From b6960209ee3e0166353060deb38eb7827a092ed3 Mon Sep 17 00:00:00 2001
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: Wed, 3 Jul 2019 18:39:20 +0300
Subject: [PATCH] gatt: Require medium security for ATT socket over BR/EDR

Encryption is required according to the spec:

  BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2397:

  5.1.2 BR/EDR channel requirements

  The channel shall be encrypted. The Key_Type shall be either an
  Unauthenticated Combination Key or an Authenticated Combination Key.
---
 src/gatt-database.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gatt-database.c b/src/gatt-database.c
index 548eabaa3..d90927559 100644
--- a/src/gatt-database.c
+++ b/src/gatt-database.c
@@ -3535,7 +3535,7 @@ struct btd_gatt_database *btd_gatt_database_new(struct btd_adapter *adapter)
 	database->l2cap_io = bt_io_listen(connect_cb, NULL, NULL, NULL, &gerr,
 					BT_IO_OPT_SOURCE_BDADDR, addr,
 					BT_IO_OPT_PSM, ATT_PSM,
-					BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW,
+					BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 					BT_IO_OPT_MTU, main_opts.gatt_mtu,
 					BT_IO_OPT_INVALID);
 	if (database->l2cap_io == NULL) {
-- 
2.47.3