> From: Rasmus Villemoes <r...@prevas.dk> > Date: Fri, 15 Nov 2024 20:21:41 +0100 > > On Fri, Nov 15 2024, Mark Kettenis <mark.kette...@xs4all.nl> wrote: > > >> > >> Or use getrandom(), which according to the man page has been exposed via > >> glibc since glibc 2.25. Or just read from /dev/urandom which should work > >> everywhere. > > > > $ man getrandom > > man: No entry for getrandom in the manual. > > I assume this is intended to inform me that getrandom() doesn't exist on > *BSD?
Right. We have getentropy(3) though and that made it into the recent POSIX update. > As I said, reading from /dev/urandom is probably better as that also > works on BSDs automatically. If somebody tries to do crypto stuff in an > environment where they've removed such a basic device node, they get to > keep both pieces (i.e. the code should just fail) Should work on OpenBSD, but it is still unportable.