This is an automated email from the ASF dual-hosted git repository.
janc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
The following commit(s) were added to refs/heads/master by this push:
new bdf755b6 host/sm: fix check in ble_sm_pair_req_rx
bdf755b6 is described below
commit bdf755b69584c86e4e5243598490a1176a4ac16e
Author: Krzysztof Kopyściński <[email protected]>
AuthorDate: Wed Jul 27 11:26:21 2022 +0200
host/sm: fix check in ble_sm_pair_req_rx
If SC_ONLY is enabled fail pairing request if either keysize is to small
OR SC is not supported by peer. Previously it was an AND, which means
both conditions must be true to fail pairing, which is not correct.
---
nimble/host/src/ble_sm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nimble/host/src/ble_sm.c b/nimble/host/src/ble_sm.c
index de1006bc..0339e3eb 100644
--- a/nimble/host/src/ble_sm.c
+++ b/nimble/host/src/ble_sm.c
@@ -1832,8 +1832,8 @@ ble_sm_pair_req_rx(uint16_t conn_handle, struct os_mbuf
**om,
} else if (req->max_enc_key_size > BLE_SM_PAIR_KEY_SZ_MAX) {
res->sm_err = BLE_SM_ERR_INVAL;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_INVAL);
- } else if (MYNEWT_VAL(BLE_SM_SC_ONLY) && (req->max_enc_key_size !=
BLE_SM_PAIR_KEY_SZ_MAX) &&
- !(req->authreq & BLE_SM_PAIR_AUTHREQ_SC)) {
+ } else if (MYNEWT_VAL(BLE_SM_SC_ONLY) && ((req->max_enc_key_size !=
BLE_SM_PAIR_KEY_SZ_MAX) ||
+ !(req->authreq &
BLE_SM_PAIR_AUTHREQ_SC))) {
/* Fail if Secure Connections Only mode is on and remote does not
meet
* key size requirements - MITM was checked in last step. Fail if
SC is not supported
* by peer.
