diff --git a/openssl-sys/src/rand.rs b/openssl-sys/src/rand.rs
index 8ee46fbb..7380702d 100644
--- a/openssl-sys/src/rand.rs
+++ b/openssl-sys/src/rand.rs
@@ -2,5 +2,9 @@ use libc::*;
 
 extern "C" {
     pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int;
+
+    #[cfg(ossl111)]
+    pub fn RAND_keep_random_devices_open(keep: c_int);
+
     pub fn RAND_status() -> c_int;
 }
diff --git a/openssl/src/rand.rs b/openssl/src/rand.rs
index da52ef5f..6b85efb1 100644
--- a/openssl/src/rand.rs
+++ b/openssl/src/rand.rs
@@ -10,14 +10,16 @@
 //! let mut buf = [0; 256];
 //! rand_bytes(&mut buf).unwrap();
 //! ```
-use libc::c_int;
 use ffi;
+use libc::c_int;
 
 use cvt;
 use error::ErrorStack;
 
 /// Fill buffer with cryptographically strong pseudo-random bytes.
 ///
+/// This corresponds to [`RAND_bytes`].
+///
 /// # Examples
 ///
 /// To generate a buffer with cryptographically strong bytes:
@@ -29,9 +31,7 @@ use error::ErrorStack;
 /// rand_bytes(&mut buf).unwrap();
 /// ```
 ///
-/// # External OpenSSL Documentation
-///
-/// [RAND_bytes](https://www.openssl.org/docs/man1.1.0/crypto/RAND_bytes.html)
+/// [`RAND_bytes`](https://www.openssl.org/docs/man1.1.0/crypto/RAND_bytes.html)
 pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
     unsafe {
         ffi::init();
@@ -40,6 +40,20 @@ pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
     }
 }
 
+/// Controls random device file descriptor behavior.
+///
+/// Requires OpenSSL 1.1.1 or newer.
+///
+/// This corresponds to [`RAND_keep_random_devices_open`].
+///
+/// [`RAND_keep_random_devices_open`]: https://www.openssl.org/docs/manmaster/man3/RAND_keep_random_devices_open.html
+#[cfg(ossl111)]
+pub fn keep_random_devices_open(keep: bool) {
+    unsafe {
+        ffi::RAND_keep_random_devices_open(keep as c_int);
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use super::rand_bytes;