Bug#448775: Uses too much entropy (Debian Bug #343085)

Florian Weimer fweimer at bfk.de
Fri Jan 4 15:29:03 CET 2008

* Simon Josefsson:

> Ok.  Still, my main question is whether GnuTLS could utilize these hooks
> somehow.  I guess we could have two functions:
> int
> gnutls_set_random_seed_file (const char *filename);
> int
> gnutls_update_random_seed ();
> The first function would have to be called before gnutls_global_init().
> Then exim could invoke the function, to avoid having to call libgcrypt
> directly.

I'm not sure how this applies to Exim, though.  In many interesting
scenarios, we've got a central daemon process.  We could try to grab
an exclusive log on the seed file, and if it succeeds, call
gnutls_set_random_seed_file, and the update function when the daemon
exits.  However, I'm not really sure if this helps much because GNUTLS
isn't run until after a fork, and the library needs to reinitialize
the random pool anyway.

We'd need a separate daemon for that (IIRC, this is what Cryptlib
does).  Or we could fix the kernel.  The latter is hard because it is
kind of difficult to show that there actually is a problem.
Portability considerations favor the daemon approach, too, if you
aren't interested in shifting blame around.

Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

More information about the Gnutls-devel mailing list