diff --git a/radcli-1.2.7-random.patch b/radcli-1.2.7-random.patch
new file mode 100644
index 0000000..201dac1
--- /dev/null
+++ b/radcli-1.2.7-random.patch
@@ -0,0 +1,29 @@
+diff --git a/lib/sendserver.c b/lib/sendserver.c
+index ac5a35f..dce17f4 100644
+--- a/lib/sendserver.c
++++ b/lib/sendserver.c
+@@ -20,6 +20,11 @@
+ #include "rc-md5.h"
+ #include "rc-hmac.h"
+ 
++#if defined(HAVE_GNUTLS)
++# include <gnutls/gnutls.h>
++# include <gnutls/crypto.h>
++#endif
++
+ #define SCLOSE(fd) if (sfuncs->close_fd) sfuncs->close_fd(fd)
+ 
+ static void rc_random_vector(unsigned char *);
+@@ -338,7 +343,11 @@ static void rc_random_vector(unsigned char *vector)
+ {
+ 	int randno;
+ 	int i;
+-#if defined(HAVE_GETENTROPY)
++#if defined(HAVE_GNUTLS)
++	if (gnutls_rnd(GNUTLS_RND_NONCE, vector, AUTH_VECTOR_LEN) >= 0) {
++		return;
++	}
++#elif defined(HAVE_GETENTROPY)
+ 	if (getentropy(vector, AUTH_VECTOR_LEN) >= 0) {
+ 		return;
+ 	}			/* else fall through */
diff --git a/radcli.spec b/radcli.spec
index 5701b99..96c18d8 100644
--- a/radcli.spec
+++ b/radcli.spec
@@ -1,7 +1,7 @@
 Summary: RADIUS protocol client library
 Name: radcli
 Version: 1.2.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 
 #Breakdown of licenses. Under MIT license:
 # lib/avpair.c, lib/buildreq.c, lib/clientid.c, lib/config.c, lib/dict.c,
@@ -19,6 +19,7 @@ URL: http://radcli.github.io/radcli/
   sed 's/\./_/g')}
 
 Source0: https://github.com/radcli/radcli/releases/download/%{name}_%{myversion}/%{name}-%{version}.tar.gz
+Patch1: radcli-1.2.7-random.patch
 
 #BuildRequires: libtool, automake, autoconf, gettext-devel
 BuildRequires: nettle-devel >= 2.7.1
@@ -52,6 +53,7 @@ and radiusclient-ng.
 
 %prep
 %setup -q
+%patch1 -p1 -b .random
 rm -f lib/md5.c
 sed -i -e 's|sys_lib_dlsearch_path_spec="[^"]\+|& %{_libdir}|g' configure
 
@@ -116,6 +118,9 @@ cp -p %{buildroot}%{_datadir}/%{name}/dictionary %{buildroot}%{_sysconfdir}/%{na
 %{_libdir}/libradiusclient-ng.so
 
 %changelog
+* Mon Jan  2 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.2.7-2
+- Use gnutls' random functions to avoid depending on getentropy entirely (#1409291)
+
 * Mon Dec 19 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.2.7-1
 - New upstream release