From 1d43e28a591818ec495e0a396ca80516ef7532d9 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 27 Mar 2013 14:17:23 +0200 Subject: [PATCH] TDLS: Fix TPK M2 processing in concurrent initiation case If we accept the peer TPK M1 after having sent our TPK M1, we need to reject TPK M2 from the peer to avoid going through two TDLS setup exchanges. Signed-hostap: Jouni Malinen --- src/rsn_supp/tdls.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index bcd924c92..da56e253c 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -1807,6 +1807,16 @@ static int wpa_tdls_process_tpk_m2(struct wpa_sm *sm, const u8 *src_addr, "TPK M2: " MACSTR, MAC2STR(src_addr)); return -1; } + if (!peer->initiator) { + /* + * This may happen if both devices try to initiate TDLS at the + * same time and we accept the TPK M1 from the peer in + * wpa_tdls_process_tpk_m1() and clear our previous state. + */ + wpa_printf(MSG_INFO, "TDLS: We were not the initiator, so " + "ignore TPK M2 from " MACSTR, MAC2STR(src_addr)); + return -1; + } wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_REQUEST); if (len < 3 + 2 + 1)