If wpa_supplicant receives a duplicate DPP chirp over a TCP connection this causes the connection (and all of its state) to be torn down. Such a tear-down means that the authentication request state is discarded. That in turn will cause any otherwise valid authentication response to not succeed. This commit addresses that problem. It also does not attempt to check for duplicates until at least we know that we know we have an appropriate hash. Signed-off-by: Eliot Lear <lear@xxxxxxx> --- src/common/dpp_tcp.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c index c83fb2da4..99a111af9 100644 --- a/src/common/dpp_tcp.c +++ b/src/common/dpp_tcp.c@@ -861,12 +861,6 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
struct dpp_authentication *auth;
struct dpp_global *dpp = conn->ctrl->global;
- if (conn->auth) {
- wpa_printf(MSG_DEBUG,
- "DPP: Ignore Presence Announcement during
ongoing Authentication");
- return -1; - } - wpa_printf(MSG_DEBUG, "DPP: Presence Announcement"); r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,@@ -885,6 +879,12 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
return -1;
}
+ if (conn->auth) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Ignore Presence Announcement during
ongoing Authentication");
+ return 0; + } + auth = dpp_auth_init(dpp, conn->msg_ctx, peer_bi, NULL, DPP_CAPAB_CONFIGURATOR, -1, NULL, 0); if (!auth) -- 2.32.1 (Apple Git-133)
Attachment:
OpenPGP_0x87B66B46D9D27A33.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
