[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] set random seed file via gnutls api
From: |
Simon Josefsson |
Subject: |
Re: [gnutls-dev] set random seed file via gnutls api |
Date: |
Fri, 27 Apr 2007 14:00:05 +0200 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.98 (gnu/linux) |
"Peter O'Gorman" <address@hidden> writes:
> Hi,
> We built curl with gnutls support. It works fine, with a caveat:
> % curl --version --random-file /tmp/pogma/foo/a
> Fatal: no entropy gathering module detected
>
> There is no API in gnutls to set the random seed file (there is an api
> in libgcrypt to do so, however). It is unfortunate that on hosts
> without a /dev/random where libgcrypt has been configured to gather
> entropy from a particular socket and that socket is unavailable that
> it exits the application during gnutls library initialization.
Ouch, yes.
> Should curl be using the libgcrypt api directly to avoid this? Or
> ought there be a way to set the random file via gnutls? We're thinking
> the latter.
Yes, if libgcrypt used by GnuTLS needs help to find a random seed file
to work properly, it seems it would make sense for GnuTLS to provide an
API to set it.
/Simon