libmsc: Use RAND_bytes to choose auth tuple [hfreyther: Fix compiler warning about unused variable]

commit: 62a63f54a6c6e565df7ca5efadf5430123a5cc5e [log] [tgz]
author: Daniel Willmann <dwillmann@sysmocom.de> Thu Oct 08 16:10:25 2015 +0200
committer: Holger Hans Peter Freyther <holger@moiji-mobile.com> Mon Oct 12 09:06:59 2015 +0200
tree: 0bf7c6e16999204d8f92cece4683e84b011eccf0
parent: 6cf0249dacc4ae46eb0857c007906c9a3f128a3e [diff] [blame]
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 10d8edf..0a2f59e 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c

@@ -27,6 +27,8 @@
 
 #include <osmocom/gsm/comp128.h>
 
+#include <openssl/rand.h>
+
 #include <stdlib.h>
 
 
@@ -75,7 +77,7 @@
                               struct gsm_subscriber *subscr, int key_seq)
 {
 	struct gsm_auth_info ainfo;
-	int i, rc;
+	int rc;
 
 	/* Get subscriber info (if any) */
 	rc = db_get_authinfo_for_subscr(&ainfo, subscr);
@@ -100,8 +102,11 @@
 	/* Generate a new one */
 	atuple->use_count = 1;
 	atuple->key_seq = (atuple->key_seq + 1) % 7;
-        for (i=0; i<sizeof(atuple->rand); i++)
-                atuple->rand[i] = random() & 0xff;
+
+	if (RAND_bytes(atuple->rand, sizeof(atuple->rand)) != 1) {
+		LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new auth tuple\n");
+		return -1;
+	}
 
 	switch (ainfo.auth_algo) {
 	case AUTH_ALGO_NONE:
commit	62a63f54a6c6e565df7ca5efadf5430123a5cc5e	[log] [tgz]
author	Daniel Willmann <dwillmann@sysmocom.de>	Thu Oct 08 16:10:25 2015 +0200
committer	Holger Hans Peter Freyther <holger@moiji-mobile.com>	Mon Oct 12 09:06:59 2015 +0200
tree	0bf7c6e16999204d8f92cece4683e84b011eccf0
parent	6cf0249dacc4ae46eb0857c007906c9a3f128a3e [diff] [blame]