prng_init() is failing in 5.24 when cross-compiling with openssl due to
a combination of two reasons:
1. The --with-random configure option is not supported when cross
compiling.
2. The hardcoded /dev/urandom is no longer used if OPENSSL_NO_EGD is not
defined.
The following patch reverts the behaviour to how it was in 5.23, but
probably the --with-random configure option should be supported too.
--- stunnel-5.25.orig/src/ssl.c
+++ stunnel-5.25/src/ssl.c
@@ -207,7 +207,8 @@ NOEXPORT int prng_init(GLOBAL_OPTIONS *g
return 0; /* success */
}
s_log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG");
-#elif !defined(OPENSSL_NO_EGD)
+#else
+#ifndef OPENSSL_NO_EGD
if(global->egd_sock) {
if((bytes=RAND_egd(global->egd_sock))==-1) {
s_log(LOG_WARNING, "EGD Socket %s failed", global->egd_sock);
@@ -220,7 +221,7 @@ NOEXPORT int prng_init(GLOBAL_OPTIONS *g
so no need to check if seeded sufficiently */
}
}
-#else
+#endif
/* try the good-old default /dev/urandom, if available */
totbytes+=add_rand_file(global, "/dev/urandom");
if(RAND_status())