From: Daniel Willmann <[email protected]>
---
openbsc/src/libmsc/auth.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 10d8edf..93ee71f 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -27,6 +27,8 @@
#include <osmocom/gsm/comp128.h>
+#include <openssl/rand.h>
+
#include <stdlib.h>
@@ -100,8 +102,11 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple
*atuple,
/* Generate a new one */
atuple->use_count = 1;
atuple->key_seq = (atuple->key_seq + 1) % 7;
- for (i=0; i<sizeof(atuple->rand); i++)
- atuple->rand[i] = random() & 0xff;
+
+ if (RAND_bytes(atuple->rand, sizeof(atuple->rand)) != 1) {
+ LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new
auth tuple\n");
+ return -1;
+ }
switch (ainfo.auth_algo) {
case AUTH_ALGO_NONE:
--
2.1.4
