> On 5 Nov 2020, at 13:28, Michael Paquier <michael@paquier.xyz> wrote:
> It seems to me that this one would become incorrect if compiling with
> OpenSSL but select a random source that requires an initialization, as
> it would enforce only OpenSSL initialization all the time.
Right, how about something like the attached (untested) diff?
> Theoretical point now, of course, because such combination does not
> exist yet in the code.
Not yet, and potentially never will. Given the consequences of a PRNG which
hasn't been properly initialized I think it's ok to be defensive in this
codepath however.
cheers ./daniel
