alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'bugfix/bt_legacy_paring_wrong_pin_code_err_v4.3' into 'release/v4.3'

Browse Source 
bugfix/fix the crash when using legacy paring with wrong pin code (v4.3)

See merge request espressif/esp-idf!15298
This commit is contained in:
Jiang Jiang Jian 2021-09-30 01:12:54 +00:00
commit 28b768807e
3 changed files with 52 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
components/bt/host/bluedroid/bta/dm/bta_dm_act.c
View File

@ -126,7 +126,7 @@ static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result);
#endif #endif
#endif #endif
#if (SMP_INCLUDED == TRUE) #if (SMP_INCLUDED == TRUE)
static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr); static BOOLEAN bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
#endif ///SMP_INCLUDED == TRUE #endif ///SMP_INCLUDED == TRUE
#if (BLE_INCLUDED == TRUE) #if (BLE_INCLUDED == TRUE)
static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir); static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
@ -3069,7 +3069,9 @@ static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev
bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
} }
bta_dm_remove_sec_dev_entry(bd_addr); if (bta_dm_remove_sec_dev_entry(bd_addr)) {
return BTM_SEC_DEV_REC_REMOVED;
}
} }
return BTM_SUCCESS; return BTM_SUCCESS;
@ -3740,12 +3742,13 @@ static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
** remtoe device does not exist, else schedule for dev entry removal upon ** remtoe device does not exist, else schedule for dev entry removal upon
ACL close ACL close
** **
** Returns void ** Returns TRUE if device entry is removed from Security device DB, FALSE otherwise
** **
*******************************************************************************/ *******************************************************************************/
#if (SMP_INCLUDED == TRUE) #if (SMP_INCLUDED == TRUE)
static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr) static BOOLEAN bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
{ {
BOOLEAN is_device_deleted = FALSE;
UINT16 index = 0; UINT16 index = 0;
if ( BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE) || if ( BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE) ||
BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_BR_EDR)) { BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_BR_EDR)) {
@ -3763,7 +3766,7 @@ static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
APPL_TRACE_ERROR(" %s Device does not exist in DB", __FUNCTION__); APPL_TRACE_ERROR(" %s Device does not exist in DB", __FUNCTION__);
} }
} else { } else {
BTM_SecDeleteDevice (remote_bd_addr, bta_dm_cb.device_list.peer_device[index].transport); is_device_deleted = BTM_SecDeleteDevice (remote_bd_addr, bta_dm_cb.device_list.peer_device[index].transport);
#if (BLE_INCLUDED == TRUE && GATTC_INCLUDED == TRUE) #if (BLE_INCLUDED == TRUE && GATTC_INCLUDED == TRUE)
/* need to remove all pending background connection */ /* need to remove all pending background connection */
BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE); BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE);
@ -3771,6 +3774,7 @@ static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
BTA_GATTC_Refresh(remote_bd_addr, false); BTA_GATTC_Refresh(remote_bd_addr, false);
#endif #endif
} }
return is_device_deleted;
} }
#endif ///SMP_INCLUDED == TRUE #endif ///SMP_INCLUDED == TRUE

61
components/bt/host/bluedroid/stack/btm/btm_sec.c
View File

@ -2981,6 +2981,7 @@ void btm_sec_rmt_name_request_complete (UINT8 *p_bd_addr, UINT8 *p_bd_name, UINT
int i; int i;
DEV_CLASS dev_class; DEV_CLASS dev_class;
UINT8 old_sec_state; UINT8 old_sec_state;
UINT8 res;
BTM_TRACE_EVENT ("btm_sec_rmt_name_request_complete\n"); BTM_TRACE_EVENT ("btm_sec_rmt_name_request_complete\n");
if (((p_bd_addr == NULL) && !BTM_ACL_IS_CONNECTED(btm_cb.connecting_bda)) if (((p_bd_addr == NULL) && !BTM_ACL_IS_CONNECTED(btm_cb.connecting_bda))
@ -3161,9 +3162,12 @@ void btm_sec_rmt_name_request_complete (UINT8 *p_bd_addr, UINT8 *p_bd_name, UINT
/* This is required when different entities receive link notification and auth complete */ /* This is required when different entities receive link notification and auth complete */
if (!(p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE)) { if (!(p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE)) {
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
p_dev_rec->dev_class, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, HCI_SUCCESS); p_dev_rec->sec_bd_name, HCI_SUCCESS);
if (res == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
} }
@ -3853,6 +3857,7 @@ static void btm_sec_auth_collision (UINT16 handle)
#if (SMP_INCLUDED == TRUE) #if (SMP_INCLUDED == TRUE)
void btm_sec_auth_complete (UINT16 handle, UINT8 status) void btm_sec_auth_complete (UINT16 handle, UINT8 status)
{ {
UINT8 res;
UINT8 old_sm4; UINT8 old_sm4;
tBTM_PAIRING_STATE old_state = btm_cb.pairing_state; tBTM_PAIRING_STATE old_state = btm_cb.pairing_state;
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev_by_handle (handle); tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev_by_handle (handle);
@ -3942,9 +3947,12 @@ void btm_sec_auth_complete (UINT16 handle, UINT8 status)
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
/* report the authentication status */ /* report the authentication status */
if (old_state != BTM_PAIR_STATE_IDLE) { if (old_state != BTM_PAIR_STATE_IDLE) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
p_dev_rec->dev_class, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, status); p_dev_rec->sec_bd_name, status);
if (res == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
} }
@ -4241,6 +4249,7 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
{ {
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda); tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
UINT8 res; UINT8 res;
UINT8 sec_dev_rec_status;
BOOLEAN is_pairing_device = FALSE; BOOLEAN is_pairing_device = FALSE;
tACL_CONN *p_acl_cb; tACL_CONN *p_acl_cb;
UINT8 bit_shift = 0; UINT8 bit_shift = 0;
@ -4379,9 +4388,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
/* We need to notify host that the key is not known any more */ /* We need to notify host that the key is not known any more */
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
p_dev_rec->dev_class, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, status); p_dev_rec->sec_bd_name, status);
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
} }
/* /*
@ -4412,9 +4424,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
/* We need to notify host that the key is not known any more */ /* We need to notify host that the key is not known any more */
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
p_dev_rec->dev_class, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, status); p_dev_rec->sec_bd_name, status);
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
} }
@ -4447,9 +4462,12 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
} }
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, sec_dev_rec_status = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr,
p_dev_rec->dev_class, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, HCI_SUCCESS); p_dev_rec->sec_bd_name, HCI_SUCCESS);
if (sec_dev_rec_status == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
btm_sec_change_pairing_state (BTM_PAIR_STATE_IDLE); btm_sec_change_pairing_state (BTM_PAIR_STATE_IDLE);
@ -4668,6 +4686,7 @@ void btm_sec_link_key_notification (UINT8 *p_bda, UINT8 *p_link_key, UINT8 key_t
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_or_alloc_dev (p_bda); tBTM_SEC_DEV_REC *p_dev_rec = btm_find_or_alloc_dev (p_bda);
BOOLEAN we_are_bonding = FALSE; BOOLEAN we_are_bonding = FALSE;
BOOLEAN ltk_derived_lk = FALSE; BOOLEAN ltk_derived_lk = FALSE;
UINT8 res;
BTM_TRACE_EVENT ("btm_sec_link_key_notification() BDA:%04x%08x, TYPE: %d\n", BTM_TRACE_EVENT ("btm_sec_link_key_notification() BDA:%04x%08x, TYPE: %d\n",
(p_bda[0] << 8) + p_bda[1], (p_bda[2] << 24) + (p_bda[3] << 16) + (p_bda[4] << 8) + p_bda[5], (p_bda[0] << 8) + p_bda[1], (p_bda[2] << 24) + (p_bda[3] << 16) + (p_bda[4] << 8) + p_bda[5],
@ -4772,8 +4791,11 @@ void btm_sec_link_key_notification (UINT8 *p_bda, UINT8 *p_link_key, UINT8 key_t
/* for derived key, always send authentication callback for BR channel */ /* for derived key, always send authentication callback for BR channel */
|| ltk_derived_lk) { || ltk_derived_lk) {
if (btm_cb.api.p_auth_complete_callback) { if (btm_cb.api.p_auth_complete_callback) {
(*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, p_dev_rec->dev_class, res = (*btm_cb.api.p_auth_complete_callback) (p_dev_rec->bd_addr, p_dev_rec->dev_class,
p_dev_rec->sec_bd_name, HCI_SUCCESS); p_dev_rec->sec_bd_name, HCI_SUCCESS);
if (res == BTM_SEC_DEV_REC_REMOVED) {
p_dev_rec = NULL;
}
} }
} }
@ -5760,9 +5782,10 @@ static char *btm_pair_state_descr (tBTM_PAIRING_STATE state)
*******************************************************************************/ *******************************************************************************/
void btm_sec_dev_rec_cback_event (tBTM_SEC_DEV_REC *p_dev_rec, UINT8 res, BOOLEAN is_le_transport) void btm_sec_dev_rec_cback_event (tBTM_SEC_DEV_REC *p_dev_rec, UINT8 res, BOOLEAN is_le_transport)
{ {
tBTM_SEC_CALLBACK *p_callback = p_dev_rec->p_callback; tBTM_SEC_CALLBACK *p_callback;
if (p_dev_rec->p_callback) { if (p_dev_rec && p_dev_rec->p_callback) {
p_callback = p_dev_rec->p_callback;
p_dev_rec->p_callback = NULL; p_dev_rec->p_callback = NULL;
#if BLE_INCLUDED == TRUE #if BLE_INCLUDED == TRUE

1
components/bt/host/bluedroid/stack/include/stack/btm_api.h
View File

@ -74,6 +74,7 @@ enum {
BTM_SET_PRIVACY_FAIL, /* 24 enable/disable local privacy failed*/ BTM_SET_PRIVACY_FAIL, /* 24 enable/disable local privacy failed*/
BTM_SET_STATIC_RAND_ADDR_FAIL, /* 25 Command failed */ BTM_SET_STATIC_RAND_ADDR_FAIL, /* 25 Command failed */
BTM_INVALID_STATIC_RAND_ADDR, /* 26 invalid static rand addr */ BTM_INVALID_STATIC_RAND_ADDR, /* 26 invalid static rand addr */
BTM_SEC_DEV_REC_REMOVED, /* 27 Device record relate to the bd_addr is removed */
}; };
typedef uint8_t tBTM_STATUS; typedef uint8_t tBTM_STATUS;