--- doc/socat.1.orig	2015-01-24 16:30:52 UTC

+++ doc/socat.1

@@ -2904,10 +2904,6 @@ in this file\&.

 Specifies the directory with the trusted (root) certificates\&. The directory

 must contain certificates in PEM format and their hashes (see OpenSSL

 documentation) 

-.IP "\fB\f(CWegd=<filename>\fP\fP"

-On some systems, openssl requires an explicit source of random data\&. Specify

-the socket name where an entropy gathering daemon like egd provides random

-data, e\&.g\&. /dev/egd\-pool\&.

 .IP "\fB\f(CWpseudo\fP\fP"

 On systems where openssl cannot find an entropy source and where no entropy

 gathering daemon can be utilized, this option activates a mechanism for

@@ -3397,11 +3393,11 @@ connection, invokes a shell\&. This shel

 connected to the TCP socket (nofork)\&.  The shell starts filan and lets it print the socket addresses to

 stderr (your terminal window)\&.

 .IP 

-.IP "\fB\f(CWecho \-e \(dq\&\e0\e14\e0\e0\ec\(dq\& |socat \-u \- file:/usr/bin/squid\&.exe,seek=0x00074420\fP\fP"

+.IP "\fB\f(CWecho \-e \(dq\&\e0\e14\e0\e0\ec\(dq\& |socat \-u \- file:${LOCALBASE}/bin/squid\&.exe,seek=0x00074420\fP\fP"

 .IP 

 functions as primitive binary editor: it writes the 4 bytes 000 014 000 000 to

-the executable /usr/bin/squid at offset 0x00074420 (this is a real world patch

+the executable ${LOCALBASE}/bin/squid at offset 0x00074420 (this is a real world patch

 to make the squid executable from Cygwin run under Windows, actual per May 2004)\&.

 .IP 

 .IP "\fB\f(CWsocat \- tcp:www\&.blackhat\&.org:31337,readbytes=1000\fP\fP"

@@ -3524,11 +3520,11 @@ error\&. 

 .SH "FILES"

 .PP 

-/usr/bin/socat 

+${LOCALBASE}/bin/socat 

 .br 

-/usr/bin/filan 

+${LOCALBASE}/bin/filan 

 .br 

-/usr/bin/procan

+${LOCALBASE}/bin/procan

 .PP 

 .SH "ENVIRONMENT VARIABLES"

--- doc/socat.html.orig	2015-01-24 16:31:04 UTC

+++ doc/socat.html

@@ -2781,10 +2781,6 @@ These options apply to the <a href="soca

    Specifies the directory with the trusted (root) certificates. The directory

    must contain certificates in PEM format and their hashes (see OpenSSL

    documentation) 

-<a name="OPTION_OPENSSL_EGD"></a><p><dt><strong><strong><code>egd=&lt;filename&gt;</code></strong></strong><dd>

-   On some systems, openssl requires an explicit source of random data. Specify

-   the socket name where an entropy gathering daemon like egd provides random

-   data, e.g. /dev/egd-pool.

 <a name="OPTION_OPENSSL_PSEUDO"></a><p><dt><strong><strong><code>pseudo</code></strong></strong><dd>

    On systems where openssl cannot find an entropy source and where no entropy

    gathering daemon can be utilized, this option activates a mechanism for

@@ -3309,10 +3305,10 @@ connection, invokes a shell. This shell 

 connected to the TCP socket (<a href="socat.html#OPTION_NOFORK">nofork</a>).  The shell starts filan and lets it print the socket addresses to

 stderr (your terminal window).

 <p>

-<p><dt><strong><strong><code>echo -e "\0\14\0\0\c" |socat -u - file:/usr/bin/squid.exe,seek=0x00074420</code></strong></strong><dd>

+<p><dt><strong><strong><code>echo -e "\0\14\0\0\c" |socat -u - file:${LOCALBASE}/bin/squid.exe,seek=0x00074420</code></strong></strong><dd>

 <p>

 functions as primitive binary editor: it writes the 4 bytes 000 014 000 000 to

-the executable /usr/bin/squid at offset 0x00074420 (this is a real world patch

+the executable ${LOCALBASE}/bin/squid at offset 0x00074420 (this is a real world patch

 to make the squid executable from Cygwin run under Windows, actual per May 2004).

 <p>

 <p><dt><strong><strong><code>socat - tcp:www.blackhat.org:31337,readbytes=1000</code></strong></strong><dd>

@@ -3430,9 +3426,9 @@ error. 

 <a name="FILES"></a>

 <h2>FILES</h2>

 <p>

-/usr/bin/socat <br>

-/usr/bin/filan <br>

-/usr/bin/procan

+${LOCALBASE}/bin/socat <br>

+${LOCALBASE}/bin/filan <br>

+${LOCALBASE}/bin/procan

 <p>

 <a name="ENVIRONMENT_VARIABLES"></a>

 <h2>ENVIRONMENT VARIABLES</h2>

--- doc/xio.help.orig	2013-06-23 06:16:48 UTC

+++ doc/xio.help

@@ -4566,19 +4566,6 @@ must contain certificates in PEM format 

 documentation) 

-Option: openssl-egd=file

-Aliases: egd

-

-Type: FILENAME

-Option group: OPENSSL

-Phase: SPEC

-Platforms: (depends on openssl installation)

-

-On some systems, openssl requires an explicit source of random data. Specify

-the socket name where an entropy gathering daemon like egd provides random

-data, e.g. /dev/egd-pool.

-

-

 Option: openssl-pseudo

 Aliases: pseudo

--- sslcls.c.orig	2015-01-24 10:15:22 UTC

+++ sslcls.c

@@ -331,14 +331,6 @@ void sycSSL_free(SSL *ssl) {

    return;

 }

-int sycRAND_egd(const char *path) {

-   int result;

-   Debug1("RAND_egd(\"%s\")", path);

-   result = RAND_egd(path);

-   Debug1("RAND_egd() -> %d", result);

-   return result;

-}

-

 DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) {

    DH *result;

    Debug4("PEM_read_bio_DHparams(%p, %p, %p, %p)",

@@ -375,7 +367,7 @@ int sycFIPS_mode_set(int onoff) {

 }

 #endif /* WITH_FIPS */

-#if OPENSSL_VERSION_NUMBER >= 0x00908000L

+#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)

 const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) {

    const COMP_METHOD *result;

    Debug1("SSL_get_current_compression(%p)", ssl);

--- sslcls.h.orig	2015-01-24 10:15:22 UTC

+++ sslcls.h

@@ -47,7 +47,6 @@ X509 *sycSSL_get_peer_certificate(SSL *s

 int sycSSL_shutdown(SSL *ssl);

 void sycSSL_CTX_free(SSL_CTX *ctx);

 void sycSSL_free(SSL *ssl);

-int sycRAND_egd(const char *path);

 DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);

@@ -55,7 +54,7 @@ BIO *sycBIO_new_file(const char *filenam

 int sycFIPS_mode_set(int onoff);

-#if OPENSSL_VERSION_NUMBER >= 0x00908000L

+#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)

 const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl);

 const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl);

 const char *sycSSL_COMP_get_name(const COMP_METHOD *comp);

@@ -98,7 +97,6 @@ const char *sycSSL_COMP_get_name(const C

 #define sycSSL_shutdown(s) SSL_shutdown(s)

 #define sycSSL_CTX_free(c) SSL_CTX_free(c)

 #define sycSSL_free(s) SSL_free(s)

-#define sycRAND_egd(p) RAND_egd(p)

 #define sycPEM_read_bio_DHparams(b,x,p,u) PEM_read_bio_DHparams(b,x,p,u)

--- test.sh.orig	2015-01-24 10:15:22 UTC

+++ test.sh

@@ -576,9 +576,6 @@ filloptionvalues() {

     *,dh,*) OPTS=$(echo "$OPTS" |sed "s/,dh,/,dh=/tmp/hugo,/g");;

     esac

     case "$OPTS" in

-    *,egd,*) OPTS=$(echo "$OPTS" |sed "s/,egd,/,egd=/tmp/hugo,/g");;

-    esac

-    case "$OPTS" in

     *,compress,*) OPTS=$(echo "$OPTS" |sed "s/,compress,/,compress=none,/g");;

     esac

     # PROXY

--- xio-openssl.c.orig	2015-01-24 14:33:42 UTC

+++ xio-openssl.c

@@ -108,7 +108,6 @@ const struct optdesc opt_openssl_key    

 const struct optdesc opt_openssl_dhparam     = { "openssl-dhparam",     "dh",    OPT_OPENSSL_DHPARAM,     GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };

 const struct optdesc opt_openssl_cafile      = { "openssl-cafile",     "cafile", OPT_OPENSSL_CAFILE,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };

 const struct optdesc opt_openssl_capath      = { "openssl-capath",     "capath", OPT_OPENSSL_CAPATH,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };

-const struct optdesc opt_openssl_egd         = { "openssl-egd",        "egd",    OPT_OPENSSL_EGD,         GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };

 const struct optdesc opt_openssl_pseudo      = { "openssl-pseudo",     "pseudo", OPT_OPENSSL_PSEUDO,      GROUP_OPENSSL, PH_SPEC, TYPE_BOOL,     OFUNC_SPEC };

 #if OPENSSL_VERSION_NUMBER >= 0x00908000L

 const struct optdesc opt_openssl_compress    = { "openssl-compress",   "compress", OPT_OPENSSL_COMPRESS,  GROUP_OPENSSL, PH_SPEC, TYPE_STRING,   OFUNC_SPEC };

@@ -147,7 +146,7 @@ int xio_reset_fips_mode(void) {

 static void openssl_conn_loginfo(SSL *ssl) {

    Notice1("SSL connection using %s", SSL_get_cipher(ssl));

-#if OPENSSL_VERSION_NUMBER >= 0x00908000L

+#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)

    {

       const COMP_METHOD *comp, *expansion;

@@ -722,7 +721,6 @@ int

    char *opt_dhparam = NULL;	/* file name of DH params */

    char *opt_cafile = NULL;	/* certificate authority file */

    char *opt_capath = NULL;	/* certificate authority directory */

-   char *opt_egd = NULL;	/* entropy gathering daemon socket path */

 #if OPENSSL_VERSION_NUMBER >= 0x00908000L

    char *opt_compress = NULL;	/* compression method */

 #endif

@@ -741,7 +739,6 @@ int

    retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);

    retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);

    retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);

-   retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);

    retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);

 #if OPENSSL_VERSION_NUMBER >= 0x00908000L

    retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);

@@ -877,10 +874,6 @@ int

       }

    }

-   if (opt_egd) {

-      sycRAND_egd(opt_egd);

-   }

-

    if (opt_pseudo) {

       long int randdata;

       /* initialize libc random from actual microseconds */

@@ -1098,7 +1091,7 @@ static int openssl_SSL_ERROR_SSL(int lev

       if (e == ((ERR_LIB_RAND<<24)|

 		(RAND_F_SSLEAY_RAND_BYTES<<12)|

 		(RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {

-	 Error("too few entropy; use options \"egd\" or \"pseudo\"");

+	 Error("too few entropy; use options \"pseudo\"");

 	 stat = STAT_NORETRY;

       } else {

 	 Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));

--- xio-openssl.h.orig	2015-01-24 10:15:22 UTC

+++ xio-openssl.h

@@ -21,7 +21,6 @@ extern const struct optdesc opt_openssl_

 extern const struct optdesc opt_openssl_dhparam;

 extern const struct optdesc opt_openssl_cafile;

 extern const struct optdesc opt_openssl_capath;

-extern const struct optdesc opt_openssl_egd;

 extern const struct optdesc opt_openssl_pseudo;

 #if OPENSSL_VERSION_NUMBER >= 0x00908000L

 extern const struct optdesc opt_openssl_compress;

--- xioopts.c.orig	2015-01-24 10:15:22 UTC

+++ xioopts.c

@@ -412,7 +412,6 @@ const struct optname optionnames[] = {

 #ifdef ECHOPRT

 	IF_TERMIOS("echoprt",	&opt_echoprt)

 #endif

-	IF_OPENSSL("egd",	&opt_openssl_egd)

 	IF_ANY    ("end-close",	&opt_end_close)

 	IF_TERMIOS("eof",	&opt_veof)

 	IF_TERMIOS("eol",	&opt_veol)

@@ -1102,7 +1101,6 @@ const struct optname optionnames[] = {

 	IF_OPENSSL("openssl-compress",	&opt_openssl_compress)

 #endif

 	IF_OPENSSL("openssl-dhparam",	&opt_openssl_dhparam)

-	IF_OPENSSL("openssl-egd",	&opt_openssl_egd)

 #if WITH_FIPS

 	IF_OPENSSL("openssl-fips",	&opt_openssl_fips)

 #endif

--- xioopts.h.orig	2015-01-24 10:15:22 UTC

+++ xioopts.h

@@ -478,7 +478,6 @@ enum e_optcode {

    OPT_OPENSSL_COMPRESS,

 #endif

    OPT_OPENSSL_DHPARAM,

-   OPT_OPENSSL_EGD,

    OPT_OPENSSL_FIPS,

    OPT_OPENSSL_KEY,

    OPT_OPENSSL_METHOD,