AP: Don't increment auth_transaction upon SAE authentication failure

IEEE Std 802.11-2016, 12.4.7.6 specifies:

An SAE Commit message with a status code not equal to SUCCESS shall
indicate that a peer rejects a previously sent SAE Commit message.

An SAE Confirm message, with a status code not equal to SUCCESS, shall
indicate that a peer rejects a previously sent SAE Confirm message.

Thus when SAE authentication failure happens, authentication transaction
sequence number should not be incremented.

Signed-off-by: Jia Ding <jiad@codeaurora.org>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index b404e84affe51e8809a217222c01619cbbe1dd68..22cce961063e07ac0b1c2393752091055614bcb0 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3943,8 +3943,10 @@ static void handle_auth(struct hostapd_data *hapd,
 
  fail:
        reply_res = send_auth_reply(hapd, sta, mgmt->sa, mgmt->bssid, auth_alg,
-                                   auth_transaction + 1, resp, resp_ies,
-                                   resp_ies_len, "handle-auth");
+                                   auth_alg == WLAN_AUTH_SAE ?
+                                   auth_transaction : auth_transaction + 1,
+                                   resp, resp_ies, resp_ies_len,
+                                   "handle-auth");
 
        if (sta && sta->added_unassoc && (resp != WLAN_STATUS_SUCCESS ||
                                          reply_res != WLAN_STATUS_SUCCESS)) {