WPS: Fix local configuration update after AP configuration

Update credential to only include a single authentication and
encryption type in case the AP configuration includes more than one
option. Without this, the credential would be rejected if the AP was
configured to allow more than one authentication type.

src/wps/wps_registrar.c

@@ -2334,6 +2334,19 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps,
 	}
 
 	if (!wps->wps->ap) {
+		/*
+		 * Update credential to only include a single authentication
+		 * and encryption type in case the AP configuration includes
+		 * more than one option.
+		 */
+		if (wps->cred.auth_type & WPS_AUTH_WPA2PSK)
+			wps->cred.auth_type = WPS_AUTH_WPA2PSK;
+		else if (wps->cred.auth_type & WPS_AUTH_WPAPSK)
+			wps->cred.auth_type = WPS_AUTH_WPAPSK;
+		if (wps->cred.encr_type & WPS_ENCR_AES)
+			wps->cred.encr_type = WPS_ENCR_AES;
+		else if (wps->cred.encr_type & WPS_ENCR_TKIP)
+			wps->cred.encr_type = WPS_ENCR_TKIP;
 		wpa_printf(MSG_DEBUG, "WPS: Update local configuration based "
 			   "on the modified AP configuration");
 		if (wps->wps->cred_cb)

wpa_supplicant/wps_supplicant.c

@@ -210,6 +210,16 @@ static int wpa_supplicant_wps_cred(void *ctx,
 	if (wpa_s->conf->wps_cred_processing == 1)
 		return 0;
 
+	wpa_hexdump_ascii(MSG_DEBUG, "WPS: SSID", cred->ssid, cred->ssid_len);
+	wpa_printf(MSG_DEBUG, "WPS: Authentication Type 0x%x",
+		   cred->auth_type);
+	wpa_printf(MSG_DEBUG, "WPS: Encryption Type 0x%x", cred->encr_type);
+	wpa_printf(MSG_DEBUG, "WPS: Network Key Index %d", cred->key_idx);
+	wpa_hexdump_key(MSG_DEBUG, "WPS: Network Key",
+			cred->key, cred->key_len);
+	wpa_printf(MSG_DEBUG, "WPS: MAC Address " MACSTR,
+		   MAC2STR(cred->mac_addr));
+
 	if (cred->auth_type != WPS_AUTH_OPEN &&
 	    cred->auth_type != WPS_AUTH_SHARED &&
 	    cred->auth_type != WPS_AUTH_WPAPSK &&