dnspython-1.7* uses /dev/random which might block on lucid

In case anyone runs into the same problem, I was getting several-minute freezes using python-xmpp (xmpppy), even with a single line program "import xmpp" and nothing else, and this turned out to be the cause.

This looks as if it will have a fairly widespread effect on services
implemented with Python. I've spent some time wondering why
there were periodic long pauses with Trac, not just on the server
but also the admin tool, and just debugged it (in 10.04 server)
to find this cause.

This bug is trivial to fix and affects many people using spectrumctl, which uses python-xmpp internally. Could someone with commit-rights *please* commit the simple attached patch?

Fixed already in Maverick/Natty

Uploaded the change for lucid-proposed. Next a member of the ubuntu-sru team will review this and then (presumably) accept it for testing. In order to test it, we will need a test case. If you could please provide a way to determine if this change is effective, that would help move things along (I know this will be difficult for this bug, but please do your best).

It seems as if the problem does not occur on *all*, but only *most* systems running lucid - presumably systems with not to much entropy, like servers. On affected systems, the command

    python -c "from dns import entropy"

hangs. After applying the above patch, the system no longer hangs.

Accepted dnspython into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Any testers of the lucid-proposed package? As this has been in -proposed for nearly three months, I'll remove the proposed package soon if there is no feedback. Thank you!

The patch works for me, tested on two different lucid machines.

greetings, Mati

This bug was fixed in the package dnspython - 1.7.1-1ubuntu0.1

---------------
dnspython (1.7.1-1ubuntu0.1) lucid-proposed; urgency=low

  * Backport change from 1.8 to use /dev/urandom instead of /dev/random (the
    relevant functions are not meant to be cryptographically secure, so this
    is OK) (LP: #607117)
    - Fix thanks to <email address hidden>
 -- Scott Kitterman <email address hidden> Fri, 05 Nov 2010 07:24:16 -0400

Perdón, NO entiendo nada del idioma INGLES y por ésta causa no sé de que va este correo, lo siento mucho.

> Date: Tue, 25 Jan 2011 10:12:35 +0000
> From: <email address hidden>
> To: <email address hidden>
> Subject: [Bug 607117] Re: dnspython-1.7* uses /dev/random which might block on lucid
>
> The patch works for me, tested on two different lucid machines.
>
> greetings, Mati
>
> --
> You received this bug notification because you are subscribed to Ubuntu
> ubuntu-10.04.2.
> https://bugs.launchpad.net/bugs/607117
>
> Title:
> dnspython-1.7* uses /dev/random which might block on lucid
>
> Status in The Trac Project:
> New
> Status in “dnspython” package in Ubuntu:
> Fix Released
> Status in “dnspython” source package in Lucid:
> Fix Committed
>
> Bug description:
> The python-dnspython package (most specifically, dns/resolver.py at
> line 25-29) uses /dev/random to get random data. I observed that this
> blocks on /some/ machines that have Ubuntu 10.04 installed. It does
> not seem to happen on older versions. This causes the import of
> dns.entropy to block most of the time (but not always).
>
> The solution is to use /dev/urandom instead. Two possible ways to solve this problem:
> 1. Provide a 1.8.0 package in the main repositories - it seems to have the bug fixed and is a maintenance release according to the homepage
> 2. replace '/dev/random' with '/dev/urandom' in entropy.py, line 25. I tested this solution and it no longer causes the import to block.
>
> TEST CASE:
>
> It seems as if the problem does not occur on *all*, but only *most*
> systems running lucid - presumably systems with not to much entropy,
> like servers. On affected systems, the command
>
> python -c "from dns import entropy"
>
> hangs. After applying the above patch, the system no longer hangs.
>
>

SOLO SÉ ESPAÑOL (Only Spanisch)

> Date: Tue, 25 Jan 2011 18:47:53 +0000
> From: <email address hidden>
> To: <email address hidden>
> Subject: RE: [Bug 607117] Re: dnspython-1.7* uses /dev/random which might block on lucid
>
>
> Perdón, NO entiendo nada del idioma INGLES y por ésta causa no sé de que va este correo, lo siento mucho.
>
> > Date: Tue, 25 Jan 2011 10:12:35 +0000
> > From: <email address hidden>
> > To: <email address hidden>
> > Subject: [Bug 607117] Re: dnspython-1.7* uses /dev/random which might block on lucid
> >
> > The patch works for me, tested on two different lucid machines.
> >
> > greetings, Mati
> >
> > --
> > You received this bug notification because you are subscribed to Ubuntu
> > ubuntu-10.04.2.
> > https://bugs.launchpad.net/bugs/607117
> >
> > Title:
> > dnspython-1.7* uses /dev/random which might block on lucid
> >
> > Status in The Trac Project:
> > New
> > Status in “dnspython” package in Ubuntu:
> > Fix Released
> > Status in “dnspython” source package in Lucid:
> > Fix Committed
> >
> > Bug description:
> > The python-dnspython package (most specifically, dns/resolver.py at
> > line 25-29) uses /dev/random to get random data. I observed that this
> > blocks on /some/ machines that have Ubuntu 10.04 installed. It does
> > not seem to happen on older versions. This causes the import of
> > dns.entropy to block most of the time (but not always).
> >
> > The solution is to use /dev/urandom instead. Two possible ways to solve this problem:
> > 1. Provide a 1.8.0 package in the main repositories - it seems to have the bug fixed and is a maintenance release according to the homepage
> > 2. replace '/dev/random' with '/dev/urandom' in entropy.py, line 25. I tested this solution and it no longer causes the import to block.
> >
> > TEST CASE:
> >
> > It seems as if the problem does not occur on *all*, but only *most*
> > systems running lucid - presumably systems with not to much entropy,
> > like servers. On affected systems, the command
> >
> > python -c "from dns import entropy"
> >
> > hangs. After applying the above patch, the system no longer hangs.
> >
> >
>
> --
> You received this bug notification because you are subscribed to Ubuntu
> ubuntu-10.04.2.
> https://bugs.launchpad.net/bugs/607117
>
> Title:
> dnspython-1.7* uses /dev/random which might block on lucid
>
> Status in The Trac Project:
> New
> Status in “dnspython” package in Ubuntu:
> Fix Released
> Status in “dnspython” source package in Lucid:
> Fix Released
>
> Bug description:
> The python-dnspython package (most specifically, dns/resolver.py at
> line 25-29) uses /dev/random to get random data. I observed that this
> blocks on /some/ machines that have Ubuntu 10.04 installed. It does
> not seem to happen on older versions. This causes the import of
> dns.entropy to block most of the time (but not always).
>
> The solution is to use /dev/urandom instead. Two possible ways to solve this problem:
> 1. Provide a 1.8.0 package in the main repositories - it seems to have the bug fixed and is a maintenance release according to the homepage
> 2. replace '/dev...