From 82feacced044b202826e9eb3b8437f06b89c2848 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 27 Nov 2017 13:48:40 +0200 Subject: [PATCH] DPP: Ignore GAS server status callback for unknown response It was possible for a timeout from an old GAS server operation to trigger DPP configuration failure during the subsequent DPP operation. Fix this by verifying that the status callback is for the response generated during the same DPP Authentication/Configuration exchange. Signed-off-by: Jouni Malinen --- src/common/dpp.h | 1 + wpa_supplicant/dpp_supplicant.c | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/src/common/dpp.h b/src/common/dpp.h index c5806d96b..b2b97614b 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -202,6 +202,7 @@ struct dpp_authentication { int remove_on_tx_status; int auth_success; struct wpabuf *conf_req; + const struct wpabuf *conf_resp; /* owned by GAS server */ struct dpp_configuration *conf_ap; struct dpp_configuration *conf_sta; struct dpp_configurator *conf; diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index 13b5326d1..05fe0c84d 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -2045,6 +2045,7 @@ wpas_dpp_gas_req_handler(void *ctx, const u8 *sa, const u8 *query, resp = dpp_conf_req_rx(auth, query, query_len); if (!resp) wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); + auth->conf_resp = resp; return resp; } @@ -2059,6 +2060,13 @@ wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok) wpabuf_free(resp); return; } + if (auth->conf_resp != resp) { + wpa_printf(MSG_DEBUG, + "DPP: Ignore GAS status report (ok=%d) for unknown response", + ok); + wpabuf_free(resp); + return; + } wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)", ok);