Re-enable the entropy handling code in sysinst (only visible on machines
that do not have full entropy), but move it to the config menu
instead of enforcing it as mandatory step.

This menu is shown at the end of the setup, or if explicitly invoked
from the main menu.

Some of the input options are complex but useful in some situations
and code to support them is tiny. Most users will use the manual input
(first + default option) but some might prefer to connect a USB TRNG
or have easy setups to transfer entropy from another machine (while
copy & paste on a serial console sometimes is tricky).

A "walk through" of most options in action is here:

	https://www.NetBSD.org/~martin/sysinst-entropy/


Index: Makefile.inc
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/Makefile.inc,v
retrieving revision 1.43
diff -u -p -r1.43 Makefile.inc
--- Makefile.inc	26 Sep 2021 15:52:40 -0000	1.43
+++ Makefile.inc	27 Sep 2021 13:40:11 -0000
@@ -47,7 +47,7 @@ SRCS+=	mbr.c
 CPPFLAGS+=	-DNO_CLONES
 .endif
 
-.if ${CHECK_ENTROPY:Uno} != "no"
+.if ${CHECK_ENTROPY:Uyes} != "no"
 MENUS_MI+=	menus.entropy
 CPPFLAGS+=	-DCHECK_ENTROPY=1
 .endif
@@ -209,7 +209,7 @@ msgtouch: ${DISTRIBVERDEP}
 MSG_MD+=	msg.pm.${SYSINSTLANG}
 .endif
 
-.if ${CHECK_ENTROPY:Uno} != "no"
+.if ${CHECK_ENTROPY:Uyes} != "no"
 MSG_MD+=	msg.entropy.${SYSINSTLANG}
 .endif
 
Index: configmenu.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/configmenu.c,v
retrieving revision 1.12
diff -u -p -r1.12 configmenu.c
--- configmenu.c	31 Jan 2021 22:45:46 -0000	1.12
+++ configmenu.c	27 Sep 2021 13:40:11 -0000
@@ -45,6 +45,7 @@ static int set_timezone_menu(struct menu
 static int set_root_shell(struct menudesc *, void *);
 static int change_root_password(struct menudesc *, void *);
 static int add_new_user(struct menudesc *, void *);
+static int add_entropy(struct menudesc *, void *);
 static int set_binpkg(struct menudesc *, void *);
 static int set_pkgsrc(struct menudesc *, void *);
 static void config_list_init(void);
@@ -74,6 +75,7 @@ enum {
 	CONFIGOPT_LVM,
 	CONFIGOPT_RAIDFRAME,
 	CONFIGOPT_ADDUSER,
+	CONFIGOPT_ADD_ENTROPY,
 	CONFIGOPT_LAST
 };
 
@@ -102,6 +104,9 @@ configinfo config_list[] = {
 	{MSG_enable_lvm, CONFIGOPT_LVM, "lvm", toggle_rcvar, NULL},
 	{MSG_enable_raid, CONFIGOPT_RAIDFRAME, "raidframe", toggle_rcvar, NULL},
 	{MSG_add_a_user, CONFIGOPT_ADDUSER, NULL, add_new_user, ""},
+#if CHECK_ENTROPY
+	{MSG_Configure_entropy, CONFIGOPT_ADD_ENTROPY, NULL, add_entropy, ""},
+#endif
 	{NULL,		CONFIGOPT_LAST,	NULL, NULL, NULL}
 };
 
@@ -180,6 +185,10 @@ init_config_menu(configinfo *conf, menu_
 		opt = conf->opt;
 		if (opt == CONFIGOPT_LAST)
 			break;
+#if CHECK_ENTROPY
+		if (opt == CONFIGOPT_ADD_ENTROPY && entropy_needed() == 0)
+			continue;
+#endif
 		*ce = conf;
 		memset(me, 0, sizeof(*me));
 		me->opt_action = conf->action;
@@ -247,6 +256,15 @@ check_root_password(void)
 	return rval;
 }
 
+#if CHECK_ENTROPY
+static int
+add_entropy(struct menudesc *menu, void *arg)
+{
+	do_add_entropy();
+	return 0;
+}
+#endif
+
 static int
 add_new_user(struct menudesc *menu, void *arg)
 {
Index: defs.h
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/defs.h,v
retrieving revision 1.74
diff -u -p -r1.74 defs.h
--- defs.h	26 Sep 2021 15:52:40 -0000	1.74
+++ defs.h	27 Sep 2021 13:40:12 -0000
@@ -632,6 +632,10 @@ extern char dist_tgz_postfix[SSTRSIZE];
 /* needed prototypes */
 void set_menu_numopts(int, int);
 void remove_color_options(void);
+#ifdef CHECK_ENTROPY
+bool do_add_entropy(void);
+size_t entropy_needed(void);
+#endif
 void remove_raid_options(void);
 void remove_lvm_options(void);
 void remove_cgd_options(void);
@@ -892,7 +896,6 @@ bool	install_desc_from_parts(struct inst
 	    struct disk_partitions*);
 void	free_install_desc(struct install_partition_desc*);
 bool	may_swap_if_not_sdmmc(const char*);
-bool	do_check_entropy(void);
 
 /* from target.c */
 #if defined(DEBUG)  ||	defined(DEBUG_ROOT)
Index: install.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/install.c,v
retrieving revision 1.20
diff -u -p -r1.20 install.c
--- install.c	4 Nov 2020 14:29:40 -0000	1.20
+++ install.c	27 Sep 2021 13:40:12 -0000
@@ -168,13 +168,6 @@ do_install(void)
 		return;
 #endif
 
-#ifdef CHECK_ENTROPY
-	if (!do_check_entropy()) {
-		hit_enter_to_continue(MSG_abort_installation, NULL);
-		return;
-	}
-#endif
-
 	memset(&install, 0, sizeof install);
 
 	/* Create and mount partitions */
Index: menus.entropy
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/menus.entropy,v
retrieving revision 1.1
diff -u -p -r1.1 menus.entropy
--- menus.entropy	4 Nov 2020 14:29:40 -0000	1.1
+++ menus.entropy	27 Sep 2021 13:40:12 -0000
@@ -33,7 +33,7 @@
 
 /* arg is an int*, returning a magic value for the selected menu option */
 menu not_enough_entropy, title MSG_not_enough_entropy, y=-1, no box, clear,
-    exit, exitstring MSG_abort_installation;
+    exit, exitstring MSG_continue_without_entropy;
 	option MSG_entropy_add_manually, exit,
 	    action { *((int*)arg) = 1; };
 	option MSG_entropy_download_seed, exit,
Index: msg.entropy.de
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/msg.entropy.de,v
retrieving revision 1.2
diff -u -p -r1.2 msg.entropy.de
--- msg.entropy.de	6 Nov 2020 12:23:10 -0000	1.2
+++ msg.entropy.de	27 Sep 2021 13:40:12 -0000
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+message Configure_entropy	{Entropie konfigurieren}
+
+message continue_without_entropy	{Weiter ohne Entropy}
+
 message not_enough_entropy
 {Dieses System scheint nicht über einen Pseudo-Zufallszahlengenerator
 zu verfügen. Für das Erzeugen von kryptografisch sicheren Schlüsseldateien
Index: msg.entropy.en
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/msg.entropy.en,v
retrieving revision 1.2
diff -u -p -r1.2 msg.entropy.en
--- msg.entropy.en	6 Nov 2020 12:23:10 -0000	1.2
+++ msg.entropy.en	27 Sep 2021 13:40:12 -0000
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+message Configure_entropy	{Set up entropy}
+
+message continue_without_entropy	{Continue without entropy}
+
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
Index: msg.entropy.es
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/msg.entropy.es,v
retrieving revision 1.2
diff -u -p -r1.2 msg.entropy.es
--- msg.entropy.es	6 Nov 2020 12:23:10 -0000	1.2
+++ msg.entropy.es	27 Sep 2021 13:40:12 -0000
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+message Configure_entropy	{Set up entropy}
+
+message continue_without_entropy	{Continue without entropy}
+
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
Index: msg.entropy.fr
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/msg.entropy.fr,v
retrieving revision 1.2
diff -u -p -r1.2 msg.entropy.fr
--- msg.entropy.fr	6 Nov 2020 12:23:10 -0000	1.2
+++ msg.entropy.fr	27 Sep 2021 13:40:12 -0000
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+message Configure_entropy	{Set up entropy}
+
+message continue_without_entropy	{Continue without entropy}
+
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
Index: msg.entropy.pl
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/msg.entropy.pl,v
retrieving revision 1.2
diff -u -p -r1.2 msg.entropy.pl
--- msg.entropy.pl	6 Nov 2020 12:23:10 -0000	1.2
+++ msg.entropy.pl	27 Sep 2021 13:40:12 -0000
@@ -26,6 +26,10 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+message Configure_entropy	{Set up entropy}
+
+message continue_without_entropy	{Continue without entropy}
+
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
Index: util.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/util.c,v
retrieving revision 1.61
diff -u -p -r1.61 util.c
--- util.c	26 Sep 2021 15:52:40 -0000	1.61
+++ util.c	27 Sep 2021 13:40:12 -0000
@@ -1122,7 +1122,7 @@ char entropy_file[PATH_MAX];
 /*
  * Are we short of entropy?
  */
-static size_t
+size_t
 entropy_needed(void)
 {
 	int needed;
@@ -1154,9 +1154,10 @@ static void
 entropy_add_manual(void)
 {
 	SHA256_CTX ctx;
-	char buf[256], line[25];
-	size_t line_no, l;
+	char buf[256];
 	uint8_t digest[SHA256_DIGEST_LENGTH];
+	size_t l;
+	int txt_y, maxy, init_y;
 	bool ok = false;
 
 	msg_display(MSG_entropy_enter_manual1);
@@ -1166,18 +1167,34 @@ entropy_add_manual(void)
 	msg_display_add(MSG_entropy_enter_manual3);
 	msg_printf("\n\n");
 	SHA256_Init(&ctx);
-	line_no = 1;
+	txt_y = getcury(mainwin);
+	maxy = getmaxy(mainwin);
+	init_y = txt_y;
+
+	echo();
 	do {
-		sprintf(line, "%zu", line_no);
-		msg_prompt_win(line, -1, 15, 0, 0, "", buf, sizeof(buf));
+		txt_y++;
+		if (txt_y >= maxy) {
+			txt_y = init_y;
+			wmove(mainwin, txt_y, 0);
+			wclrtobot(mainwin);
+		} else {
+			wmove(mainwin, txt_y, 0);
+		}
+		msg_fmt_table_add(0, "> ");
+		mvwgetnstr(mainwin, txt_y, 2, buf, sizeof buf);
 		l = strlen(buf);
 		if (l > 0)
 			SHA256_Update(&ctx, (const uint8_t*)buf, l);
-		line_no++;
-	} while(buf[0] != 0);
+	} while(l > 0);
+	noecho();
 	ok = ctx.bitcount >= 256;
 	SHA256_Final(digest, &ctx);
 
+	wmove(mainwin, init_y, 0);
+	wclrtobot(mainwin);
+	wrefresh(mainwin);
+
 	if (ok)
 		entropy_write_to_kernel(digest, sizeof digest);
 	else
@@ -1332,13 +1349,10 @@ entropy_add_seed(void)
  * return true if we have enough entropy
  */
 bool
-do_check_entropy(void)
+do_add_entropy(void)
 {
 	int rv;
 
-	if (entropy_needed() == 0)
-		return true;
-
 	for (;;) {
 		if (entropy_needed() == 0)
 			return true;
@@ -1516,14 +1530,7 @@ get_and_unpack_sets(int update, msg setu
 	if (set_status[SET_BASE] & SET_INSTALLED)
 		run_makedev();
 
-	if (update) {
-#ifdef CHECK_ENTROPY
-		if (!do_check_entropy()) {
-			hit_enter_to_continue(NULL, MSG_abortupgr);
-			return 1;
-		}
-#endif
-	} else {
+	if (!update) {
 		struct stat sb1, sb2;
 
 		if (stat(target_expand("/"), &sb1) == 0