Processing commands for [EMAIL PROTECTED]:
reassign 489523 pidgin-otr
Bug#489523: key generation uses too much entropy from /dev/random
Bug reassigned from package `libgcrypt11' to `pidgin-otr'.
tag 489523 pending
Bug#489523: key generation uses too much entropy from /dev/random
There were no
reassign 489523 pidgin-otr
tag 489523 pending
severity 489523 important
thanks
Re-reassigning, setting proper severity (after all it takes a
particular crafting of things to break keygen, most users didn't
complain!) and mark as pending, I'm gonna upload a package with
attached patch from Ian!
tags 489523 help moreinfo
thanks
Hi
I'm not sure this is an actual bug in pidgin-otr (nor libotr, for that
matter). AFAICT (but I don't know the code that much), it uses
libgcrypt's keygen procedures... I'm CC'ing OTR upstream to get some
feedback there.
Thanks
Thibaut
On Sun, Jul 6, 2008 at
On Wed, Jul 09, 2008 at 01:13:55PM +0200, Thibaut VARENE wrote:
tags 489523 help moreinfo
thanks
Hi
I'm not sure this is an actual bug in pidgin-otr (nor libotr, for that
matter). AFAICT (but I don't know the code that much), it uses
libgcrypt's keygen procedures... I'm CC'ing OTR
Processing commands for [EMAIL PROTECTED]:
reassign 489523 libgcrypt
Bug#489523: pidgin-otr: key generation uses too much entropy from /dev/random
Warning: Unknown package 'libgcrypt'
Bug reassigned from package `pidgin-otr' to `libgcrypt'.
tags 489523 - moreinfo help
Bug#489523: pidgin-otr
reassign 489523 libgcrypt
tags 489523 - moreinfo help
thanks
On Wed, Jul 9, 2008 at 2:57 PM, Ian Goldberg [EMAIL PROTECTED] wrote:
I know. It's annoying. libgcrypt has no way I can see to specify the
source of randomness for key generation (unlike every other use of
random numbers). It
I'm not a pidgin-otr user (yet), but some random comments:
What kind of key is generated here? If it is a long-term private key
(RSA etc) then using /dev/random is likely the right thing.
Generally, I agree that it would be useful to speed up the randomness
process.
Btw, consider doing
On Wed, Jul 09, 2008 at 03:15:45PM +0200, Thibaut VARENE wrote:
reassign 489523 libgcrypt
tags 489523 - moreinfo help
thanks
On Wed, Jul 9, 2008 at 2:57 PM, Ian Goldberg [EMAIL PROTECTED] wrote:
I know. It's annoying. libgcrypt has no way I can see to specify the
source of randomness
Package: pidgin-otr
Version: 3.1.0-1
Severity: critical
Justification: breaks unrelated software
*** Please type your report below this line ***
Steps to reproduce:
1) eat up all available entrophy:
1.1) dd if=/dev/random of=/dev/null
1.2) assuming dd is your first job: kill -9 %1
2) Generate an
9 matches
Mail list logo