You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mynewt.apache.org by na...@apache.org on 2019/12/30 11:14:15 UTC

[mynewt-nimble] branch master updated: nimble/host: Fail pairing when received unexpected pairing request

This is an automated email from the ASF dual-hosted git repository.

naraj pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git


The following commit(s) were added to refs/heads/master by this push:
     new 787c7b7  nimble/host: Fail pairing when received unexpected pairing request
787c7b7 is described below

commit 787c7b7fadb2f41ee10d6aa9b68d99abe1696faa
Author: Michał Narajowski <mi...@codecoup.pl>
AuthorDate: Fri Dec 20 15:14:55 2019 +0100

    nimble/host: Fail pairing when received unexpected pairing request
    
    According to spec, after pairing req/rsp we should proceed to
    next step of the pairing procedure. This means that we should not
    restart the procedure if another one is already in progress. This
    patch fixes this issue by aborting the proc and sending pairing
    failed to peer.
---
 nimble/host/src/ble_sm.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/nimble/host/src/ble_sm.c b/nimble/host/src/ble_sm.c
index c83426d..641d03a 100644
--- a/nimble/host/src/ble_sm.c
+++ b/nimble/host/src/ble_sm.c
@@ -1765,8 +1765,21 @@ ble_sm_pair_req_rx(uint16_t conn_handle, struct os_mbuf **om,
      */
     proc = ble_sm_proc_find(conn_handle, BLE_SM_PROC_STATE_NONE, -1, &prev);
     if (proc != NULL) {
-        /* Pairing already in progress; abort old procedure and start new. */
-        /* XXX: Check the spec on this. */
+        /* Fail if procedure is in progress unless we sent a slave security
+         * request to peer.
+         */
+        if (proc->state != BLE_SM_PROC_STATE_SEC_REQ) {
+            res->sm_err = BLE_SM_ERR_UNSPECIFIED;
+            res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_UNSPECIFIED);
+            ble_hs_unlock();
+            return;
+        }
+
+        /* Remove the procedure because it was allocated when
+         * sending the Slave Security Request and it will be allocated
+         * again later in this method. We should probably refactor this
+         * in the future.
+         */
         ble_sm_proc_remove(proc, prev);
         ble_sm_proc_free(proc);
     }