> On 5 Nov 2020, at 13:28, Michael Paquier <mich...@paquier.xyz> wrote:
> It seems to me that this one would become incorrect if compiling with > OpenSSL but select a random source that requires an initialization, as > it would enforce only OpenSSL initialization all the time. Right, how about something like the attached (untested) diff? > Theoretical point now, of course, because such combination does not > exist yet in the code. Not yet, and potentially never will. Given the consequences of a PRNG which hasn't been properly initialized I think it's ok to be defensive in this codepath however. cheers ./daniel
openssl_random_macros-v3.patch
Description: Binary data
