Bluetooth: Fix outgoing authentication requirement check
authorJohan Hedberg <johan.hedberg@intel.com>
Wed, 8 Jan 2014 14:40:39 +0000 (16:40 +0200)
committerJohan Hedberg <johan.hedberg@intel.com>
Thu, 13 Feb 2014 07:51:31 +0000 (09:51 +0200)
commit264b8b4e973f8741adf530a388be72af4bfee953
tree112aa02c2c7b008bb7fd294586e6be55cba84677
parente57f1734d87aa0e9a00905ed08888f0c62f56227
Bluetooth: Fix outgoing authentication requirement check

The check for HIGH security level dates back to pre-mgmt times when a
raw L2CAP socket with HIGH security level was used to trigger dedicated
bonding. For legacy pairing checking for the security level was the only
way to catch the need to authenticate in all scenarios. With mgmt
however, the pair_device command does not use HIGH security but MEDIUM
security. Therefore, the existing code would never trigger
authentication for a non-SSP connection without an MITM requirement
(e.g. if user space provided a NoInputNoOutput IO capability). In such a
scenario the mgmt_pair_device command would return success without
actually triggering any kind of pairing.

This patch updates the authentication requirement check to also consider
MEDIUM security level, and thereby ensures that mgmt_pair_device will
always trigger authentication.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
net/bluetooth/hci_event.c