From ae3c268719b10f2dd20575a1ecc5c0355065daf3 Mon Sep 17 00:00:00 2001
From: hniksic <devnull@localhost>
Date: Thu, 29 Nov 2001 23:39:08 -0800
Subject: [PATCH] [svn] Implement EGD support. Submitted by Christian Fraenkel
 in <005501c17920$1312d440$4a05a8c0@isn>.

---
 src/ChangeLog     | 8 ++++++++
 src/gen_sslfunc.c | 8 ++++----
 src/init.c        | 1 +
 src/main.c        | 5 +++++
 src/options.h     | 1 +
 5 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index defa970e..5f4b2fd3 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,11 @@
+2001-11-30  Christian Fraenkel  <c.fraenkel@gmx.net>
+
+	* init.c: New command `ssl_egd_sock'.
+
+	* main.c (main): New option `--sslegdsock'.
+
+	* gen_sslfunc.c (ssl_init_prng): Seed the RNG using EGD.
+
 2001-11-29  Hrvoje Niksic  <hniksic@arsdigita.com>
 
 	* cmpt.c (memmove): Include a simple memmove implementation.
diff --git a/src/gen_sslfunc.c b/src/gen_sslfunc.c
index 20fd53d7..5ef51050 100644
--- a/src/gen_sslfunc.c
+++ b/src/gen_sslfunc.c
@@ -53,11 +53,13 @@ ssl_init_prng (void)
     {
       char rand_file[256];
       time_t t;
-      pid_t pid;
       long l,seed;
 
       t = time(NULL);
-      pid = getpid();
+      /* gets random data from egd if opt.sslegdsock was set */
+      if (opt.sslegdsock != NULL)
+	RAND_egd(opt.sslegdsock);
+      /* gets the file ~/.rnd or $RANDFILE if set */
       RAND_file_name(rand_file, 256);
       if (rand_file != NULL)
 	{
@@ -66,8 +68,6 @@ ssl_init_prng (void)
 	}
       /* Seed in time (mod_ssl does this) */
       RAND_seed((unsigned char *)&t, sizeof(time_t));
-      /* Seed in pid (mod_ssl does this) */
-      RAND_seed((unsigned char *)&pid, sizeof(pid_t));
       /* Initialize system's random number generator */
       RAND_bytes((unsigned char *)&seed, sizeof(long));
       srand48(seed);
diff --git a/src/init.c b/src/init.c
index 8a76c17a..4d82e095 100644
--- a/src/init.c
+++ b/src/init.c
@@ -179,6 +179,7 @@ static struct {
 #ifdef HAVE_SSL
   { "sslcertfile",	&opt.sslcertfile,	cmd_file },
   { "sslcertkey",	&opt.sslcertkey,	cmd_file },
+  { "sslegdsock",	&opt.sslegdsock,	cmd_file },
 #endif /* HAVE_SSL */
   { "timeout",		&opt.timeout,		cmd_time },
   { "timestamping",	&opt.timestamping,	cmd_boolean },
diff --git a/src/main.c b/src/main.c
index 5dc9bb03..ee9bc7af 100644
--- a/src/main.c
+++ b/src/main.c
@@ -146,6 +146,7 @@ Logging and input file:\n\
   -B,  --base=URL             prepends URL to relative links in -F -i file.\n\
        --sslcertfile=FILE     optional client certificate.\n\
        --sslcertkey=KEYFILE   optional keyfile for this certificate.\n\
+       --sslegdsock=FILE      socket to the egd daemon(random data source).\n\
 \n"), stdout);
   fputs (_("\
 Download:\n\
@@ -320,6 +321,7 @@ main (int argc, char *const *argv)
 #ifdef HAVE_SSL
     { "sslcertfile", required_argument, NULL, 158 },
     { "sslcertkey", required_argument, NULL, 159 },
+    { "sslegdsock", required_argument, NULL, 166 },
 #endif /* HAVE_SSL */
     { "wait", required_argument, NULL, 'w' },
     { "waitretry", required_argument, NULL, 152 },
@@ -540,6 +542,9 @@ GNU General Public License for more details.\n"));
 	case 159:
 	  setval ("sslcertkey", optarg);
 	  break;
+	case 166:
+	  setval ("sslegdsock", optarg);
+	  break;
 #endif /* HAVE_SSL */
 	case 'A':
 	  setval ("accept", optarg);
diff --git a/src/options.h b/src/options.h
index fcbee704..e8cd8fb2 100644
--- a/src/options.h
+++ b/src/options.h
@@ -160,6 +160,7 @@ struct options
   char *sslcertkey;		/* the keyfile for this certificate
 				   (if not internal) included in the
 				   certfile. */
+  char *sslegdsock;             /* optional socket of the egd daemon */
 #endif /* HAVE_SSL */
 
   int   cookies;
-- 
2.39.2