From ec022f8dacd2f2bc7a71532549c531b6afa5c5e9 Mon Sep 17 00:00:00 2001
From: Marcel Holtmann <marcel@holtmann.org>
Date: Thu, 15 Jan 2009 21:58:44 +0100
Subject: [PATCH] --- yaml --- r: 134721 b: refs/heads/master c:
 f62e4323ab43c59e7cd7f72c1eb392d7c767ce5a h: refs/heads/master i:   134719:
 eb4263dc47db3497be6afe462b815119f5514be2 v: v3

---
 [refs]                      |  2 +-
 trunk/net/bluetooth/l2cap.c | 26 +++++++++++++++++++-------
 2 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/[refs] b/[refs]
index 476a7baabf13..1f7a5890ecfe 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 8c84b83076b5062f59b6167cdda90d9e5124aa71
+refs/heads/master: f62e4323ab43c59e7cd7f72c1eb392d7c767ce5a
diff --git a/trunk/net/bluetooth/l2cap.c b/trunk/net/bluetooth/l2cap.c
index e899a9371c00..b2d279c245cf 100644
--- a/trunk/net/bluetooth/l2cap.c
+++ b/trunk/net/bluetooth/l2cap.c
@@ -77,7 +77,9 @@ static void l2cap_sock_timeout(unsigned long arg)
 
 	bh_lock_sock(sk);
 
-	if (sk->sk_state == BT_CONNECT &&
+	if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
+		reason = ECONNREFUSED;
+	else if (sk->sk_state == BT_CONNECT &&
 				l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
 		reason = ECONNREFUSED;
 	else
@@ -2400,6 +2402,20 @@ static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason)
 	return 0;
 }
 
+static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
+{
+	if (encrypt == 0x00) {
+		if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
+			l2cap_sock_clear_timer(sk);
+			l2cap_sock_set_timer(sk, HZ * 5);
+		} else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
+			__l2cap_sock_close(sk, ECONNREFUSED);
+	} else {
+		if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
+			l2cap_sock_clear_timer(sk);
+	}
+}
+
 static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
 {
 	struct l2cap_chan_list *l;
@@ -2416,15 +2432,11 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
 	read_lock(&l->lock);
 
 	for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
-		struct l2cap_pinfo *pi = l2cap_pi(sk);
-
 		bh_lock_sock(sk);
 
-		if (!status && encrypt == 0x00 &&
-				pi->sec_level == BT_SECURITY_HIGH &&
-					(sk->sk_state == BT_CONNECTED ||
+		if (!status && (sk->sk_state == BT_CONNECTED ||
 						sk->sk_state == BT_CONFIG)) {
-			__l2cap_sock_close(sk, ECONNREFUSED);
+			l2cap_check_encryption(sk, encrypt);
 			bh_unlock_sock(sk);
 			continue;
 		}