From bab62cc4355c3611210a4079591400523d30ec35 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 5 Apr 2018 09:34:43 -0700
Subject: [PATCH] Added new define `NO_DEV_URANDOM` to disable the use of
 `/dev/urandom`. Added better named define `WC_RNG_BLOCKING` to indicate block
 w/sleep(0) is okay.

---
 wolfcrypt/src/random.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index df4521d48..92234de52 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -1725,21 +1725,23 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
                  /* success, we're done */
                  return ret;
              }
-    #ifdef FORCE_FAILURE_RDSEED
+        #ifdef FORCE_FAILURE_RDSEED
              /* don't fallback to /dev/urandom */
              return ret;
-    #else
-             /* fallback to /dev/urandom attempt */
+        #else
+             /* reset error and fallback to using /dev/urandom */
              ret = 0;
-    #endif
+        #endif
         }
-
     #endif /* HAVE_INTEL_RDSEED */
 
-        os->fd = open("/dev/urandom",O_RDONLY);
-        if (os->fd == -1) {
+    #ifndef NO_DEV_URANDOM /* way to disable use of /dev/urandom */
+        os->fd = open("/dev/urandom", O_RDONLY);
+        if (os->fd == -1)
+    #endif
+        {
             /* may still have /dev/random */
-            os->fd = open("/dev/random",O_RDONLY);
+            os->fd = open("/dev/random", O_RDONLY);
             if (os->fd == -1)
                 return OPEN_RAN_E;
         }
@@ -1755,7 +1757,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
             output += len;
 
             if (sz) {
-    #ifdef BLOCKING
+    #if defined(BLOCKING) || defined(WC_RNG_BLOCKING)
                 sleep(0);             /* context switch */
     #else
                 ret = RAN_BLOCK_E;