commit 00ae4af91d8c5b6814e2bb3bfaaf743845f989eb
author Marcel Holtmann <marcel@holtmann.org> Thu Feb 12 16:19:45 2009 +0100
committer Marcel Holtmann <marcel@holtmann.org> Fri Feb 27 06:14:43 2009 +0100
tree 616da6330e5b9ca7448234fbd588c536da165d11
parent 2950f21acb0f6b8fcd964485c2ebf1e06545ac20

Bluetooth: Fix authentication requirements for L2CAP security check

The L2CAP layer can trigger the authentication via an ACL connection or
later on to increase the security level. When increasing the security
level it didn't use the same authentication requirements when triggering
a new ACL connection. Make sure that exactly the same authentication
requirements are used. The only exception here are the L2CAP raw sockets
which are only used for dedicated bonding.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

net/bluetooth/l2cap.c

diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index d563f2e..79a4325 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -268,16 +268,26 @@
 	struct l2cap_conn *conn = l2cap_pi(sk)->conn;
 	__u8 auth_type;
 
-	switch (l2cap_pi(sk)->sec_level) {
-	case BT_SECURITY_HIGH:
-		auth_type = HCI_AT_GENERAL_BONDING_MITM;
-		break;
-	case BT_SECURITY_MEDIUM:
-		auth_type = HCI_AT_GENERAL_BONDING;
-		break;
-	default:
-		auth_type = HCI_AT_NO_BONDING;
-		break;
+	if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
+		if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
+			auth_type = HCI_AT_NO_BONDING_MITM;
+		else
+                        auth_type = HCI_AT_NO_BONDING;
+
+		if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
+			l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
+	} else {
+		switch (l2cap_pi(sk)->sec_level) {
+		case BT_SECURITY_HIGH:
+			auth_type = HCI_AT_GENERAL_BONDING_MITM;
+			break;
+		case BT_SECURITY_MEDIUM:
+			auth_type = HCI_AT_GENERAL_BONDING;
+			break;
+		default:
+			auth_type = HCI_AT_NO_BONDING;
+			break;
+		}
 	}
 
 	return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,