Randomize GAS dialog token

Randomize GAS dialog token field, instead of using an incremental
counter with predictable values. This change will make this field
unuseful for user fingerprinting.

Signed-off-by: Hai Shalom <haishalom@google.com>
This commit is contained in:
Hai Shalom 2020-04-23 15:13:27 -07:00 committed by Jouni Malinen
parent a803ba4f9d
commit c54a5e96b5

View file

@ -729,19 +729,24 @@ static void gas_query_tx_initial_req(struct gas_query *gas,
static int gas_query_new_dialog_token(struct gas_query *gas, const u8 *dst) static int gas_query_new_dialog_token(struct gas_query *gas, const u8 *dst)
{ {
static int next_start = 0; u8 dialog_token;
int dialog_token; int i;
for (dialog_token = 0; dialog_token < 256; dialog_token++) { /* There should never be more than couple active GAS queries in
if (gas_query_dialog_token_available( * progress, so it should be very likely to find an available dialog
gas, dst, (next_start + dialog_token) % 256)) * token by checking random values. Use a limit on the number of
* iterations to handle the unexpected case of large number of pending
* queries cleanly. */
for (i = 0; i < 256; i++) {
/* Get a random number and check if the slot is available */
if (os_get_random(&dialog_token, sizeof(dialog_token)) < 0)
break; break;
} if (gas_query_dialog_token_available(gas, dst, dialog_token))
if (dialog_token == 256)
return -1; /* Too many pending queries */
dialog_token = (next_start + dialog_token) % 256;
next_start = (dialog_token + 1) % 256;
return dialog_token; return dialog_token;
}
/* No dialog token value available */
return -1;
} }