Imported Upstream version 5.0.1

4 files changed, 108 insertions, 42 deletions

diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 9b549b071..a393e8049 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -84,7 +85,7 @@ libstrongswan_random_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 @MONOLITHIC_FALSE@am_libstrongswan_random_la_rpath = -rpath \
 @MONOLITHIC_FALSE@	$(plugindir)
 @MONOLITHIC_TRUE@am_libstrongswan_random_la_rpath =
-DEFAULT_INCLUDES = -I.@am__isrc@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
@@ -110,6 +111,7 @@ AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BFDLIB = @BFDLIB@
 BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
@@ -204,11 +206,14 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
 clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
-default_pkcs11 = @default_pkcs11@
+dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
@@ -225,11 +230,12 @@ imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
 ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
-libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
 libexecdir = @libexecdir@
 linux_headers = @linux_headers@
@@ -245,6 +251,7 @@ mkdir_p = @mkdir_p@
 nm_CFLAGS = @nm_CFLAGS@
 nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
@@ -254,7 +261,6 @@ pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
 plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
 pool_plugins = @pool_plugins@
 prefix = @prefix@
 program_transform_name = @program_transform_name@
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
index 7f81e2622..cef20047a 100644
--- a/src/libstrongswan/plugins/random/random_plugin.c
+++ b/src/libstrongswan/plugins/random/random_plugin.c
@@ -15,9 +15,24 @@
 
 #include "random_plugin.h"
 
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+
 #include <library.h>
+#include <debug.h>
 #include "random_rng.h"
 
+#ifndef DEV_RANDOM
+# define DEV_RANDOM "/dev/random"
+#endif
+
+#ifndef DEV_URANDOM
+# define DEV_URANDOM "/dev/urandom"
+#endif
+
 typedef struct private_random_plugin_t private_random_plugin_t;
 
 /**
@@ -31,6 +46,41 @@ struct private_random_plugin_t {
 	random_plugin_t public;
 };
 
+/** /dev/random file descriptor */
+static int dev_random = -1;
+/** /dev/urandom file descriptor */
+static int dev_urandom = -1;
+
+/**
+ * See header.
+ */
+int random_plugin_get_dev_random()
+{
+	return dev_random;
+}
+
+/**
+ * See header.
+ */
+int random_plugin_get_dev_urandom()
+{
+	return dev_urandom;
+}
+
+/**
+ * Open a random device file
+ */
+static bool open_dev(char *file, int *fd)
+{
+	*fd = open(file, O_RDONLY);
+	if (*fd == -1)
+	{
+		DBG1(DBG_LIB, "opening \"%s\" failed: %s", file, strerror(errno));
+		return FALSE;
+	}
+	return TRUE;
+}
+
 METHOD(plugin_t, get_name, char*,
 	private_random_plugin_t *this)
 {
@@ -52,6 +102,14 @@ METHOD(plugin_t, get_features, int,
 METHOD(plugin_t, destroy, void,
 	private_random_plugin_t *this)
 {
+	if (dev_random != -1)
+	{
+		close(dev_random);
+	}
+	if (dev_urandom != -1)
+	{
+		close(dev_urandom);
+	}
 	free(this);
 }
 
@@ -61,6 +119,7 @@ METHOD(plugin_t, destroy, void,
 plugin_t *random_plugin_create()
 {
 	private_random_plugin_t *this;
+	char *urandom_file, *random_file;
 
 	INIT(this,
 		.public = {
@@ -72,6 +131,17 @@ plugin_t *random_plugin_create()
 		},
 	);
 
+	urandom_file = lib->settings->get_str(lib->settings,
+						"libstrongswan.plugins.random.urandom", DEV_URANDOM);
+	random_file = lib->settings->get_str(lib->settings,
+						"libstrongswan.plugins.random.random", DEV_RANDOM);
+	if (!open_dev(urandom_file, &dev_urandom) ||
+		!open_dev(random_file, &dev_random))
+	{
+		destroy(this);
+		return NULL;
+	}
+
 	return &this->public.plugin;
 }
 
diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h
index 7e22c3e5f..c34fa8196 100644
--- a/src/libstrongswan/plugins/random/random_plugin.h
+++ b/src/libstrongswan/plugins/random/random_plugin.h
@@ -39,4 +39,14 @@ struct random_plugin_t {
 	plugin_t plugin;
 };
 
+/**
+ * Get the /dev/random file descriptor
+ */
+int random_plugin_get_dev_random();
+
+/**
+ * Get the /dev/urandom file descriptor
+ */
+int random_plugin_get_dev_urandom();
+
 #endif /** RANDOM_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index 1d99a63d5..52cfc080e 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -15,22 +15,12 @@
  */
 
 #include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
 #include <unistd.h>
 #include <errno.h>
 #include <debug.h>
 
 #include "random_rng.h"
-
-#ifndef DEV_RANDOM
-# define DEV_RANDOM "/dev/random"
-#endif
-
-#ifndef DEV_URANDOM
-# define DEV_URANDOM "/dev/urandom"
-#endif
+#include "random_plugin.h"
 
 typedef struct private_random_rng_t private_random_rng_t;
 
@@ -47,15 +37,10 @@ struct private_random_rng_t {
 	/**
 	 * random device, depends on quality
 	 */
-	int dev;
-
-	/**
-	 * file we read random bytes from
-	 */
-	char *file;
+	int fd;
 };
 
-METHOD(rng_t, get_bytes, void,
+METHOD(rng_t, get_bytes, bool,
 	private_random_rng_t *this, size_t bytes, u_int8_t *buffer)
 {
 	size_t done;
@@ -65,30 +50,29 @@ METHOD(rng_t, get_bytes, void,
 
 	while (done < bytes)
 	{
-		got = read(this->dev, buffer + done, bytes - done);
+		got = read(this->fd, buffer + done, bytes - done);
 		if (got <= 0)
 		{
-			DBG1(DBG_LIB, "reading from \"%s\" failed: %s, retrying...",
-				 this->file, strerror(errno));
-			close(this->dev);
+			DBG1(DBG_LIB, "reading from random FD %d failed: %s, retrying...",
+				 this->fd, strerror(errno));
 			sleep(1);
-			this->dev = open(this->file, 0);
 		}
 		done += got;
 	}
+	return TRUE;
 }
 
-METHOD(rng_t, allocate_bytes, void,
+METHOD(rng_t, allocate_bytes, bool,
 	private_random_rng_t *this, size_t bytes, chunk_t *chunk)
 {
 	*chunk = chunk_alloc(bytes);
 	get_bytes(this, chunk->len, chunk->ptr);
+	return TRUE;
 }
 
 METHOD(rng_t, destroy, void,
 	private_random_rng_t *this)
 {
-	close(this->dev);
 	free(this);
 }
 
@@ -109,22 +93,18 @@ random_rng_t *random_rng_create(rng_quality_t quality)
 		},
 	);
 
-	if (quality == RNG_TRUE)
+	switch (quality)
 	{
-		this->file = DEV_RANDOM;
-	}
-	else
-	{
-		this->file = DEV_URANDOM;
+		case RNG_TRUE:
+			this->fd = random_plugin_get_dev_random();
+			break;
+		case RNG_STRONG:
+		case RNG_WEAK:
+		default:
+			this->fd = random_plugin_get_dev_urandom();
+			break;
 	}
 
-	this->dev = open(this->file, 0);
-	if (this->dev < 0)
-	{
-		DBG1(DBG_LIB, "opening \"%s\" failed: %s", this->file, strerror(errno));
-		free(this);
-		return NULL;
-	}
 	return &this->public;
 }