On Wed, Oct 15, 2025 at 9:03 AM Jacob Champion
<jacob.champion@enterprisedb.com> wrote:
>
> On Mon, Oct 13, 2025 at 2:49 PM Masahiko Sawada <sawada.mshk@gmail.com> wrote:
> > I think the second item fits better with the current thread's subject.
> > Having said that, these two items are somewhat related (for example,
> > adding getrandom() support would be a common change for both), so
> > perhaps we can start with the pg_strong_random() changes in this
> > thread?
>
> Sounds good.
I've drafted the patches for this item.
The 0001 patch allows the packager to select the random source:
"openssl" or "system", by using --with-random-source option. If it's
omitted and OpenSSL is used (--with-openssl or --with-ssl=openssl),
'openssl' source is automatically chosen. The selected random source
can be shown in read-only GUC parameter random_source.
The 0002 patch supports getrandom() as a 'system' random source where
available while keeping the method of reading /dev/urandom as a
fallback option.
Regards,
--
Masahiko Sawada
Amazon Web Services: https://aws.amazon.com
