On Wed, Apr 15, 2015 at 08:43:04PM +0200, Stefan Sperling wrote:
LibreSSL does not provide the RAND_egd() function.
This patch adds a configure check to allow building mod_ssl with LibreSSL.
Updated version following Kaspar Brand's suggestion to move into acinclude.m4.
Index: acinclude.m4
===
--- acinclude.m4(revision 1673798)
+++ acinclude.m4(working copy)
@@ -598,6 +598,11 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[
if test x$liberrors != x; then
AC_MSG_WARN([OpenSSL libraries are unusable])
fi
+ have_rand_egd=no
+ AC_CHECK_LIB(crypto, RAND_egd, [have_rand_egd=yes])
+ if test $have_rand_egd = yes; then
+AC_DEFINE([HAVE_RAND_EGD], [1], [Define if RAND_egd exists.])
+ fi
else
AC_MSG_WARN([OpenSSL version is too old])
fi
Index: modules/ssl/ssl_engine_rand.c
===
--- modules/ssl/ssl_engine_rand.c (revision 1673798)
+++ modules/ssl/ssl_engine_rand.c (working copy)
@@ -86,6 +86,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss
nDone += ssl_rand_feedfp(p, fp, pRandSeed-nBytes);
ssl_util_ppclose(s, p, fp);
}
+#ifdef HAVE_RAND_EGD
else if (pRandSeed-nSrc == SSL_RSSRC_EGD) {
/*
* seed in contents provided by the external
@@ -95,6 +96,7 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ss
continue;
nDone += n;
}
+#endif
else if (pRandSeed-nSrc == SSL_RSSRC_BUILTIN) {
struct {
time_t t;
