I am now looking at what is going on with a sniffer. For some reason in 5.10, the AuthReq always comes from the slave (BlueZ is the master, GATT client): 5.10 kernel which fails, leaving out empty PDU, L2CAP Fragments, etc. This sequence is reproducible. Sent slave CONNECT_IND Rcvd Security Request: AuthReq: Bonding, SecureConnection Sent Pairing Failed: Pairing not Supported Sent Pairing Failed: Pairing not Supported Rcvd Exchange MTU Response ... Sent Pairing Request: AuthReq: No Bonding, SecureConnection | Initiator Key(s): <none> | Responder key(s) IRK Sent Control Opcode LL_LENGTH_RSP Rcvd Pairing Response: AuthReq: No Bonding, SecureConnection | Initiator Key(s): <none> | Responder key(s) Sent Pairing Public Key Sent Read By Type Request, Sever Supported Features, Handles: ... Recvd Pairing Public Key Rcvd Pairing Confirm Rcvd Error Response - Attribute Not Found, Handle: 0x0001 (Unknown) Sent Pairing Random Sent Read by Group Type Request, Gatt ... Rcvd Pairing Random Send Pairing Failed: Numeric Comparison Failed The 5.4 kernel always works, but BlueZ/Linux sends the first AuthReq: Sent Slave CONNECT_IND Sent Pairing Request: AuthReq: No Bonding, SecureConnection | Initiator Key(s): <none> | Responder key(s) Rcvd Pairing Response: AuthReq: No Bonding, SecureConnection | Initiator Key(s): <none> | Responder key(s) Sent Read By Type Request, Sever Supported Features, Handles: ... Rcvd Pairing Response: AuthReq: No Bonding, SecureConnection | Initiator Key(s): <none> | Responder Sent Read by Group Type Request, Gatt .. Rcvd Pairing Confirm Rcvd Read by Group Type Response, Attribute .. Sent Pairing Random Sent Read by Group Type Request, Gatt .. Rcvd Pairing Random Sent Pairing DHKey Check Should the program be sending a Pair using the Device API? Is there something else to cause the public key exchange? In the 5.4 case, the "Paired" property is always being set by the Device API.
