www.project-moonshot.org Git - mech

author	Nick Lowe <nick.lowe@lugatech.com>
	Sun, 24 Jan 2016 11:37:46 +0000 (11:37 +0000)
committer	Jouni Malinen <j@w1.fi>
	Sat, 6 Feb 2016 15:10:19 +0000 (17:10 +0200)
commit	d72a00539ca793ecd3137ae308bc173271d8b882
tree	f0f9f7c3e65e08d0a597bf42bdff9daeb3a84746	tree \| snapshot
parent	d689317ddbf58487432951a4afb2f4070eeb10b6	commit \| diff

RADIUS: Use more likely unique accounting Acct-{,Multi-}Session-Id

Rework the Acct-Session-Id and Acct-Multi-Session-Id implementation to
give better global and temporal uniqueness. Previously, only 32-bits of
the Acct-Session-Id would contain random data, the other 32-bits would
be incremented. Previously, the Acct-Multi-Session-Id would not use
random data. Switch from two u32 variables to a single u64 for the
Acct-Session-Id and Acct-Multi-Session-Id. Do not increment, this serves
no legitimate purpose. Exclusively use os_get_random() to get quality
random numbers, do not use or mix in the time. Inherently take a
dependency on /dev/urandom working properly therefore. Remove the global
Acct-Session-Id and Acct-Multi-Session-Id values that serve no
legitimate purpose.

Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>

src/ap/accounting.c		diff \| blob \| history
src/ap/accounting.h		diff \| blob \| history
src/ap/hostapd.c		diff \| blob \| history
src/ap/hostapd.h		diff \| blob \| history
src/ap/ieee802_1x.c		diff \| blob \| history
src/ap/pmksa_cache_auth.c		diff \| blob \| history
src/ap/pmksa_cache_auth.h		diff \| blob \| history
src/ap/sta_info.c		diff \| blob \| history
src/ap/sta_info.h		diff \| blob \| history
src/eapol_auth/eapol_auth_sm.c		diff \| blob \| history
src/eapol_auth/eapol_auth_sm_i.h		diff \| blob \| history