diff --git a/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c b/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c
--- a/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c
+++ b/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c
@@ -356,7 +356,7 @@
      * Note: Sometimes getentropy() can be provided but not implemented
      * internally. So we need to check errno for ENOSYS
      */
-#  if !defined(__DragonFly__) && !defined(__NetBSD__)
+#  if !defined(__DragonFly__) && !defined(__NetBSD__) && !defined(__FreeBSD__)
 #    if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
     extern int getentropy(void *buffer, size_t length) __attribute__((weak));
 
@@ -396,7 +396,8 @@
 #  elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
     return sysctl_random(buf, buflen);
 #  elif (defined(__DragonFly__)  && __DragonFly_version >= 500700) \
-     || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000)
+     || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000) \
+     || defined(__FreeBSD__)
     return getrandom(buf, buflen, 0);
 #  else
     errno = ENOSYS;
diff --git a/include/ssp/socket.h b/include/ssp/socket.h
--- a/include/ssp/socket.h
+++ b/include/ssp/socket.h
@@ -101,11 +101,12 @@
     const struct timespec *__restrict timeout))
 {
 	const size_t vecsz = __ssp_bos(hdrvec);
+	size_t i;
 
 	if (vecsz != (size_t)-1 && vecsz / sizeof(*hdrvec) < vlen)
 		__chk_fail();
 
-	for (size_t i = 0; i < vlen; i++) {
+	for (i = 0; i < vlen; i++) {
 		__ssp_check_msghdr(&hdrvec[i].msg_hdr);
 	}
 
diff --git a/include/ssp/ssp.h b/include/ssp/ssp.h
--- a/include/ssp/ssp.h
+++ b/include/ssp/ssp.h
@@ -89,7 +89,7 @@
 
 #include <machine/_stdint.h>
 
-static inline int
+__ssp_inline int
 __ssp_overlap(const void *leftp, const void *rightp, __size_t sz)
 {
 	__uintptr_t left = (__uintptr_t)leftp;
@@ -112,11 +112,12 @@
 __ssp_check_iovec(const struct iovec *iov, int iovcnt)
 {
 	const size_t iovsz = __ssp_bos(iov);
+	int i;
 
 	if (iovsz != (size_t)-1 && iovsz / sizeof(*iov) < (size_t)iovcnt)
 		__chk_fail();
 
-	for (int i = 0; i < iovcnt; i++) {
+	for (i = 0; i < iovcnt; i++) {
 		if (__ssp_bos(iov[i].iov_base) < iov[i].iov_len)
 			__chk_fail();
 	}
diff --git a/include/ssp/string.h b/include/ssp/string.h
--- a/include/ssp/string.h
+++ b/include/ssp/string.h
@@ -106,6 +106,7 @@
 
 __BEGIN_DECLS
 __ssp_bos_icheck3_restrict(memcpy, void *, const void *)
+__ssp_bos_icheck3_restrict(mempcpy, void *, const void *)
 __ssp_bos_icheck3(memmove, void *, const void *)
 __ssp_bos_icheck3(memset, void *, int)
 __ssp_bos_icheck2_restrict(stpcpy, char *, const char *)
@@ -116,23 +117,10 @@
     (__errnum, __buf, __len));
 __ssp_bos_icheck3_restrict(strncpy, char *, const char *)
 __ssp_bos_icheck3_restrict(strncat, char *, const char *)
-
-__ssp_redirect_raw_impl(void *, mempcpy, mempcpy,
-    (void *__restrict buf, const void *__restrict src, size_t len))
-{
-	const size_t slen = __ssp_bos(buf);
-
-	if (len > slen)
-		__chk_fail();
-
-	if (__ssp_overlap(src, buf, len))
-		__chk_fail();
-
-	return (__ssp_real(mempcpy)(buf, src, len));
-}
 __END_DECLS
 
 #define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst, src, len)
+#define mempcpy(dst, src, len) __ssp_bos_check3(mempcpy, dst, src, len)
 #define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, src, len)
 #define memset(dst, val, len) \
     __ssp_bos_check3_typed(memset, void *, dst, int, val, len)
diff --git a/include/string.h b/include/string.h
--- a/include/string.h
+++ b/include/string.h
@@ -68,7 +68,7 @@
 #endif
 void	*(memmove)(void *, const void *, size_t);
 #if __BSD_VISIBLE
-void	*mempcpy(void * __restrict, const void * __restrict, size_t);
+void	*(mempcpy)(void * __restrict, const void * __restrict, size_t);
 #endif
 void	*(memset)(void *, int, size_t);
 #if __POSIX_VISIBLE >= 200809
diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/Makefile.inc
--- a/lib/libc/secure/Makefile.inc
+++ b/lib/libc/secure/Makefile.inc
@@ -4,7 +4,7 @@
 .PATH: ${LIBC_SRCTOP}/secure
 
 # _FORTIFY_SOURCE
-SRCS+=	fgets_chk.c memcpy_chk.c memmove_chk.c memset_chk.c \
+SRCS+=	fgets_chk.c memcpy_chk.c mempcpy_chk.c memmove_chk.c memset_chk.c \
 	snprintf_chk.c sprintf_chk.c stpcpy_chk.c stpncpy_chk.c \
 	strcat_chk.c strcpy_chk.c strlcat_chk.c strncat_chk.c strlcpy_chk.c \
 	strncpy_chk.c vsnprintf_chk.c vsprintf_chk.c
diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.map
--- a/lib/libc/secure/Symbol.map
+++ b/lib/libc/secure/Symbol.map
@@ -7,6 +7,7 @@
 FBSD_1.8 {
 	__fgets_chk;
 	__memcpy_chk;
+	__mempcpy_chk;
 	__memmove_chk;
 	__memset_chk;
 	__snprintf_chk;
diff --git a/lib/libc/secure/mempcpy_chk.c b/lib/libc/secure/mempcpy_chk.c
new file mode 100644
--- /dev/null
+++ b/lib/libc/secure/mempcpy_chk.c
@@ -0,0 +1,50 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+
+#include <string.h>
+
+#include <ssp/string.h>
+#undef mempcpy
+
+void *
+__mempcpy_chk(void * __restrict dst, const void * __restrict src, size_t len,
+    size_t slen)
+{
+	if (len > slen)
+		__chk_fail();
+
+	if (__ssp_overlap(src, dst, len))
+		__chk_fail();
+
+	return (mempcpy(dst, src, len));
+}
diff --git a/lib/libc/string/mempcpy.c b/lib/libc/string/mempcpy.c
--- a/lib/libc/string/mempcpy.c
+++ b/lib/libc/string/mempcpy.c
@@ -32,7 +32,7 @@
 #include <ssp/ssp.h>
 
 void *
-__ssp_real(mempcpy)(void *__restrict dst, const void *__restrict src,
+(mempcpy)(void *__restrict dst, const void *__restrict src,
     size_t len)
 {
 	return ((char *)memcpy(dst, src, len) + len);
diff --git a/lib/libc/sys/poll.c b/lib/libc/sys/poll.c
--- a/lib/libc/sys/poll.c
+++ b/lib/libc/sys/poll.c
@@ -36,8 +36,7 @@
 
 __weak_reference(__sys_poll, __poll);
 
-#pragma weak __ssp_real(poll)
-int
+int __weak_symbol
 __ssp_real(poll)(struct pollfd pfd[], nfds_t nfds, int timeout)
 {
 	return (INTERPOS_SYS(poll, pfd, nfds, timeout));
diff --git a/lib/libc/sys/ppoll.c b/lib/libc/sys/ppoll.c
--- a/lib/libc/sys/ppoll.c
+++ b/lib/libc/sys/ppoll.c
@@ -36,8 +36,7 @@
 
 __weak_reference(__sys_ppoll, __ppoll);
 
-#pragma weak __ssp_real(ppoll)
-int
+int __weak_symbol
 __ssp_real(ppoll)(struct pollfd pfd[], nfds_t nfds,
     const struct timespec *__restrict timeout,
     const sigset_t *__restrict newsigmask)
diff --git a/lib/libc/sys/readv.c b/lib/libc/sys/readv.c
--- a/lib/libc/sys/readv.c
+++ b/lib/libc/sys/readv.c
@@ -38,8 +38,7 @@
 
 __weak_reference(__sys_readv, __readv);
 
-#pragma weak readv
-ssize_t
+ssize_t __weak_symbol
 __ssp_real(readv)(int fd, const struct iovec *iov, int iovcnt)
 {
 	return (INTERPOS_SYS(readv, fd, iov, iovcnt));
diff --git a/lib/libc/sys/recvfrom.c b/lib/libc/sys/recvfrom.c
--- a/lib/libc/sys/recvfrom.c
+++ b/lib/libc/sys/recvfrom.c
@@ -37,8 +37,7 @@
 
 __weak_reference(__sys_recvfrom, __recvfrom);
 
-#pragma weak recvfrom
-ssize_t
+ssize_t __weak_symbol
 __ssp_real(recvfrom)(int s, void *buf, size_t len, int flags,
     struct sockaddr * __restrict from, socklen_t * __restrict fromlen)
 {
diff --git a/lib/libc/sys/recvmsg.c b/lib/libc/sys/recvmsg.c
--- a/lib/libc/sys/recvmsg.c
+++ b/lib/libc/sys/recvmsg.c
@@ -37,8 +37,7 @@
 
 __weak_reference(__sys_recvmsg, __recvmsg);
 
-#pragma weak recvmsg
-ssize_t
+ssize_t __weak_symbol
 __ssp_real(recvmsg)(int s, struct msghdr *msg, int flags)
 {
 	return (INTERPOS_SYS(recvmsg, s, msg, flags));
diff --git a/sys/sys/select.h b/sys/sys/select.h
--- a/sys/sys/select.h
+++ b/sys/sys/select.h
@@ -86,7 +86,7 @@
 #define	__fdset_idx(p, n)	__fdset_idx_(p, n)
 #else
 __ssp_inline unsigned long
-__fdset_idx(fd_set *p, unsigned long idx)
+__fdset_idx(const fd_set *p, unsigned long idx)
 {
 	__size_t psz = __ssp_bos0(p);
 	unsigned long sidx = __fdset_idx_(p, idx);
diff --git a/usr.sbin/bsnmpd/Makefile.inc b/usr.sbin/bsnmpd/Makefile.inc
--- a/usr.sbin/bsnmpd/Makefile.inc
+++ b/usr.sbin/bsnmpd/Makefile.inc
@@ -1,3 +1,4 @@
 
+CFLAGS+=	-DHAVE_STRLCPY
 PACKAGE=	bsnmp
 .include "../Makefile.inc"