On Thu, Jul 30, 2020 at 11:42:16PM +0200, Daniel Gustafsson wrote:
> Somewhat on topic though, 1.1.1 adds a RAND_priv_bytes function for random
> numbers that are supposed to be private and extra protected via it's own DRBG.
> Maybe we should use that for SCRAM salts etc in case we detect 1.1.1?
Maybe. Would you have a separate pg_private_random() function, or just use
RAND_priv_bytes() for pg_strong_random()? No pg_strong_random() caller is
clearly disinterested in privacy; gen_random_uuid() may come closest.