+2001-11-30 Christian Fraenkel <c.fraenkel@gmx.net>
+
+ * init.c: New command `ssl_egd_sock'.
+
+ * main.c (main): New option `--sslegdsock'.
+
+ * gen_sslfunc.c (ssl_init_prng): Seed the RNG using EGD.
+
2001-11-29 Hrvoje Niksic <hniksic@arsdigita.com>
* cmpt.c (memmove): Include a simple memmove implementation.
{
char rand_file[256];
time_t t;
- pid_t pid;
long l,seed;
t = time(NULL);
- pid = getpid();
+ /* gets random data from egd if opt.sslegdsock was set */
+ if (opt.sslegdsock != NULL)
+ RAND_egd(opt.sslegdsock);
+ /* gets the file ~/.rnd or $RANDFILE if set */
RAND_file_name(rand_file, 256);
if (rand_file != NULL)
{
}
/* Seed in time (mod_ssl does this) */
RAND_seed((unsigned char *)&t, sizeof(time_t));
- /* Seed in pid (mod_ssl does this) */
- RAND_seed((unsigned char *)&pid, sizeof(pid_t));
/* Initialize system's random number generator */
RAND_bytes((unsigned char *)&seed, sizeof(long));
srand48(seed);
#ifdef HAVE_SSL
{ "sslcertfile", &opt.sslcertfile, cmd_file },
{ "sslcertkey", &opt.sslcertkey, cmd_file },
+ { "sslegdsock", &opt.sslegdsock, cmd_file },
#endif /* HAVE_SSL */
{ "timeout", &opt.timeout, cmd_time },
{ "timestamping", &opt.timestamping, cmd_boolean },
-B, --base=URL prepends URL to relative links in -F -i file.\n\
--sslcertfile=FILE optional client certificate.\n\
--sslcertkey=KEYFILE optional keyfile for this certificate.\n\
+ --sslegdsock=FILE socket to the egd daemon(random data source).\n\
\n"), stdout);
fputs (_("\
Download:\n\
#ifdef HAVE_SSL
{ "sslcertfile", required_argument, NULL, 158 },
{ "sslcertkey", required_argument, NULL, 159 },
+ { "sslegdsock", required_argument, NULL, 166 },
#endif /* HAVE_SSL */
{ "wait", required_argument, NULL, 'w' },
{ "waitretry", required_argument, NULL, 152 },
case 159:
setval ("sslcertkey", optarg);
break;
+ case 166:
+ setval ("sslegdsock", optarg);
+ break;
#endif /* HAVE_SSL */
case 'A':
setval ("accept", optarg);
char *sslcertkey; /* the keyfile for this certificate
(if not internal) included in the
certfile. */
+ char *sslegdsock; /* optional socket of the egd daemon */
#endif /* HAVE_SSL */
int cookies;