The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to

resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.

3 files changed, 1 insertions, 9 deletions

diff --git a/FAQ b/FAQ
index 4a1fb5f94e..c56dbadc9d 100644
--- a/FAQ
+++ b/FAQ
@@ -904,8 +904,6 @@ other test tools) will complain about this. When using Valgrind, make sure the
 OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY)
 to get rid of these warnings
 
-The use of PURIFY with the PRNG was added in OpenSSL 0.9.8f.
-
 
 ===============================================================================
 
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index f0ddc1ee45..513e338985 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -154,9 +154,6 @@ void RAND_add(const void *buf, int num, double entropy)
 int RAND_bytes(unsigned char *buf, int num)
 	{
 	const RAND_METHOD *meth = RAND_get_rand_method();
-#ifdef PURIFY
-	memset(buf, 0, num);
-#endif
 	if (meth && meth->bytes)
 		return meth->bytes(buf,num);
 	return(-1);
@@ -165,9 +162,6 @@ int RAND_bytes(unsigned char *buf, int num)
 int RAND_pseudo_bytes(unsigned char *buf, int num)
 	{
 	const RAND_METHOD *meth = RAND_get_rand_method();
-#ifdef PURIFY
-	memset(buf, 0, num);
-#endif
 	if (meth && meth->pseudorand)
 		return meth->pseudorand(buf,num);
 	return(-1);
diff --git a/doc/crypto/RAND_bytes.pod b/doc/crypto/RAND_bytes.pod
index 34f8cd2544..1a9b91e281 100644
--- a/doc/crypto/RAND_bytes.pod
+++ b/doc/crypto/RAND_bytes.pod
@@ -26,7 +26,7 @@ certain purposes in cryptographic protocols, but usually not for key
 generation etc.
 
 The contents of B<buf> is mixed into the entropy pool before retrieving
-the new pseudo-random bytes unless disabled at compile time.
+the new pseudo-random bytes unless disabled at compile time (see FAQ).
 
 =head1 RETURN VALUES