diff options
author | Johan Hedberg <johan.hedberg@intel.com> | 2014-07-14 07:34:55 -0400 |
---|---|---|
committer | Marcel Holtmann <marcel@holtmann.org> | 2014-07-14 07:37:10 -0400 |
commit | b2d5e254ebfe9e4a926265c23bc5943f212fd1ac (patch) | |
tree | 86718d8d8e72d9e48042221f4452d604ab78118d /net/bluetooth | |
parent | eb5a4de80f266d0bb7edd43c61894da74faaa91a (diff) |
Bluetooth: Fix trying LTK re-encryption when we don't have an LTK
In the case that the key distribution bits cause us not to generate a
local LTK we should not try to re-encrypt if we're currently encrypted
with an STK. This patch fixes the check for this in the
smp_sufficient_security function.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r-- | net/bluetooth/smp.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index bf3568c46847..8339d6b0f2b8 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c | |||
@@ -876,9 +876,12 @@ bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) | |||
876 | /* If we're encrypted with an STK always claim insufficient | 876 | /* If we're encrypted with an STK always claim insufficient |
877 | * security. This way we allow the connection to be re-encrypted | 877 | * security. This way we allow the connection to be re-encrypted |
878 | * with an LTK, even if the LTK provides the same level of | 878 | * with an LTK, even if the LTK provides the same level of |
879 | * security. | 879 | * security. Only exception is if we don't have an LTK (e.g. |
880 | * because of key distribution bits). | ||
880 | */ | 881 | */ |
881 | if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags)) | 882 | if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) && |
883 | hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type, | ||
884 | hcon->out)) | ||
882 | return false; | 885 | return false; |
883 | 886 | ||
884 | if (hcon->sec_level >= sec_level) | 887 | if (hcon->sec_level >= sec_level) |