From 326ef2036e179d521fed8b3cfe88c71ba80aeedc Mon Sep 17 00:00:00 2001 From: Sherman Perry <14854761+shermp@users.noreply.github.com> Date: Sun, 22 Sep 2024 08:32:23 +1200 Subject: [PATCH] Downgrade auth requirements instead of upgrade Some Oticon More devices will pair without LE Secure Connections, but ASHA GATT queries then fail. --- src/asha_bt.cpp | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/asha_bt.cpp b/src/asha_bt.cpp index 7c4744f..43a66f3 100644 --- a/src/asha_bt.cpp +++ b/src/asha_bt.cpp @@ -329,7 +329,7 @@ extern "C" void bt_main() sm_init(); sm_set_secure_connections_only_mode(false); sm_set_io_capabilities(IO_CAPABILITY_NO_INPUT_NO_OUTPUT); - sm_set_authentication_requirements(SM_AUTHREQ_BONDING); + sm_set_authentication_requirements(SM_AUTHREQ_BONDING | SM_AUTHREQ_SECURE_CONNECTION); sm_allow_ltk_reconstruction_without_le_device_db_entry(0); /* Init GATT client. Required to read/write GATT characteristics */ @@ -596,13 +596,19 @@ static void sm_event_handler (uint8_t packet_type, uint16_t channel, uint8_t *pa scan_state = ScanState::Scan; break; case ERROR_CODE_AUTHENTICATION_FAILURE: - LOG_ERROR("Pairing failed, auth failure with reason: %d", - static_cast(sm_event_pairing_complete_get_reason(packet))); - // Try and upgrade to LE Secure connections - sm_set_authentication_requirements(SM_AUTHREQ_BONDING | SM_AUTHREQ_SECURE_CONNECTION); + { + uint8_t reason = sm_event_pairing_complete_get_reason(packet); + if (reason == SM_REASON_AUTHENTHICATION_REQUIREMENTS) { + LOG_ERROR("Auth requirements not met. Attempting downgrade"); + // Try and downgrade from LE Secure connections + sm_set_authentication_requirements(SM_AUTHREQ_BONDING); + } else { + LOG_ERROR("Pairing failed, auth failure with reason: %d", static_cast(reason)); + } gap_disconnect(curr_scan.ha.conn_handle); scan_state = ScanState::Disconnecting; break; + } default: break; }