aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorMarcel Holtmann <marcel@holtmann.org>2009-02-08 21:55:28 -0500
committerMarcel Holtmann <marcel@holtmann.org>2009-02-27 00:14:41 -0500
commit435fef20acfc48f46476abad55b0cd3aa47b8365 (patch)
tree8871de70ce8fedb293683b73d56d09582318ced0 /net
parent6a8d3010b313d99adbb28f1826fac0234395bb26 (diff)
Bluetooth: Don't enforce authentication for L2CAP PSM 1 and 3
The recommendation for the L2CAP PSM 1 (SDP) is to not use any kind of authentication or encryption. So don't trigger authentication for incoming and outgoing SDP connections. For L2CAP PSM 3 (RFCOMM) there is no clear requirement, but with Bluetooth 2.1 the initiator is required to enable authentication and encryption first and this gets enforced. So there is no need to trigger an additional authentication step. The RFCOMM service security will make sure that a secure enough link key is present. When the encryption gets enabled after the SDP connection setup, then switch the security level from SDP to low security. Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/l2cap.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index 01f750142d55..88340d24d11d 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -805,7 +805,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_
805 l2cap_pi(sk)->sport = la->l2_psm; 805 l2cap_pi(sk)->sport = la->l2_psm;
806 sk->sk_state = BT_BOUND; 806 sk->sk_state = BT_BOUND;
807 807
808 if (btohs(la->l2_psm) == 0x0001) 808 if (btohs(la->l2_psm) == 0x0001 || btohs(la->l2_psm) == 0x0003)
809 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; 809 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
810 } 810 }
811 811
@@ -852,6 +852,9 @@ static int l2cap_do_connect(struct sock *sk)
852 auth_type = HCI_AT_NO_BONDING_MITM; 852 auth_type = HCI_AT_NO_BONDING_MITM;
853 else 853 else
854 auth_type = HCI_AT_NO_BONDING; 854 auth_type = HCI_AT_NO_BONDING;
855
856 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
857 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
855 } else { 858 } else {
856 switch (l2cap_pi(sk)->sec_level) { 859 switch (l2cap_pi(sk)->sec_level) {
857 case BT_SECURITY_HIGH: 860 case BT_SECURITY_HIGH: