On 06/05/2018 11:43 AM, Daniel P. Berrangé wrote:
On Tue, Jun 05, 2018 at 10:45:55AM +0200, Michal Privoznik wrote:
We are building with GnuTLS everywhere because GnuTLS is widely available. In addition after recent patches Libvirt relies on GnuTLS' PRNG.
This second sentance isn't true AFAIK - we still have fallback to /dev/urandom - GNUTLS is merely the first choice.
Okay. But after Peter's patches we do rely on GnuTLS more than ever ;-) I'll reword and resend though. Michal
None the less I think its desirable to make GNUTLS mandatory since it is on all the platforms we care about and I prefer that we can assume a good crypto impl all the time. This mostly frees us from worrying about fallback impls which have higher risk of security problems.
Unfortunately not. Both suid and nss libs build with virhash.c which requires virRandom*(). But this is a bogus dependency and hash tables are not really used (at least in NSS module, did not bother to check for suid lib). So we need a stub for virRandom*(). Michal