Check rng return value when generating nonces in eap-sim plugin
authorTobias Brunner <tobias@strongswan.org>
Fri, 6 Jul 2012 08:02:41 +0000 (10:02 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 16 Jul 2012 12:53:36 +0000 (14:53 +0200)
src/libcharon/plugins/eap_sim/eap_sim_peer.c
src/libcharon/plugins/eap_sim/eap_sim_server.c

index 479fb95..ff96e92 100644 (file)
@@ -242,7 +242,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
        /* generate AT_NONCE_MT value */
        rng = this->crypto->get_rng(this->crypto);
        free(this->nonce.ptr);
-       rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+       if (!rng->allocate_bytes(rng, NONCE_LEN, &this->nonce))
+       {
+               return FAILED;
+       }
 
        message = simaka_message_create(FALSE, this->identifier, EAP_SIM,
                                                                        SIM_START, this->crypto);
index fd4f4c0..334e2df 100644 (file)
@@ -174,7 +174,10 @@ static status_t reauthenticate(private_eap_sim_server_t *this,
        DBG1(DBG_IKE, "initiating EAP-SIM reauthentication");
 
        rng = this->crypto->get_rng(this->crypto);
-       rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+       if (!rng->allocate_bytes(rng, NONCE_LEN, &this->nonce))
+       {
+               return FAILED;
+       }
 
        mkc = chunk_create(mk, HASH_SIZE_SHA1);
        counter = htons(counter);