When we're not bondable we should never send any other SSP
authentication requirement besides one of the non-bonding ones.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>