Avoid passing an uninitialised buffer to OpenSSL

Don't pass potentially uninitialised buffers to RAND_bytes.

(OpenSSL uses the buffer as an entropy source, which is undefined behaviour on uninitialised memory.)

Bugfix on tor 0.0.6rc4, commit f6dbe5a0 / svn:r1717 on 27 Apr 2004.

See my branch rand-input-uninitialised, based on bug17686_v2_027. https://github.com/teor2345/tor.git