summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBeniamino Galvani <bgalvani@redhat.com>2023-03-22 10:41:44 +0100
committerBeniamino Galvani <bgalvani@redhat.com>2023-03-28 09:58:29 +0200
commit231128d28d818da2273b99071c1212922222ca82 (patch)
tree2468ffc52b058c307771ecdb0d8d470e14481fdc
parente446d2b632e3fe1dbf3bc500c950b41c0e5f73f2 (diff)
downloadNetworkManager-231128d28d818da2273b99071c1212922222ca82.tar.gz
nmcli: increase strength of generated hotspot passwordsbg/hotspot-fixes
The password currently generated has ~48 bits of entropy; increase the length from 8 to 12 to get ~70 bits. While at it, exclude characters that look similar and might be entered wrongly by users.
Diffstat
-rw-r--r--src/nmcli/devices.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/nmcli/devices.c b/src/nmcli/devices.c
index f26c561cc3..7b9eeb56ff 100644
--- a/src/nmcli/devices.c
+++ b/src/nmcli/devices.c
@@ -4095,7 +4095,7 @@ generate_ssid_for_hotspot(void)
return ssid_bytes;
}
-#define WPA_PASSKEY_SIZE 8
+#define WPA_PASSKEY_SIZE 12
static void
generate_wpa_key(char *key, size_t len)
{
@@ -4104,14 +4104,14 @@ generate_wpa_key(char *key, size_t len)
g_return_if_fail(key);
g_return_if_fail(len > WPA_PASSKEY_SIZE);
- /* generate a 8-chars ASCII WPA key */
for (i = 0; i < WPA_PASSKEY_SIZE; i++) {
int c;
do {
- c = nm_random_u64_range_full(33, 126, TRUE);
- /* too many non alphanumeric characters are hard to remember for humans */
- } while (!g_ascii_isalnum(c));
+ c = nm_random_u64_range_full(48, 122, TRUE);
+ /* skip characters that look similar */
+ } while (NM_IN_SET(c, '1', 'l', 'I', '0', 'O', 'Q', '8', 'B', '5', 'S')
+ || !g_ascii_isalnum(c));
key[i] = (char) c;
}
@@ -4145,7 +4145,7 @@ set_wireless_security_for_hotspot(NMSettingWirelessSecurity *s_wsec,
gboolean show_password,
GError **error)
{
- char generated_key[11];
+ char generated_key[20];
const char *key;
const char *key_mgmt;
View Lorry Controller Status