[PATCH] eapol: ignore response in workarond mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



During eap authentication, the supplier sends the response to the address
01:80:c2:00:00:03, the PAE group address.
Some switches will broadcast messages sent to this address, which will
cause the devices under the same switch to receive these response packets,
which will cause the device's eap state machine to migrate incorrectly,
resulting in repeated authentication or slow authentication.

Signed-off-by: xinpeng wang <wangxinpeng@xxxxxxxxxxxxx>
---
 src/eapol_supp/eapol_supp_sm.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index 0bfe3c970..3c03a433c 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -1365,6 +1365,11 @@ int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
 				wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with unknown code 10");
 				break;
 			}
+
+			if (plen >= sizeof(*ehdr) && ehdr->code == EAP_CODE_RESPONSE) {
+				wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with response");
+				break;
+			}
 		}
 
 		if (sm->cached_pmk) {
-- 
2.20.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux