DPP: Use existing TCP connection to replay duplicate Presence Announcement

Instead of opening a new TCP connection for each received Presence
Announcement from the same Enrollee from the Relay to the Controller,
use an existing connection if it is still waiting for Authentication
Response. This avoids opening multiple parallel sessions between the
same Controller and Enrollee.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c
index f51bc1b811738ff6cea3f4541c77e5f455d35d9c..3e7aaade1b397dae6e8656988affa0c38078c85d 100644 (file)
--- a/src/common/dpp_tcp.c
+++ b/src/common/dpp_tcp.c
@@ -628,6 +628,17 @@ int dpp_relay_rx_action(struct dpp_global *dpp, const u8 *src, const u8 *hdr,
        if (!ctrl)
                return -1;
 
+       if (type == DPP_PA_PRESENCE_ANNOUNCEMENT ||
+           type == DPP_PA_RECONFIG_ANNOUNCEMENT) {
+               conn = dpp_relay_match_ctrl(ctrl, src, freq, type);
+               if (conn &&
+                   (!conn->auth || conn->auth->waiting_auth_resp)) {
+                       wpa_printf(MSG_DEBUG,
+                                  "DPP: Use existing TCP connection to Controller since no Auth Resp seen on it yet");
+                       return dpp_relay_tx(conn, hdr, buf, len);
+               }
+       }
+
        wpa_printf(MSG_DEBUG,
                   "DPP: Authentication Request for a configured Controller");
        conn = dpp_relay_new_conn(ctrl, src, freq);