}
if (missing_settings & MGMT_SETTING_SECURE_CONN)
- set_mode(adapter, MGMT_OP_SET_SECURE_CONN, 0x01);
+ set_mode(adapter, MGMT_OP_SET_SECURE_CONN,
+ btd_opts.secure_conn);
if (adapter->supported_settings & MGMT_SETTING_PRIVACY)
set_privacy(adapter, btd_opts.privacy);
MPS_MULTIPLE,
};
+enum sc_mode_t {
+ SC_OFF,
+ SC_ON,
+ SC_ONLY,
+};
+
struct btd_br_defaults {
uint16_t page_scan_type;
uint16_t page_scan_interval;
uint8_t privacy;
bool device_privacy;
uint32_t name_request_retry_delay;
+ uint8_t secure_conn;
struct btd_defaults defaults;
"MaxControllers",
"MultiProfile",
"FastConnectable",
+ "SecureConnections",
"Privacy",
"JustWorksRepairing",
"TemporaryTimeout",
g_free(str);
}
#endif
+
+ str = g_key_file_get_string(config, "General",
+ "SecureConnections", &err);
+ if (err)
+ g_clear_error(&err);
+ else {
+ if (!strcmp(str, "off"))
+ btd_opts.secure_conn = SC_OFF;
+ else if (!strcmp(str, "on"))
+ btd_opts.secure_conn = SC_ON;
+ else if (!strcmp(str, "only"))
+ btd_opts.secure_conn = SC_ONLY;
+ }
+
str = g_key_file_get_string(config, "GATT", "Cache", &err);
if (err) {
DBG("%s", err->message);
btd_opts.debug_keys = FALSE;
btd_opts.refresh_discovery = TRUE;
btd_opts.name_request_retry_delay = DEFAULT_NAME_REQUEST_RETRY_DELAY;
+ btd_opts.secure_conn = SC_ON;
btd_opts.defaults.num_entries = 0;
btd_opts.defaults.br.page_scan_type = 0xFFFF;
# profile is connected. Defaults to true.
#RefreshDiscovery = true
+# Default Secure Connections setting.
+# Enables the Secure Connections setting for adapters that support it. It
+# provides better crypto algorithms for BT links and also enables CTKD (cross
+# transport key derivation) during pairing on any link.
+# Possible values: "off", "on", "only"
+# - "off": Secure Connections are disabled
+# - "on": Secure Connections are enabled when peer device supports them
+# - "only": we allow only Secure Connections
+# Defaults to "on"
+#SecureConnections = on
+
# Enables D-Bus experimental interfaces
# Possible values: true or false
#Experimental = false