VOTE Apply PR#9084 reverting DEVRANDOM_WAIT

Kurt Roeckx kurt at
Fri Jun 7 22:48:39 UTC 2019

On Fri, Jun 07, 2019 at 07:01:30PM +0000, Salz, Rich wrote:
> >    The kernel actually already does this in recent versions, if
>     configured to do it.
> "The" kernel. Which one is that?  Which operating system?
> Modern Linux is fine.  Is that all we care about?

This whole discussion has only been about Linux, we only define

I think all other OSs have a sane /dev/urandom, but I'm not sure
about NetBSD.

> 1.1.1c made Solaris (and possibly others) more secure. I would be disappointed if 1.1.1d took that away and tried to rationalize that "it's not my job."  *YOU'RE A CRYPTOGRAPHIC LIBRARY* 

Do you have a reference that Solaris allows reading from
/dev/urandom before it's been initialized?


More information about the openssl-project mailing list