jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

MACsec: Check os_get_random() return value

Browse source 
This makes the MACsec implementation more consistent with rest of
wpa_supplicant. (CID 72677, CID 72695, CID 72701, CID 72709, CID 72711)

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-10-11 18:46:35 +03:00
parent 93da049851
commit 533d7fb7b7
1 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/pae/ieee802_1x_kay.c
View file

@ -729,7 +729,8 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg,
/* If the peer's MI is my MI, I will choose new MI */
if (os_memcmp(body->actor_mi, participant->mi, MI_LEN) == 0) {
os_get_random(participant->mi, sizeof(participant->mi));
if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
return NULL;
participant->mn = 0;
}
@ -1003,8 +1004,10 @@ static int ieee802_1x_mka_decode_live_peer_body(
if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
/* My message id is used by other participant */
if (peer_mn > participant->mn) {
os_get_random(participant->mi,
sizeof(participant->mi));
if (os_get_random(participant->mi,
sizeof(participant->mi)) < 0)
wpa_printf(MSG_DEBUG,
"KaY: Could not update mi");
participant->mn = 0;
}
continue;
@ -1054,8 +1057,10 @@ ieee802_1x_mka_decode_potential_peer_body(
if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
/* My message id is used by other participant */
if (peer_mn > participant->mn) {
os_get_random(participant->mi,
sizeof(participant->mi));
if (os_get_random(participant->mi,
sizeof(participant->mi)) < 0)
wpa_printf(MSG_DEBUG,
"KaY: Could not update mi");
participant->mn = 0;
}
continue;
@ -1998,7 +2003,12 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant)
return -1;
}
ctx_offset = 0;
os_get_random(context + ctx_offset, conf->key_len);
if (os_get_random(context + ctx_offset, conf->key_len) < 0) {
os_free(context);
os_free(conf->key);
os_free(conf);
return -1;
}
ctx_offset += conf->key_len;
dl_list_for_each(peer, &participant->live_peers,
struct ieee802_1x_kay_peer, list) {
@ -3325,7 +3335,8 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
participant->retry_count = 0;
participant->kay = kay;
os_get_random(participant->mi, sizeof(participant->mi));
if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
goto fail;
participant->mn = 0;
participant->lrx = FALSE;