Bug 1387141

Summary: gnutls: do not call getrandom() on constructor
Product: [Fedora] Fedora Reporter: Nikos Mavrogiannopoulos <nmavrogi>
Component: gnutlsAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 25CC: nmavrogi, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-12-13 13:49:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Nikos Mavrogiannopoulos 2016-10-20 08:50:21 UTC 
Description of problem:
GnuTLS initializes its random generator on the library constructor. That has the side effect that applications which load early on boot process may block for significant time even when they wouldn't otherwise use the random generator.

GnuTLS should delay the initialization of the random generator for the moment that cryptographically secure random numbers are really needed.
Comment 1 Nikos Mavrogiannopoulos 2016-10-20 08:50:39 UTC 
https://gitlab.com/gnutls/gnutls/merge_requests/111
Comment 2 Nikos Mavrogiannopoulos 2016-12-13 13:49:51 UTC 
This was addressed in 3.5.7-1