From patchwork Mon Oct  1 14:59:03 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Martin Stanislav <ms@uakom.sk>
X-Patchwork-Id: 977274
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (mailfrom)
	smtp.mailfrom=lists.infradead.org
	(client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org;
	envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=none (p=none dis=none) header.from=uakom.sk
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=lists.infradead.org
	header.i=@lists.infradead.org header.b="VMakDZR5";
	dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
	[IPv6:2607:7c80:54:e::133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 42P56j2pwvz9s3x
	for <incoming@patchwork.ozlabs.org>;
	Tue,  2 Oct 2018 00:59:57 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Mime-Version:Message-ID:Subject:To:From
	:Date:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
	List-Owner; bh=wdk4ci2ffGMDOngAeNuMsuVc9B1XaG7/DY2Aog/TbtM=;
	b=VMakDZR5r0LyLr
	ZDNvwiIkZIPpif2x9jWX43pbJt+lAy0tB2HLoeY28i6FC1tPGbqcVTGoPKCN8ZSvQ87DwgglP1vgI
	J1GgMb1JZ05AUatctkhO8eTbVMqoN1xQJNvCMZJ6yselm4iAV+O2Bj1vBb0WePG1zMvZUt07Dss00
	b/OU+Qnmkez/ryHbNJluq3hlEh97nL+aDa3cYqarDhnj+YWmkRGzXZPfUEtXdX2m2Nn6hHYjVNaFI
	A9z+w6MjwLqSqHIj+gKpzSmjpO8f2Oqn5sYVSAxxMAgZdMg1LLoTYRkXe0sVXbg7Rk0hiwvIz275Z
	HZatWAkJvsz5Kyl23cjg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux))
	id 1g6zfa-0003YG-TV; Mon, 01 Oct 2018 14:59:34 +0000
Received: from moon.uakom.sk ([192.108.131.17])
	by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat
	Linux)) id 1g6zfX-0003XN-Bz
	for hostap@lists.infradead.org; Mon, 01 Oct 2018 14:59:33 +0000
Received: from moon.uakom.sk (localhost [127.0.0.1])
	by moon.uakom.sk (8.14.4/8.14.4) with ESMTP id w91Ex8h5016933;
	Mon, 1 Oct 2018 16:59:08 +0200 (MEST)
Received: (from ms@localhost)
	by moon.uakom.sk (8.13.8+Sun/8.13.8/Submit) id w91Ex7GT016932;
	Mon, 1 Oct 2018 16:59:07 +0200 (MEST)
Date: Mon, 1 Oct 2018 16:59:03 +0200
From: Martin Stanislav <ms@uakom.sk>
To: hostap@lists.infradead.org
Subject: [PATCH] eapol_test: Start the identifier at an initial random value
Message-ID: <20181001145903.GA12680@moon.uakom.sk>
Mime-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.4.2.3i
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20181001_075931_720091_211E5637 
X-CRM114-Status: GOOD (  11.32  )
X-Spam-Score: -2.3 (--)
X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary:
	Content analysis details:   (-2.3 points)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	-2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/,
	medium trust [192.108.131.17 listed in list.dnswl.org]
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

From: Martin Stanislav <ms@uakom.sk>

Start the (EAP request) identifier at an initial random value
as recommended by RFC 3748 in section 4.1 Request and Response
on page 21.

os_get_random is used instead of os_random as suggested by Nick Lowe.
No fallback, eapol_test hard-fails if os_get_random fails.
Thanks for your comments/suggestions.

Signed-off-by: Martin Stanislav <ms@uakom.sk>
---
 wpa_supplicant/eapol_test.c | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c
index 6548bd17b..85dc6495b 100644
--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
@@ -65,6 +65,7 @@ struct eapol_test_data {
 	int radius_access_accept_received;
 	int radius_access_reject_received;
 	int auth_timed_out;
+	int get_random_failed;
 
 	u8 *eap_identity;
 	size_t eap_identity_len;
@@ -353,7 +354,7 @@ static void eapol_sm_reauth(void *eloop_ctx, void *timeout_ctx)
 	struct eapol_test_data *e = eloop_ctx;
 	printf("\n\n\n\n\neapol_test: Triggering EAP reauthentication\n\n");
 	e->radius_access_accept_received = 0;
-	send_eap_request_identity(e->wpa_s, NULL);
+	send_eap_request_identity(e, NULL);
 }
 
 
@@ -699,7 +700,8 @@ static void test_eapol_clean(struct eapol_test_data *e,
 
 static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 {
-	struct wpa_supplicant *wpa_s = eloop_ctx;
+	struct eapol_test_data *e = eloop_ctx;
+	struct wpa_supplicant *wpa_s = e->wpa_s;
 	u8 buf[100], *pos;
 	struct ieee802_1x_hdr *hdr;
 	struct eap_hdr *eap;
@@ -711,7 +713,13 @@ static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx)
 
 	eap = (struct eap_hdr *) (hdr + 1);
 	eap->code = EAP_CODE_REQUEST;
-	eap->identifier = 0;
+	if (os_get_random((u8 *) &eap->identifier, sizeof(eap->identifier)) < 0)
+	{
+		printf("Failed to initialize EAP packet identifier\n");
+		e->get_random_failed = 1;
+		eloop_terminate();
+		return;
+	}
 	eap->length = htons(5);
 	pos = (u8 *) (eap + 1);
 	*pos = EAP_TYPE_IDENTITY;
@@ -973,7 +981,7 @@ static int driver_get_bssid(void *priv, u8 *bssid)
 
 	if (e->ctrl_iface && !e->id_req_sent) {
 		eloop_register_timeout(0, 0, send_eap_request_identity,
-				       e->wpa_s, NULL);
+				       e, NULL);
 		e->id_req_sent = 1;
 	}
 
@@ -1511,8 +1519,8 @@ int main(int argc, char *argv[])
 	if (!ctrl_iface) {
 		eloop_register_timeout(timeout, 0, eapol_test_timeout,
 				       &eapol_test, NULL);
-		eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s,
-				       NULL);
+		eloop_register_timeout(0, 0, send_eap_request_identity,
+				       &eapol_test, NULL);
 	}
 	eloop_register_signal_terminate(eapol_test_terminate, &wpa_s);
 	eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s);
@@ -1548,6 +1556,8 @@ int main(int argc, char *argv[])
 	       eapol_test.num_mppe_ok, eapol_test.num_mppe_mismatch);
 	if (eapol_test.num_mppe_mismatch)
 		ret = -4;
+	if (eapol_test.get_random_failed)
+		ret = -5;
 	if (ret)
 		printf("FAILURE\n");
 	else