egd: delete feature detection and related source code

vszakats · ptitSeb · commit 83c53bc17e06 · 2023-09-25T10:02:50.000+02:00
EGD is Entropy Gathering Daemon, a socket-based entropy source supported by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it a while ago. Its detection in CMake was broken all along because OpenSSL libs were not linked at the point of feature check. Delete detection from both cmake and autotools, along with the related source snippet, and the `--with-egd-socket=` `./configure` option. Closes curl#11556
diff --git a/CMake/Platforms/WindowsCache.cmake b/CMake/Platforms/WindowsCache.cmake
@@ -66,7 +66,6 @@ if(NOT UNIX)
     set(HAVE_GETPWUID 0)
     set(HAVE_GETEUID 0)
     set(HAVE_UTIME 1)
-    set(HAVE_RAND_EGD 0)
     set(HAVE_GMTIME_R 0)
     set(HAVE_GETHOSTBYNAME_R 0)
     set(HAVE_SIGNAL 1)
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -50,7 +50,6 @@
 #
 # The following variables are available:
 #   HAVE_SSL_SET0_WBIO: `SSL_set0_wbio` present in OpenSSL
-#   HAVE_RAND_EGD: `RAND_egd` present in OpenSSL
 #   HAVE_AWSLC: OpenSSL is AWS-LC
 #   HAVE_BORINGSSL: OpenSSL is BoringSSL
 #   HAVE_SSL_CTX_SET_QUIC_METHOD: `SSL_CTX_set_quic_method` present in OpenSSL/wolfSSL
@@ -598,9 +597,6 @@ if(USE_OPENSSL OR USE_WOLFSSL)
   if(NOT DEFINED HAVE_SSL_SET0_WBIO)
     openssl_check_symbol_exists(SSL_set0_wbio "openssl/ssl.h" HAVE_SSL_SET0_WBIO)
   endif()
-  if(NOT DEFINED HAVE_RAND_EGD)
-    openssl_check_symbol_exists(RAND_egd "${CURL_INCLUDES}" HAVE_RAND_EGD)
-  endif()
 endif()
 
 option(USE_NGHTTP2 "Use Nghttp2 library" OFF)
diff --git a/lib/config-amigaos.h b/lib/config-amigaos.h
@@ -40,7 +40,6 @@
 #define HAVE_NETINET_IN_H 1
 #define HAVE_NET_IF_H 1
 #define HAVE_PWD_H 1
-#define HAVE_RAND_EGD 1
 #define HAVE_SELECT 1
 #define HAVE_SETJMP_H 1
 #define HAVE_SIGNAL 1
diff --git a/lib/config-mac.h b/lib/config-mac.h
@@ -77,8 +77,6 @@
 
 #define CURL_DISABLE_LDAP       1
 
-#define HAVE_RAND_EGD           1
-
 #define HAVE_IOCTL_FIONBIO      1
 
 #define SIZEOF_INT              4
diff --git a/lib/config-os400.h b/lib/config-os400.h
@@ -68,9 +68,6 @@
 /* Define this as a suitable file to read random data from */
 #undef RANDOM_FILE
 
-/* Define this to your Entropy Gathering Daemon socket pathname */
-#undef EGD_SOCKET
-
 /* Define to 1 if you have the alarm function. */
 #define HAVE_ALARM 1
 
@@ -143,9 +140,6 @@
 /* Define if you have the <pwd.h> header file. */
 #define HAVE_PWD_H
 
-/* Define if you have the `RAND_egd' function. */
-#undef HAVE_RAND_EGD
-
 /* Define if you have the `select' function. */
 #define HAVE_SELECT
 
diff --git a/lib/config-riscos.h b/lib/config-riscos.h
@@ -66,9 +66,6 @@
 /* Define this as a suitable file to read random data from */
 #undef RANDOM_FILE
 
-/* Define this to your Entropy Gathering Daemon socket pathname */
-#undef EGD_SOCKET
-
 /* Define if you want to enable IPv6 support */
 #undef ENABLE_IPV6
 
@@ -135,9 +132,6 @@
 /* Define if you have the <pwd.h> header file. */
 #undef HAVE_PWD_H
 
-/* Define if you have the `RAND_egd' function. */
-#undef HAVE_RAND_EGD
-
 /* Define if you have the `select' function. */
 #define HAVE_SELECT
 
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
@@ -135,9 +135,6 @@
 /* Use Windows LDAP implementation */
 #cmakedefine USE_WIN32_LDAP 1
 
-/* your Entropy Gathering Daemon socket pathname */
-#cmakedefine EGD_SOCKET ${EGD_SOCKET}
-
 /* Define if you want to enable IPv6 support */
 #cmakedefine ENABLE_IPV6 1
 
@@ -400,9 +397,6 @@
 /* Define to 1 if OpenSSL has the `SSL_set0_wbio` function. */
 #cmakedefine HAVE_SSL_SET0_WBIO 1
 
-/* Define to 1 if you have the `RAND_egd' function. */
-#cmakedefine HAVE_RAND_EGD 1
-
 /* Define to 1 if you have the recv function. */
 #cmakedefine HAVE_RECV 1
 
diff --git a/lib/setup-vms.h b/lib/setup-vms.h
@@ -262,7 +262,6 @@ static struct passwd *vms_getpwuid(uid_t uid)
 #define PKCS12_parse PKCS12_PARSE
 #define RAND_add RAND_ADD
 #define RAND_bytes RAND_BYTES
-#define RAND_egd RAND_EGD
 #define RAND_file_name RAND_FILE_NAME
 #define RAND_load_file RAND_LOAD_FILE
 #define RAND_status RAND_STATUS
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
@@ -996,20 +996,6 @@ static CURLcode ossl_seed(struct Curl_easy *data)
     return CURLE_OK;
 #endif
 
-#if defined(HAVE_RAND_EGD) && defined(EGD_SOCKET)
-  /* available in OpenSSL 0.9.5 and later */
-  /* EGD_SOCKET is set at configure time or not at all */
-  {
-    /* If there's an option and a define, the option overrides the
-       define */
-    int ret = RAND_egd(EGD_SOCKET);
-    if(-1 != ret) {
-      if(rand_enough())
-        return CURLE_OK;
-    }
-  }
-#endif
-
   /* fallback to a custom seeding of the PRNG using a hash based on a current
      time */
   do {
diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4
@@ -259,8 +259,6 @@ if test "x$OPT_OPENSSL" != xno; then
   if test X"$OPENSSL_ENABLED" = X"1"; then
     dnl These can only exist if OpenSSL exists
 
-    AC_CHECK_FUNCS( RAND_egd )
-
     AC_MSG_CHECKING([for BoringSSL])
     AC_COMPILE_IFELSE([
         AC_LANG_PROGRAM([[
@@ -363,16 +361,6 @@ dnl Check for the random seed preferences
 dnl **********************************************************************
 
 if test X"$OPENSSL_ENABLED" = X"1"; then
-  AC_ARG_WITH(egd-socket,
-  AS_HELP_STRING([--with-egd-socket=FILE],
-                 [Entropy Gathering Daemon socket pathname]),
-      [ EGD_SOCKET="$withval" ]
-  )
-  if test -n "$EGD_SOCKET" ; then
-          AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET",
-          [your Entropy Gathering Daemon socket pathname] )
-  fi
-
   dnl Check for user-specified random device
   AC_ARG_WITH(random,
   AS_HELP_STRING([--with-random=FILE],
diff --git a/packages/vms/gnv_conftest.c_first b/packages/vms/gnv_conftest.c_first
@@ -33,7 +33,6 @@ char SSL_connect(void) {return 0;}
 char ENGINE_init(void) {return 0;}
 char RAND_status(void) {return 0;}
 /* char RAND_screen(void) {return 0;} In headers, but not present */
-char RAND_egd(void) {return 0;}
 char CRYPTO_cleanup_all_ex_data(void) {return 0;}
 char SSL_get_shutdown(void) {return 0;}
 char ENGINE_load_builtin_engines (void) {return 0;}
@@ -46,7 +45,6 @@ char ENGINE_load_builtin_engines (void) {return 0;}
 #define ENGINE_init ENGINE_INIT
 #define RAND_status RAND_STATUS
 /* #define RAND_screen RAND_SCREEN */
-#define RAND_egd RAND_EGD
 #define CRYPTO_cleanup_all_ex_data CRYPTO_CLEANUP_ALL_EX_DATA
 #define SSL_get_shutdown SSL_GET_SHUTDOWN
 #define ENGINE_load_builtin_engines ENGINE_LOAD_BUILTIN_ENGINES
diff --git a/scripts/ciconfig.pl b/scripts/ciconfig.pl
@@ -83,7 +83,6 @@
     'zstd' => 1,
     'brotli' => 1,
     'random' => 1,
-    'egd-socket' => 1,
     'ca-bundle' => 1,
     'ca-path' => 1,
     'libssh2' => 1,
