• J
    Bluetooth: Fix outgoing authentication requirement check · 264b8b4e
    Johan Hedberg 提交于
    The check for HIGH security level dates back to pre-mgmt times when a
    raw L2CAP socket with HIGH security level was used to trigger dedicated
    bonding. For legacy pairing checking for the security level was the only
    way to catch the need to authenticate in all scenarios. With mgmt
    however, the pair_device command does not use HIGH security but MEDIUM
    security. Therefore, the existing code would never trigger
    authentication for a non-SSP connection without an MITM requirement
    (e.g. if user space provided a NoInputNoOutput IO capability). In such a
    scenario the mgmt_pair_device command would return success without
    actually triggering any kind of pairing.
    
    This patch updates the authentication requirement check to also consider
    MEDIUM security level, and thereby ensures that mgmt_pair_device will
    always trigger authentication.
    Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
    Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
    264b8b4e
hci_event.c 89.0 KB