[Bug 1043815] New: No RAND_egd() available from openssl required by mailx
http://bugzilla.suse.com/show_bug.cgi?id=1043815 Bug ID: 1043815 Summary: No RAND_egd() available from openssl required by mailx Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: All OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: werner@suse.com QA Contact: qa-bugs@suse.de CC: tchvatal@suse.com, vcizek@suse.com Depends on: 1042663 Blocks: 1042629 Found By: --- Blocker: --- mailx depend on RAND_egd() +++ This bug was initially created as a clone of Bug #1042663 +++ The package fails to build with openssl-1.1. For more information see the blocker bug. Currently tested in Staging:I https://rudin.suse.de:8894/package/live_build_log/openSUSE:Factory:Staging:I... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1043815
Dr. Werner Fink
http://bugzilla.suse.com/show_bug.cgi?id=1043815
http://bugzilla.suse.com/show_bug.cgi?id=1043815#c1
--- Comment #1 from Tomáš Chvátal
http://bugzilla.suse.com/show_bug.cgi?id=1043815
http://bugzilla.suse.com/show_bug.cgi?id=1043815#c2
Marcus Meissner
http://bugzilla.suse.com/show_bug.cgi?id=1043815
http://bugzilla.suse.com/show_bug.cgi?id=1043815#c3
--- Comment #3 from Dr. Werner Fink
I would suggest not to to call this function, but use the generic RAND_ functions.
Hmmm ... the code is there and the variable ssl-rand-egd is well known for many mailx users ssl-rand-egd Gives the pathname to an entropy daemon socket, see RAND_egd(3). ssl-rand-file Gives the pathname to a file with entropy data, see RAND_load_file(3). If the file is a regular file writable by the invoking user, new data is written to it after it has been loaded. Only applicable if SSL/TLS support is built using OpenSSL. in meanwhile I'm using this if ((cp = value("ssl-rand-egd")) != NULL) { cp = expand(cp); #ifndef OPENSSL_NO_EGD if (RAND_egd(cp) == -1) #else if (1) #endif { fprintf(stderr, catgets(catd, CATSET, 245, "entropy daemon at \"%s\" not available\n"), cp); } else state = 1; ... is there any replacement for RAND_egd(3)? -- You are receiving this mail because: You are on the CC list for the bug.
... is there any replacement for RAND_egd(3)? The support for entropy gathering daemon is now disabled at build time. Loading entropy from external sources is possible with RAND_load_file, which mailx utilizes with the ssl-rand-file option. Besides that, OpenSSL relies on the kernel (getrandom(2), /dev/urandom) as the
http://bugzilla.suse.com/show_bug.cgi?id=1043815
http://bugzilla.suse.com/show_bug.cgi?id=1043815#c4
--- Comment #4 from Vítězslav Čížek
http://bugzilla.suse.com/show_bug.cgi?id=1043815
http://bugzilla.suse.com/show_bug.cgi?id=1043815#c5
Vítězslav Čížek
participants (1)
-
bugzilla_noreply@novell.com