* default, we will try to read at least one of these files
*/
# define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
-# define DEVRANDOM_WAIT "/dev/random"
+# ifdef __linux
+# ifndef DEVRANDOM_WAIT
+# define DEVRANDOM_WAIT "/dev/random"
+# endif
+/*
+ * Linux kernels 4.8 and later changes how their random device works and there
+ * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
+ * should be used instead.
+ */
+# ifndef DEVRANDOM_SAFE_KERNEL
+# define DEVRANDOM_SAFE_KERNEL 4, 8
+# endif
+/*
+ * Some operating systems do not permit select(2) on their random devices,
+ * defining this to zero will force the used of read(2) to extract one byte
+ * from /dev/random.
+ */
+# ifndef DEVRANDM_WAIT_USE_SELECT
+# define DEVRANDM_WAIT_USE_SELECT 1
+# endif
+/*
+ * Define the shared memory identifier used to indicate if the operating
+ * system has properly seeded the DEVRANDOM source.
+ */
+# ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
+# define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
+# endif
+
+# endif
# endif
# if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
/*
# else /* The non-microsoft world */
# if defined(OPENSSL_SYS_VXWORKS)
-# include <sys/times.h>
+# include <time.h>
# else
# include <sys/time.h>
# endif
# else
/* !defined VMS */
-# ifdef OPENSSL_UNISTD
-# include OPENSSL_UNISTD
-# else
-# include <unistd.h>
-# endif
+# include <unistd.h>
# include <sys/types.h>
# ifdef OPENSSL_SYS_WIN32_CYGWIN
# include <io.h>