Remove support for EGD (Entropy Gathering Daemon). Nobody uses this and it only causes issues with LibreSSL.

src/modules/m_stats.c

@@ -1216,8 +1216,6 @@ int stats_set(aClient *sptr, char *para)
 	sendto_one(sptr, ":%s %i %s :anti-spam-quit-message-time: %s", me.name, RPL_TEXT, 
 		sptr->name, pretty_time_val(ANTI_SPAM_QUIT_MSG_TIME));
 	sendto_one(sptr, ":%s %i %s :channel-command-prefix: %s", me.name, RPL_TEXT, sptr->name, CHANCMDPFX ? CHANCMDPFX : "`");
-	sendto_one(sptr, ":%s %i %s :ssl::egd: %s", me.name, RPL_TEXT,
-		sptr->name, EGD_PATH ? EGD_PATH : (USE_EGD ? "1" : "0"));
 	sendto_one(sptr, ":%s %i %s :ssl::certificate: %s", me.name, RPL_TEXT,
 		sptr->name, SSL_SERVER_CERT_PEM);
 	sendto_one(sptr, ":%s %i %s :ssl::key: %s", me.name, RPL_TEXT,

src/random.c

@@ -163,7 +163,6 @@ unsigned char mdbuf[16];
 void init_random()
 {
 struct {
-	char egd[32];			/* from EGD */
 #ifndef _WIN32
 	struct timeval nowt;	/* time */
 	char rnd[32];			/* /dev/urandom */
@@ -181,13 +180,6 @@ MEMORYSTATUS mstat;
 
 	arc4_init();
 
-	/* Grab non-OS specific "random" data */
-#if OPENSSL_VERSION_NUMBER >= 0x000907000 && defined(HAVE_RAND_EGD)
-	if (EGD_PATH) {
-		RAND_query_egd_bytes(EGD_PATH, rdat.egd, sizeof(rdat.egd));
-	}
-#endif
-
 	/* Grab OS specific "random" data */
 #ifndef _WIN32
 	gettimeofday(&rdat.nowt, NULL);

src/s_conf.c

@@ -1344,7 +1344,6 @@ void	free_iConf(aConfiguration *i)
 	safefree(i->channel_command_prefix);
 	safefree(i->oper_snomask);
 	safefree(i->user_snomask);
-	safefree(i->egd_path);
 	safefree(i->static_quit);
 	safefree(i->x_server_cert_pem);
 	safefree(i->x_server_key_pem);
@@ -7083,12 +7082,7 @@ int	_conf_set(ConfigFile *conf, ConfigEntry *ce)
 		}
 		else if (!strcmp(cep->ce_varname, "ssl")) {
 			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
-				if (!strcmp(cepp->ce_varname, "egd")) {
-					tempiConf.use_egd = 1;
-					if (cepp->ce_vardata)
-						tempiConf.egd_path = strdup(cepp->ce_vardata);
-				}
-				else if (!strcmp(cepp->ce_varname, "server-cipher-list"))
+				if (!strcmp(cepp->ce_varname, "server-cipher-list"))
 				{
 					safestrdup(tempiConf.x_server_cipher_list, cepp->ce_vardata);
 				}
@@ -7974,10 +7968,7 @@ int	_test_set(ConfigFile *conf, ConfigEntry *ce)
 		}
 		else if (!strcmp(cep->ce_varname, "ssl")) {
 			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
-				if (!strcmp(cepp->ce_varname, "egd")) {
-					CheckDuplicate(cep, ssl_egd, "ssl::egd");
-				}
-				else if (!strcmp(cepp->ce_varname, "renegotiate-timeout"))
+				if (!strcmp(cepp->ce_varname, "renegotiate-timeout"))
 				{
 					CheckDuplicate(cep, renegotiate_timeout, "ssl::renegotiate-timeout");
 				}

src/ssl.c

@@ -354,17 +354,6 @@ int init_ssl(void)
 
 	SSL_load_error_strings();
 	SSLeay_add_ssl_algorithms();
-	if (USE_EGD) {
-#if OPENSSL_VERSION_NUMBER >= 0x000907000
-		if (!EGD_PATH)
-			RAND_status();
-		else
-
-#else
-		if (EGD_PATH) 
-#endif
-			RAND_egd(EGD_PATH);		
-	}
 	ctx_server = init_ctx_server();
 	if (!ctx_server)
 		return 0;

src/url.c

@@ -115,8 +115,6 @@ static void set_curl_ssl_options(CURL *curl)
 {
 	char buf[512];
 	
-	if (USE_EGD)
-		curl_easy_setopt(curl, CURLOPT_EGDSOCKET, EGD_PATH);
 	curl_easy_setopt(curl, CURLOPT_SSLCERT, SSL_SERVER_CERT_PEM);
 	if (SSLKeyPasswd)
 		curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, SSLKeyPasswd);