On Wed 2008-11-26 19:04:52 -0500, Teran McKinney wrote: > I am using Gnutls 2.6.2, but have had no luck generating certificates > with certtool. I found that it uses /dev/random instead of > /dev/urandom
How are you determining that it uses /dev/random?
I'm using gnutls 2.6.2 from debian's experimental repository, and it
seems to be pulling from /dev/urandom unless i pass it the
--disable-quick-random flag. It does apparently check to make sure
that /dev/random is readable, but it doesn't open the file unless it
needs to:
[EMAIL PROTECTED]:~$ time strace certtool -p --outfile /dev/null 2>&1 | grep
random
access("/dev/random", R_OK) = 0
access("/dev/urandom", R_OK) = 0
open("/dev/urandom", O_RDONLY) = 4
real 0m5.453s
user 0m5.284s
sys 0m0.020s
[EMAIL PROTECTED]:~$ time strace certtool -p --disable-quick-random --outfile
/dev/null 2>&1 | grep random
execve("/usr/bin/certtool", ["certtool", "-p", "--disable-quick-random",
"--outfile", "/dev/null"], [/* 15 vars */]) = 0
access("/dev/random", R_OK) = 0
access("/dev/urandom", R_OK) = 0
open("/dev/urandom", O_RDONLY) = 4
write(2, "This might take several minutes d"..., 88This might take several
minutes depending on availability of randomness in /dev/random.
open("/dev/random", O_RDONLY) = 5
real 1m5.935s
user 0m4.668s
sys 0m0.036s
[EMAIL PROTECTED]:~$ dpkg -l gnutls-bin libgnutls26
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-==============-==============-============================================
ii gnutls-bin 2.6.2-1 the GNU TLS library - commandline utilities
ii libgnutls26 2.6.2-1 the GNU TLS library - runtime library
[EMAIL PROTECTED]:~$
--dkg
pgpFmlnOpLuPp.pgp
Description: PGP signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
