Fixed WPS Authenticator attribute processing after M2D
We must not replace M1 with M2D as the last_msg since we need M1 to validate a possible M2 after M2D. Since M2D and ACK/NACK replies do not include Authenticator attribute, we can just ignore M2D as far as updating last_msg is concerned.
This commit is contained in:
parent
1e14526571
commit
39034ce80f
1 changed files with 8 additions and 1 deletions
|
@ -995,7 +995,14 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
|
||||||
return WPS_FAILURE;
|
return WPS_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WPS_CONTINUE) {
|
/*
|
||||||
|
* Save a copy of the last message for Authenticator derivation if we
|
||||||
|
* are continuing. However, skip M2D since it is not authenticated and
|
||||||
|
* neither is the ACK/NACK response frame. This allows the possibly
|
||||||
|
* following M2 to be processed correctly by using the previously sent
|
||||||
|
* M1 in Authenticator derivation.
|
||||||
|
*/
|
||||||
|
if (ret == WPS_CONTINUE && *attr.msg_type != WPS_M2D) {
|
||||||
/* Save a copy of the last message for Authenticator derivation
|
/* Save a copy of the last message for Authenticator derivation
|
||||||
*/
|
*/
|
||||||
wpabuf_free(wps->last_msg);
|
wpabuf_free(wps->last_msg);
|
||||||
|
|
Loading…
Reference in a new issue