From cf04d83624e2ca66d094b6026e48bdf86693d7de Mon Sep 17 00:00:00 2001
From: Philip Kaufmann <phil.kaufmann@t-online.de>
Date: Tue, 24 Jun 2014 14:41:26 +0200
Subject: [PATCH] add OpenSSL RAND_cleanup() on OpenSSL shutdown

- to securely erase the memory used by the PNRG
- also rework 2 comments in OpenSSL init
---
 src/util.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/util.cpp b/src/util.cpp
index 7a0e2cc80..5c1ed23b7 100644
--- a/src/util.cpp
+++ b/src/util.cpp
@@ -121,15 +121,17 @@ public:
         CRYPTO_set_locking_callback(locking_callback);
 
 #ifdef WIN32
-        // Seed random number generator with screen scrape and other hardware sources
+        // Seed OpenSSL PRNG with current contents of the screen
         RAND_screen();
 #endif
 
-        // Seed random number generator with performance counter
+        // Seed OpenSSL PRNG with performance counter
         RandAddSeed();
     }
     ~CInit()
     {
+        // Securely erase the memory used by the PRNG
+        RAND_cleanup();
         // Shutdown OpenSSL library multithreading support
         CRYPTO_set_locking_callback(NULL);
         for (int i = 0; i < CRYPTO_num_locks(); i++)