Enforce authentication if encryption is required
This is a backport of
I0370ed2e3166d56f708e1981c2126526e1db9eaa
Original bug
Bug: 294854926
regressions:
Bug: 299570702
Bug: 299561281
Test: m com.android.btservices
Test: QA validation
Igore-AOSP-First: security
Merged-In: I0370ed2e3166d56f708e1981c2126526e1db9eaa
Change-Id: I0370ed2e3166d56f708e1981c2126526e1db9eaa
diff --git a/system/stack/btm/btm_sec.cc b/system/stack/btm/btm_sec.cc
index 51d178b..92bf658 100644
--- a/system/stack/btm/btm_sec.cc
+++ b/system/stack/btm/btm_sec.cc
@@ -4512,13 +4512,15 @@
// Check link status of BR/EDR
if (!(p_dev_rec->sec_flags & BTM_SEC_AUTHENTICATED)) {
if (p_dev_rec->IsLocallyInitiated()) {
- if (p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE) {
- LOG_DEBUG("Outgoing authentication Required");
+ if (p_dev_rec->security_required &
+ (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT)) {
+ LOG_DEBUG("Outgoing authentication/encryption Required");
start_auth = true;
}
} else {
- if (p_dev_rec->security_required & BTM_SEC_IN_AUTHENTICATE) {
- LOG_DEBUG("Incoming authentication Required");
+ if (p_dev_rec->security_required &
+ (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)) {
+ LOG_DEBUG("Incoming authentication/encryption Required");
start_auth = true;
}
}