On Fri, Apr 17, 2015 at 07:02:21AM +0200, Kaspar Brand wrote:
> I was actually thinking about
>
> Index: acinclude.m4
> ===================================================================
> --- acinclude.m4 (revision 1673835)
> +++ acinclude.m4 (working copy)
> @@ -594,7 +594,7 @@
> liberrors=""
> AC_CHECK_HEADERS([openssl/engine.h])
> AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
> - AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])
> + AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines RAND_egd])
> if test "x$liberrors" != "x"; then
> AC_MSG_WARN([OpenSSL libraries are unusable])
> fi
>
> ... or does that not fit in this case?
>
> Kaspar
Thanks, this work fine. Tested on OpenBSD and Debian.
Index: acinclude.m4
===================================================================
--- acinclude.m4 (revision 1673798)
+++ acinclude.m4 (working copy)
@@ -594,7 +594,7 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[
liberrors=""
AC_CHECK_HEADERS([openssl/engine.h])
AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
- AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])
+ AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines RAND_egd])
if test "x$liberrors" != "x"; then
AC_MSG_WARN([OpenSSL libraries are unusable])
fi
Index: modules/ssl/ssl_engine_rand.c
===================================================================
--- modules/ssl/ssl_engine_rand.c (revision 1673798)
+++ modules/ssl/ssl_engine_rand.c (working copy)
@@ -86,6 +86,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss
nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes);
ssl_util_ppclose(s, p, fp);
}
+#ifdef HAVE_RAND_EGD
else if (pRandSeed->nSrc == SSL_RSSRC_EGD) {
/*
* seed in contents provided by the external
@@ -95,6 +96,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss
continue;
nDone += n;
}
+#endif
else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) {
struct {
time_t t;
