Elimination of some sources not needed in the FIPS_MODULE

Unfortunately in terms of fips.sources this does not mean much
given the way how the .h files are added via the dependency
information from the compiler.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15622)

4 files changed, 15 insertions, 17 deletions

diff --git a/crypto/rand/build.info b/crypto/rand/build.info
index 500667c332..a74282516f 100644
--- a/crypto/rand/build.info
+++ b/crypto/rand/build.info
@@ -7,7 +7,7 @@ IF[{- !$disabled{'egd'} -}]
   $CRYPTO=$CRYPTO rand_egd.c
 ENDIF
 IF[{- !$disabled{'deprecated-3.0'} -}]
-  $COMMON=$COMMON  rand_meth.c
+  $CRYPTO=$CRYPTO rand_meth.c
 ENDIF
 
 SOURCE[../../libcrypto]=$COMMON $CRYPTO
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index a3305b76b4..62bd1d6796 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -10,25 +10,25 @@
 /* We need to use some engine deprecated APIs */
 #define OPENSSL_SUPPRESS_DEPRECATED
 
-#include <stdio.h>
-#include <time.h>
-#include <limits.h>
-#include <openssl/trace.h>
 #include <openssl/err.h>
-#include <openssl/conf.h>
-#include "internal/cryptlib.h"
 #include <openssl/opensslconf.h>
-#include "crypto/rand.h"
-#include "crypto/cryptlib.h"
-#include <openssl/engine.h>
 #include <openssl/core_names.h>
+#include "internal/cryptlib.h"
 #include "internal/thread_once.h"
+#include "crypto/rand.h"
+#include "crypto/cryptlib.h"
 #include "rand_local.h"
-#include "e_os.h"
 
 #ifndef FIPS_MODULE
+# include <stdio.h>
+# include <time.h>
+# include <limits.h>
+# include <openssl/conf.h>
+# include <openssl/trace.h>
+# include <openssl/engine.h>
 # include "crypto/rand_pool.h"
 # include "prov/seeding.h"
+# include "e_os.h"
 
 # ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
@@ -319,7 +319,7 @@ int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num,
                        unsigned int strength)
 {
     EVP_RAND_CTX *rand;
-#ifndef OPENSSL_NO_DEPRECATED_3_0
+#if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE)
     const RAND_METHOD *meth = RAND_get_rand_method();
 
     if (meth != NULL && meth != RAND_OpenSSL()) {
@@ -348,7 +348,7 @@ int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num,
                   unsigned int strength)
 {
     EVP_RAND_CTX *rand;
-#ifndef OPENSSL_NO_DEPRECATED_3_0
+#if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE)
     const RAND_METHOD *meth = RAND_get_rand_method();
 
     if (meth != NULL && meth != RAND_OpenSSL()) {
diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h
index 3b4ad8ca65..31428f20c8 100644
--- a/crypto/rand/rand_local.h
+++ b/crypto/rand/rand_local.h
@@ -25,7 +25,9 @@
 # define PRIMARY_RESEED_TIME_INTERVAL            (60 * 60) /* 1 hour */
 # define SECONDARY_RESEED_TIME_INTERVAL          (7 * 60)  /* 7 minutes */
 
+# ifndef FIPS_MODULE
 /* The global RAND method, and the global buffer and DRBG instance. */
 extern RAND_METHOD ossl_rand_meth;
+# endif
 
 #endif
diff --git a/crypto/rand/rand_meth.c b/crypto/rand/rand_meth.c
index 49bf0acdf5..276763057d 100644
--- a/crypto/rand/rand_meth.c
+++ b/crypto/rand/rand_meth.c
@@ -61,9 +61,5 @@ RAND_METHOD ossl_rand_meth = {
 
 RAND_METHOD *RAND_OpenSSL(void)
 {
-#ifndef FIPS_MODULE
     return &ossl_rand_meth;
-#else
-    return NULL;
-#endif
 }