From eakasaka@rodfbs.net  Sun Apr  8 01:33:56 2001
Return-Path: <eakasaka@rodfbs.net>
Received: from dns0.rodfbs.net (dns0.rodfbs.net [210.230.183.227])
	by hub.freebsd.org (Postfix) with ESMTP id DB98937B424
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  8 Apr 2001 01:33:50 -0700 (PDT)
	(envelope-from eakasaka@rodfbs.net)
Received: from v6gw1.rodfbs.net (v6gw1.rodfbs.net [3ffe:505:2014:2:2a0:c9ff:fe97:e164])
	by dns0.rodfbs.net (8.11.3+3.4W/3.7Wpl2+smtpcheck-local-2.34(ayamura)-rodfbs-3.0-00112802) with ESMTP id f388Xht03430
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 8 Apr 2001 17:33:43 +0900 (JST)
	(envelope-from eakasaka@rodfbs.net)
Received: from rodfbs.net (v6gw2.rodfbs.net [2001:268:104:3:2a0:c9ff:fe8a:b3d])
	by v6gw1.rodfbs.net (8.11.3+3.4W/3.7Wpl2+smtpcheck-local-2.34(ayamura)-rodfbs-3.0-00112801) with ESMTP id f388Xh775635
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 8 Apr 2001 17:33:43 +0900 (JST)
	(envelope-from eakasaka@rodfbs.net)
Received: (from eakasaka@localhost)
	by rodfbs.net (8.11.3+3.4W/3.7Wpl2+smtpcheck-local-2.34(ayamura)-rodfbs-3.0-00112805) id f388Xhv69727;
	Sun, 8 Apr 2001 17:33:43 +0900 (JST)
	(envelope-from eakasaka)
Message-Id: <200104080833.f388Xhv69727@rodfbs.net>
Date: Sun, 8 Apr 2001 17:33:43 +0900 (JST)
From: eakasaka@rodfbs.org
Reply-To: eakasaka@rodfbs.org
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: dnssec-keygen command including ports/net/bind9 is not create hmac-md5 key on 4.3-RC
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         26424
>Category:       ports
>Synopsis:       dnssec-keygen command including ports/net/bind9 is not create hmac-md5 key on 4.3-RC
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 08 01:40:01 PDT 2001
>Closed-Date:    Sun Jun 3 21:25:55 PDT 2001
>Last-Modified:  Sun Jun 03 21:26:35 PDT 2001
>Originator:     Eriya Akasaka
>Release:        FreeBSD 4.3-RC i386
>Organization:
Akasaka Research Of Development For Basic Software
>Environment:
System: FreeBSD v6gw0.rodfbs.net 4.3-RC FreeBSD 4.3-RC #0: Sat Apr  7 12:03:34 JST 2001 root@v6gw0.rodfbs.net:/usr/src/sys/compile/MOCO.SMP  i386
ports/net/bind9
bind-9.1.1
>Description:
/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 512 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 1 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

>How-To-Repeat:
/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 512 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 1 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

>Fix:
Maybe this problem  have relation to following known bugs in /usr/local/share/doc/bind9/README.

There are a few known bugs:

FreeBSD prior to 4.2 (and 4.2 if running as non-root)
and OpenBSD prior to 2.8 log messages like
"fcntl(8, F_SETFL, 4): Inappropriate ioctl for device".
This is due to a bug in "/dev/random" and impacts the
server's DNSSEC support.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports->dougb 
Responsible-Changed-By: ijliao 
Responsible-Changed-When: Sat May 19 07:05:52 PDT 2001 
Responsible-Changed-Why:  
over to maintainer 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=26424 
State-Changed-From-To: open->feedback 
State-Changed-By: dougb 
State-Changed-When: Mon May 28 01:22:50 PDT 2001 
State-Changed-Why:  

Can you upgrade to 4.3-RELEASE or -STABLE? We did some last 
minute updates to /dev/random on that branch that hopefully 
will help your situation. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=26424 
State-Changed-From-To: feedback->closed 
State-Changed-By: dougb 
State-Changed-When: Sun Jun 3 21:25:55 PDT 2001 
State-Changed-Why:  

No feedback in one week, we can re-open this if the problem 
is reproducible with 4.3-Stable. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=26424 
>Unformatted:
