[svn] Implement EGD support.

Submitted by Christian Fraenkel in <005501c17920$1312d440$4a05a8c0@isn>.

src/ChangeLog

@@ -1,3 +1,11 @@
+2001-11-30  Christian Fraenkel  <c.fraenkel@gmx.net>
+
+	* init.c: New command `ssl_egd_sock'.
+
+	* main.c (main): New option `--sslegdsock'.
+
+	* gen_sslfunc.c (ssl_init_prng): Seed the RNG using EGD.
+
 2001-11-29  Hrvoje Niksic  <hniksic@arsdigita.com>
 
 	* cmpt.c (memmove): Include a simple memmove implementation.

src/gen_sslfunc.c

@@ -53,11 +53,13 @@ ssl_init_prng (void)
     {
       char rand_file[256];
       time_t t;
-      pid_t pid;
       long l,seed;
 
       t = time(NULL);
-      pid = getpid();
+      /* gets random data from egd if opt.sslegdsock was set */
+      if (opt.sslegdsock != NULL)
+	RAND_egd(opt.sslegdsock);
+      /* gets the file ~/.rnd or $RANDFILE if set */
       RAND_file_name(rand_file, 256);
       if (rand_file != NULL)
 	{
@@ -66,8 +68,6 @@ ssl_init_prng (void)
 	}
       /* Seed in time (mod_ssl does this) */
       RAND_seed((unsigned char *)&t, sizeof(time_t));
-      /* Seed in pid (mod_ssl does this) */
-      RAND_seed((unsigned char *)&pid, sizeof(pid_t));
       /* Initialize system's random number generator */
       RAND_bytes((unsigned char *)&seed, sizeof(long));
       srand48(seed);

src/init.c

@@ -179,6 +179,7 @@ static struct {
 #ifdef HAVE_SSL
   { "sslcertfile",	&opt.sslcertfile,	cmd_file },
   { "sslcertkey",	&opt.sslcertkey,	cmd_file },
+  { "sslegdsock",	&opt.sslegdsock,	cmd_file },
 #endif /* HAVE_SSL */
   { "timeout",		&opt.timeout,		cmd_time },
   { "timestamping",	&opt.timestamping,	cmd_boolean },

src/main.c

@@ -146,6 +146,7 @@ Logging and input file:\n\
   -B,  --base=URL             prepends URL to relative links in -F -i file.\n\
        --sslcertfile=FILE     optional client certificate.\n\
        --sslcertkey=KEYFILE   optional keyfile for this certificate.\n\
+       --sslegdsock=FILE      socket to the egd daemon(random data source).\n\
 \n"), stdout);
   fputs (_("\
 Download:\n\
@@ -320,6 +321,7 @@ main (int argc, char *const *argv)
 #ifdef HAVE_SSL
     { "sslcertfile", required_argument, NULL, 158 },
     { "sslcertkey", required_argument, NULL, 159 },
+    { "sslegdsock", required_argument, NULL, 166 },
 #endif /* HAVE_SSL */
     { "wait", required_argument, NULL, 'w' },
     { "waitretry", required_argument, NULL, 152 },
@@ -540,6 +542,9 @@ GNU General Public License for more details.\n"));
 	case 159:
 	  setval ("sslcertkey", optarg);
 	  break;
+	case 166:
+	  setval ("sslegdsock", optarg);
+	  break;
 #endif /* HAVE_SSL */
 	case 'A':
 	  setval ("accept", optarg);

src/options.h

@@ -160,6 +160,7 @@ struct options
   char *sslcertkey;		/* the keyfile for this certificate
 				   (if not internal) included in the
 				   certfile. */
+  char *sslegdsock;             /* optional socket of the egd daemon */
 #endif /* HAVE_SSL */
 
   int   cookies;