DPP: Don't close TCP connection for duplicate Presence Announcements

If wpa_supplicant receives a duplicate DPP chirp over a TCP connection
this causes the connection (and all of its state) to be torn down.
Such a tear-down means that the authentication request state is discarded.
That in turn will cause any otherwise valid authentication response
to not succeed.

This commit addresses that problem. It also does not attempt to check
for duplicates until at least we know that we have an appropriate hash.

Signed-off-by: Eliot Lear <lear@lear.ch>

diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c
index ff18a9929d945c2c17b8c28b24866abe1e2b27f2..f51bc1b811738ff6cea3f4541c77e5f455d35d9c 100644 (file)
--- a/src/common/dpp_tcp.c
+++ b/src/common/dpp_tcp.c
@@ -945,12 +945,6 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
        struct dpp_authentication *auth;
        struct dpp_global *dpp = conn->ctrl->global;
 
-       if (conn->auth) {
-               wpa_printf(MSG_DEBUG,
-                          "DPP: Ignore Presence Announcement during ongoing Authentication");
-               return -1;
-       }
-
        wpa_printf(MSG_DEBUG, "DPP: Presence Announcement");
 
        r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
@@ -969,6 +963,12 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
                return -1;
        }
 
+       if (conn->auth) {
+               wpa_printf(MSG_DEBUG,
+                          "DPP: Ignore Presence Announcement during ongoing Authentication");
+               return 0;
+       }
+
        auth = dpp_auth_init(dpp, conn->msg_ctx, peer_bi, NULL,
                             DPP_CAPAB_CONFIGURATOR, -1, NULL, 0);
        if (!auth)