| hci.c (1eb2563e8a879e8d115d41616c44ad3f5871ea12) | hci.c (fb8ba0dbcd59b0f55263e5be12c95aa6e35ceca0) |
|---|---|
| 1/* 2 * Copyright (C) 2009-2012 by Matthias Ringwald 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 700 unchanged lines hidden (view full) --- 709 710 case HCI_EVENT_AUTHENTICATION_COMPLETE_EVENT: 711 handle = READ_BT_16(packet, 3); 712 conn = hci_connection_for_handle(handle); 713 if (!conn) break; 714 if (gap_security_level_for_link_key_type(conn->link_key_type) >= conn->requested_security_level){ 715 // link key sufficient for requested security 716 conn->bonding_flags |= BONDING_SEND_ENCRYPTION_REQUEST; | 1/* 2 * Copyright (C) 2009-2012 by Matthias Ringwald 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 700 unchanged lines hidden (view full) --- 709 710 case HCI_EVENT_AUTHENTICATION_COMPLETE_EVENT: 711 handle = READ_BT_16(packet, 3); 712 conn = hci_connection_for_handle(handle); 713 if (!conn) break; 714 if (gap_security_level_for_link_key_type(conn->link_key_type) >= conn->requested_security_level){ 715 // link key sufficient for requested security 716 conn->bonding_flags |= BONDING_SEND_ENCRYPTION_REQUEST; |
| 717 return; | |
| 718 } else { 719 // not enough 720 hci_emit_security_level(handle, gap_security_level_for_connection(conn)); 721 } 722 break; 723 724#ifndef EMBEDDED 725 case HCI_EVENT_REMOTE_NAME_REQUEST_COMPLETE: --- 1093 unchanged lines hidden (view full) --- 1819 log_info("gap_request_security_level %u, current level %u", requested_level, current_level); 1820 if (current_level >= requested_level){ 1821 hci_emit_security_level(con_handle, current_level); 1822 return; 1823 } 1824 1825 connection->requested_security_level = requested_level; 1826 | 717 } else { 718 // not enough 719 hci_emit_security_level(handle, gap_security_level_for_connection(conn)); 720 } 721 break; 722 723#ifndef EMBEDDED 724 case HCI_EVENT_REMOTE_NAME_REQUEST_COMPLETE: --- 1093 unchanged lines hidden (view full) --- 1818 log_info("gap_request_security_level %u, current level %u", requested_level, current_level); 1819 if (current_level >= requested_level){ 1820 hci_emit_security_level(con_handle, current_level); 1821 return; 1822 } 1823 1824 connection->requested_security_level = requested_level; 1825 |
| 1827 // would enabling ecnryption suffice? | 1826 // would enabling ecnryption suffice (>= LEVEL_2)? |
| 1828 if (hci_stack.remote_device_db){ 1829 link_key_type_t link_key_type; 1830 link_key_t link_key; 1831 if (hci_stack.remote_device_db->get_link_key( &connection->address, &link_key, &link_key_type)){ 1832 if (gap_security_level_for_link_key_type(link_key_type) >= requested_level){ 1833 connection->bonding_flags |= BONDING_SEND_ENCRYPTION_REQUEST; 1834 return; 1835 } 1836 } 1837 } 1838 | 1827 if (hci_stack.remote_device_db){ 1828 link_key_type_t link_key_type; 1829 link_key_t link_key; 1830 if (hci_stack.remote_device_db->get_link_key( &connection->address, &link_key, &link_key_type)){ 1831 if (gap_security_level_for_link_key_type(link_key_type) >= requested_level){ 1832 connection->bonding_flags |= BONDING_SEND_ENCRYPTION_REQUEST; 1833 return; 1834 } 1835 } 1836 } 1837 |
| 1838 // setup SSP AuthRequirements, we need MITM to go higher 1839 hci_stack.ssp_authentication_requirement |= 1; // MITM required 1840 |
|
| 1839 // try to authenticate connection 1840 connection->bonding_flags |= BONDING_SEND_AUTHENTICATE_REQUEST; | 1841 // try to authenticate connection 1842 connection->bonding_flags |= BONDING_SEND_AUTHENTICATE_REQUEST; |
| 1841 // connection->bonding_flags |= BONDING_REQUESTED; | |
| 1842} | 1843} |