From 8831229d721edddb91548d86420a013f5b44b57f Mon Sep 17 00:00:00 2001
From: Marcel Holtmann <marcel@holtmann.org>
Date: Mon, 25 Oct 2004 08:34:08 +0000
Subject: Support for enabling the kernel security manager

---
 tools/hciconfig.8 | 42 ++++++++++++++++++++++++------------------
 tools/hciconfig.c | 28 +++++++++++++++++++++++-----
 2 files changed, 47 insertions(+), 23 deletions(-)

diff --git a/tools/hciconfig.8 b/tools/hciconfig.8
index 3c6c96d8..5340978d 100644
--- a/tools/hciconfig.8
+++ b/tools/hciconfig.8
@@ -25,7 +25,7 @@ encryption enabled).
 .SH OPTIONS
 .TP
 .BI -h
-Gives a list of possible commands
+Gives a list of possible commands.
 .TP
 .BI -a
 Other than the basic info, print features, packet type, link policy, link mode,
@@ -33,40 +33,46 @@ name, class, version.
 .SH COMMANDS
 .TP
 .BI up
-Open and initialize HCI device
+Open and initialize HCI device.
 .TP
 .BI down
-Close HCI device
+Close HCI device.
 .TP
 .BI reset
-Reset HCI device
+Reset HCI device.
 .TP
 .BI rstat
-Reset statistic counters
+Reset statistic counters.
 .TP
 .BI auth
-Enable authentication
+Enable authentication (sets device to security mode 3).
 .TP
 .BI noauth
-Disable authentication
+Disable authentication.
 .TP
 .BI encrypt
-Enable encryption
+Enable encryption (sets device to security mode 3).
 .TP
 .BI noencrypt
-Disable encryption
+Disable encryption.
+.TP
+.BI secmgr
+Enable security manager (current kernel support is limited).
+.TP
+.BI nosecmgr
+Disable security manager.
 .TP
 .BI piscan
-Enable page and inquiry scan
+Enable page and inquiry scan.
 .TP
 .BI noscan
-Disable page and inquiry scan
+Disable page and inquiry scan.
 .TP
 .BI iscan
-Enable inquiry scan, disable page scan
+Enable inquiry scan, disable page scan.
 .TP
 .BI pscan
-Enable page scan, disable inquiry scan
+Enable page scan, disable inquiry scan.
 .TP
 .BI ptype " [type]"
 With no
@@ -182,13 +188,13 @@ bytes and SCO buffer size to
 packets.
 .TP
 .BI features
-Display device features
+Display device features.
 .TP
 .BI version
-Display version information
+Display version information.
 .TP
 .BI revision
-Display revision information
+Display revision information.
 .TP
 .BI lm " [mode]"
 With no
@@ -232,8 +238,8 @@ ACCEPT
 is present, the device will accept baseband connections even when there are no
 listening
 .I AF_BLUETOOTH
-sockets
+sockets.
 .SH AUTHORS
-Written by Maxim Krasnyansky <maxk@qualcomm.com>
+Written by Maxim Krasnyansky <maxk@qualcomm.com> and Marcel Holtmann <marcel@holtmann.org>
 .PP
 man page by Fabrizio Gennari <fabrizio.gennari@philips.com>
diff --git a/tools/hciconfig.c b/tools/hciconfig.c
index 797cb775..0e591e8d 100644
--- a/tools/hciconfig.c
+++ b/tools/hciconfig.c
@@ -198,12 +198,12 @@ void cmd_auth(int ctl, int hdev, char *opt)
 	struct hci_dev_req dr;
 
 	dr.dev_id = hdev;
-	if( !strcmp(opt, "auth") )
+	if (!strcmp(opt, "auth"))
 		dr.dev_opt = AUTH_ENABLED;
 	else
 		dr.dev_opt = AUTH_DISABLED;
 
-	if( ioctl(ctl, HCISETAUTH, (unsigned long)&dr) < 0 ) {
+	if (ioctl(ctl, HCISETAUTH, (unsigned long) &dr) < 0) {
 		printf("Can't set auth on hci%d. %s(%d)\n", hdev, strerror(errno), errno);
 		exit(1);
 	}
@@ -214,17 +214,33 @@ void cmd_encrypt(int ctl, int hdev, char *opt)
 	struct hci_dev_req dr;
 
 	dr.dev_id = hdev;
-	if( !strcmp(opt, "encrypt") )
+	if (!strcmp(opt, "encrypt"))
 		dr.dev_opt = ENCRYPT_P2P;
 	else
 		dr.dev_opt = ENCRYPT_DISABLED;
 
-	if( ioctl(ctl, HCISETENCRYPT, (unsigned long)&dr) < 0 ) {
+	if (ioctl(ctl, HCISETENCRYPT, (unsigned long) &dr) < 0) {
 		printf("Can't set encrypt on hci%d. %s(%d)\n", hdev, strerror(errno), errno);
 		exit(1);
 	}
 }
 
+void cmd_secmgr(int ctl, int hdev, char *opt)
+{
+	int val, s = hci_open_dev(hdev);
+
+	if (!strcmp(opt, "secmgr"))
+		val = 1;
+	else
+		val = 0;
+
+	if (ioctl(s, HCISETSECMGR, val) < 0) {
+		printf("Can't set security manager on hci%d. %s(%d)\n", hdev, strerror(errno), errno);
+		exit(1);
+	}
+	close(s);
+}
+
 void cmd_up(int ctl, int hdev, char *opt)
 {
 	int ret;
@@ -236,7 +252,7 @@ void cmd_up(int ctl, int hdev, char *opt)
 		printf("Can't init device hci%d. %s(%d)\n", hdev, strerror(errno), errno);
 		exit(1);
 	}
-	cmd_scan(ctl,  hdev, "piscan");
+	cmd_scan(ctl, hdev, "piscan");
 }
 
 void cmd_down(int ctl, int hdev, char *opt)
@@ -1119,6 +1135,8 @@ struct {
 	{ "noauth",	cmd_auth,	0,		"Disable Authentication" },
 	{ "encrypt",	cmd_encrypt,	0,		"Enable Encryption" },
 	{ "noencrypt",	cmd_encrypt,	0,		"Disable Encryption" },
+	{ "secmgr",	cmd_secmgr,	0,		"Enable Security Manager" },
+	{ "nosecmgr",	cmd_secmgr,	0,		"Disable Security Manager" },
 	{ "piscan",	cmd_scan,	0,		"Enable Page and Inquiry scan" },
 	{ "noscan",	cmd_scan,	0,		"Disable scan" },
 	{ "iscan",	cmd_scan,	0,		"Enable Inquiry scan" },
-- 
cgit