/dev/random blocks on busy servers too.

gendss.c

@@ -57,7 +57,6 @@ dropbear_dss_key * gen_dss_priv_key(unsigned int size) {
 	m_mp_init_multi(key->p, key->q, key->g, key->y, key->x, NULL);
 	
 	seedrandom();
-	seedstrongrandom();
 	
 	getq(key);
 	getp(key, size);

genrsa.c

@@ -56,7 +56,6 @@ dropbear_rsa_key * gen_rsa_priv_key(unsigned int size) {
 			&pminus, &lcm, &qminus, NULL);
 
 	seedrandom();
-	seedstrongrandom();
 
 	if (mp_set_int(key->e, RSA_E) != MP_OKAY) {
 		fprintf(stderr, "RSA generation failed\n");

random.c

@@ -155,24 +155,6 @@ static void write_urandom()
 #endif
 }
 
-/* add entropy from the stronger, blocking source /dev/random. Only used
- * for generating persistent private keys (RSA and DSS) */
-void seedstrongrandom()
-{
-	/* We assume that PRNGD is a strong source, so don't need to do anything here */
-#ifndef DROPBEAR_PRNGD_SOCKET
-	hash_state hs;
-
-	sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
-	if (process_file(&hs, "/dev/random", INIT_SEED_SIZE, 0) 
-			!= DROPBEAR_SUCCESS) {
-		dropbear_exit("Failure reading random device %s", "/dev/random");
-	}
-
-	sha1_done(&hs, hashpool);
-#endif
-}
-
 /* Initialise the prng from /dev/urandom or prngd. This function can
  * be called multiple times */
 void seedrandom() {

random.h

@@ -27,7 +27,6 @@
 
 struct mp_int;
 
-void seedstrongrandom();
 void seedrandom();
 void genrandom(unsigned char* buf, unsigned int len);
 void addrandom(char * buf, unsigned int len);