Check rng return value when generating nonces in eap-aka plugin
authorTobias Brunner <tobias@strongswan.org>
Fri, 6 Jul 2012 08:09:25 +0000 (10:09 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 16 Jul 2012 12:53:36 +0000 (14:53 +0200)
src/libcharon/plugins/eap_aka/eap_aka_server.c

index 5ad077d..b760838 100644 (file)
@@ -249,7 +249,10 @@ static status_t reauthenticate(private_eap_aka_server_t *this,
        DBG1(DBG_IKE, "initiating EAP-AKA reauthentication");
 
        rng = this->crypto->get_rng(this->crypto);
-       rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+       if (!rng->allocate_bytes(rng, NONCE_LEN, &this->nonce))
+       {
+               return FAILED;
+       }
 
        mkc = chunk_create(mk, HASH_SIZE_SHA1);
        counter = htons(counter);