[PATCH] When generating a MS-MPPE-Send-Key, don't use a weak PRNG for the salt.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When generating a MS-MPPE-Send-Key, don't use a weak PRNG for the salt.

Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx>
---
 src/radius/radius.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/radius/radius.c b/src/radius/radius.c
index d4b84c1..b5166d9 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -1201,7 +1201,10 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
  vhdr = (struct radius_attr_vendor *) pos;
  vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY;
  pos = (u8 *) (vhdr + 1);
- salt = os_random() | 0x8000;
+ if (os_get_random((u8 *) &salt, sizeof(salt)) < 0) {
+ return 0;
+ }
+ salt |= 0x8000;
  WPA_PUT_BE16(pos, salt);
  pos += 2;
  encrypt_ms_key(send_key, send_key_len, salt, req_authenticator, secret,
-- 
2.5.0

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux