From 49aa88bb5ea86620820553ec311e0e057b957dd2 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 10 Dec 2016 00:16:33 +0200 Subject: [PATCH] P2P: Clear PEER_WAITING_RESPONSE on GO Negotiation success Previously, this flag was cleared only in case of failed GO Negotiation. That could leave the flag set for a peer and if a new group formation was performed with the same peer before the entry expired, there was increased risk of getting stuck in a state where neither peer replied to a GO Negotiation Request frame if a GO Negotiation Response frame with Status 1 was dropped. The error sequence could happen in the go_neg_with_bss_connected test case when timing was suitable to make the second GO negotiation drop a pending TX Action frame if the GO Negotiation Response with Status 1 was scheduled for transmission during a P2P scan and P2P_CONNECT was issued before that scan got aborted. Signed-off-by: Jouni Malinen --- src/p2p/p2p.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index cd2fba334..170e4778a 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -1833,6 +1833,7 @@ void p2p_go_complete(struct p2p_data *p2p, struct p2p_device *peer) p2p_clear_timeout(p2p); p2p->ssid_set = 0; peer->go_neg_req_sent = 0; + peer->flags &= ~P2P_DEV_PEER_WAITING_RESPONSE; peer->wps_method = WPS_NOT_READY; peer->oob_pw_id = 0; wpabuf_free(peer->go_neg_conf);