On Wed, Oct 15, 2025 at 9:03 AM Jacob Champion <[email protected]> wrote: > > On Mon, Oct 13, 2025 at 2:49 PM Masahiko Sawada <[email protected]> wrote: > > I think the second item fits better with the current thread's subject. > > Having said that, these two items are somewhat related (for example, > > adding getrandom() support would be a common change for both), so > > perhaps we can start with the pg_strong_random() changes in this > > thread? > > Sounds good.
I've drafted the patches for this item. The 0001 patch allows the packager to select the random source: "openssl" or "system", by using --with-random-source option. If it's omitted and OpenSSL is used (--with-openssl or --with-ssl=openssl), 'openssl' source is automatically chosen. The selected random source can be shown in read-only GUC parameter random_source. The 0002 patch supports getrandom() as a 'system' random source where available while keeping the method of reading /dev/urandom as a fallback option. Regards, -- Masahiko Sawada Amazon Web Services: https://aws.amazon.com
v1-0001-Add-configure-time-selection-of-random-number-sou.patch
Description: Binary data
v1-0002-Support-getrandom-as-random-source-where-availabl.patch
Description: Binary data
