Randomize GAS dialog token

Randomize GAS dialog token field, instead of using an incremental
counter with predictable values. This change will make this field
unuseful for user fingerprinting.

Signed-off-by: Hai Shalom <haishalom@google.com>

diff --git a/wpa_supplicant/gas_query.c b/wpa_supplicant/gas_query.c
index 759b9b9cd4015b61b6e810d9270720c11459eddd..4b3fcfcfa64727a5d7898d0b32f287c1aa7463dd 100644 (file)
--- a/wpa_supplicant/gas_query.c
+++ b/wpa_supplicant/gas_query.c
@@ -729,19 +729,24 @@ static void gas_query_tx_initial_req(struct gas_query *gas,
 
 static int gas_query_new_dialog_token(struct gas_query *gas, const u8 *dst)
 {
-       static int next_start = 0;
-       int dialog_token;
-
-       for (dialog_token = 0; dialog_token < 256; dialog_token++) {
-               if (gas_query_dialog_token_available(
-                           gas, dst, (next_start + dialog_token) % 256))
+       u8 dialog_token;
+       int i;
+
+       /* There should never be more than couple active GAS queries in
+        * progress, so it should be very likely to find an available dialog
+        * token by checking random values. Use a limit on the number of
+        * iterations to handle the unexpected case of large number of pending
+        * queries cleanly. */
+       for (i = 0; i < 256; i++) {
+               /* Get a random number and check if the slot is available */
+               if (os_get_random(&dialog_token, sizeof(dialog_token)) < 0)
                        break;
+               if (gas_query_dialog_token_available(gas, dst, dialog_token))
+                       return dialog_token;
        }
-       if (dialog_token == 256)
-               return -1; /* Too many pending queries */
-       dialog_token = (next_start + dialog_token) % 256;
-       next_start = (dialog_token + 1) % 256;
-       return dialog_token;
+
+       /* No dialog token value available */
+       return -1;
 }