~linuxhackerman/iwd

e4b1d4202f16b48c9a0fc42eb1c8e1f993e8cacc — Andrew Zaborowski 1 year, 3 months ago a4fa91a
eap: Re-send Identity Request on EAPoL-Start

It looks like clients sometimes miss our unsolicited Identity Request
and need a resend.
2 files changed, 18 insertions(+), 6 deletions(-)

M src/eap.c
M src/eapol.c
M src/eap.c => src/eap.c +10 -2
@@ 245,10 245,18 @@ void eap_start(struct eap_state *eap)
{
	uint8_t buf[5];

	L_WARN_ON(!eap->method || !eap->authenticator || eap->identity);
	L_WARN_ON(!eap->method || !eap->authenticator);

	/*
	 * Until we've received the Identity response we can resend the
	 * Identity request with a constant ID on EAPoL-Start.
	 */
	if (eap->identity)
		return;

	eap->last_id = 1;
	buf[4] = EAP_TYPE_IDENTITY;
	eap_send_packet(eap, EAP_CODE_REQUEST, ++eap->last_id, buf, 5);
	eap_send_packet(eap, EAP_CODE_REQUEST, eap->last_id, buf, 5);
}

void __eap_handle_request(struct eap_state *eap, uint16_t id,

M src/eapol.c => src/eapol.c +8 -4
@@ 2239,14 2239,18 @@ static void eapol_rx_auth_packet(uint16_t proto, const uint8_t *from,

	case 1:	/* EAPOL-Start */
		/*
		 * The supplicant might have sent an EAPoL-Start even before
		 * we queued our EAP Identity Request, so this should happen
		 * mostly while we wait for the EAP Identity Response or before.
		 * It's safe to ignore this frame in either case.
		 * The supplicant may have sent an EAPoL-Start even before
		 * we queued our EAP Identity Request or it may have missed our
		 * early Identity Request and may need a retransmission.  Tell
		 * sm->eap so it can decide whether to send a new Identity
		 * Request or ignore this.
		 *
		 * TODO: if we're already past the full handshake, send a
		 * new msg 1/4.
		 */
		if (sm->eap)
			eap_start(sm->eap);

		break;

	case 3: /* EAPOL-Key */