Re: PATCH: Don't close DPP TCP connection for duplicate Presence Announcements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 23/06/2022 12:58, Eliot Lear wrote:
> 
> If wpa_supplicant receives a duplicate DPP chirp over a TCP connection
> this causes the connection (and all of its state) to be torn down.
> Such a tear-down means that the authentication request state is discarded.
> That in turn will cause any otherwise valid authentication response
> to not succeed.
> 
> This commit addresses that problem.  It also does not attempt to check
> for duplicates until at least we know that we know we have an appropriate
> hash.
> 
> Signed-off-by: Eliot Lear <lear@xxxxxxx>
> ---
>  src/common/dpp_tcp.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c
> index c83fb2da4..99a111af9 100644
> --- a/src/common/dpp_tcp.c
> +++ b/src/common/dpp_tcp.c
> @@ -861,12 +861,6 @@ static int
> dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
>         struct dpp_authentication *auth;
>         struct dpp_global *dpp = conn->ctrl->global;
> 
> -       if (conn->auth) {
> -               wpa_printf(MSG_DEBUG,
> -                          "DPP: Ignore Presence Announcement during
> ongoing Authentication");
> -               return -1;
> -       }
> -
>         wpa_printf(MSG_DEBUG, "DPP: Presence Announcement");
> 
>         r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
> @@ -885,6 +879,12 @@ static int
> dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
>                 return -1;
>         }
> 
> +       if (conn->auth) {
> +               wpa_printf(MSG_DEBUG,
> +                          "DPP: Ignore Presence Announcement during
> ongoing Authentication");
> +               return 0;
> +       }
> +
>         auth = dpp_auth_init(dpp, conn->msg_ctx, peer_bi, NULL,
>                              DPP_CAPAB_CONFIGURATOR, -1, NULL, 0);
>         if (!auth)

Without having read the code you are modifying (beyond the above patch,
that is), I would just like to point out that the return value is
different: it was -1 in the hunk that is being removed, and it is 0 in
the added-one. Just checking that this is intentional.

HTH, Jan

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux