Enforce authentication if encryption is required
Original bug
Bug: 294854926
regressions:
Bug: 299570702
Bug: 299561281
Test: Test: m com.android.btservices
Test: QA validation
Ignore-AOSP-First: security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:778d3fb3fb520e54425ecefe9a28453002053553)
Merged-In: I0370ed2e3166d56f708e1981c2126526e1db9eaa
Change-Id: I0370ed2e3166d56f708e1981c2126526e1db9eaa
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index 2e40e02..2f973ee 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -4879,13 +4879,15 @@
// Check link status of BR/EDR
if (!(p_dev_rec->sec_flags & BTM_SEC_AUTHENTICATED)) {
if (p_dev_rec->is_originator) {
- if (p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE) {
- LOG_DEBUG(LOG_TAG, "Outgoing authentication Required");
+ if (p_dev_rec->security_required &
+ (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT)) {
+ LOG_DEBUG(LOG_TAG, "Outgoing authentication/encryption Required");
start_auth = true;
}
} else {
- if (p_dev_rec->security_required & BTM_SEC_IN_AUTHENTICATE) {
- LOG_DEBUG(LOG_TAG, "Incoming authentication Required");
+ if (p_dev_rec->security_required &
+ (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)) {
+ LOG_DEBUG(LOG_TAG, "Incoming authentication/encryption Required");
start_auth = true;
}
}