The unified diff between revisions [db61b050..] and [ccb73654..] is displayed below. It can also be downloaded as a raw diff.

#
#
# patch "options.h"
#  from [0e15d2ad778f160198c6ed28bbc8d5712139bf20]
#    to [358ba26c143e36614a8d6ba03f0341353fac67b7]
#
# patch "random.c"
#  from [b23574c087a5c115374062b1f9ff46e565550c22]
#    to [91f3c0fac76017e3c861e409d6d0f11c60f96bf8]
#
============================================================
--- options.h	0e15d2ad778f160198c6ed28bbc8d5712139bf20
+++ options.h	358ba26c143e36614a8d6ba03f0341353fac67b7
@@ -127,8 +127,8 @@ etc) slower (perhaps by 50%). Recommende
  * but there's an interface via a PAM module - don't bother using it otherwise.
  * You can't enable both PASSWORD and PAM. */

-#define ENABLE_SVR_PASSWORD_AUTH
-/*#define ENABLE_SVR_PAM_AUTH */
+/*#define ENABLE_SVR_PASSWORD_AUTH*/
+#define ENABLE_SVR_PAM_AUTH
 #define ENABLE_SVR_PUBKEY_AUTH

 #define ENABLE_CLI_PASSWORD_AUTH
============================================================
--- random.c	b23574c087a5c115374062b1f9ff46e565550c22
+++ random.c	91f3c0fac76017e3c861e409d6d0f11c60f96bf8
@@ -73,6 +73,7 @@ void genrandom(unsigned char* buf, unsig
 	unsigned int copylen;
     const unsigned int total_len = len;
     unsigned char* start_buf = buf;
+    unsigned char counter_buf[4];

 	if (!donerandinit) {
 		dropbear_exit("seedrandom not done");
@@ -81,7 +82,8 @@ void genrandom(unsigned char* buf, unsig
 	while (len > 0) {
 		sha1_init(&hs);
 		sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
-		sha1_process(&hs, (void*)&counter, sizeof(counter));
+        STORE32H(counter, counter_buf);
+		sha1_process(&hs, (void*)counter_buf, sizeof(counter));
 		sha1_done(&hs, hash);

 		counter++;