12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001
- From: Paul Mackerras <paulus@ozlabs.org>
- Date: Mon, 3 Feb 2020 16:31:42 +1100
- Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP
- This adds some basic checks to the subroutines of eap_input to check
- that we have requested or agreed to doing EAP authentication before
- doing any processing on the received packet. The motivation is to
- make it harder for a malicious peer to disrupt the operation of pppd
- by sending unsolicited EAP packets. Note that eap_success() already
- has a check that the EAP client state is reasonable, and does nothing
- (apart from possibly printing a debug message) if not.
- Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
- ---
- pppd/eap.c | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
- diff --git a/pppd/eap.c b/pppd/eap.c
- index 1b93db01aebd..082e95343120 100644
- --- a/pppd/eap.c
- +++ b/pppd/eap.c
- @@ -1328,6 +1328,12 @@ int len;
- int fd;
- #endif /* USE_SRP */
-
- + /*
- + * Ignore requests if we're not open
- + */
- + if (esp->es_client.ea_state <= eapClosed)
- + return;
- +
- /*
- * Note: we update es_client.ea_id *only if* a Response
- * message is being generated. Otherwise, we leave it the
- @@ -1736,6 +1742,12 @@ int len;
- u_char dig[SHA_DIGESTSIZE];
- #endif /* USE_SRP */
-
- + /*
- + * Ignore responses if we're not open
- + */
- + if (esp->es_server.ea_state <= eapClosed)
- + return;
- +
- if (esp->es_server.ea_id != id) {
- dbglog("EAP: discarding Response %d; expected ID %d", id,
- esp->es_server.ea_id);
- @@ -2047,6 +2059,12 @@ u_char *inp;
- int id;
- int len;
- {
- + /*
- + * Ignore failure messages if we're not open
- + */
- + if (esp->es_client.ea_state <= eapClosed)
- + return;
- +
- if (!eap_client_active(esp)) {
- dbglog("EAP unexpected failure message in state %s (%d)",
- eap_state_name(esp->es_client.ea_state),
|