From: tony <tony.makkiel@convergeddevices.net>
To: <linux-bluetooth@vger.kernel.org>
Subject: Re: SEC SEM BV 09, MITM + No Bonding
Date: Fri, 28 Aug 2015 15:44:47 +0100 [thread overview]
Message-ID: <55E073DF.4040900@convergeddevices.net> (raw)
In-Reply-To: <20150819162319.GA16000@t440s.P-661HNU-F1>
On 19/08/15 17:23, Johan Hedberg wrote:
> Hi Tony,
>
> On Wed, Aug 19, 2015, tony wrote:
>> Can somebody please advise on how to force blueZ to initiate connection with
>> authentication requirement 1 (MITM required + No Bonding)? From the blueZ
>> code, I noticed it follows lead from the remote device. But couldn't find
>> anything obvious when initiating connection.
>
> IIRC you do this by setting HIGH or FIPS security level together with
> PSM 1 (SDP). l2cap_get_auth_type() in net/bluetooth/l2cap_core.c seems
> to indicate that is will give no bonding + MITM.
>
> Johan
>
Thank you Johan.
For anyone who comes here looking for SEC SEM BV 09, following worked.
"l2test -n -P 1 -E" (unauthenticated link).
"l2test -n -P 1 -S" (authenticate link, make sure simple-agent is
running to manage MITM).
Tony
next prev parent reply other threads:[~2015-08-28 14:44 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-19 13:23 SEC SEM BV 09, MITM + No Bonding tony
2015-08-19 16:23 ` Johan Hedberg
2015-08-28 14:44 ` tony [this message]
2015-09-02 14:50 ` Bluez-4.101 LE SMP support tony
2015-09-02 17:09 ` Marcel Holtmann
[not found] ` <563A1880.8000608@convergeddevices.net>
2015-11-05 9:12 ` BlueZ-5.36 segfault Luiz Augusto von Dentz
2015-11-05 10:40 ` tony
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55E073DF.4040900@convergeddevices.net \
--to=tony.makkiel@convergeddevices.net \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.