[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] Alternate random device for certtool
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [Help-gnutls] Alternate random device for certtool |
Date: |
Sat, 29 Nov 2008 10:21:22 +0200 |
User-agent: |
Thunderbird 2.0.0.18 (X11/20081125) |
Teran McKinney wrote:
> I am using libgcrypt 1.4.3, and I'm quite cetain that all of Gnutls'
> libraries are up to date. Could this possibly a bug with not building
> without Linux capabilities support? I have been testing with Arch
> Linux, and more so, my fork of Arch Linux, Icadyptes. I noticed that
> libgpg-error was out of date (1.6 instead of 1.7), so I updated it and
> rebuilt libgcrypt; this had no effect.
I CC to gcrypt-devel since this might be gcrypt related.
Could it be that newer versions from 1.4.1 ignore the control:
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
I upgraded to gcrypt 1.4.4 and I notice the same delay, and strace shows
that /dev/random is being used even with this flag.
output from gcrypt 1.4.1:
address@hidden:~/cvs/gnutls/src$ time strace certtool -p --outfile
/dev/null 2>&1 | grep random
access("/dev/random", R_OK) = 0
access("/dev/urandom", R_OK) = 0
open("/dev/urandom", O_RDONLY) = 4
real 0m1.220s
user 0m1.136s
sys 0m0.028s
output from gcrypt 1.4.4:
access("/dev/random", R_OK) = 0
access("/dev/urandom", R_OK) = 0
open("/dev/urandom", O_RDONLY) = 4
open("/dev/random", O_RDONLY) = 5
real 0m29.867s
user 0m0.016s
sys 0m0.016s
regards,
Nikos
[Help-gnutls] Re: Alternate random device for certtool, Simon Josefsson, 2008/11/27