3 files changed, 17 insertions, 4 deletions

diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 66e39991ec..606382dd21 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -87,7 +87,9 @@ extern int rand_predictable;
 
 int RAND_set_rand_method(const RAND_METHOD *meth);
 const RAND_METHOD *RAND_get_rand_method(void);
+#ifndef OPENSSL_NO_ENGINE
 int RAND_set_rand_engine(ENGINE *engine);
+#endif
 RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
 int  RAND_bytes(unsigned char *buf,int num);
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 5cf5dc1188..513e338985 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -60,19 +60,25 @@
 #include <time.h>
 #include "cryptlib.h"
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
+#endif
 
+#ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
 static ENGINE *funct_ref =NULL;
+#endif
 static const RAND_METHOD *default_RAND_meth = NULL;
 
 int RAND_set_rand_method(const RAND_METHOD *meth)
         {
+#ifndef OPENSSL_NO_ENGINE
         if(funct_ref)
                 {
                 ENGINE_finish(funct_ref);
                 funct_ref = NULL;
                 }
+#endif
         default_RAND_meth = meth;
         return 1;
         }
@@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void)
         {
         if (!default_RAND_meth)
                 {
+#ifndef OPENSSL_NO_ENGINE
                 ENGINE *e = ENGINE_get_default_RAND();
                 if(e)
                         {
@@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void)
                 if(e)
                         funct_ref = e;
                 else
+#endif
                         default_RAND_meth = RAND_SSLeay();
                 }
         return default_RAND_meth;
         }
 
+#ifndef OPENSSL_NO_ENGINE
 int RAND_set_rand_engine(ENGINE *engine)
         {
         const RAND_METHOD *tmp_meth = NULL;
@@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine)
         funct_ref = engine;
         return 1;
         }
+#endif
 
 void RAND_cleanup(void)
         {
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index 982074c465..41574768ab 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -124,7 +124,7 @@ int RAND_load_file(const char *file, long bytes)
                         }
                 }
         fclose(in);
-        memset(buf,0,BUFSIZE);
+        OPENSSL_cleanse(buf,BUFSIZE);
 err:
         return(ret);
         }
@@ -189,7 +189,7 @@ int RAND_write_file(const char *file)
 #endif /* OPENSSL_SYS_VMS */
 
         fclose(out);
-        memset(buf,0,BUFSIZE);
+        OPENSSL_cleanse(buf,BUFSIZE);
 err:
         return (rand_err ? -1 : ret);
         }
@@ -203,8 +203,9 @@ const char *RAND_file_name(char *buf, size_t size)
                 s=getenv("RANDFILE");
         if (s != NULL)
                 {
-                strncpy(buf,s,size-1);
-                buf[size-1]='\0';
+                if(strlen(s) >= size)
+                        return NULL;
+                strcpy(buf,s);
                 ret=buf;
                 }
         else