> On 16 Nov 2020, at 16:06, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Magnus Hagander <magnus@hagander.net> writes:
>> I agree with those -- either we remove the ability to choose random source
>> independently of the SSL library (and then only use the windows crypto
>> provider or /dev/urandom as platform-specific choices when *no* SSL library
>> is used), and in that case we should not have separate #ifdef's for them.
>> Or we fix the includes. Which is obviously easier, but we should take the
>> time to do what we think is right long-term of course.
>
> FWIW, I'd vote for the former. I think the presumption that OpenSSL's
> random-number machinery can be used without any other initialization is
> shaky as heck.
I tend to agree, randomness is complicated enough without adding a compile time
extensibility which few (if anyone) will ever use. Attached is an attempt at
this.
cheers ./daniel
