dpp-nfc: Do not allow more than one alternative channel proposal

This avoids potential loops of endless alternative URI exchanges over
NFC negotiated connection handover. Only allow one such alternative
proposal and declarare the handover as a failure if another alternative
were needed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/examples/dpp-nfc.py b/wpa_supplicant/examples/dpp-nfc.py
index fda97918c57ace2915c27160c34419262e49724d..24826e0f6f3c8b6962d9345351792f5f4c0bbe11 100755 (executable)
--- a/wpa_supplicant/examples/dpp-nfc.py
+++ b/wpa_supplicant/examples/dpp-nfc.py
@@ -41,6 +41,7 @@ hs_sent = False
 netrole = None
 operation_success = False
 mutex = threading.Lock()
+no_alt_proposal = False
 
 C_NORMAL = '\033[0m'
 C_RED = '\033[91m'
@@ -388,7 +389,10 @@ def dpp_handover_client(llc, alt=False):
                 summary("Failed to initiate DPP authentication", color=C_RED)
             break
 
-    if not dpp_found:
+    global no_alt_proposal
+    if not dpp_found and no_alt_proposal:
+        summary("DPP carrier not seen in response - do not allow alternative proposal anymore")
+    elif not dpp_found:
         summary("DPP carrier not seen in response - allow peer to initiate a new handover with different parameters")
         my_crn_ready = False
         my_crn = None
@@ -561,16 +565,21 @@ class HandoverServer(nfc.handover.HandoverServer):
                 sel = [hs, carrier]
                 break
 
-        global hs_sent
+        global hs_sent, no_alt_proposal
         summary("Sending handover select: " + str(sel))
         if found:
             summary("Handover completed successfully")
             self.success = True
             hs_sent = True
+        elif no_alt_proposal:
+            summary("Do not try alternative proposal anymore - handover failed",
+                    color=C_RED)
+            hs_sent = True
         else:
             summary("Try to initiate with alternative parameters")
             self.try_own = True
             hs_sent = False
+            no_alt_proposal = True
             threading.Thread(target=llcp_worker, args=(self.llc, True)).start()
         return sel
 
@@ -775,11 +784,13 @@ def llcp_startup(llc):
 def llcp_connected(llc):
     summary("P2P LLCP connected")
     global wait_connection, my_crn, peer_crn, my_crn_ready, hs_sent
+    global no_alt_proposal
     wait_connection = False
     my_crn_ready = False
     my_crn = None
     peer_crn = None
     hs_sent = False
+    no_alt_proposal = False
     global srv
     srv.start()
     if init_on_touch or not no_input: