Commit 92516cd9 authored by Sonny Sasaka's avatar Sonny Sasaka Committed by Marcel Holtmann
Browse files

Bluetooth: Always request for user confirmation for Just Works 



To improve security, always give the user-space daemon a chance to
accept or reject a Just Works pairing (LE). The daemon may decide to
auto-accept based on the user's intent.

Signed-off-by: default avatarSonny Sasaka <sonnysasaka@chromium.org>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent 3ee7b7cd

net/bluetooth/smp.c

+10 −2
Original line number Diff line number Diff line
@@ -855,6 +855,7 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, 
	struct smp_chan *smp = chan->data;

	u32 passkey = 0;

	int ret = 0;

	int err;



	/* Initialize key for JUST WORKS */

	memset(smp->tk, 0, sizeof(smp->tk));
@@ -883,9 +884,16 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, 
	    hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)

		smp->method = JUST_WORKS;



	/* If Just Works, Continue with Zero TK */

	/* If Just Works, Continue with Zero TK and ask user-space for

	 * confirmation */

	if (smp->method == JUST_WORKS) {

		set_bit(SMP_FLAG_TK_VALID, &smp->flags);

		err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,

						hcon->type,

						hcon->dst_type,

						passkey, 1);

		if (err)

			return SMP_UNSPECIFIED;

		set_bit(SMP_FLAG_WAIT_USER, &smp->flags);

		return 0;

	}