projects
/
mech_eap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
9e1f1bd
)
Use stronger PRNG for MS-MPPE-Send/Recv-Key salt
author
Nick Lowe
<nick.lowe@lugatech.com>
Sun, 7 Feb 2016 10:11:46 +0000
(10:11 +0000)
committer
Jouni Malinen
<j@w1.fi>
Sun, 7 Feb 2016 16:18:49 +0000
(18:18 +0200)
When generating a MS-MPPE-Send/Recv-Key, don't use a weak PRNG for the
salt.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
src/radius/radius.c
patch
|
blob
|
history
diff --git
a/src/radius/radius.c
b/src/radius/radius.c
index
77f9980
..
a6304e1
100644
(file)
--- a/
src/radius/radius.c
+++ b/
src/radius/radius.c
@@
-1197,7
+1197,9
@@
int radius_msg_add_mppe_keys(struct radius_msg *msg,
vhdr = (struct radius_attr_vendor *) pos;
vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY;
pos = (u8 *) (vhdr + 1);
- salt = os_random() | 0x8000;
+ if (os_get_random((u8 *) &salt, sizeof(salt)) < 0)
+ return 0;
+ salt |= 0x8000;
WPA_PUT_BE16(pos, salt);
pos += 2;
encrypt_ms_key(send_key, send_key_len, salt, req_authenticator, secret,
projects / mech_eap.git / commitdiff