Skip to content

Commit

Permalink
Bluetooth: Require authentication if MITM protection is requested
Browse files Browse the repository at this point in the history 
The HIGH security level requires a 16 digit pin code for non-SSP
bondings. Sometimes this requirement is not acceptable and we still
want protection againts MITM attacks (which is something that the
MEDIUM security level doesn't provide), for that we should allow
another way to request authentication without using the HIGH security
level.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
  • Loading branch information
Vinicius Costa Gomes authored and Gustavo F. Padovan committed Sep 21, 2011
1 parent 8aab475 commit e9bf2bf
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions net/bluetooth/hci_event.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1103,9 +1103,10 @@ static int hci_outgoing_auth_needed(struct hci_dev *hdev,
return 0;

/* Only request authentication for SSP connections or non-SSP
* devices with sec_level HIGH */
* devices with sec_level HIGH or if MITM protection is requested */
if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
conn->pending_sec_level != BT_SECURITY_HIGH)
conn->pending_sec_level != BT_SECURITY_HIGH &&
!(conn->auth_type & 0x01))
return 0;

return 1;
Expand Down

0 comments on commit e9bf2bf

Please sign in to comment.