You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2021/04/21 13:42:53 UTC

[GitHub] [mynewt-nimble] prasad-alatkar commented on a change in pull request #971: nimble/host: Fix potential MITM vulnerability in case of secure connection pairing

prasad-alatkar commented on a change in pull request #971:
URL: https://github.com/apache/mynewt-nimble/pull/971#discussion_r617547801



##########
File path: nimble/host/src/ble_sm_sc.c
##########
@@ -612,6 +612,14 @@ ble_sm_sc_public_key_rx(uint16_t conn_handle, struct os_mbuf **om,
     }
 
     cmd = (struct ble_sm_public_key *)(*om)->om_data;
+    /* Check if the peer public key is same as our generated public key.
+     * Return fail if the public keys match. */
+    if (ble_sm_sc_keys_generated) {

Review comment:
       Yes, the check is not needed. 




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org