1
0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-02-24 12:40:47 +00:00

gap: send IO Capabilities Negative Reply if Level 4 required but remote does not support SC

This commit is contained in:
Matthias Ringwald 2021-06-19 18:46:27 +02:00
parent 128825c3b0
commit 9671e61529

@ -2771,12 +2771,23 @@ static void event_handler(uint8_t *packet, uint16_t size){
conn = hci_connection_for_bd_addr_and_type(addr, BD_ADDR_TYPE_ACL);
if (!conn) break;
hci_connection_timestamp(conn);
hci_pairing_started(conn, true);
// assess security
if ((hci_stack->gap_secure_connections_only_mode || (conn->requested_security_level == LEVEL_4)) && !hci_remote_sc_enabled(conn)){
log_info("Level 4 required, but SC not supported -> abort");
hci_pairing_complete(conn, ERROR_CODE_INSUFFICIENT_SECURITY);
connectionSetAuthenticationFlags(conn, AUTH_FLAG_SEND_IO_CAPABILITIES_NEGATIVE_REPLY);
break;
}
#ifndef ENABLE_EXPLICIT_IO_CAPABILITIES_REPLY
if (hci_stack->ssp_io_capability != SSP_IO_CAPABILITY_UNKNOWN){
hci_add_connection_flags_for_flipped_bd_addr(&packet[2], AUTH_FLAG_SEND_IO_CAPABILITIES_REPLY);
connectionSetAuthenticationFlags(conn, AUTH_FLAG_SEND_IO_CAPABILITIES_REPLY);
} else {
hci_add_connection_flags_for_flipped_bd_addr(&packet[2], AUTH_FLAG_SEND_IO_CAPABILITIES_NEGATIVE_REPLY);
connectionSetAuthenticationFlags(conn, AUTH_FLAG_SEND_IO_CAPABILITIES_NEGATIVE_REPLY);
}
#endif
break;