Ensure OpenSSL entropy state reset across forks.

Note that this function is never going to be called pre-fork unless the
admin is doing something highly unusual with ${randint:..} in a context
evaluated in the listening daemon.  Other forks should result in a
re-exec(), thus resetting state.

Nonetheless, be more cautious, explicitly reset state.

Fix per PostgreSQL.

PS: why does OpenSSL not document RAND_cleanup() on the same page as all
    the other entropy pool maintenance functions?