From: Jean-Jacques Brucker <jjbrucker@free.fr>
To: bluez-devel@lists.sourceforge.net
Cc: Marcel Holtmann <marcel@holtmann.org>
Subject: hcid pairing bug when security is auto
Date: Fri, 29 Sep 2006 22:08:33 +0200 [thread overview]
Message-ID: <200609292208.33700.jjbrucker@free.fr> (raw)
In-Reply-To: <1159530640.6131.31.camel@localhost>
[-- Attachment #1: Type: text/plain, Size: 1805 bytes --]
There was a bug in hcid when pairing and security is in auto mode.
The code watched if the connection was out or in , but in any case the remote
device can ask or not for authentication (and encryption).
By example Sagem and Ericsson mobile phones ask for authentication/encryption
with new devices, whithout watching who is trying to connect first ... !
Then the code was looking for pincodes in a file
"/var/lib/<local_bdaddr>/pincodes" but that wasn't write by any know
applications. (and it is not a place to make file to be write by users...).
Then the code was trying to give the hand to dbus applications ("hey, what
this f... i have ask for auto mode !!").
As i didn't know if there was some software that use the
"/var/lib/<local_bdaddr>/pincodes" file i let this file as a first base to
search and i have add a config file with the same name (but without the same
syntax) in the bluez config directory.
Note: Using dbus is a good idea, but it would better to activate it or not
with a flag. Because dbus is very big to be embedded on small (and embedded)
systems...
Note2: I have watch in CVS that bluez used a file named pin in confdir... What
i have done is not really a regression. In fact we could insert the content
of the pincodes file inside the hcid.conf file .... but I don't really know
how to do it with bison (and i dislike bisons !-). At the end the syntax of
my pincodes file is simple and is read on each HCI "PIN code request" command
(when security is set to auto) and could be more easily manage by extern
software (that doesn't use dbus).
PS: I have make the hcid.conf more explicit but I don't have patch man pages
for now, but if my patch is used, i'll obviously update them. (and with our
without my patch, its already need some updates..).
[-- Attachment #2: hcid_autopairing.patch.gz --]
[-- Type: application/x-gzip, Size: 2770 bytes --]
next prev parent reply other threads:[~2006-09-29 20:08 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-28 17:19 [Bluez-devel] possible regression under rf interference Marsette Vona
2006-09-29 11:50 ` Marcel Holtmann
2006-09-29 20:08 ` Jean-Jacques Brucker [this message]
2006-09-29 23:09 ` [Bluez-devel] hcid pairing bug when security is auto Marcel Holtmann
2006-09-30 0:18 ` Jean-Jacques Brucker
2006-09-30 8:01 ` [Bluez-devel] " Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200609292208.33700.jjbrucker@free.fr \
--to=jjbrucker@free.fr \
--cc=bluez-devel@lists.sourceforge.net \
--cc=marcel@holtmann.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox