You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2021/04/19 08:53:31 UTC

[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #971: nimble/host: Fix potential MITM vulnerability in case of secure connection pairing

sjanc commented on a change in pull request #971:
URL: https://github.com/apache/mynewt-nimble/pull/971#discussion_r615662464



##########
File path: nimble/host/src/ble_sm_sc.c
##########
@@ -612,6 +612,14 @@ ble_sm_sc_public_key_rx(uint16_t conn_handle, struct os_mbuf **om,
     }
 
     cmd = (struct ble_sm_public_key *)(*om)->om_data;
+    /* Check if the peer public key is same as our generated public key.
+     * Return fail if the public keys match. */
+    if (ble_sm_sc_keys_generated) {

Review comment:
       I think this check is not needed as ble_sm_sc_ensure_keys_generated() is called before




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org