PPP, EAP: ignore received EAP messages when not doing EAP

This adds some basic checks to the subroutines of eap_input to check
that we have requested or agreed to doing EAP authentication before
doing any processing on the received packet.  The motivation is to
make it harder for a malicious peer to disrupt the operation of pppd
by sending unsolicited EAP packets.  Note that eap_success() already
has a check that the EAP client state is reasonable, and does nothing
(apart from possibly printing a debug message) if not.

Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Signed-off-by: Sylvain Rochet <gradator@gradator.net> (ported to lwIP PPP pcb struct)

src/netif/ppp/eap.c

@@ -1325,6 +1325,12 @@ static void eap_request(ppp_pcb *pcb, u_char *inp, int id, int len) {
 	int fd;
 #endif /* USE_SRP */
 
+	/*
+	 * Ignore requests if we're not open
+	 */
+	if (pcb->eap.es_client.ea_state <= eapClosed)
+		return;
+
 	/*
 	 * Note: we update es_client.ea_id *only if* a Response
 	 * message is being generated.  Otherwise, we leave it the
@@ -1737,6 +1743,12 @@ static void eap_response(ppp_pcb *pcb, u_char *inp, int id, int len) {
 	u_char dig[SHA_DIGESTSIZE];
 #endif /* USE_SRP */
 
+	/*
+	 * Ignore responses if we're not open
+	 */
+	if (pcb->eap.es_server.ea_state <= eapClosed)
+		return;
+
 	if (pcb->eap.es_server.ea_id != id) {
 		ppp_dbglog(("EAP: discarding Response %d; expected ID %d", id,
 		    pcb->eap.es_server.ea_id));
@@ -2043,6 +2055,12 @@ static void eap_success(ppp_pcb *pcb, u_char *inp, int id, int len) {
 static void eap_failure(ppp_pcb *pcb, u_char *inp, int id, int len) {
 	LWIP_UNUSED_ARG(id);
 
+	/*
+	 * Ignore failure messages if we're not open
+	 */
+	if (pcb->eap.es_client.ea_state <= eapClosed)
+		return;
+
 	if (!eap_client_active(pcb)) {
 		ppp_dbglog(("EAP unexpected failure message in state %s (%d)",
 		    eap_state_name(pcb->eap.es_client.ea_state),