From 838192f8ad369f99d66f8dfd690aa2c89f34b2ba Mon Sep 17 00:00:00 2001
From: "Steffen (Daode) Nurpmeso" <sdaoden@users.sf.net>
Date: Mon, 26 May 2014 15:51:32 +0200
Subject: [PATCH] OpenBSD dropped RAND_egd() support, check that

---
 mk-conf.sh | 12 +++++++++++-
 nail.1     |  2 ++
 openssl.c  |  7 +++++--
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/mk-conf.sh b/mk-conf.sh
index 434bc215..ffb7645a 100644
--- a/mk-conf.sh
+++ b/mk-conf.sh
@@ -838,7 +838,7 @@ int main(void)
 
    if [ "${have_openssl}" = 'yes' ]; then
       compile_check stack_of 'for OpenSSL STACK_OF()' \
-         '#define HAVE_STACK_OF' << \!
+         '#define HAVE_OPENSSL_STACK_OF' << \!
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/x509v3.h>
@@ -853,6 +853,16 @@ int main(void)
 }
 !
 
+      link_check rand_egd 'for OpenSSL RAND_egd()' \
+         '#define HAVE_OPENSSL_RAND_EGD' '-lssl -lcrypto' << \!
+#include <openssl/rand.h>
+
+int main(void)
+{
+   return RAND_egd("some.where") > 0;
+}
+!
+
       if wantfeat MD5; then
          run_check openssl_md5 'for MD5 digest in OpenSSL' \
          '#define HAVE_OPENSSL_MD5' << \!
diff --git a/nail.1 b/nail.1
index 30c1ac45..69ffc921 100644
--- a/nail.1
+++ b/nail.1
@@ -3957,6 +3957,8 @@ for a specific account.
 .It Va ssl-rand-egd
 \*(OP Gives the pathname to an entropy daemon socket, see
 .Xr RAND_egd 3 .
+Note that (as of 2014) not all OpenSSL installations include this
+functionality.
 .It Va ssl-rand-file
 \*(OP Gives the pathname to a file with entropy data, see
 .Xr RAND_load_file 3 .
diff --git a/openssl.c b/openssl.c
index 17cd5788..dfb51062 100644
--- a/openssl.c
+++ b/openssl.c
@@ -67,7 +67,7 @@ EMPTY_FILE(openssl)
  * Pravir Chandra: Network Security with OpenSSL. Sebastopol, CA 2002.
  */
 
-#ifdef HAVE_STACK_OF
+#ifdef HAVE_OPENSSL_STACK_OF
 # define _STACKOF(X)    STACK_OF(X)
 #else
 # define _STACKOF(X)    /*X*/STACK
@@ -165,13 +165,16 @@ _ssl_rand_init(void)
    int state = 0;
    NYD_ENTER;
 
+#ifdef HAVE_OPENSSL_RAND_EGD
    if ((cp = ok_vlook(ssl_rand_egd)) != NULL) {
       if ((x = file_expand(cp)) == NULL || RAND_egd(cp = x) == -1)
          fprintf(stderr, tr(245, "entropy daemon at \"%s\" not available\n"),
             cp);
       else
          state = 1;
-   } else if ((cp = ok_vlook(ssl_rand_file)) != NULL) {
+   } else
+#endif
+   if ((cp = ok_vlook(ssl_rand_file)) != NULL) {
       if ((x = file_expand(cp)) == NULL || RAND_load_file(cp = x, 1024) == -1)
          fprintf(stderr, tr(246, "entropy file at \"%s\" not available\n"), cp);
       else {
-- 
2.11.4.GIT