@@ -1365,6 +1365,25 @@ int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with unknown code 10");
break;
}
+
+ if (plen >= sizeof(*ehdr) && ehdr->code == EAP_CODE_RESPONSE) {
+ const u8 *pos_tmp = (const u8 *) (ehdr + 1);
+ enum eap_type eap_type;
+ if (*pos_tmp != EAP_TYPE_EXPANDED) {
+ eap_type = *pos_tmp;
+ } else {
+ if (plen < sizeof(*ehdr) + 8) {
+ wpa_printf(MSG_INFO, "EAP: Invalid expanded EAP length");
+ break;
+ }
+ pos_tmp += 4;
+ eap_type = WPA_GET_BE32(pos_tmp);
+ }
+ if (eap_type != EAP_TYPE_LEAP) {
+ wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with response");
+ break;
+ }
+ }
}
if (sm->cached_pmk) {
During eap authentication, the supplier sends the response to the address 01:80:c2:00:00:03, the PAE group address. Some switches will broadcast messages sent to this address, which will cause the devices under the same switch to receive these response packets, which will cause the device's eap state machine to migrate incorrectly, resulting in repeated authentication or slow authentication. Signed-off-by: xinpeng wang <wangxinpeng@uniontech.com> --- src/eapol_supp/eapol_supp_sm.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)