Undo the changes I just made. I'm not sure what I was thinking of.

The message to everyone is "Do not hack OpenSSL when stressed"...

Undo the changes I just made. I'm not sure what I was thinking of.
The message to everyone is "Do not hack OpenSSL when stressed"...
f365611c · Richard Levitte · 523c83ec · f365611c · f365611c · f365611c
11 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -4,15 +4,6 @@

 Changes between 0.9.5a and 0.9.6  [xx XXX 2000]

-  *) Add the possibility, through the -egd parameter, to tell the openssl
-     applications that EGD should be used as seeding source, and where
-     the EGD named socket is.
-     [Richard Levitte]
-
-  *) Add the possibility to tell RAND_egd() and RAND_egd_bytes() where
-     the EGD named socket is through the environment variable RANDEGD.
-     [Richard Levitte]
-
  *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
     [Bodo Moeller]


--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -121,7 +121,6 @@
 #include <openssl/dh.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>

 #ifndef NO_DSA
 #include <openssl/dsa.h>
@@ -157,7 +156,7 @@ int MAIN(int argc, char **argv)
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,check=0,noout=0,C=0,ret=1;
 	char *infile,*outfile,*prog;
-	char *inrand=NULL, *inegd=NULL;
+	char *inrand=NULL;
 	int num = 0, g = 0;

 	apps_startup();
@@ -217,11 +216,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			}
 		else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
 			goto bad;
 		argv++;
@@ -247,9 +241,8 @@ bad:
 		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
 		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"               load the file (or the files in the directory) into\n");
+		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"               the random number generator\n");
-		BIO_printf(bio_err," -egd file     load random seed from EGD socket\n");
 		BIO_printf(bio_err," -noout        no output\n");
 		goto end;
 		}
@@ -278,17 +271,13 @@ bad:

 	if(num) {

-		if (!app_RAND_load_file(NULL, bio_err, 1)
-			&& inrand == NULL && inegd == NULL)
+		if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
 			{
 			BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
 			}
 		if (inrand != NULL)
 			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 				app_RAND_load_files(inrand));
-		if (inegd != NULL)
-			BIO_printf(bio_err,"%ld egd bytes loaded\n",
-				RAND_egd(inegd));

 #ifndef NO_DSA
 		if (dsaparam)

--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -69,7 +69,6 @@
 #include <openssl/dsa.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>

 #undef PROG
 #define PROG	dsaparam_main
@@ -95,7 +94,7 @@ int MAIN(int argc, char **argv)
 	int i,badops=0,text=0;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL,*inegd=NULL;
+	char *infile,*outfile,*prog,*inrand=NULL;
 	int numbits= -1,num,genkey=0;
 	int need_rand=0;

@@ -150,12 +149,6 @@ int MAIN(int argc, char **argv)
 			inrand= *(++argv);
 			need_rand=1;
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			need_rand=1;
-			}
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
 		else if (sscanf(*argv,"%d",&num) == 1)
@@ -186,10 +179,7 @@ bad:
 		BIO_printf(bio_err," -text         print the key in text\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -noout        no output\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"               load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"               the random number generator\n");
-		BIO_printf(bio_err," -egd file     load random seed from EGD socket\n");
+		BIO_printf(bio_err," -rand         files to use for random number input\n");
 		BIO_printf(bio_err," number        number of bits to use for generating private key\n");
 		goto end;
 		}
@@ -227,14 +217,10 @@ bad:

 	if (need_rand)
 		{
-		app_RAND_load_file(NULL, bio_err,
-			(inrand != NULL || inegd != NULL));
+		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
 		if (inrand != NULL)
 			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 				app_RAND_load_files(inrand));
-		if (inegd != NULL)
-			BIO_printf(bio_err,"%ld egd bytes loaded\n",
-				RAND_egd(inegd));
 		}

 	if (numbits > 0)

--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -85,7 +85,7 @@ int MAIN(int argc, char **argv)
 	int ret=1,num=DEFBITS;
 	int g=2;
 	char *outfile=NULL;
-	char *inrand=NULL,*inegd=NULL;
+	char *inrand=NULL;
 	BIO *out=NULL;

 	apps_startup();
@@ -115,11 +115,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			}
 		else
 			break;
 		argv++;
@@ -130,13 +125,12 @@ int MAIN(int argc, char **argv)
 bad:
 		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
 		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2        - use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3        - use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5        - use 5 as the generator value\n");
+		BIO_printf(bio_err," -2    use 2 as the generator value\n");
+	/*	BIO_printf(bio_err," -3    use 3 as the generator value\n"); */
+		BIO_printf(bio_err," -5    use 5 as the generator value\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
 		goto end;
 		}
 		
@@ -158,16 +152,13 @@ bad:
 			}
 		}

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
 		{
 		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
 		}
 	if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
-	if (inegd != NULL)
-		BIO_printf(bio_err,"%ld egd bytes loaded\n",
-			RAND_egd(inegd));

 	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
 	BIO_printf(bio_err,"This is going to take a long time\n");

--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -68,7 +68,6 @@
 #include <openssl/dsa.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>

 #define DEFBITS	512
 #undef PROG
@@ -81,7 +80,7 @@ int MAIN(int argc, char **argv)
 	DSA *dsa=NULL;
 	int ret=1;
 	char *outfile=NULL;
-	char *inrand=NULL,*inegd=NULL,*dsaparams=NULL;
+	char *inrand=NULL,*dsaparams=NULL;
 	char *passargout = NULL, *passout = NULL;
 	BIO *out=NULL,*in=NULL;
 	EVP_CIPHER *enc=NULL;
@@ -112,11 +111,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			}
 		else if (strcmp(*argv,"-") == 0)
 			goto bad;
 #ifndef NO_DES
@@ -154,7 +148,6 @@ bad:
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
 		BIO_printf(bio_err," dsaparam-file\n");
 		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
 		goto end;
@@ -195,16 +188,13 @@ bad:
 			}
 		}

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
 		{
 		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
 		}
 	if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
-	if (inegd != NULL)
-		BIO_printf(bio_err,"%ld egd bytes loaded\n",
-			RAND_egd(inegd));

 	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
 							BN_num_bits(dsa->p));

--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -69,7 +69,6 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>

 #define DEFBITS	512
 #undef PROG
@@ -89,7 +88,7 @@ int MAIN(int argc, char **argv)
 	unsigned long f4=RSA_F4;
 	char *outfile=NULL;
 	char *passargout = NULL, *passout = NULL;
-	char *inrand=NULL,*inegd=NULL;
+	char *inrand=NULL;
 	BIO *out=NULL;

 	apps_startup();
@@ -122,11 +121,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			}
 #ifndef NO_DES
 		else if (strcmp(*argv,"-des") == 0)
 			enc=EVP_des_cbc();
@@ -163,7 +157,6 @@ bad:
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"                 the random number generator\n");
-		BIO_printf(bio_err," -egd file       load random seed from EGD socket\n");
 		goto err;
 		}
 		
@@ -185,16 +178,13 @@ bad:
 			}
 		}

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
 		{
 		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
 		}
 	if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
-	if (inegd != NULL)
-		BIO_printf(bio_err,"%ld egd bytes loaded\n",
-			RAND_egd(inegd));

 	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
 		num);

--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -65,7 +65,6 @@
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/pkcs12.h>

 #define PROG pkcs12_main
@@ -117,7 +116,7 @@ int MAIN(int argc, char **argv)
    char *cpass = NULL, *mpass = NULL;
    char *passargin = NULL, *passargout = NULL, *passarg = NULL;
    char *passin = NULL, *passout = NULL;
-    char *inrand = NULL,*inegd=NULL;
+    char *inrand = NULL;

    apps_startup();

@@ -179,11 +178,6 @@ int MAIN(int argc, char **argv)
 			args++;	
 			inrand = *args;
 		    } else badarg = 1;
-		} else if (!strcmp (*args, "-egd")) {
-		    if (args[1]) {
-			args++;	
-			inegd = *args;
-		    } else badarg = 1;
 		} else if (!strcmp (*args, "-inkey")) {
 		    if (args[1]) {
 			args++;	
@@ -275,7 +269,6 @@ int MAIN(int argc, char **argv)
 	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
 	BIO_printf(bio_err,  "              the random number generator\n");
-	BIO_printf(bio_err,  "-egd file     load random seed from EGD socket\n");
    	goto end;
    }

@@ -303,13 +296,10 @@ int MAIN(int argc, char **argv)
    }

    if(export_cert || inrand) {
-    	app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+    	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
        if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
-	if (inegd != NULL)
-		BIO_printf(bio_err,"%ld egd bytes loaded\n",
-			RAND_egd(inegd));
    }
    ERR_load_crypto_strings();


--- a/apps/rand.c
+++ b/apps/rand.c
@@ -15,7 +15,6 @@

 /* -out file         - write to file
 * -rand file:file   - PRNG seed files
- * -egd file         - PRNG seed from EGD named socket
 * -base64           - encode output
 * num               - write 'num' bytes
 */
@@ -27,7 +26,7 @@ int MAIN(int argc, char **argv)
 	int i, r, ret = 1;
 	int badopt;
 	char *outfile = NULL;
-	char *inrand = NULL,*inegd=NULL;
+	char *inrand = NULL;
 	int base64 = 0;
 	BIO *out = NULL;
 	int num = -1;
@@ -56,13 +55,6 @@ int MAIN(int argc, char **argv)
 			else
 				badopt = 1;
 			}
-		else if (strcmp(argv[i], "-egd") == 0)
-			{
-			if ((argv[i+1] != NULL) && (inegd == NULL))
-				inegd = argv[++i];
-			else
-				badopt = 1;
-			}
 		else if (strcmp(argv[i], "-base64") == 0)
 			{
 			if (!base64)
@@ -94,18 +86,14 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err, "where options are\n");
 		BIO_printf(bio_err, "-out file            - write to file\n");
 		BIO_printf(bio_err, "-rand file%cfile%c...  - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-egd file            - seed PRNG from EGD named socket\n");
 		BIO_printf(bio_err, "-base64              - encode output\n");
 		goto err;
 		}

-	app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
 	if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
-	if (inegd != NULL)
-		BIO_printf(bio_err,"%ld egd bytes loaded\n",
-			RAND_egd(inegd));

 	out = BIO_new(BIO_s_file());
 	if (out == NULL)

--- a/apps/req.c
+++ b/apps/req.c
@@ -103,7 +103,6 @@
 * -key file	- make a request using key in file (or use it for verification).
 * -keyform	- key file format.
 * -rand file(s) - load the file(s) into the PRNG.
- * -egd file	- load PRNG seed from EGD named socket.
 * -newkey	- make a key and a request.
 * -modulus	- print RSA modulus.
 * -x509	- output a self signed X509 structure instead.
@@ -157,7 +156,7 @@ int MAIN(int argc, char **argv)
 	char *req_exts = NULL;
 	EVP_CIPHER *cipher=NULL;
 	int modulus=0;
-	char *inrand=NULL,*inegd=NULL;
+	char *inrand=NULL;
 	char *passargin = NULL, *passargout = NULL;
 	char *passin = NULL, *passout = NULL;
 	char *p;
@@ -246,11 +245,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
-		else if (strcmp(*argv,"-egd") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inegd= *(++argv);
-			}
 		else if (strcmp(*argv,"-newkey") == 0)
 			{
 			int is_numeric;
@@ -387,7 +381,6 @@ bad:
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"                load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"                the random number generator\n");
-		BIO_printf(bio_err," -egd file      load random seed from EGD socket\n");
 		BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
 		BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");

@@ -562,9 +555,7 @@ bad:
 		app_RAND_load_file(randfile, bio_err, 0);
 		if (inrand)
 			app_RAND_load_files(inrand);
-		if (inegd)
-			RAND_egd(inegd);
-
+	
 		if (newkey <= 0)
 			{
 			newkey=(int)CONF_get_number(req_conf,SECTION,BITS);

--- a/apps/smime.c
+++ b/apps/smime.c
@@ -63,7 +63,6 @@
 #include "apps.h"
 #include <openssl/crypto.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/err.h>

 #undef PROG
@@ -101,7 +100,7 @@ int MAIN(int argc, char **argv)
 	char *to = NULL, *from = NULL, *subject = NULL;
 	char *CAfile = NULL, *CApath = NULL;
 	char *passargin = NULL, *passin = NULL;
-	char *inrand = NULL,*inegd=NULL;
+	char *inrand = NULL;
 	int need_rand = 0;
 	args = argv + 1;

@@ -151,12 +150,6 @@ int MAIN(int argc, char **argv)
 				inrand = *args;
 			} else badarg = 1;
 			need_rand = 1;
-		} else if (!strcmp(*args,"-egd")) {
-			if (args[1]) {
-				args++;
-				inegd = *args;
-			} else badarg = 1;
-			need_rand = 1;
 		} else if (!strcmp(*args,"-passin")) {
 			if (args[1]) {
 				args++;
@@ -279,7 +272,6 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");
-		BIO_printf(bio_err,  "-egd file      load random seed from EGD socket\n");
 		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
 		goto end;
 	}
@@ -290,13 +282,10 @@ int MAIN(int argc, char **argv)
 	}

 	if (need_rand) {
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
 		if (inrand != NULL)
 			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 				app_RAND_load_files(inrand));
-		if (inegd != NULL)
-			BIO_printf(bio_err,"%ld egd bytes loaded\n",
-				RAND_egd(inegd));
 	}

 	ret = 2;

--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -54,7 +54,6 @@
 *
 */

-#include <stdlib.h>
 #include <openssl/rand.h>

 /* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
@@ -84,17 +83,12 @@ int RAND_egd_bytes(const char *path,int bytes)

 int RAND_egd(const char *path)
 	{
-	const char *s;
 	int ret = -1;
 	struct sockaddr_un addr;
 	int len, num;
 	int fd = -1;
 	unsigned char buf[256];

-	s=getenv("RANDEGD");
-	if (s != NULL)
-		path = s;
-
 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
 	if (strlen(path) > sizeof(addr.sun_path))
@@ -121,17 +115,12 @@ int RAND_egd(const char *path)

 int RAND_egd_bytes(const char *path,int bytes)
 	{
-	const char *s;
 	int ret = 0;
 	struct sockaddr_un addr;
 	int len, num;
 	int fd = -1;
 	unsigned char buf[255];

-	s=getenv("RANDEGD");
-	if (s != NULL)
-		path = s;
-
 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
 	if (strlen(path) > sizeof(addr.sun_path))