diff options
author | Johan Hedberg | 2014-03-19 14:14:53 +0200 |
---|---|---|
committer | Marcel Holtmann | 2014-03-19 13:55:06 -0700 |
commit | 01ad34d267475ac3387d7ab803a2225b392dae91 (patch) | |
tree | 45d12bac249e36219b6c533dae85e78090208aad /net/bluetooth | |
parent | 5ed884d765a240593c721711eb9e6d24ceba5e8b (diff) |
Bluetooth: Fix SMP user passkey notification mgmt event
When performing SMP pairing with MITM protection one side needs to
enter the passkey while the other side displays to the user what needs
to be entered. Nowhere in the SMP specification does it say that the
displaying side needs to any kind of confirmation of the passkey, even
though a code comment in smp.c implies this.
This patch removes the misleading comment and converts the code to use
the passkey notification mgmt event instead of the passkey confirmation
mgmt event.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r-- | net/bluetooth/smp.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index ed1c9547ba6e..2a7ee7f6cd8b 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -407,13 +407,14 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, method = REQ_PASSKEY; } - /* Generate random passkey. Not valid until confirmed. */ + /* Generate random passkey. */ if (method == CFM_PASSKEY) { memset(smp->tk, 0, sizeof(smp->tk)); get_random_bytes(&passkey, sizeof(passkey)); passkey %= 1000000; put_unaligned_le32(passkey, smp->tk); BT_DBG("PassKey: %d", passkey); + set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags); } hci_dev_lock(hcon->hdev); @@ -422,7 +423,7 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type); else - ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, + ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type, cpu_to_le32(passkey), 0); |