From 5c6c0d569acac768c79fe0874d314462b96daf64 Mon Sep 17 00:00:00 2001 From: Disha Das Date: Fri, 11 Sep 2020 09:58:40 +0530 Subject: [PATCH] DPP: Fix GAS fragmentation for DPP Config Response from hostapd The Query Response Length field was missing from GAS Initial Response and GAS Comeback Response frames in the DPP specific code path from hostaps GAS server. This resulted in invalid frames being used when the DPP Config Response needed fragmentation. Fix this by adding the Query Response Length fields into these frames. Signed-off-by: Disha Das --- src/ap/gas_serv.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/ap/gas_serv.c b/src/ap/gas_serv.c index 9567e202a..90f15778b 100644 --- a/src/ap/gas_serv.c +++ b/src/ap/gas_serv.c @@ -1555,11 +1555,14 @@ void gas_serv_req_dpp_processing(struct hostapd_data *hapd, di->prot = prot; di->sd_resp = buf; di->sd_resp_pos = 0; + di->dpp = 1; tx_buf = gas_build_initial_resp( dialog_token, WLAN_STATUS_SUCCESS, - comeback_delay, 10); - if (tx_buf) + comeback_delay, 10 + 2); + if (tx_buf) { gas_serv_write_dpp_adv_proto(tx_buf); + wpabuf_put_le16(tx_buf, 0); + } } } else { wpa_printf(MSG_DEBUG, @@ -1782,9 +1785,10 @@ static void gas_serv_rx_gas_comeback_req(struct hostapd_data *hapd, tx_buf = gas_build_comeback_resp(dialog_token, WLAN_STATUS_SUCCESS, dialog->sd_frag_id, more, 0, - 10 + frag_len); + 10 + 2 + frag_len); if (tx_buf) { gas_serv_write_dpp_adv_proto(tx_buf); + wpabuf_put_le16(tx_buf, frag_len); wpabuf_put_buf(tx_buf, buf); } } else