Re: [PATCH] Bluetooth: Check authorization when sec_level goes high.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Wed, Jan 12, 2011 at 2:08 PM, Matti J. Aaltonen
<matti.j.aaltonen@xxxxxxxxx> wrote:
> Initiate authorization check also in cases where the
> security level of an existing connection changes to
> BT_SECURITY_HIGH.
>
> This patch fixes a bug which makes commands bluez-test-device and
> bluez-simple-agent fail, if the latter is given before the connection
> created by bluez-test-device has expired.
>
> Signed-off-by: Matti J. Aaltonen <matti.j.aaltonen@xxxxxxxxx>
> ---
>  net/bluetooth/hci_conn.c |   13 ++++++++++++-
>  1 files changed, 12 insertions(+), 1 deletions(-)
>
> diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
> index 0b1e460..5df232b 100644
> --- a/net/bluetooth/hci_conn.c
> +++ b/net/bluetooth/hci_conn.c
> @@ -380,8 +380,19 @@ struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8
>                acl->auth_type = auth_type;
>                hci_acl_connect(acl);
>        } else {
> -               if (acl->sec_level < sec_level)
> +               if (acl->sec_level < sec_level) {
>                        acl->sec_level = sec_level;
> +                       if (acl->sec_level == BT_SECURITY_HIGH) {
> +                               struct hci_cp_auth_requested ar;
> +
> +                               acl->state = BT_CONFIG;
> +                               memset(&ar, 0, sizeof(ar));
> +                               ar.handle = cpu_to_le16(acl->handle);
> +                               hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
> +                                            sizeof(ar), &ar);
> +                       }
> +               }
> +
>                if (acl->auth_type < auth_type)
>                        acl->auth_type = auth_type;
>        }

I don't think this fixes the problem properly, the authentication
request could have been sent before because other levels might require
it, also Im afraid this can break sockets using the same link since
the state got reseted to BT_CONFIG when it could previously be
BT_CONNECTED, what happens if there a socket in use and the link is
set back to BT_CONFIG after connected?
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux