aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/wpa_auth_i.h
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2010-11-24 11:08:03 (GMT)
committerJouni Malinen <j@w1.fi>2010-11-24 11:08:03 (GMT)
commit08704cd8859825e70b5a961d9791c1ab25435237 (patch)
tree063afb30f5af307d29bd637fc6c91ad77bfdcf96 /src/ap/wpa_auth_i.h
parentdbb6ed7e752da8e5d563705afe6a1848d23f4052 (diff)
downloadhostap-08704cd8859825e70b5a961d9791c1ab25435237.zip
hostap-08704cd8859825e70b5a961d9791c1ab25435237.tar.gz
hostap-08704cd8859825e70b5a961d9791c1ab25435237.tar.bz2
hostapd: Verify availability of random data when using WPA/WPA2
On Linux, verify that the kernel entropy pool is capable of providing strong random data before allowing WPA/WPA2 connection to be established. If 20 bytes of data cannot be read from /dev/random, force first two 4-way handshakes to fail while collecting entropy into the internal pool in hostapd. After that, give up on /dev/random and allow the AP to function based on the combination of /dev/urandom and whatever data has been collected into the internal entropy pool.
Diffstat (limited to 'src/ap/wpa_auth_i.h')
-rw-r--r--src/ap/wpa_auth_i.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index bc6962f..3173144 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -146,6 +146,7 @@ struct wpa_group {
u8 GNonce[WPA_NONCE_LEN];
Boolean changed;
Boolean first_sta_seen;
+ Boolean reject_4way_hs_for_entropy;
#ifdef CONFIG_IEEE80211W
u8 IGTK[2][WPA_IGTK_LEN];
int GN_igtk, GM_igtk;