lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 19 Jun 2011 20:59:37 +0300
From:	Johan Hedberg <johan.hedberg@...il.com>
To:	Keith Packard <keithp@...thp.com>
Cc:	Luiz Augusto von Dentz <luiz.dentz@...il.com>,
	Waldemar.Rymarkiewicz@...to.com, padovan@...fusion.mobi,
	marcel@...tmann.org, linux-bluetooth@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: Regression caused by "Bluetooth: Map sec_level to link key
 requirements"

Hi Keith,

On Sun, Jun 19, 2011, Keith Packard wrote:
> On Fri, 10 Jun 2011 14:58:50 +0900, Luiz Augusto von Dentz <luiz.dentz@...il.com> wrote:
> 
> > diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
> > index 2f5ae53..b309f84 100644
> > --- a/net/bluetooth/hci_conn.c
> > +++ b/net/bluetooth/hci_conn.c
> > @@ -673,8 +673,8 @@ auth:
> >         if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
> >                 return 0;
> > 
> > -       hci_conn_auth(conn, sec_level, auth_type);
> > -       return 0;
> > +       if (!(hci_conn_auth(conn, sec_level, auth_type)))
> > +               return 0;
> > 
> >  encrypt:
> >         if (conn->link_mode & HCI_LM_ENCRYPT)
> 
> That makes the first connection afer boot succeed, but subsequent
> connections fail in the same way.

Did you try also the following patch (which should also be making it to
3.0):
http://git.kernel.org/?p=linux/kernel/git/padovan/bluetooth-2.6.git;a=commitdiff;h=330605423ca6eafafb8dcc27502bce1c585d1b06

I think you'll need both of them to fix the pairing/security issues.

Johan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ