DPP: Ignore GAS server status callback for unknown response

It was possible for a timeout from an old GAS server operation to
trigger DPP configuration failure during the subsequent DPP operation.
Fix this by verifying that the status callback is for the response
generated during the same DPP Authentication/Configuration exchange.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

src/common/dpp.h

@@ -202,6 +202,7 @@ struct dpp_authentication {
 	int remove_on_tx_status;
 	int auth_success;
 	struct wpabuf *conf_req;
+	const struct wpabuf *conf_resp; /* owned by GAS server */
 	struct dpp_configuration *conf_ap;
 	struct dpp_configuration *conf_sta;
 	struct dpp_configurator *conf;

wpa_supplicant/dpp_supplicant.c

@@ -2045,6 +2045,7 @@ wpas_dpp_gas_req_handler(void *ctx, const u8 *sa, const u8 *query,
 	resp = dpp_conf_req_rx(auth, query, query_len);
 	if (!resp)
 		wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
+	auth->conf_resp = resp;
 	return resp;
 }
 
@@ -2059,6 +2060,13 @@ wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
 		wpabuf_free(resp);
 		return;
 	}
+	if (auth->conf_resp != resp) {
+		wpa_printf(MSG_DEBUG,
+			   "DPP: Ignore GAS status report (ok=%d) for unknown response",
+			ok);
+		wpabuf_free(resp);
+		return;
+	}
 
 	wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
 		   ok);