.BR libstrongswan.plugins.random.urandom " [@urandom_device@]"
File to read pseudo random bytes from, instead of @urandom_device@
.TP
+.BR libstrongswan.plugins.random.strong_equals_true " [no]"
+If set to yes the RNG_STRONG class reads random bytes from the same source as
+the RNG_TRUE class.
+.TP
.BR libstrongswan.plugins.unbound.resolv_conf " [/etc/resolv.conf]"
File to read DNS resolver configuration from
.TP
/** /dev/urandom file descriptor */
static int dev_urandom = -1;
+/** Is strong randomness equivalent to true randomness? */
+static bool strong_equals_true = FALSE;
+
/**
* See header.
*/
return dev_urandom;
}
+/**
+ * See header.
+ */
+bool random_plugin_get_strong_equals_true()
+{
+ return strong_equals_true;
+}
+
/**
* Open a random device file
*/
},
);
+ strong_equals_true = lib->settings->get_bool(lib->settings,
+ "libstrongswan.plugins.random.strong_equals_true", FALSE);
urandom_file = lib->settings->get_str(lib->settings,
"libstrongswan.plugins.random.urandom", DEV_URANDOM);
random_file = lib->settings->get_str(lib->settings,
*/
int random_plugin_get_dev_urandom();
+/**
+ * Must strong randomness be equivalent to true randomness?
+ */
+bool random_plugin_get_strong_equals_true();
+
#endif /** RANDOM_PLUGIN_H_ @}*/
this->fd = random_plugin_get_dev_random();
break;
case RNG_STRONG:
+ this->fd = random_plugin_get_strong_equals_true() ?
+ random_plugin_get_dev_random() :
+ random_plugin_get_dev_urandom();
+ break;
case RNG_WEAK:
default:
this->fd = random_plugin_get_dev_urandom();