http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec30718b5e7480add42598158

Don't know the full story, but it looks like a "can't do random
perfectly, so do it god awful" problem was found in 2013, and
replaced with "only do it badly if a flag is set".  New flags
(SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME)
were added [Ben Laurie?] to support the old scheme of "use time_t
for first 4 bytes of the random buffer".

Nothing uses these flags [ecosystem scan by sthen]

Fully discourage use of these flags in the future by removing
support & definition of them.  The buflen < 4 check is also interesting,
because no entropy would be returned.  No callers passed such small
buffers.
ok miod sthen

1 files changed, 1 insertions, 4 deletions

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index bd22569ef0..c948045ae4 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1130,10 +1130,7 @@ ssl3_get_client_hello(SSL *s)
         {
                 unsigned char *pos;
                 pos = s->s3->server_random;
-                if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
-                        al = SSL_AD_INTERNAL_ERROR;
-                        goto f_err;
-                }
+                RAND_pseudo_bytes(pos, SSL3_RANDOM_SIZE);
         }
 
         if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {