aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius
diff options
context:
space:
mode:
authorNick Lowe <nick.lowe@lugatech.com>2016-02-07 10:11:46 (GMT)
committerJouni Malinen <j@w1.fi>2016-02-07 16:18:49 (GMT)
commitc06c9099f0d0827feae5622097bd8ac946eca5ea (patch)
tree7593207d99d09b48a4161bb918d6d1a0509607ac /src/radius
parent9e1f1bdb6f35792ffdc016cebe2c6499d5de1d77 (diff)
downloadhostap-c06c9099f0d0827feae5622097bd8ac946eca5ea.zip
hostap-c06c9099f0d0827feae5622097bd8ac946eca5ea.tar.gz
hostap-c06c9099f0d0827feae5622097bd8ac946eca5ea.tar.bz2
Use stronger PRNG for MS-MPPE-Send/Recv-Key salt
When generating a MS-MPPE-Send/Recv-Key, don't use a weak PRNG for the salt. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Diffstat (limited to 'src/radius')
-rw-r--r--src/radius/radius.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c
index 77f9980..a6304e1 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -1197,7 +1197,9 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
vhdr = (struct radius_attr_vendor *) pos;
vhdr->vendor_type = RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY;
pos = (u8 *) (vhdr + 1);
- salt = os_random() | 0x8000;
+ if (os_get_random((u8 *) &salt, sizeof(salt)) < 0)
+ return 0;
+ salt |= 0x8000;
WPA_PUT_BE16(pos, salt);
pos += 2;
encrypt_ms_key(send_key, send_key_len, salt, req_authenticator, secret,