eapol_test: Start the identifier at an initial random value

Message ID 20181001145903.GA12680@moon.uakom.sk
State New
Headers show
Series
  • eapol_test: Start the identifier at an initial random value
Related show

Commit Message

Martin Stanislav Oct. 1, 2018, 2:59 p.m.
From: Martin Stanislav <ms@uakom.sk>

Start the (EAP request) identifier at an initial random value
as recommended by RFC 3748 in section 4.1 Request and Response
on page 21.

os_get_random is used instead of os_random as suggested by Nick Lowe.
No fallback, eapol_test hard-fails if os_get_random fails.
Thanks for your comments/suggestions.

Signed-off-by: Martin Stanislav <ms@uakom.sk>
---
 wpa_supplicant/eapol_test.c | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

Patch

diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c
index 6548bd17b..85dc6495b 100644
--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
@@ -65,6 +65,7 @@  struct eapol_test_data {
 	int radius_access_accept_received;
 	int radius_access_reject_received;
 	int auth_timed_out;
+	int get_random_failed;
 
 	u8 *eap_identity;
 	size_t eap_identity_len;
@@ -353,7 +354,7 @@  static void eapol_sm_reauth(void *eloop_ctx, void *timeout_ctx)
 	struct eapol_test_data *e = eloop_ctx;
 	printf("\n\n\n\n\neapol_test: Triggering EAP reauthentication\n\n");
 	e->radius_access_accept_received = 0;
-	send_eap_request_identity(e->wpa_s, NULL);
+	send_eap_request_identity(e, NULL);
 }
 
 
@@ -699,7 +700,8 @@  static void test_eapol_clean(struct eapol_test_data *e,
 
 static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 {
-	struct wpa_supplicant *wpa_s = eloop_ctx;
+	struct eapol_test_data *e = eloop_ctx;
+	struct wpa_supplicant *wpa_s = e->wpa_s;
 	u8 buf[100], *pos;
 	struct ieee802_1x_hdr *hdr;
 	struct eap_hdr *eap;
@@ -711,7 +713,13 @@  static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 
 	eap = (struct eap_hdr *) (hdr + 1);
 	eap->code = EAP_CODE_REQUEST;
-	eap->identifier = 0;
+	if (os_get_random((u8 *) &eap->identifier, sizeof(eap->identifier)) < 0)
+	{
+		printf("Failed to initialize EAP packet identifier\n");
+		e->get_random_failed = 1;
+		eloop_terminate();
+		return;
+	}
 	eap->length = htons(5);
 	pos = (u8 *) (eap + 1);
 	*pos = EAP_TYPE_IDENTITY;
@@ -973,7 +981,7 @@  static int driver_get_bssid(void *priv, u8 *bssid)
 
 	if (e->ctrl_iface && !e->id_req_sent) {
 		eloop_register_timeout(0, 0, send_eap_request_identity,
-				       e->wpa_s, NULL);
+				       e, NULL);
 		e->id_req_sent = 1;
 	}
 
@@ -1511,8 +1519,8 @@  int main(int argc, char *argv[])
 	if (!ctrl_iface) {
 		eloop_register_timeout(timeout, 0, eapol_test_timeout,
 				       &eapol_test, NULL);
-		eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s,
-				       NULL);
+		eloop_register_timeout(0, 0, send_eap_request_identity,
+				       &eapol_test, NULL);
 	}
 	eloop_register_signal_terminate(eapol_test_terminate, &wpa_s);
 	eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s);
@@ -1548,6 +1556,8 @@  int main(int argc, char *argv[])
 	       eapol_test.num_mppe_ok, eapol_test.num_mppe_mismatch);
 	if (eapol_test.num_mppe_mismatch)
 		ret = -4;
+	if (eapol_test.get_random_failed)
+		ret = -5;
 	if (ret)
 		printf("FAILURE\n");
 	else