Always use compat getentropy.

Have it call native getentropy and fall back as required.  Should fix
issues of platforms where libc has getentropy but it is not implemented
in the kernel.  Based on github PR#354 from simsergey.

openbsd-compat/arc4random.c

@@ -44,13 +44,15 @@
 #ifndef HAVE_ARC4RANDOM
 
 /*
- * If we're not using a native getentropy, use the one from bsd-getentropy.c
- * under a different name, so that if in future these binaries are run on
- * a system that has a native getentropy OpenSSL cannot call the wrong one.
+ * Always use the getentropy implementation from bsd-getentropy.c, which
+ * will call a native getentropy if available then fall back as required.
+ * We use a different name so that OpenSSL cannot call the wrong getentropy.
  */
-#ifndef HAVE_GETENTROPY
-# define getentropy(x, y) (_ssh_compat_getentropy((x), (y)))
+int _ssh_compat_getentropy(void *, size_t);
+#ifdef getentropy
+# undef getentropy
 #endif
+#define getentropy(x, y) (_ssh_compat_getentropy((x), (y)))
 
 #include "log.h"
 

openbsd-compat/bsd-getentropy.c

@@ -18,8 +18,6 @@
 
 #include "includes.h"
 
-#ifndef HAVE_GETENTROPY
-
 #ifndef SSH_RANDOM_DEV
 # define SSH_RANDOM_DEV "/dev/urandom"
 #endif /* SSH_RANDOM_DEV */
@@ -52,6 +50,10 @@ _ssh_compat_getentropy(void *s, size_t len)
 	ssize_t r;
 	size_t o = 0;
 
+#ifdef HAVE_GETENTROPY
+	if (r = getentropy(s, len) == 0)
+		return 0;
+#endif /* HAVE_GETENTROPY */
 #ifdef HAVE_GETRANDOM
 	if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len)
 		return 0;
@@ -79,4 +81,3 @@ _ssh_compat_getentropy(void *s, size_t len)
 #endif /* WITH_OPENSSL */
 	return 0;
 }
-#endif /* WITH_GETENTROPY */

openbsd-compat/openbsd-compat.h

@@ -69,10 +69,6 @@ void closefrom(int);
 int ftruncate(int filedes, off_t length);
 #endif
 
-#if defined(HAVE_DECL_GETENTROPY) && HAVE_DECL_GETENTROPY == 0
-int _ssh_compat_getentropy(void *, size_t);
-#endif
-
 #ifndef HAVE_GETLINE
 #include <stdio.h>
 ssize_t getline(char **, size_t *, FILE *);