diff options
author | Beniamino Galvani <bgalvani@redhat.com> | 2023-03-22 10:41:44 +0100 |
---|---|---|
committer | Beniamino Galvani <bgalvani@redhat.com> | 2023-03-28 09:58:29 +0200 |
commit | 231128d28d818da2273b99071c1212922222ca82 (patch) | |
tree | 2468ffc52b058c307771ecdb0d8d470e14481fdc | |
parent | e446d2b632e3fe1dbf3bc500c950b41c0e5f73f2 (diff) | |
download | NetworkManager-231128d28d818da2273b99071c1212922222ca82.tar.gz |
nmcli: increase strength of generated hotspot passwordsbg/hotspot-fixes
The password currently generated has ~48 bits of entropy; increase the
length from 8 to 12 to get ~70 bits. While at it, exclude characters
that look similar and might be entered wrongly by users.
-rw-r--r-- | src/nmcli/devices.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/nmcli/devices.c b/src/nmcli/devices.c index f26c561cc3..7b9eeb56ff 100644 --- a/src/nmcli/devices.c +++ b/src/nmcli/devices.c @@ -4095,7 +4095,7 @@ generate_ssid_for_hotspot(void) return ssid_bytes; } -#define WPA_PASSKEY_SIZE 8 +#define WPA_PASSKEY_SIZE 12 static void generate_wpa_key(char *key, size_t len) { @@ -4104,14 +4104,14 @@ generate_wpa_key(char *key, size_t len) g_return_if_fail(key); g_return_if_fail(len > WPA_PASSKEY_SIZE); - /* generate a 8-chars ASCII WPA key */ for (i = 0; i < WPA_PASSKEY_SIZE; i++) { int c; do { - c = nm_random_u64_range_full(33, 126, TRUE); - /* too many non alphanumeric characters are hard to remember for humans */ - } while (!g_ascii_isalnum(c)); + c = nm_random_u64_range_full(48, 122, TRUE); + /* skip characters that look similar */ + } while (NM_IN_SET(c, '1', 'l', 'I', '0', 'O', 'Q', '8', 'B', '5', 'S') + || !g_ascii_isalnum(c)); key[i] = (char) c; } @@ -4145,7 +4145,7 @@ set_wireless_security_for_hotspot(NMSettingWirelessSecurity *s_wsec, gboolean show_password, GError **error) { - char generated_key[11]; + char generated_key[20]; const char *key; const char *key_mgmt; |