PHP :: Bug #71483 :: RAND_egd() check always fails

Bug #71483

RAND_egd() check always fails

Submitted:

2016-01-29 13:07 UTC

Modified:

2017-01-11 08:00 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

jeff at macloue dot com

Assigned:

Status:

Wont fix

Package:

*Compile Issues

PHP Version:

5.6.17

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

[2016-01-29 13:07 UTC] jeff at macloue dot com

Description:
------------
In ./ext/openssl/config0.m4 the check for RAND_egd() function is placed before OpenSSL compile flags are applied. This makes this test fail and RAND_egd() function not used even if it is present.

$ nm -D /usr/lib64/libcrypto.so | grep RAND_egd
00000000000e4340 T RAND_egd
00000000000e4320 T RAND_egd_bytes

$ ./configure --with-openssl
...
$ grep HAVE_RAND_EGD ./main/php_config.h
/* #undef HAVE_RAND_EGD */

A workaround is adding -lcrypto to LDFLAGS:

$ ./configure --with-openssl LDFLAGS=-lcrypto
...
$ grep HAVE_RAND_EGD ./main/php_config.h
#define HAVE_RAND_EGD 1

A possible solution is moving AC_CHECK_FUNCS() call below PHP_SETUP_OPENSSL() (attached)

Patches

php-openssl-rand-egd.patch (last revision 2016-01-29 13:07 UTC by jeff at macloue dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-01-11 08:00 UTC] krakjoe@php.net

-Status: Open +Status: Wont fix

[2017-01-11 08:00 UTC] krakjoe@php.net

Since this patch targets a security fix only branch (and this is only a bug), and since supported branches are not effected by this issue, I'm closing this report.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Apr 28 15:01:32 2025 UTC