Bluetooth: Always use non-bonding requirement when not bondable
authorJohan Hedberg <johan.hedberg@intel.com>
Wed, 30 Jul 2014 06:22:24 +0000 (09:22 +0300)
committerMarcel Holtmann <marcel@holtmann.org>
Wed, 30 Jul 2014 17:28:41 +0000 (19:28 +0200)
When we're not bondable we should never send any other SSP
authentication requirement besides one of the non-bonding ones.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
net/bluetooth/hci_event.c

index c43cee4fcffded2d2f5da6a9dc216af1f7787acd..be35598984d9b9b3120cd178f67f0418858b2774 100644 (file)
@@ -3671,13 +3671,18 @@ static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
                        if (conn->io_capability != HCI_IO_NO_INPUT_OUTPUT &&
                            conn->auth_type != HCI_AT_NO_BONDING)
                                conn->auth_type |= 0x01;
-
-                       cp.authentication = conn->auth_type;
                } else {
                        conn->auth_type = hci_get_auth_req(conn);
-                       cp.authentication = conn->auth_type;
                }
 
+               /* If we're not bondable, force one of the non-bondable
+                * authentication requirement values.
+                */
+               if (!test_bit(HCI_BONDABLE, &hdev->dev_flags))
+                       conn->auth_type &= HCI_AT_NO_BONDING_MITM;
+
+               cp.authentication = conn->auth_type;
+
                if (hci_find_remote_oob_data(hdev, &conn->dst) &&
                    (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
                        cp.oob_data = 0x01;