php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75725 ./configure: detecting RAND_egd
Submitted: 2017-12-23 13:17 UTC Modified: 2020-10-14 14:21 UTC
From: dpa-bugs at aegee dot org Assigned:
Status: Closed Package: *Compile Issues
PHP Version: 7.1.12 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dpa-bugs at aegee dot org
New email:
PHP Version: OS:

 

 [2017-12-23 13:17 UTC] dpa-bugs at aegee dot org
Description:
------------
ext/openssl/config0.m4 contains:

  AC_CHECK_FUNCS([RAND_egd])                                                                                                                                                  
  PHP_SETUP_OPENSSL(OPENSSL_SHARED_LIBADD, [AC_DEFINE(HAVE_OPENSSL_EXT,1,[ ])], [AC_MSG_ERROR([OpenSSL check failed. Please check config.log for more information.])])

meaning that ./configure first checks for RAND_egd and then adds -lcrypto to LDFLAGS.  This cannot work in this order, as RAND_egd can only be detected after -lcrypto is passed to the linker.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-02-27 17:11 UTC] dpa-bugs at aegee dot org
Proposed patch:

--- php-7.1.14/ext/openssl/config0.m4.old   2018-01-30 19:05:37.000000000 +0000
+++ php-7.1.14/ext/openssl/config0.m4.new   2018-02-01 18:40:38.340000000 +0000
@@ -19,8 +19,6 @@
     PHP_SETUP_KERBEROS(OPENSSL_SHARED_LIBADD)
   fi
 
-  AC_CHECK_FUNCS([RAND_egd])
-
   PHP_SETUP_OPENSSL(OPENSSL_SHARED_LIBADD, 
   [
     AC_DEFINE(HAVE_OPENSSL_EXT,1,[ ])
@@ -30,4 +28,6 @@
   if test "$PHP_SYSTEM_CIPHERS" != "no"; then
     AC_DEFINE(USE_OPENSSL_SYSTEM_CIPHERS,1,[ Use system default cipher list instead of hardcoded value ])
   fi
+  AC_CHECK_FUNCS([RAND_egd])
 fi
+
 [2020-10-14 14:21 UTC] nikic@php.net
-Status: Open +Status: Verified
 [2020-10-14 14:21 UTC] nikic@php.net
The check is certainly useless as-is. I was wondering why it exists at all, as the docs state:

> RAND_egd() is available since OpenSSL 0.9.5.

Turns out the check was added for LibreSSL compatibility: https://github.com/php/php-src/commit/456f4a78d24a929f5b9d1c064cd9c2ee7a8aaf5a

Which also makes me wonder if we shouldn't just drop the RAND_egd() call entirely, it seems like some rather dubious functionality.
 [2021-11-19 19:33 UTC] dpa-bugs at aegee dot org
See also https://github.com/php/php-src/pull/7668 .
 [2021-11-22 13:23 UTC] git@php.net
Automatic comment on behalf of dilyanpalauzov (author) and cmb69 (committer)
Revision: https://github.com/php/php-src/commit/60fe575ce3d5ad0647d3c12698d0d3fcb0cb8f7b
Log: Fix #75725: ./configure: detecting RAND_egd
 [2021-11-22 13:23 UTC] git@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 12 17:01:31 2024 UTC