[PATCH 1/2] Propagate the EAP method error code

Jouni Malinen j at w1.fi
Sun Apr 1 08:24:27 PDT 2018

On Wed, Mar 28, 2018 at 05:48:44PM -0700, Ahmed ElArabawy wrote:
> In current implementaion, upon an EAP method failure, followed
> by an EAP failure, the EAP Status is propagated up in wpa_supplicant
> with a general failure parameter string "failure". This parameter is
> used for a notification on the dbus.
> This patch reports the EAP method failure error code in a separate
> callback.  We want this to have visibility into the error code and act
> accordingly.
> The solution in this patch is generic to all EAP methods, and can be
> used by any method that need to pass its error code. However, this
> patch only implements the reporting for EAP-SIM, EAP-AKA, and EAP-AKA'
> methods.

Thanks, applied with some cleanup and fixes.

Was there supposed to be another patch 2/2 as well? If so, it did not
seem to make it to the mailing list.

> diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
> @@ -2018,6 +2025,13 @@ static void eap_sm_parseEapReq(struct eap_sm
> *sm, const struct wpabuf *req)
>     case EAP_CODE_FAILURE:
>         wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure");
>         eap_notify_status(sm, "completion", "failure");
> +
> +       /* Get the error code from method */
> +       if (sm->m->get_error_code) {

This could result in segfault due to a NULL pointer dereference since
sm->m can be NULL here if the EAP-Failure is received before selecting
the EAP method.

> diff --git a/wpa_supplicant/notify.c b/wpa_supplicant/notify.c
> +void wpas_notify_eap_error(struct wpa_supplicant *wpa_s, int error_code)
> +{
> +   wpa_dbg(wpa_s, MSG_ERROR,
> +       "EAP Error code = %d", error_code);
> +}

I replaced this a more formally defined prefix in wpa_ctrl.h and
wpa_msg() to avoid the message getting comment out from a build.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list