Fix EAPOL reauth after FT protocol or offloaded PMKSA cache use

The EAP peer state machine moved from IDLE to FAILURE state when the
EAPOL Authenticator triggered reauthentication with an
EAP-Request/Identity in a case where the associated started with FT
protocol or offloaded PMKSA cache use (4-way handshake using a
previously acquired PMK). This happened due to the altSuccess=TRUE
setting being left behind and not cleared when processing the restart of
authentication. Fix this by clearing altAccept and eapSuccess when going
through SUPP_PAE RESTART state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

src/eapol_supp/eapol_supp_sm.c

@@ -314,6 +314,16 @@ SM_STATE(SUPP_PAE, RESTART)
 {
 	SM_ENTRY(SUPP_PAE, RESTART);
 	sm->eapRestart = TRUE;
+	if (sm->altAccept) {
+		/*
+		 * Prevent EAP peer state machine from failing due to prior
+		 * external EAP success notification (altSuccess=TRUE in the
+		 * IDLE state could result in a transition to the FAILURE state.
+		 */
+		wpa_printf(MSG_DEBUG, "EAPOL: Clearing prior altAccept TRUE");
+		sm->eapSuccess = FALSE;
+		sm->altAccept = FALSE;
+	}
 }