[Pkg-gnutls-maint] Bug#412408: Is invoking exit(2) in a library the right thing to do?

Richard Laager rlaager at wiktel.com
Thu Nov 1 15:13:47 UTC 2007


On Mon, 2007-03-05 at 20:33 +0100, Werner Koch wrote:
> On Mon,  5 Mar 2007 19:40, ametzler at downhill.at.eu.org said:
> 
> > in this specific case (libnns-ldap failing due to missing
> > /dev/(u)random devices in early boot when connecting to the ldap
> > server using a ssl protected session.) the only thing actually using
> > gcrypt directly is gnutls.
> 
> You simply can't use gnutls if there is no random source available.
> You should know that right away.

I agree that one should know this right away. That's why something
should return a failure code somewhere. Calling exit() is bad.

This is causing a problem for Pidgin as well. [0] If there's no entropy
device, then you can't use GnuTLS. However, that shouldn't prevent you
from using another protocol which doesn't require SSL, like AIM.
Instead, the entire application aborts with no explanation why. That's
very bad.

Richard

[0] http://developer.pidgin.im/ticket/3798
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20071101/6cab348a/attachment-0001.pgp 


More information about the Pkg-gnutls-maint mailing list