+ char rand_file[256];
+ int maxrand = 500;
+
+ /* First, seed from a file specified by the user. This will be
+ $RANDFILE, if set, or ~/.rnd. */
+ RAND_file_name (rand_file, sizeof (rand_file));
+ if (rand_file)
+ /* Seed at most 16k (value borrowed from curl) from random file. */
+ RAND_load_file (rand_file, 16384);
+
+ if (RAND_status ())
+ return;
+
+ /* Get random data from EGD if opt.sslegdsock was set. */
+ if (opt.sslegdsock && *opt.sslegdsock)
+ RAND_egd (opt.sslegdsock);
+
+ if (RAND_status ())
+ return;
+
+#ifdef WINDOWS
+ /* Under Windows, we can try to seed the PRNG using screen content.
+ This may or may not work, depending on whether we'll calling Wget
+ interactively. */
+
+ RAND_screen ();
+ if (RAND_status ())
+ return;
+#endif
+
+ /* Still not enough randomness, presumably because neither random
+ file nor EGD have been available. Use the stupidest possible
+ method -- seed OpenSSL's PRNG with the system's PRNG. This is
+ insecure in the cryptographic sense, but people who care about
+ security will use /dev/random or their own source of randomness
+ anyway. */
+
+ while (RAND_status () == 0 && maxrand-- > 0)
+ {
+ unsigned char rnd = random_number (256);
+ RAND_seed (&rnd, sizeof (rnd));
+ }
+