Re: [Bluez-devel] Error: Authentication Failure

[Jose Vasconcellos <jose@vasmac.com>]

Claudio Takahasi wrote:
> On 10/3/06, Claudio Takahasi <cktakahasi@gmail.com> wrote:
>   
>> On 10/3/06, Jose Vasconcellos <jose@vasmac.com> wrote:
>>     
>>> I've run into authentication problems doing the following:
>>>
>>> 1. Pair device (say headset) with USB Bluetooth dongle on Linux with Bluez.
>>> 2. Disconnect dongle and insert on Windows. Windows will ask for
>>>     the key.
>>> 3. Disconnect device from Windows and put back on Linux.
>>>     Linux is unable to connect to the device.
>>>
>>> Here's a trace for step 3:
>>>
>>> HCI sniffer - Bluetooth packet analyzer ver 1.32
>>> < HCI Command: Create Connection (0x01|0x0005) plen 13
>>>     bdaddr 00:14:CF:00:A7:76 ptype 0xcc18 rswitch 0x01 clkoffset 0x0000
>>>     Packet type: DM1 DM3 DM5 DH1 DH3 DH5
>>>  > HCI Event: Command Status (0x0f) plen 4
>>>     Create Connection (0x01|0x0005) status 0x00 ncmd 1
>>>  > HCI Event: Link Key Request (0x17) plen 6
>>>     bdaddr 00:14:CF:00:A7:76
>>> < HCI Command: Link Key Request Reply (0x01|0x000b) plen 22
>>>     bdaddr 00:14:CF:00:A7:76 key 3FECD3A6AB67EA063B3E78CCB155CBC1
>>>  > HCI Event: Command Complete (0x0e) plen 10
>>>     Link Key Request Reply (0x01|0x000b) ncmd 1
>>>     status 0x00 bdaddr 00:14:CF:00:A7:76
>>>  > HCI Event: Connect Complete (0x03) plen 11
>>>     status 0x05 handle 42 bdaddr 00:14:CF:00:A7:76 type ACL encrypt 0x00
>>>     Error: Authentication Failure
>>> < HCI Command: Create Connection (0x01|0x0005) plen 13
>>>     bdaddr 00:0C:55:06:CE:46 ptype 0xcc18 rswitch 0x01 clkoffset 0x0000
>>>     Packet type: DM1 DM3 DM5 DH1 DH3 DH5
>>>  > HCI Event: Command Status (0x0f) plen 4
>>>     Create Connection (0x01|0x0005) status 0x00 ncmd 1
>>>  > HCI Event: Link Key Request (0x17) plen 6
>>>     bdaddr 00:0C:55:06:CE:46
>>> < HCI Command: Link Key Request Reply (0x01|0x000b) plen 22
>>>     bdaddr 00:0C:55:06:CE:46 key 843E102AA026008F44FC7A2D5DDE0306
>>>  > HCI Event: Command Complete (0x0e) plen 10
>>>     Link Key Request Reply (0x01|0x000b) ncmd 1
>>>     status 0x00 bdaddr 00:0C:55:06:CE:46
>>>  > HCI Event: Connect Complete (0x03) plen 11
>>>     status 0x05 handle 42 bdaddr 00:0C:55:06:CE:46 type ACL encrypt 0x00
>>>     Error: Authentication Failure
>>>
>>> The problem is that hcid contains a cached key that is no longer valid.
>>> Once it gets the first authentication failure it should discard that
>>> and ask the user for a new pin (i.e. invoke the passkey agent) but it
>>> doesn't do that. I've tested with bluez-utils-3.7.
>>>
>>> Regards,
>>>
>>> Jose
>>>       
>> Hi Jose,
>>
>> Good catch! if there is an invalid cached key the client must call
>> RemoveBonding to remove the invalid entry. I will check with Marcel if
>> it is possible remove the key automatically on this situation without
>> insert a complex code. I am not sure, but I think some implementations
>> drop the connection automatically when the pairing fails. Consequently
>> ask a new PIN automatically will be more complex.
>>
>> BR,
>> Claudio.
>> --
>> ---------------------------------------------------------
>> Claudio Takahasi
>> Instituto Nokia de Tecnologia - INdT
>>
>>     
> Hi Jose,
>
> Could you explain exactly how do you reproduce this issue?
> The hcidump is not matching with our description, the connect bdaddr
> and the link key are different. They should to be the same in the
> second attempt. And when you disconnect the dongle the hcidump exit.
>
> BR,
> Claudio.
>   
Claudio,

It's pretty easy to reproduce. I've tried with two USB dongles
(CSR & Broadcom) and different headsets. Connect a device
on Linux, then take the device and dongle and connect on
Windows; when you go back with both to Linux you get this
problem.

You are right that one can remove the bonding manually but
this is not obvious to the uninitiated and it requires a manual
step. Plus, the message presented to the application is
typically "Record not found" if the first connection is an SDP
lookup.

Perhaps in security.c in utils/hcid, the routine conn_complete
should delete the cached entry if there's an error.

Jose


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bluez-devel mailing list
Bluez-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bluez-devel