From c2620dac0231b6d303c5dc50b769c4c80fc9770c Mon Sep 17 00:00:00 2001
From: gufe44 <gu981@protonmail.com>
Date: Mon, 3 Aug 2020 17:56:50 +0200
Subject: [PATCH 1/3] Use arc4random_buf instead of rand on NetBSD

Avoid old implementation of rand returning numbers with cyclical lower bits. Allow tests to pass.

Signed-off-by: gufe44 <gu981@protonmail.com>
---
 library/rsa.c      | 6 +++---
 tests/src/random.c | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/rsa.c b/library/rsa.c
index 83ed3c937..c6c5956dc 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -53,7 +53,7 @@
 #include "mbedtls/md.h"
 #endif
 
-#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__)
+#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) && !defined(__NetBSD__)
 #include <stdlib.h>
 #endif
 
@@ -2569,7 +2569,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx )
 #if defined(MBEDTLS_PKCS1_V15)
 static int myrand( void *rng_state, unsigned char *output, size_t len )
 {
-#if !defined(__OpenBSD__)
+#if !defined(__OpenBSD__) && !defined(__NetBSD__)
     size_t i;
 
     if( rng_state != NULL )
@@ -2582,7 +2582,7 @@ static int myrand( void *rng_state, unsigned char *output, size_t len )
         rng_state = NULL;
 
     arc4random_buf( output, len );
-#endif /* !OpenBSD */
+#endif /* !OpenBSD && !NetBSD */
 
     return( 0 );
 }
diff --git a/tests/src/random.c b/tests/src/random.c
index 3345f78be..45748a943 100644
--- a/tests/src/random.c
+++ b/tests/src/random.c
@@ -32,7 +32,7 @@ int mbedtls_test_rnd_std_rand( void *rng_state,
                                unsigned char *output,
                                size_t len )
 {
-#if !defined(__OpenBSD__)
+#if !defined(__OpenBSD__) && !defined(__NetBSD__)
     size_t i;
 
     if( rng_state != NULL )
@@ -45,7 +45,7 @@ int mbedtls_test_rnd_std_rand( void *rng_state,
         rng_state = NULL;
 
     arc4random_buf( output, len );
-#endif /* !OpenBSD */
+#endif /* !OpenBSD && !NetBSD */
 
     return( 0 );
 }

From ed06d2fe7810b4f30484b8abd52a0ec9fe2700b1 Mon Sep 17 00:00:00 2001
From: gufe44 <gu981@protonmail.com>
Date: Thu, 6 Aug 2020 12:52:04 +0200
Subject: [PATCH 2/3] Add changelog entry

Signed-off-by: gufe44 <gu981@protonmail.com>
---
 ChangeLog.d/netbsd-rand-arc4random_buf.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/netbsd-rand-arc4random_buf.txt

diff --git a/ChangeLog.d/netbsd-rand-arc4random_buf.txt b/ChangeLog.d/netbsd-rand-arc4random_buf.txt
new file mode 100644
index 000000000..7f5802e8c
--- /dev/null
+++ b/ChangeLog.d/netbsd-rand-arc4random_buf.txt
@@ -0,0 +1,3 @@
+Changes
+   * Use arc4random_buf on NetBSD instead of rand implementation with cyclical
+     lower bits. Fix contributed in #3540.

From 29fcac32630da7e3a49e856cb8468b2e2ab609be Mon Sep 17 00:00:00 2001
From: gufe44 <gu981@protonmail.com>
Date: Thu, 13 Aug 2020 06:24:42 +0200
Subject: [PATCH 3/3] Log change as bugfix

Signed-off-by: gufe44 <gu981@protonmail.com>
---
 ChangeLog.d/netbsd-rand-arc4random_buf.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog.d/netbsd-rand-arc4random_buf.txt b/ChangeLog.d/netbsd-rand-arc4random_buf.txt
index 7f5802e8c..8539d1f5e 100644
--- a/ChangeLog.d/netbsd-rand-arc4random_buf.txt
+++ b/ChangeLog.d/netbsd-rand-arc4random_buf.txt
@@ -1,3 +1,3 @@
-Changes
+Bugfix
    * Use arc4random_buf on NetBSD instead of rand implementation with cyclical
      lower bits. Fix contributed in #3540.