3 files changed, 24 insertions, 9 deletions

diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c
index 88088ce73c..b2f04ff13e 100644
--- a/src/lib/libssl/src/crypto/rand/md_rand.c
+++ b/src/lib/libssl/src/crypto/rand/md_rand.c
@@ -476,11 +476,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
                 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
 
 #ifndef PURIFY /* purify complains */
-                /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+                /* The following line uses the supplied buffer as a small
+                 * source of entropy: since this buffer is often uninitialised
+                 * it may cause programs such as purify or valgrind to
+                 * complain. So for those builds it is not used: the removal
+                 * of such a small source of entropy has negligible impact on
+                 * security.
+                 */
                 MD_Update(&m,buf,j);
-                /* We know that line may cause programs such as
-                   purify and valgrind to complain about use of
-                   uninitialized data.  */
 #endif
 
                 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
diff --git a/src/lib/libssl/src/crypto/rand/rand_vms.c b/src/lib/libssl/src/crypto/rand/rand_vms.c
index 1267a3acae..0bfd8ff7e4 100644
--- a/src/lib/libssl/src/crypto/rand/rand_vms.c
+++ b/src/lib/libssl/src/crypto/rand/rand_vms.c
@@ -69,6 +69,17 @@
 # pragma message disable DOLLARID
 #endif
 
+/* Use 32-bit pointers almost everywhere.  Define the type to which to
+ * cast a pointer passed to an external function.
+ */
+#if __INITIAL_POINTER_SIZE == 64
+# define PTR_T __void_ptr64
+# pragma pointer_size save
+# pragma pointer_size 32
+#else /* __INITIAL_POINTER_SIZE == 64 */
+# define PTR_T void *
+#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
 static struct items_data_st
         {
         short length, code;     /* length is amount of bytes */
@@ -125,11 +136,12 @@ int RAND_poll(void)
                 {
                 if (status == SS$_NORMAL)
                         {
-                        RAND_add(data_buffer, total_length, total_length/2);
+                        RAND_add( (PTR_T)data_buffer, total_length,
+                         total_length/2);
                         }
                 }
         sys$gettim(iosb);
-        RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb)/2);
+        RAND_add( (PTR_T)iosb, sizeof(iosb), sizeof(iosb)/2);
         return 1;
 }
 
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c
index 4ed40b7b70..bc7d9c5804 100644
--- a/src/lib/libssl/src/crypto/rand/randfile.c
+++ b/src/lib/libssl/src/crypto/rand/randfile.c
@@ -144,7 +144,9 @@ int RAND_load_file(const char *file, long bytes)
            * I/O because we will waste system entropy. 
            */
           bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
+#ifndef OPENSSL_NO_SETVBUF_IONBF
           setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
+#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
         }
 #endif
         for (;;)
@@ -269,7 +271,6 @@ err:
 const char *RAND_file_name(char *buf, size_t size)
         {
         char *s=NULL;
-        int ok = 0;
 #ifdef __OpenBSD__
         struct stat sb;
 #endif
@@ -298,7 +299,6 @@ const char *RAND_file_name(char *buf, size_t size)
                         BUF_strlcat(buf,"/",size);
 #endif
                         BUF_strlcat(buf,RFILE,size);
-                        ok = 1;
                         }
                 else
                         buf[0] = '\0'; /* no file name */
@@ -312,7 +312,7 @@ const char *RAND_file_name(char *buf, size_t size)
          * to something hopefully decent if that isn't available. 
          */
 
-        if (!ok)
+        if (!buf[0])
                 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
                         return(NULL);
                 }