pidgin-otr should interrupt key creation attempt when /dev/random delivers not enough data

Using /dev/random at all for such key generation seems totally inappropriate. Don't bother the user he doesn't care or at least he shouldn't. It breaks every other programm, which really needs highest quality entropy. To understand how severe this issue is, see: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489523

What disturbed me most: This makes enabling a crypto-partition with a key from /dev/random hang. I had this problem when enabling swap. The proper fix was to use /dev/urandom for swap, since /dev/random offers no security advantage. In this particular case.

Is anyone who already knows the code willing to fix this? - Just changing /dev/random into /dev/urandom should be rather easy for anyone.

Fix uploaded to debian as 3.2.0-2

Confirming as this has also been confirmed in Debian. Needs check against Intrepid.

Has been fixed in jaunty:

pidgin-otr (3.2.0-2) unstable; urgency=high

  * Make key generation use /dev/urandom (Closes: #489523)

 -- Thibaut VARENE <email address hidden> Thu, 10 Jul 2008 17:34:32 +0200

There's a regression in karmic.
It seems to be reading from /dev/urandom and /dev/random.

This bug was fixed in the package pidgin-otr - 3.2.0-4ubuntu1

---------------
pidgin-otr (3.2.0-4ubuntu1) karmic; urgency=low

  * otr-plugin.c: Fix: key generation doesn't use /dev/urandom with more recent
    libgcrypt versions (LP: #240640)
  * gtk-dialog.c: Allow to copy the fingerprints from the authentication dialog
    (LP: #310769)

 -- Felix Geyer <email address hidden> Mon, 28 Sep 2009 21:21:55 +0200

This bug still exists on Ubuntu 13.10

 http://sourceforge.net/p/otr/bugs/22/

I also have the problem on Ubuntu 13.10 / Pidgin 2.10.7 / pidgin-otr 4.0.0-1.

Same issue on Manjaro 3.16.7.8-1 / Pidgin-2.10.11-1 / pidgin-otr-4.0.1-2 / synergy-1.6.2.-1. Hung, then finally worked on mouse input after some time.