> I think I have tracked down the change in 1.1.1c that is causing this. > It is the addition of the DEVRANDOM_WAIT functionality for linux in > e_os.h and crypto/rand/rand_unix.c. lighttpd (libcrypto) is waiting in > a select() call on /dev/random. After this eventually wakes up, it then > reads from /dev/urandom. OpenSSL 1.1.1b did not do this, but instead > just read from /dev/urandom. Is there more information about this > change (i.e., a rationale)? I did not see anything in the CHANGES file > about it. The original discussions for this change can be found on GitHub: - issue #8215, fixed by pull request #8251 - issue #8416, fixed by pull request #8428 (see links below). And you are right, the change should have been mentioned in the CHANGES file. Apologies for that. HTH, Matthias https://github.com/openssl/openssl/issues/8215 https://github.com/openssl/openssl/pull/8251 https://github.com/openssl/openssl/issues/8416 https://github.com/openssl/openssl/pull/8428
