mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
DPP: Ignore unexpected duplicated Authentication Confirm
Previously, unexpected Authentication Confirm messages were ignored in cases where no Authentication Confirm message was expected at all, but if this message was received twice in a state where it was expected, the duplicated version was also processed. This resulted in unexpected behavior when authentication result was processed multiple times (e.g., two instances of GAS client could have been started). Fix this by checking auth->waiting_auth_conf before processing Authetication Confirm. That boolean was already tracked, but it was used only for other purposes. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
8f8473cebb
commit
18714af2d8
@ -4235,7 +4235,11 @@ int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
if (auth->initiator || !auth->own_bi) {
|
||||
if (auth->initiator || !auth->own_bi || !auth->waiting_auth_conf) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"DPP: initiator=%d own_bi=%d waiting_auth_conf=%d",
|
||||
auth->initiator, !!auth->own_bi,
|
||||
auth->waiting_auth_conf);
|
||||
dpp_auth_fail(auth, "Unexpected Authentication Confirm");
|
||||
return -1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user