Hi,
We built curl with gnutls and libssh2. It works fine on those hosts
with a /dev/random etc, however on hosts without, and without having
set up prngd on the socket that libgcrypt is expecting entropy we get:

% curl --version
Fatal: no entropy gathering module detected

which is not so pleasant. At the moment, we are thinking that gnutls
should have some api to allow its initialization to fail without
exiting the application.

Also there should be an api in there to allow curl's --random-file
option to work with gnutls. Currently this is only possible if curl
uses the api provided by libgcrypt directly. If this were available we
could at least do `curl --random-file <path> --version' and expect it
to work.

So, my question is, do you agree? Is this a missing feature of gnutls,
or should curl be using the libgcrypt api directly?

I will be posting to the gnutls list asking a similar question :)

Peter
Received on 2007-04-26