EAP peer: Clear ignore flag in INITIALIZE state

While this is not part of RFC 4137, the way m.check(eapReqData) is
implemented in wpa_supplicant allows an EAP method to not update the
ignore value even though each such call is really supposed to get a new
response. It seems to be possible to hit a sequence where a previous EAP
authentication attempt terminates with sm->ignore set from the last
m.check() call and the following EAP authentication attempt could fail
to go through the expected code path if it does not clear the ignore
flag. This is likely only hit in some error cases, though. The hwsim
test cases could trigger this with the following sequence:
eap_proto_ikev2 ap_wps_m1_oom

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 56c24b5503200b2f06099c2f7886887759a49efb..28d5116fd511844a6c95949c41725ba181152337 100644 (file)
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -188,6 +188,14 @@ SM_STATE(EAP, INITIALIZE)
         */
        eapol_set_bool(sm, EAPOL_eapResp, FALSE);
        eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
+       /*
+        * RFC 4137 does not reset ignore here, but since it is possible for
+        * some method code paths to end up not setting ignore=FALSE, clear the
+        * value here to avoid issues if a previous authentication attempt
+        * failed with ignore=TRUE being left behind in the last
+        * m.check(eapReqData) operation.
+        */
+       sm->ignore = 0;
        sm->num_rounds = 0;
        sm->prev_failure = 0;
        sm->expected_failure = 0;