DPP: Don't close TCP connection for duplicate Presence Announcements

If wpa_supplicant receives a duplicate DPP chirp over a TCP connection
this causes the connection (and all of its state) to be torn down.
Such a tear-down means that the authentication request state is discarded.
That in turn will cause any otherwise valid authentication response
to not succeed.

This commit addresses that problem. It also does not attempt to check
for duplicates until at least we know that we have an appropriate hash.

Signed-off-by: Eliot Lear <lear@lear.ch>
This commit is contained in:
Eliot Lear 2022-06-23 12:58:38 +02:00 committed by Jouni Malinen
parent 48c7e04be6
commit 6af717f73b

View file

@ -945,12 +945,6 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
struct dpp_authentication *auth;
struct dpp_global *dpp = conn->ctrl->global;
if (conn->auth) {
wpa_printf(MSG_DEBUG,
"DPP: Ignore Presence Announcement during ongoing Authentication");
return -1;
}
wpa_printf(MSG_DEBUG, "DPP: Presence Announcement");
r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
@ -969,6 +963,12 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
return -1;
}
if (conn->auth) {
wpa_printf(MSG_DEBUG,
"DPP: Ignore Presence Announcement during ongoing Authentication");
return 0;
}
auth = dpp_auth_init(dpp, conn->msg_ctx, peer_bi, NULL,
DPP_CAPAB_CONFIGURATOR, -1, NULL, 0);
if (!auth)