Index: Lib/test/test_ssl.py
===================================================================
--- Lib/test/test_ssl.py	(révision 78666)
+++ Lib/test/test_ssl.py	(copie de travail)
@@ -80,6 +80,9 @@
             print("didn't raise TypeError")
         ssl.RAND_add("this is a random string", 75.0)
 
+        # surrogates cannot be encoded to 'utf-8'
+        self.assertRaises(UnicodeEncodeError, ssl.RAND_egd, "\uDAD1\uD51E")
+
     def testParseCert(self):
         # note that this uses an 'unofficial' function in _ssl.c,
         # provided solely for this test, to exercise the certificate
Index: Modules/_ssl.c
===================================================================
--- Modules/_ssl.c	(révision 78666)
+++ Modules/_ssl.c	(copie de travail)
@@ -1500,15 +1500,16 @@
 using the ssl() function.");
 
 static PyObject *
-PySSL_RAND_egd(PyObject *self, PyObject *arg)
+PySSL_RAND_egd(PyObject *self, PyObject *args)
 {
     int bytes;
+    char *path;
 
-    if (!PyUnicode_Check(arg))
-	return PyErr_Format(PyExc_TypeError,
-			    "RAND_egd() expected string, found %s",
-			    Py_TYPE(arg)->tp_name);
-    bytes = RAND_egd(_PyUnicode_AsString(arg));
+    if (!PyArg_ParseTuple(args, "O&:RAND_egd",
+			  PyUnicode_FSConverter, &path))
+	return NULL;
+
+    bytes = RAND_egd(path);
     if (bytes == -1) {
 	PyErr_SetString(PySSLErrorObject,
 			"EGD connection failed or EGD did not return "
@@ -1539,7 +1540,7 @@
 #ifdef HAVE_OPENSSL_RAND
 	{"RAND_add",            PySSL_RAND_add, METH_VARARGS,
 	 PySSL_RAND_add_doc},
-	{"RAND_egd",            PySSL_RAND_egd, METH_O,
+	{"RAND_egd",            PySSL_RAND_egd, METH_VARARGS,
 	 PySSL_RAND_egd_doc},
 	{"RAND_status",         (PyCFunction)PySSL_RAND_status, METH_NOARGS,
 	 PySSL_RAND_status_doc},