Bluetooth: Classic: SSP: Only set MITM when sec level is more than 2
The local device shall only set the MITM protection required flag if the local device itself requires MITM protection. Only set MITM flag when the required security level is more than 2 and pairing method is not `JUST_WORKS`. Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
This commit is contained in:
parent
1e0af58b51
commit
40b10ccf8d
1 changed files with 5 additions and 13 deletions
|
@ -163,23 +163,15 @@ static uint8_t ssp_pair_method(const struct bt_conn *conn)
|
|||
static uint8_t ssp_get_auth(const struct bt_conn *conn)
|
||||
{
|
||||
bt_security_t max_sec_level;
|
||||
uint8_t mitm = 0;
|
||||
|
||||
/* Check if the MITM is required by service */
|
||||
max_sec_level = bt_l2cap_br_get_max_sec_level();
|
||||
|
||||
/*
|
||||
* The local device shall only set the MITM protection required flag
|
||||
* if the local device itself requires MITM protection.
|
||||
*/
|
||||
if ((max_sec_level > BT_SECURITY_L2) && (ssp_pair_method(conn) > JUST_WORKS)) {
|
||||
mitm = BT_MITM;
|
||||
}
|
||||
|
||||
/* Validate no bond auth request, and if valid use it. */
|
||||
if ((conn->br.remote_auth == BT_HCI_NO_BONDING) ||
|
||||
((conn->br.remote_auth == BT_HCI_NO_BONDING_MITM) &&
|
||||
(ssp_pair_method(conn) > JUST_WORKS))) {
|
||||
return conn->br.remote_auth | mitm;
|
||||
}
|
||||
|
||||
/* Local & remote have enough IO capabilities to get MITM protection. */
|
||||
if (ssp_pair_method(conn) > JUST_WORKS) {
|
||||
return conn->br.remote_auth | BT_MITM;
|
||||
}
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue