sm: ignore Security Request after re-encryption has started

2025-03-27 14:37:12 +00:00 · 2024-03-01 10:38:01 +01:00 · 2024-03-01 10:38:01 +01:00 · e2a5eb6349
commit e2a5eb6349
parent 8f19f013a1
2 changed files with 2 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - GAP: allow use of own address type different from gap_random_set_mode() incl. RPA in LE Extended Advertising
 - SM: abort pairing with invalid parameter error for encryption key size > 16
+- SM: ignore Security Request after re-encryption has started
 - ATT Server: support delayed read responses for registered services
 - ATT Server: allow to start crypto operation from delayed att read/write request
 - HFP HF: send HF Indicator update only if enabled by AG
--- a/src/ble/sm.c
+++ b/src/ble/sm.c
@ -4516,6 +4516,7 @@ static void sm_pdu_handler(uint8_t packet_type, hci_con_handle_t con_handle, uin
            sm_conn->sm_engine_state = SM_PH2_C1_GET_ENC_C;
            break;

+        case SM_INITIATOR_PH4_HAS_LTK:
        case SM_PH4_W4_CONNECTION_ENCRYPTED:
            // ignore Security Request, see SM_INITIATOR_PH1_W4_PAIRING_RESPONSE above
            if (sm_pdu_code != SM_CODE_SECURITY_REQUEST){