Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BBDF6172B0 for ; Thu, 16 Apr 2015 20:58:42 +0000 (UTC) Received: (qmail 58580 invoked by uid 500); 16 Apr 2015 20:58:42 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 58505 invoked by uid 500); 16 Apr 2015 20:58:42 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 58496 invoked by uid 99); 16 Apr 2015 20:58:42 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 16 Apr 2015 20:58:42 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,UNPARSEABLE_RELAY X-Spam-Check-By: apache.org Received-SPF: error (athena.apache.org: local policy) Received: from [192.109.42.8] (HELO einhorn.in-berlin.de) (192.109.42.8) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 16 Apr 2015 20:58:35 +0000 X-Envelope-From: stsp@apache.org Received: from fintan.stsp.name (fintan.stsp.name [217.197.84.44]) by einhorn.in-berlin.de (8.14.4/8.14.4/Debian-4) with ESMTP id t3GKvoFu015870 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Apr 2015 22:57:52 +0200 Received: from localhost (fintan.stsp.name [local]) by fintan.stsp.name (OpenSMTPD) with ESMTPA id 23924d40; Thu, 16 Apr 2015 22:57:48 +0200 (CEST) Date: Thu, 16 Apr 2015 22:57:48 +0200 From: Stefan Sperling To: dev@httpd.apache.org Cc: Stuart Henderson Subject: Re: check for RAND_egd at configure time Message-ID: <20150416205747.GB9298@fintan.stsp.name> References: <20150415184304.GD15209@fintan.stsp.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150415184304.GD15209@fintan.stsp.name> User-Agent: Mutt/1.5.23 (2014-03-12) X-Virus-Checked: Checked by ClamAV on apache.org On Wed, Apr 15, 2015 at 08:43:04PM +0200, Stefan Sperling wrote: > LibreSSL does not provide the RAND_egd() function. > > This patch adds a configure check to allow building mod_ssl with LibreSSL. Updated version following Kaspar Brand's suggestion to move into acinclude.m4. Index: acinclude.m4 =================================================================== --- acinclude.m4 (revision 1673798) +++ acinclude.m4 (working copy) @@ -598,6 +598,11 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[ if test "x$liberrors" != "x"; then AC_MSG_WARN([OpenSSL libraries are unusable]) fi + have_rand_egd="no" + AC_CHECK_LIB(crypto, RAND_egd, [have_rand_egd="yes"]) + if test "$have_rand_egd" = "yes"; then + AC_DEFINE([HAVE_RAND_EGD], [1], [Define if RAND_egd exists.]) + fi else AC_MSG_WARN([OpenSSL version is too old]) fi Index: modules/ssl/ssl_engine_rand.c =================================================================== --- modules/ssl/ssl_engine_rand.c (revision 1673798) +++ modules/ssl/ssl_engine_rand.c (working copy) @@ -86,6 +86,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes); ssl_util_ppclose(s, p, fp); } +#ifdef HAVE_RAND_EGD else if (pRandSeed->nSrc == SSL_RSSRC_EGD) { /* * seed in contents provided by the external @@ -95,6 +96,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss continue; nDone += n; } +#endif else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) { struct { time_t t;