DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

hostapd: Verify availability of random data when using WPA/WPA2

Browse source 
On Linux, verify that the kernel entropy pool is capable of providing
strong random data before allowing WPA/WPA2 connection to be
established. If 20 bytes of data cannot be read from /dev/random,
force first two 4-way handshakes to fail while collecting entropy
into the internal pool in hostapd. After that, give up on /dev/random
and allow the AP to function based on the combination of /dev/urandom
and whatever data has been collected into the internal entropy pool.
This commit is contained in:
Jouni Malinen 2010-11-24 13:08:03 +02:00
parent dbb6ed7e75
commit 08704cd885
4 changed files with 118 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/ap/wpa_auth_i.h
View file

@ -146,6 +146,7 @@ struct wpa_group {
u8 GNonce[WPA_NONCE_LEN];
Boolean changed;
Boolean first_sta_seen;
Boolean reject_4way_hs_for_entropy;
#ifdef CONFIG_IEEE80211W
u8 IGTK[2][WPA_IGTK_LEN];
int GN_igtk, GM_igtk;