Commit b2d5e254 authored by Johan Hedberg's avatar Johan Hedberg Committed by Marcel Holtmann

Bluetooth: Fix trying LTK re-encryption when we don't have an LTK

In the case that the key distribution bits cause us not to generate a
local LTK we should not try to re-encrypt if we're currently encrypted
with an STK. This patch fixes the check for this in the
smp_sufficient_security function.
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent eb5a4de8
...@@ -876,9 +876,12 @@ bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) ...@@ -876,9 +876,12 @@ bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
/* If we're encrypted with an STK always claim insufficient /* If we're encrypted with an STK always claim insufficient
* security. This way we allow the connection to be re-encrypted * security. This way we allow the connection to be re-encrypted
* with an LTK, even if the LTK provides the same level of * with an LTK, even if the LTK provides the same level of
* security. * security. Only exception is if we don't have an LTK (e.g.
* because of key distribution bits).
*/ */
if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags)) if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
hcon->out))
return false; return false;
if (hcon->sec_level >= sec_level) if (hcon->sec_level >= sec_level)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment