kopia lustrzana https://github.com/espressif/esp-idf
bugfix/fix the crash when using legacy paring with wrong pin code
Close https://github.com/espressif/esp-idf/issues/7556pull/7680/head
jincheng
bot
rodzic
092f53cea6
commit
c592da5308
|
|
@ -126,7 +126,7 @@ static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result);
|
|||
#endif
|
||||
#endif
|
||||
#if (SMP_INCLUDED == TRUE)
|
||||
static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
|
||||
static BOOLEAN bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
|
||||
#endif ///SMP_INCLUDED == TRUE
|
||||
#if (BLE_INCLUDED == TRUE)
|
||||
static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
|
||||
|
|
@ -3069,7 +3069,9 @@ static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev
|
|||
bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
|
||||
}
|
||||
|
||||
bta_dm_remove_sec_dev_entry(bd_addr);
|
||||
if (bta_dm_remove_sec_dev_entry(bd_addr)) {
|
||||
return BTM_SEC_DEV_REC_REMOVED;
|
||||
}
|
||||
}
|
||||
|
||||
return BTM_SUCCESS;
|
||||
|
|
@ -3740,12 +3742,13 @@ static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
|
|||
** remtoe device does not exist, else schedule for dev entry removal upon
|
||||
ACL close
|
||||
**
|
||||
** Returns void
|
||||
** Returns TRUE if device entry is removed from Security device DB, FALSE otherwise
|
||||
**
|
||||
*******************************************************************************/
|
||||
#if (SMP_INCLUDED == TRUE)
|
||||
static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
|
||||
static BOOLEAN bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
|
||||
{
|
||||
BOOLEAN is_device_deleted = FALSE;
|
||||
UINT16 index = 0;
|
||||
if ( BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE) ||
|
||||
BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_BR_EDR)) {
|
||||
|
|
@ -3763,7 +3766,7 @@ static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
|
|||
APPL_TRACE_ERROR(" %s Device does not exist in DB", __FUNCTION__);
|
||||
}
|
||||
} else {
|
||||
BTM_SecDeleteDevice (remote_bd_addr, bta_dm_cb.device_list.peer_device[index].transport);
|
||||
is_device_deleted = BTM_SecDeleteDevice (remote_bd_addr, bta_dm_cb.device_list.peer_device[index].transport);
|
||||
#if (BLE_INCLUDED == TRUE && GATTC_INCLUDED == TRUE)
|
||||
/* need to remove all pending background connection */
|
||||
BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE);
|
||||
|
|
@ -3771,6 +3774,7 @@ static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
|
|||
BTA_GATTC_Refresh(remote_bd_addr, false);
|
||||
#endif
|
||||
}
|
||||
return is_device_deleted;
|
||||
}
|
||||
#endif ///SMP_INCLUDED == TRUE
|
||||
|
||||
|
|
|
|||
|
|
@ -2981,6 +2981,7 @@ void btm_sec_rmt_name_request_complete (UINT8 *p_bd_addr, UINT8 *p_bd_name, UINT
|
|||
int i;
|
||||
DEV_CLASS dev_class;
|
||||
UINT8 old_sec_state;
|
||||
UINT8 res;
|
||||
|
||||
BTM_TRACE_EVENT ("btm_sec_rmt_name_request_complete\n");
|
||||
if (((p_bd_addr == NULL) && !BTM_ACL_IS_CONNECTED(btm_cb.connecting_bda))
|
||||
|
|
@ -3161,9 +3162,12 @@ void btm_sec_rmt_name_request_complete (UINT8 *p_bd_addr, UINT8 *p_bd_name, UINT
|
|||
/* This is required when different entities receive link notification and auth complete */
|
||||
if (!(p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE)) {
|
||||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
if (res == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -3853,6 +3857,7 @@ static void btm_sec_auth_collision (UINT16 handle)
|
|||
#if (SMP_INCLUDED == TRUE)
|
||||
void btm_sec_auth_complete (UINT16 handle, UINT8 status)
|
||||
{
|
||||
UINT8 res;
|
||||
UINT8 old_sm4;
|
||||
tBTM_PAIRING_STATE old_state = btm_cb.pairing_state;
|
||||
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev_by_handle (handle);
|
||||
|
|
@ -3942,9 +3947,12 @@ void btm_sec_auth_complete (UINT16 handle, UINT8 status)
|
|||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
/* report the authentication status */
|
||||
if (old_state != BTM_PAIR_STATE_IDLE) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
if (res == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -4241,6 +4249,7 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
|
|||
{
|
||||
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
|
||||
UINT8 res;
|
||||
UINT8 sec_dev_rec_status;
|
||||
BOOLEAN is_pairing_device = FALSE;
|
||||
tACL_CONN *p_acl_cb;
|
||||
UINT8 bit_shift = 0;
|
||||
|
|
@ -4379,9 +4388,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
|
|||
|
||||
/* We need to notify host that the key is not known any more */
|
||||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
/*
|
||||
|
|
@ -4412,9 +4424,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
|
|||
|
||||
/* We need to notify host that the key is not known any more */
|
||||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, status);
|
||||
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -4447,9 +4462,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
|
|||
}
|
||||
|
||||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
|
||||
p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
btm_sec_change_pairing_state (BTM_PAIR_STATE_IDLE);
|
||||
|
|
@ -4668,6 +4686,7 @@ void btm_sec_link_key_notification (UINT8 *p_bda, UINT8 *p_link_key, UINT8 key_t
|
|||
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_or_alloc_dev (p_bda);
|
||||
BOOLEAN we_are_bonding = FALSE;
|
||||
BOOLEAN ltk_derived_lk = FALSE;
|
||||
UINT8 res;
|
||||
|
||||
BTM_TRACE_EVENT ("btm_sec_link_key_notification() BDA:%04x%08x, TYPE: %d\n",
|
||||
(p_bda[0] << 8) + p_bda[1], (p_bda[2] << 24) + (p_bda[3] << 16) + (p_bda[4] << 8) + p_bda[5],
|
||||
|
|
@ -4772,8 +4791,11 @@ void btm_sec_link_key_notification (UINT8 *p_bda, UINT8 *p_link_key, UINT8 key_t
|
|||
/* for derived key, always send authentication callback for BR channel */
|
||||
|| ltk_derived_lk) {
|
||||
if (btm_cb.api.p_auth_complete_callback) {
|
||||
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, p_dev_rec->dev_class,
|
||||
p_dev_rec->sec_bd_name, HCI_SUCCESS);
|
||||
if (res == BTM_SEC_DEV_REC_REMOVED) {
|
||||
p_dev_rec = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -5760,9 +5782,10 @@ static char *btm_pair_state_descr (tBTM_PAIRING_STATE state)
|
|||
*******************************************************************************/
|
||||
void btm_sec_dev_rec_cback_event (tBTM_SEC_DEV_REC *p_dev_rec, UINT8 res, BOOLEAN is_le_transport)
|
||||
{
|
||||
tBTM_SEC_CALLBACK *p_callback = p_dev_rec->p_callback;
|
||||
tBTM_SEC_CALLBACK *p_callback;
|
||||
|
||||
if (p_dev_rec->p_callback) {
|
||||
if (p_dev_rec && p_dev_rec->p_callback) {
|
||||
p_callback = p_dev_rec->p_callback;
|
||||
p_dev_rec->p_callback = NULL;
|
||||
|
||||
#if BLE_INCLUDED == TRUE
|
||||
|
|
|
|||
|
|
@ -74,6 +74,7 @@ enum {
|
|||
BTM_SET_PRIVACY_FAIL, /* 24 enable/disable local privacy failed*/
|
||||
BTM_SET_STATIC_RAND_ADDR_FAIL, /* 25 Command failed */
|
||||
BTM_INVALID_STATIC_RAND_ADDR, /* 26 invalid static rand addr */
|
||||
BTM_SEC_DEV_REC_REMOVED, /* 27 Device record relate to the bd_addr is removed */
|
||||
};
|
||||
|
||||
typedef uint8_t tBTM_STATUS;
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue