$OpenBSD: patch-xio-openssl_c,v 1.2 2014/07/12 14:30:20 pascal Exp $
--- xio-openssl.c.orig	Sun Mar  2 20:26:45 2014
+++ xio-openssl.c	Sat Jul 12 16:00:50 2014
@@ -102,7 +102,6 @@ const struct optdesc opt_openssl_key         = { "open
 const struct optdesc opt_openssl_dhparam     = { "openssl-dhparam",     "dh",    OPT_OPENSSL_DHPARAM,     GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
 const struct optdesc opt_openssl_cafile      = { "openssl-cafile",     "cafile", OPT_OPENSSL_CAFILE,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
 const struct optdesc opt_openssl_capath      = { "openssl-capath",     "capath", OPT_OPENSSL_CAPATH,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
-const struct optdesc opt_openssl_egd         = { "openssl-egd",        "egd",    OPT_OPENSSL_EGD,         GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
 const struct optdesc opt_openssl_pseudo      = { "openssl-pseudo",     "pseudo", OPT_OPENSSL_PSEUDO,      GROUP_OPENSSL, PH_SPEC, TYPE_BOOL,     OFUNC_SPEC };
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
 const struct optdesc opt_openssl_compress    = { "openssl-compress",   "compress", OPT_OPENSSL_COMPRESS,  GROUP_OPENSSL, PH_SPEC, TYPE_STRING,   OFUNC_SPEC };
@@ -140,7 +139,7 @@ int xio_reset_fips_mode(void) {
 static void openssl_conn_loginfo(SSL *ssl) {
    Notice1("SSL connection using %s", SSL_get_cipher(ssl));
 
-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
+#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP)
    {
       const COMP_METHOD *comp, *expansion;
 
@@ -697,7 +696,6 @@ int
    char *opt_dhparam = NULL;	/* file name of DH params */
    char *opt_cafile = NULL;	/* certificate authority file */
    char *opt_capath = NULL;	/* certificate authority directory */
-   char *opt_egd = NULL;	/* entropy gathering daemon socket path */
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
    char *opt_compress = NULL;	/* compression method */
 #endif
@@ -716,7 +714,6 @@ int
    retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);
    retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);
    retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);
-   retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);
    retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
    retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);
@@ -796,10 +793,6 @@ int
       }
    }
 
-   if (opt_egd) {
-      sycRAND_egd(opt_egd);
-   }
-
    if (opt_pseudo) {
       long int randdata;
       /* initialize libc random from actual microseconds */
@@ -979,7 +972,7 @@ static int openssl_SSL_ERROR_SSL(int level, const char
    if (e == ((ERR_LIB_RAND<<24)|
 	     (RAND_F_SSLEAY_RAND_BYTES<<12)|
 	     (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {
-      Error("too few entropy; use options \"egd\" or \"pseudo\"");
+      Error("too few entropy; use options \"pseudo\"");
       return STAT_NORETRY;
    } else {
       Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));