[PATCH] eapol_test: Start the identifier at an initial random value

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Martin Stanislav <ms@xxxxxxxx>

Start the (EAP request) identifier at an initial random value
as recommended by RFC 3748 in section 4.1 Request and Response
on page 21.

os_get_random is used instead of os_random as suggested by Nick Lowe.
No fallback, eapol_test hard-fails if os_get_random fails.
Thanks for your comments/suggestions.

Signed-off-by: Martin Stanislav <ms@xxxxxxxx>
---
 wpa_supplicant/eapol_test.c | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c
index 6548bd17b..85dc6495b 100644
--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
@@ -65,6 +65,7 @@ struct eapol_test_data {
 	int radius_access_accept_received;
 	int radius_access_reject_received;
 	int auth_timed_out;
+	int get_random_failed;
 
 	u8 *eap_identity;
 	size_t eap_identity_len;
@@ -353,7 +354,7 @@ static void eapol_sm_reauth(void *eloop_ctx, void *timeout_ctx)
 	struct eapol_test_data *e = eloop_ctx;
 	printf("\n\n\n\n\neapol_test: Triggering EAP reauthentication\n\n");
 	e->radius_access_accept_received = 0;
-	send_eap_request_identity(e->wpa_s, NULL);
+	send_eap_request_identity(e, NULL);
 }
 
 
@@ -699,7 +700,8 @@ static void test_eapol_clean(struct eapol_test_data *e,
 
 static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 {
-	struct wpa_supplicant *wpa_s = eloop_ctx;
+	struct eapol_test_data *e = eloop_ctx;
+	struct wpa_supplicant *wpa_s = e->wpa_s;
 	u8 buf[100], *pos;
 	struct ieee802_1x_hdr *hdr;
 	struct eap_hdr *eap;
@@ -711,7 +713,13 @@ static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 
 	eap = (struct eap_hdr *) (hdr + 1);
 	eap->code = EAP_CODE_REQUEST;
-	eap->identifier = 0;
+	if (os_get_random((u8 *) &eap->identifier, sizeof(eap->identifier)) < 0)
+	{
+		printf("Failed to initialize EAP packet identifier\n");
+		e->get_random_failed = 1;
+		eloop_terminate();
+		return;
+	}
 	eap->length = htons(5);
 	pos = (u8 *) (eap + 1);
 	*pos = EAP_TYPE_IDENTITY;
@@ -973,7 +981,7 @@ static int driver_get_bssid(void *priv, u8 *bssid)
 
 	if (e->ctrl_iface && !e->id_req_sent) {
 		eloop_register_timeout(0, 0, send_eap_request_identity,
-				       e->wpa_s, NULL);
+				       e, NULL);
 		e->id_req_sent = 1;
 	}
 
@@ -1511,8 +1519,8 @@ int main(int argc, char *argv[])
 	if (!ctrl_iface) {
 		eloop_register_timeout(timeout, 0, eapol_test_timeout,
 				       &eapol_test, NULL);
-		eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s,
-				       NULL);
+		eloop_register_timeout(0, 0, send_eap_request_identity,
+				       &eapol_test, NULL);
 	}
 	eloop_register_signal_terminate(eapol_test_terminate, &wpa_s);
 	eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s);
@@ -1548,6 +1556,8 @@ int main(int argc, char *argv[])
 	       eapol_test.num_mppe_ok, eapol_test.num_mppe_mismatch);
 	if (eapol_test.num_mppe_mismatch)
 		ret = -4;
+	if (eapol_test.get_random_failed)
+		ret = -5;
 	if (ret)
 		printf("FAILURE\n");
 	else
-- 
2.17.1 (Apple Git-112)


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux