From: Jouni Malinen <jouni.malinen@atheros.com>
Date: Wed, 28 Jan 2009 09:59:29 +0000 (+0200)
Subject: Fixed WPS Authenticator attribute processing after M2D
X-Git-Tag: hostap_0_7_0~588
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=39034ce80f45110f0311aa80ca9dd62d2083ed76;p=thirdparty%2Fhostap.git

Fixed WPS Authenticator attribute processing after M2D

We must not replace M1 with M2D as the last_msg since we need M1 to
validate a possible M2 after M2D. Since M2D and ACK/NACK replies do not
include Authenticator attribute, we can just ignore M2D as far as
updating last_msg is concerned.
---

diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index d02f1c0da..c3be2485d 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -995,7 +995,14 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
 		return WPS_FAILURE;
 	}
 
-	if (ret == WPS_CONTINUE) {
+	/*
+	 * Save a copy of the last message for Authenticator derivation if we
+	 * are continuing. However, skip M2D since it is not authenticated and
+	 * neither is the ACK/NACK response frame. This allows the possibly
+	 * following M2 to be processed correctly by using the previously sent
+	 * M1 in Authenticator derivation.
+	 */
+	if (ret == WPS_CONTINUE && *attr.msg_type != WPS_M2D) {
 		/* Save a copy of the last message for Authenticator derivation
 		 */
 		wpabuf_free(wps->last_msg);