diff options
| author | Archie Pusaka <apusaka@chromium.org> | 2020-07-23 00:20:32 +0800 |
|---|---|---|
| committer | Ayush Garg <ayush.garg@samsung.com> | 2021-04-12 14:30:50 +0530 |
| commit | ae186be8d92c5a8067359be1ef8c8038c4de5db6 (patch) | |
| tree | b0869723f2c40b34ffaa35acfd99d866e3ec232b | |
| parent | adf2be0a00bcf2b0e3c7cd02e8e30853e6f07408 (diff) | |
| download | bluez-ae186be8d92c5a8067359be1ef8c8038c4de5db6.tar.gz bluez-ae186be8d92c5a8067359be1ef8c8038c4de5db6.tar.bz2 bluez-ae186be8d92c5a8067359be1ef8c8038c4de5db6.zip | |
input: authenticate when connecting to a bonded device
According to bluetooth HID1.1 spec, part 5.4.3.4.3:
If the Bluetooth HID Host is bonded to a Bluetooth HID device:
If encryption is not already enabled, the Bluetooth HID Host shall
enable encryption with the Bluetooth HID device before sending an
L2CAP Connect Request to open the HID L2CAP Control channel.
When creating connection, this patch checks whether the target
device is bonded, if yes then we use the medium security level
instead of the low one to enable encryption.
Signed-off-by: Anuj Jain <anuj01.jain@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>
| -rw-r--r-- | profiles/input/device.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/profiles/input/device.c b/profiles/input/device.c index 0552fe5a..fc02b645 100644 --- a/profiles/input/device.c +++ b/profiles/input/device.c @@ -114,6 +114,12 @@ void input_set_classic_bonded_only(bool state) static void input_device_enter_reconnect_mode(struct input_device *idev); static int connection_disconnect(struct input_device *idev, uint32_t flags); +static bool input_device_bonded(struct input_device *idev) +{ + return device_is_bonded(idev->device, + btd_device_get_bdaddr_type(idev->device)); +} + static void input_device_free(struct input_device *idev) { bt_uhid_unref(idev->uhid); @@ -985,8 +991,7 @@ static int hidp_add_connection(struct input_device *idev) device_get_name(idev->device, req->name, sizeof(req->name)); /* Make sure the device is bonded if required */ - if (classic_bonded_only && !device_is_bonded(idev->device, - btd_device_get_bdaddr_type(idev->device))) { + if (classic_bonded_only && !input_device_bonded(idev)) { error("Rejected connection from !bonded device %s", dst_addr); goto cleanup; } @@ -1189,16 +1194,23 @@ static int dev_connect(struct input_device *idev) { GError *err = NULL; GIOChannel *io; + BtIOSecLevel sec_level; if (idev->disable_sdp) bt_clear_cached_session(&idev->src, &idev->dst); + /* encrypt connection if device is bonded */ + if (input_device_bonded(idev)) + sec_level = BT_IO_SEC_MEDIUM; + else + sec_level = BT_IO_SEC_LOW; + io = bt_io_connect(control_connect_cb, idev, NULL, &err, BT_IO_OPT_SOURCE_BDADDR, &idev->src, BT_IO_OPT_DEST_BDADDR, &idev->dst, BT_IO_OPT_PSM, L2CAP_PSM_HIDP_CTRL, - BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW, + BT_IO_OPT_SEC_LEVEL, sec_level, BT_IO_OPT_INVALID); idev->ctrl_io = io; @@ -1263,8 +1275,7 @@ static void input_device_enter_reconnect_mode(struct input_device *idev) reconnect_mode_to_string(idev->reconnect_mode)); /* Make sure the device is bonded if required */ - if (classic_bonded_only && !device_is_bonded(idev->device, - btd_device_get_bdaddr_type(idev->device))) + if (classic_bonded_only && !input_device_bonded(idev)) return; /* Only attempt an auto-reconnect when the device is required to |