diff --git a/CHANGES b/CHANGES
index 8ec710732e81b219de43779718dbd6fe7a8f0158..5cd0db830038d5eb68bd71e66cf8772f585ff8bd 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Precautions against using the PRNG uninitialized: RAND_bytes() now
+     has a return value which indicated the quality of the random data
+     (1 = ok, 0 = not seeded).
+     [Ulf Möller]
+
   *) Do more iterations of Rabin-Miller probable prime test (specifically,
      3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
      instead of only 2 for all lengths; see BN_prime_checks definition
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 57305c7273b5b271665a0d9d29e0453b2849d1d8..f4f596a481073327c9332171b1f608a32ea2f3da 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -75,6 +75,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
 	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
 static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
 	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+
 BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,
 	     BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)
 	{
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 91b8e34ae65b364c03ed333c5f181ed6840c7aca..b567b43a6ff96ecd8b925b8a0d791f674db419dd 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -81,9 +81,10 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
 
 	/* make a random number and set the top and bottom bits */
 	time(&tim);
-	RAND_seed(&tim,sizeof(tim));
+	RAND_add(&tim,sizeof(tim),0);
 
-	RAND_bytes(buf,(int)bytes);
+	if (RAND_bytes(buf,(int)bytes) <= 0)
+		goto err;
 	if (top)
 		{
 		if (bit == 0)
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 8810d838c64f02a270c7bdba8ab21248b833633a..8baa53c40d26ccf7cca50681fbb04331671cc3c8 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -100,6 +100,7 @@ static ERR_STRING_DATA ERR_str_libraries[]=
 {ERR_PACK(ERR_LIB_PKCS7,0,0)		,"PKCS7 routines"},
 {ERR_PACK(ERR_LIB_X509V3,0,0)		,"X509 V3 routines"},
 {ERR_PACK(ERR_LIB_PKCS12,0,0)		,"PKCS12 routines"},
+{ERR_PACK(ERR_LIB_RAND,0,0)		,"random number generator"},
 {0,NULL},
 	};
 
diff --git a/crypto/err/err.h b/crypto/err/err.h
index 9411fb3568e5c4cd33b3549484abb04dcd4dd89e..44ddc78ec3efd2680ab7762a3a56df538f868e27 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -122,6 +122,7 @@ typedef struct err_state_st
 #define ERR_LIB_PKCS7		33
 #define ERR_LIB_X509V3		34
 #define ERR_LIB_PKCS12		35
+#define ERR_LIB_RAND		36
 
 #define ERR_LIB_USER		128
 
@@ -149,6 +150,7 @@ typedef struct err_state_st
 #define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
 #define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)
 #define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__)
+#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index ad820227d24602fc99fcd23322725706c923c855..a6f6447a73744a92b0ab0b15cc635ba68adb9b09 100644
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -116,5 +116,6 @@ void ERR_load_crypto_strings(void)
 	ERR_load_CRYPTO_strings();
 	ERR_load_PKCS7_strings();
 	ERR_load_PKCS12_strings();
+	ERR_load_RAND_strings();
 #endif
 	}
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index c2a8acff0c1e63b5a9db2b9804cdf487c1e32cb6..a3f3989c12e25a34487438fcdb34c612b2d79590 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -21,6 +21,7 @@ L PKCS12	crypto/pkcs12/pkcs12.h		crypto/pkcs12/pk12err.c
 L RSAREF	rsaref/rsaref.h			rsaref/rsar_err.c
 L SSL		ssl/ssl.h			ssl/ssl_err.c
 L COMP		crypto/comp/comp.h		crypto/comp/comp_err.c
+L RAND		crypto/rand/rand.h		crypto/rand/rand_err.c
 
 
 F RSAREF_F_RSA_BN2BIN
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 396862767f3ddb3dd305990ba53a32044772858c..595716284340be088b5aab3a3644cc695fd8bfe8 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -267,8 +267,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
 		return NULL;
 	}
 	p8->pkey->type = V_ASN1_OCTET_STRING;
-	RAND_seed (p8->pkey->value.octet_string->data,
-					 p8->pkey->value.octet_string->length);
+	RAND_add(p8->pkey->value.octet_string->data,
+		 p8->pkey->value.octet_string->length, 0);
 	return p8;
 }
 
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index 09b46f4b0e1045e35489f2e30dadc315aad4b557..7966545e21db6ce1d1b518abd68962918bce7360 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -73,7 +73,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
 	int i;
 	
 	if (npubk <= 0) return(0);
-	RAND_bytes(key,EVP_MAX_KEY_LENGTH);
+	if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) == -1) return(0);
 	if (type->iv_len > 0)
 		RAND_bytes(iv,type->iv_len);
 
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index bb2597b92109d3e4d41d2dd519c3af58d3b81a75..449a1fe9849c9aaa2381f1880de784ad938b9c61 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -378,7 +378,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 #endif
 			kstr=(unsigned char *)buf;
 			}
-		RAND_seed(data,i);/* put in the RSA key. */
+		RAND_add(data,i,0);/* put in the RSA key. */
 		RAND_bytes(iv,8);	/* Generate a salt */
 		/* The 'iv' is used as the iv and as a salt.  It is
 		 * NOT taken from the BytesToKey function */
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index fa0159ee1d52ab394e29e1f4de2630bd28ce4551..78355c9387fed46b575418a2943f4cfbef679a4d 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -161,7 +161,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		BIO_get_cipher_ctx(btmp, &ctx);
 		keylen=EVP_CIPHER_key_length(evp_cipher);
 		ivlen=EVP_CIPHER_iv_length(evp_cipher);
-		RAND_bytes(key,keylen);
+		if (RAND_bytes(key,keylen) <= 0)
+			goto err;
 		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
 		if (ivlen > 0) RAND_bytes(iv,ivlen);
 		EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
index 76bfdfeae5b65814171af41f53046b4fac9d11ab..41190f5f46bc85950b37a27daf6585c49650e404 100644
--- a/crypto/rand/Makefile.ssl
+++ b/crypto/rand/Makefile.ssl
@@ -22,8 +22,8 @@ TEST= randtest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o
 
 SRC= $(LIBSRC)
 
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 98ad429c68a0a75fdf8acdb1df0c2792ed712eb5..d727fff9243d6efc57b74994ab3fc5b458fe1690 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,6 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
+#define ENTROPY_NEEDED 32  /* require 128 bits of randomness */
+
 #ifndef MD_RAND_DEBUG
 # ifndef NDEBUG
 #   define NDEBUG
@@ -70,6 +72,7 @@
 #include "openssl/e_os.h"
 
 #include <openssl/crypto.h>
+#include <openssl/err.h>
 
 #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
 #if !defined(NO_SHA) && !defined(NO_SHA1)
@@ -135,17 +138,20 @@ static int state_num=0,state_index=0;
 static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
+static int entropy=0;
 
 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_bytes(unsigned char *buf, int num);
+static void ssleay_rand_add(const void *buf, int num, int entropy);
+static int ssleay_rand_bytes(unsigned char *buf, int num);
 
 RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
 	ssleay_rand_bytes,
 	ssleay_rand_cleanup,
+	ssleay_rand_add,
 	}; 
 
 RAND_METHOD *RAND_SSLeay(void)
@@ -161,9 +167,10 @@ static void ssleay_rand_cleanup(void)
 	memset(md,0,MD_DIGEST_LENGTH);
 	md_count[0]=0;
 	md_count[1]=0;
+	entropy=0;
 	}
 
-static void ssleay_rand_seed(const void *buf, int num)
+static void ssleay_rand_add(const void *buf, int num, int add)
 	{
 	int i,j,k,st_idx;
 	long md_c[2];
@@ -276,11 +283,18 @@ static void ssleay_rand_seed(const void *buf, int num)
 #ifndef THREADS	
 	assert(md_c[1] == md_count[1]);
 #endif
+	entropy += add;
+	}
+
+static void ssleay_rand_seed(const void *buf, int num)
+	{
+	ssleay_rand_add(buf, num, num);
 	}
 
-static void ssleay_rand_bytes(unsigned char *buf, int num)
+static int ssleay_rand_bytes(unsigned char *buf, int num)
 	{
 	int i,j,k,st_num,st_idx;
+	int ok;
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	MD_CTX m;
@@ -299,7 +313,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 
 	for (i=0; i<num; i++)
 		buf[i]=val++;
-	return;
+	return(1);
 	}
 #endif
 
@@ -326,15 +340,15 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 		/* put in some default random data, we need more than
 		 * just this */
-		RAND_seed(&m,sizeof(m));
+		RAND_add(&m,sizeof(m),0);
 #ifndef GETPID_IS_MEANINGLESS
 		l=curr_pid;
-		RAND_seed(&l,sizeof(l));
+		RAND_add(&l,sizeof(l),0);
 		l=getuid();
-		RAND_seed(&l,sizeof(l));
+		RAND_add(&l,sizeof(l),0);
 #endif
 		l=time(NULL);
-		RAND_seed(&l,sizeof(l));
+		RAND_add(&l,sizeof(l),0);
 
 #ifdef DEVRANDOM
 		/* 
@@ -365,6 +379,8 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 		init=0;
 		}
 
+	ok = (entropy >= ENTROPY_NEEDED);
+
 	st_idx=state_index;
 	st_num=state_num;
 	md_c[0] = md_count[0];
@@ -426,6 +442,13 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	memset(&m,0,sizeof(m));
+	if (ok)
+		return(1);
+	else
+		{
+		RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
+		return(0);
+		}
 	}
 
 #ifdef WINDOWS
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index fd8ee38366f0b9df32b2c543ebe0d3023acb3c40..35a3bb6e10101d40f6b5dfaeaa1861686507dcc5 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -66,24 +66,41 @@ extern "C" {
 typedef struct rand_meth_st
 	{
 	void (*seed)(const void *buf, int num);
-	void (*bytes)(unsigned char *buf, int num);
+	int (*bytes)(unsigned char *buf, int num);
 	void (*cleanup)(void);
+	void (*add)(const void *buf, int num, int entropy);
 	} RAND_METHOD;
 
 void RAND_set_rand_method(RAND_METHOD *meth);
 RAND_METHOD *RAND_get_rand_method(void );
 RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
-void RAND_bytes(unsigned char *buf,int num);
+int  RAND_bytes(unsigned char *buf,int num);
 void RAND_seed(const void *buf,int num);
+void RAND_add(const void *buf,int num,int entropy);
 int  RAND_load_file(const char *file,long max_bytes);
 int  RAND_write_file(const char *file);
 char *RAND_file_name(char *file,int num);
 #ifdef WINDOWS
 void RAND_screen(void);
 #endif
+void	ERR_load_RAND_strings(void);
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
+/* Error codes for the RAND functions. */
+
+/* Function codes. */
+#define RAND_F_SSLEAY_RAND_BYTES			 100
+
+/* Reason codes. */
+#define RAND_R_PRNG_NOT_SEEDED				 100
+
 #ifdef  __cplusplus
 }
 #endif
-
 #endif
+
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
new file mode 100644
index 0000000000000000000000000000000000000000..a5b2814d34354b8c25b7f788b19ff592c7213da0
--- /dev/null
+++ b/crypto/rand/rand_err.c
@@ -0,0 +1,93 @@
+/* crypto/rand/rand_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA RAND_str_functs[]=
+	{
+{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),	"ssleay_rand_bytes"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA RAND_str_reasons[]=
+	{
+{RAND_R_PRNG_NOT_SEEDED                  ,"prng not seeded"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_RAND_strings(void)
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+#ifndef NO_ERR
+		ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
+		ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
+#endif
+
+		}
+	}
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 0f96e166e530a9fb8027a43c87a2115803df6ec7..3cdba48ba8470cba6cb1635ec08c54d4d0a8e48e 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -89,9 +89,16 @@ void RAND_seed(const void *buf, int num)
 		rand_meth->seed(buf,num);
 	}
 
-void RAND_bytes(unsigned char *buf, int num)
+void RAND_add(const void *buf, int num, int entropy)
 	{
 	if (rand_meth != NULL)
-		rand_meth->bytes(buf,num);
+		rand_meth->add(buf,num,entropy);
+	}
+
+int RAND_bytes(unsigned char *buf, int num)
+	{
+	if (rand_meth != NULL)
+		return rand_meth->bytes(buf,num);
+	return(-1);
 	}
 
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 942a963e836976b8c8c91f1f985501e9d9070977..97c3ece53565bf353ae8407e8fc54e858799bb6e 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -91,7 +91,7 @@ int RAND_load_file(const char *file, long bytes)
 
 	i=stat(file,&sb);
 	/* If the state fails, put some crap in anyway */
-	RAND_seed(&sb,sizeof(sb));
+	RAND_add(&sb,sizeof(sb),0);
 	ret+=sizeof(sb);
 	if (i < 0) return(0);
 	if (bytes <= 0) return(ret);
@@ -104,7 +104,7 @@ int RAND_load_file(const char *file, long bytes)
 		i=fread(buf,1,n,in);
 		if (i <= 0) break;
 		/* even if n != i, use the full array */
-		RAND_seed(buf,n);
+		RAND_add(buf,n,i);
 		ret+=i;
 		bytes-=n;
 		if (bytes <= 0) break;
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 843c40c86408d2d3976fbb92b5dbcfb61c67673b..1465c01f4f44053c7912bb51bb6d75dedb92a379 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -50,7 +50,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
 	   emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
     db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
     memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
-    RAND_bytes(seed, SHA_DIGEST_LENGTH);
+    if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
+    	return (0);
 #ifdef PKCS_TESTVECT
     memcpy(seed,
 	   "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index f0ae51f234ebf9650d51a4a3fc9e322cba88bb2e..b35eb626824e2f7dc49af7e3a3e4e61698e23340 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -155,12 +155,14 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
 	/* pad out with non-zero random data */
 	j=tlen-3-flen;
 
-	RAND_bytes(p,j);
+	if (RAND_bytes(p,j) <= 0)
+		return(0);
 	for (i=0; i<j; i++)
 		{
 		if (*p == '\0')
 			do	{
-				RAND_bytes(p,1);
+				if (RAND_bytes(p,1) <= 0)
+					return(0);
 				} while (*p == '\0');
 		p++;
 		}
diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
index 1050844f8d2bb4a4188435ed8bb44853b6b43395..83dfc80c1d77cb309316830c6a305ff046904b9f 100644
--- a/crypto/rsa/rsa_ssl.c
+++ b/crypto/rsa/rsa_ssl.c
@@ -82,12 +82,14 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
 	/* pad out with non-zero random data */
 	j=tlen-3-8-flen;
 
-	RAND_bytes(p,j);
+	if (RAND_bytes(p,j) <= 0)
+		return(0);
 	for (i=0; i<j; i++)
 		{
 		if (*p == '\0')
 			do	{
-				RAND_bytes(p,1);
+				if (RAND_bytes(p,1) <= 0)
+					return(0);
 				} while (*p == '\0');
 		p++;
 		}
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index 326aeca34844c16fc6af80840da58f6ba4b7b2be..6167093dd2d4172d77689b4e9bc72b9bc59e35e5 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -76,7 +76,7 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),	"X509_ATTRIBUTE_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),	"X509_ATTRIBUTE_create_by_OBJ"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_IGET_DATA,0),	"X509_ATTRIBUTE_iget_data"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0),	"X509_ATTRIBUTE_iset_data"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0),	"X509_ATTRIBUTE_ISET_DATA"},
 {ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 299d2ae5d28ef9a29cbf1ec4d568ed11a9a2801b..6db98e92f51c857964292922812f98f64c74240c 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -102,7 +102,7 @@ int ssl23_connect(SSL *s)
 	int ret= -1;
 	int new_state,state;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 3aec65dd4f398fb837043a2b6a555a67eaacbec1..371789715d4ac369ebd3a4f63bb3f297ff9d8740 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -101,7 +101,7 @@ int ssl23_accept(SSL *s)
 	int ret= -1;
 	int new_state,state;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index b0a656740ce79c8661b4417a2f5df0ba3f020fb4..01ef9a7f76c8f8ed5ed32855fee0ec11ae138960 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -108,7 +108,7 @@ int ssl2_connect(SSL *s)
 	void (*cb)()=NULL;
 	int new_state,state;
 
-	RAND_seed(&l,sizeof(l));
+	RAND_add(&l,sizeof(l),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index e219ae5e325f843bc5ff3094eda91f571f9ebbcb..cfc0ba0343c8b2446989a76ad7f2894aa68b82e5 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -109,7 +109,7 @@ int ssl2_accept(SSL *s)
 	void (*cb)()=NULL;
 	int new_state,state;
 
-	RAND_seed(&l,sizeof(l));
+	RAND_add(&l,sizeof(l),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b8f6a8673ec09d9bec59c08557a8da54651007c7..9d85ba4fd9cd0a7a0f61b8f73f4667af840e90c7 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -110,7 +110,7 @@ int ssl3_connect(SSL *s)
 	int ret= -1;
 	int new_state,state,skip=0;;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 5ba3a28e63e1ea80ff371885495dc894e02dbcd1..c6cc4f73a9b65228bcb032c5b85955b73a6fa719 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -113,7 +113,7 @@ int ssl3_accept(SSL *s)
 	int ret= -1;
 	int new_state,state,skip=0;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 94a06572a2740f517a915d7e29d9445cfec092a4..575c64d1d95cdb931eea8857cf1c108cd10a9f63 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1311,7 +1311,6 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_R_BAD_AUTHENTICATION_TYPE			 102
 #define SSL_R_BAD_CHANGE_CIPHER_SPEC			 103
 #define SSL_R_BAD_CHECKSUM				 104
-#define SSL_R_BAD_HELLO_REQUEST			 	 105
 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK		 106
 #define SSL_R_BAD_DECOMPRESSION				 107
 #define SSL_R_BAD_DH_G_LENGTH				 108
@@ -1319,6 +1318,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_R_BAD_DH_P_LENGTH				 110
 #define SSL_R_BAD_DIGEST_LENGTH				 111
 #define SSL_R_BAD_DSA_SIGNATURE				 112
+#define SSL_R_BAD_HELLO_REQUEST				 105
 #define SSL_R_BAD_LENGTH				 271
 #define SSL_R_BAD_MAC_DECODE				 113
 #define SSL_R_BAD_MESSAGE_TYPE				 114
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 9dd483d1121b64be9fd2f6e967e1ed6530076b20..ff7e1c7aab94d898ecf7aa67c769f38c38d7159c 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -205,7 +205,6 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
 {SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
 {SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
-{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
 {SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
 {SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
 {SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
@@ -213,6 +212,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
 {SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
 {SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
+{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
 {SSL_R_BAD_LENGTH                        ,"bad length"},
 {SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
 {SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},