25 Feb
2016
25 Feb
'16
12:49 p.m.
On Wed, Feb 24, 2016 at 06:03:17PM +0100, Harald Welte wrote:
fast pseudo-random generator. Too sas that we want real random numbres for authentication challenges in GSUP/OAP? https://github.com/rustyrussell/ccan/blob/master/ccan/isaac/_info
This makes me think of
openbsc/src/osmo-bsc_mgcp/mgcp_main.c: srand(time(NULL)); openbsc/src/osmo-bsc/osmo_bsc_main.c: srand(time(NULL)); openbsc/src/osmo-bsc_nat/bsc_nat.c: srand(time(NULL)); openbsc/src/osmo-nitb/bsc_hack.c: srand(time(NULL));
Crypto nightmare. Are we using those for challenges, actually?
~Neels
--
- Neels Hofmeyr nhofmeyr@sysmocom.de http://www.sysmocom.de/
=======================================================================
* sysmocom - systems for mobile communications GmbH
* Alt-Moabit 93
* 10559 Berlin, Germany
* Sitz / Registered office: Berlin, HRB 134158 B
* Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte