microbit: Change to BLE bonding table replacement policy

Previous revisions of microbit-dal would handle the case of a bonding request
when the bond table was full by attempting to purge the bonding table on
demand. This suffered two flaws:

 1) Nordic's device manager does not support the purging of the bonding table
while a connection is active (including a pairing request).

 2) Some devices (e.g. Android 4.4.2 take two entries in the bonding table
when paired), thus making predictions of how 'full' the table is challenging.

This patch employs a simpler replacement policy. The maximum size of the bond
table has been increased to 6 (from 4). However, if the bond table contains 4
or more entries when entering pairing mode it will be purged in advance of any
pairing requetss being initiated.
This commit is contained in:
Joe Finney 2016-02-01 22:30:03 +00:00
parent 2c3125ae82
commit e7132b0d13

View file

@ -150,6 +150,7 @@ void MicroBitBLEManager::init(ManagedString deviceName, ManagedString serialNumb
ble = new BLEDevice();
ble->init();
// automatically restart advertising after a device disconnects.
ble->onDisconnection(bleDisconnectionCallback);
ble->onConnection(bleConnectionCallback);
@ -165,6 +166,18 @@ void MicroBitBLEManager::init(ManagedString deviceName, ManagedString serialNumb
ble->securityManager().onSecuritySetupCompleted(securitySetupCompletedCallback);
ble->securityManager().init(enableBonding, MICROBIT_BLE_REQUIRE_MITM, SecurityManager::IO_CAPS_DISPLAY_ONLY);
// If we're in pairing mode, review the size of the bond table.
if (enableBonding)
{
// TODO: It would be much better to implement some sort of LRU/NFU policy here,
// but this isn't currently supported in mbed, so we'd need to layer break...
int bonds = getBondCount();
// If we're full, empty the bond table.
if (bonds >= MICROBIT_BLE_MAXIMUM_BONDS)
ble->securityManager().purgeAllBondingState();
}
#if CONFIG_ENABLED(MICROBIT_BLE_WHITELIST)
// Configure a whitelist to filter all connection requetss from unbonded devices.
// Most BLE stacks only permit one connection at a time, so this prevents denial of service attacks.
@ -292,16 +305,6 @@ int MicroBitBLEManager::getBondCount()
*/
void MicroBitBLEManager::pairingRequested(ManagedString passKey)
{
// Firstly, determine if there is free space in the bonding table.
// If not, clear it out to make room.
// TODO: It would be much better to implement some sort of LRU/NFU policy here,
// but this isn't currently supported in mbed, so we'd need to layer break...
// If we're full, empty the bond table.
if (getBondCount() >= MICROBIT_BLE_MAXIMUM_BONDS)
ble->securityManager().purgeAllBondingState();
// Update our mode to display the passkey.
this->passKey = passKey;
this->pairingStatus = MICROBIT_BLE_PAIR_REQUEST;