1387141 – gnutls: do not call getrandom() on constructor

Bug 1387141 - gnutls: do not call getrandom() on constructor

Summary: gnutls: do not call getrandom() on constructor

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gnutls
Sub Component:
Version:	25
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Nikos Mavrogiannopoulos
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-10-20 08:50 UTC by Nikos Mavrogiannopoulos
Modified:	2016-12-13 13:49 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-12-13 13:49:51 UTC
Type:	Bug
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Nikos Mavrogiannopoulos 2016-10-20 08:50:21 UTC

Description of problem:
GnuTLS initializes its random generator on the library constructor. That has the side effect that applications which load early on boot process may block for significant time even when they wouldn't otherwise use the random generator.

GnuTLS should delay the initialization of the random generator for the moment that cryptographically secure random numbers are really needed.

Comment 1 Nikos Mavrogiannopoulos 2016-10-20 08:50:39 UTC

https://gitlab.com/gnutls/gnutls/merge_requests/111

Comment 2 Nikos Mavrogiannopoulos 2016-12-13 13:49:51 UTC

This was addressed in 3.5.7-1

Note You need to log in before you can comment on or make changes to this bug.