[gnutls-help] Issues with both gnutls 3.3.0 and 3.3.1
Martin Kletzander
mkletzan at redhat.com
Tue Apr 29 18:00:11 CEST 2014
On Mon, Apr 28, 2014 at 07:12:28PM +0200, Nikos Mavrogiannopoulos wrote:
>On Mon, 2014-04-28 at 17:51 +0200, Martin Kletzander wrote:
>
>> I simplified it into a simple checker [1], that you just run without
>> parameters and see the list of open file descriptors.
>> But what I haven't realized earlier is that it only behaves weird when
>> compiled with '-lgnutls', not if compiled without that library. I
>> guess in that case it is unloaded and the FDs are closed properly.
>
>Then that's the expected behavior. Indeed if you compile with -lgnutls
>you'll have /dev/urandom kept open. If I switch this behavior and
>open /dev/urandom only when needed there will be problems in the cases
>where a program chroots to a directory without it (and the current
>behavior of gnutls didn't require /dev/urandom except on
>initialization).
>
I would say that if any gnutls functionality is needed after the
program has started or after any gnutls init function was called, be
my guest, open file descriptors, and so on. But this opinion is
subjective, so I'll see what others think about our code relying on
this. Maybe the reply will be "just fix our code", I don't know.
Thanks for your responses, I won't cross-post in order not to flood
this ML.
Have a nice day,
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20140429/b4763c79/attachment.sig>
More information about the Gnutls-help
mailing list