[
https://issues.apache.org/jira/browse/MYNEWT-750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Christopher Collins updated MYNEWT-750:
---------------------------------------
Description:
(Pull request: https://github.com/apache/incubator-mynewt-core/pull/287)
If a device is already bonded, the host should not allow the same device to
pair again. Currently, the host blindly proceeds with the pairing operation.
This should not be allowed because the second peer could be an imposter
masquerading as the original.
I propose the following behavior in such a scenario:
# Host notifies application of the duplicate pairing attempt via the gap event
callback. The callback would specify a new event code that specifically
indicates a duplicate pairing attempt.
# The gap event callback would return an error code indicating which of the
following behaviors to perform:
## Retry: Return BLE_GAP_REPEAT_PAIRING_RETRY after deleting the conflicting
bond. The stack will verify the bond has been deleted and continue the pairing
procedure. If the bond is still present, this event will be reported again.
## Ignore: Return BLE_GAP_REPEAT_PAIRING_IGNORE. The stack will silently
ignore the pairing request.
was:
If a device is already bonded, the host should not allow the same device to
pair again. Currently, the host blindly proceeds with the pairing operation.
This should not be allowed because the second peer could be an imposter
masquerading as the original.
I propose the following behavior in such a scenario:
# Host notifies application of the duplicate pairing attempt via the gap event
callback. The callback would specify a new event code that specifically
indicates a duplicate pairing attempt.
# The gap event callback would return an error code indicating which of the
following behaviors to perform:
## Retry: Return BLE_GAP_REPEAT_PAIRING_RETRY after deleting the conflicting
bond. The stack will verify the bond has been deleted and continue the pairing
procedure. If the bond is still present, this event will be reported again.
## Ignore: Return BLE_GAP_REPEAT_PAIRING_IGNORE. The stack will silently
ignore the pairing request.
> BLE Host - Ignore pairing attempt from already bonded peer
> ----------------------------------------------------------
>
> Key: MYNEWT-750
> URL: https://issues.apache.org/jira/browse/MYNEWT-750
> Project: Mynewt
> Issue Type: Bug
> Security Level: Public(Viewable by anyone)
> Components: Nimble
> Reporter: Christopher Collins
> Assignee: Christopher Collins
> Fix For: v1_1_0_rel
>
>
> (Pull request: https://github.com/apache/incubator-mynewt-core/pull/287)
> If a device is already bonded, the host should not allow the same device to
> pair again. Currently, the host blindly proceeds with the pairing operation.
> This should not be allowed because the second peer could be an imposter
> masquerading as the original.
> I propose the following behavior in such a scenario:
> # Host notifies application of the duplicate pairing attempt via the gap
> event callback. The callback would specify a new event code that
> specifically indicates a duplicate pairing attempt.
> # The gap event callback would return an error code indicating which of the
> following behaviors to perform:
> ## Retry: Return BLE_GAP_REPEAT_PAIRING_RETRY after deleting the conflicting
> bond. The stack will verify the bond has been deleted and continue the
> pairing procedure. If the bond is still present, this event will be reported
> again.
> ## Ignore: Return BLE_GAP_REPEAT_PAIRING_IGNORE. The stack will silently
> ignore the pairing request.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
