When generating a MS-MPPE-Send-Key, don't use a weak PRNG for the salt. Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx> --- src/radius/radius.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/radius/radius.c b/src/radius/radius.c index d4b84c1..b5166d9 100644 --- a/src/radius/radius.c +++ b/src/radius/radius.c @@ -1201,7 +1201,10 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg, vhdr = (struct radius_attr_vendor *) pos; vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY; pos = (u8 *) (vhdr + 1); - salt = os_random() | 0x8000; + if (os_get_random((u8 *) &salt, sizeof(salt)) < 0) { + return 0; + } + salt |= 0x8000; WPA_PUT_BE16(pos, salt); pos += 2; encrypt_ms_key(send_key, send_key_len, salt, req_authenticator, secret, -- 2.5.0 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap