cell phone: 520-227-8251
[hidden email]



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

smime.p7s (7K) Download Attachment