From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 6 Jul 2012 08:02:41 +0000 (+0200)
Subject: Check rng return value when generating nonces in eap-sim plugin
X-Git-Tag: 5.0.1~331
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18ce1bb721c421ff52abed5a5d850f3ce2551fed;p=thirdparty%2Fstrongswan.git

Check rng return value when generating nonces in eap-sim plugin
---

diff --git a/src/libcharon/plugins/eap_sim/eap_sim_peer.c b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
index 479fb95fc5..ff96e92799 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_peer.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
@@ -242,7 +242,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
 	/* generate AT_NONCE_MT value */
 	rng = this->crypto->get_rng(this->crypto);
 	free(this->nonce.ptr);
-	rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+	if (!rng->allocate_bytes(rng, NONCE_LEN, &this->nonce))
+	{
+		return FAILED;
+	}
 
 	message = simaka_message_create(FALSE, this->identifier, EAP_SIM,
 									SIM_START, this->crypto);
diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.c b/src/libcharon/plugins/eap_sim/eap_sim_server.c
index fd4f4c02bf..334e2df1d7 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_server.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_server.c
@@ -174,7 +174,10 @@ static status_t reauthenticate(private_eap_sim_server_t *this,
 	DBG1(DBG_IKE, "initiating EAP-SIM reauthentication");
 
 	rng = this->crypto->get_rng(this->crypto);
-	rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+	if (!rng->allocate_bytes(rng, NONCE_LEN, &this->nonce))
+	{
+		return FAILED;
+	}
 
 	mkc = chunk_create(mk, HASH_SIZE_SHA1);
 	counter = htons(counter);