[PATCH]Trusted verification for service authorization

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Marcel,

here is the patch to check global and service trust before request for
authorization.

The code was basically copied from RequestAuthorization method. Any
idea why BDADDR_ANY is being used?

"read_trust(BDADDR_ANY, ..."
Using this adapter address, service based "trust" will be applied to
all adapters. Do you want this behavior?

ps: tested using network service only, I don't have headsets or input
devices at home.

Regards,
Claudio.

-- 
--
Claudio Takahasi
Instituto Nokia de Tecnologia
Recife - Pernambuco - Brasil
+55 81 30879999
Index: hcid/dbus-service.c
===================================================================
RCS file: /cvsroot/bluez/utils/hcid/dbus-service.c,v
retrieving revision 1.148
diff -u -r1.148 dbus-service.c
--- hcid/dbus-service.c	1 May 2008 13:52:27 -0000	1.148
+++ hcid/dbus-service.c	1 May 2008 22:31:57 -0000
@@ -1236,6 +1236,7 @@
 
 	g_free(auth);
 }
+
 int service_req_auth(bdaddr_t *src, bdaddr_t *dst,
 		const char *uuid, service_auth_cb cb, void *user_data)
 {
@@ -1243,7 +1244,9 @@
 	struct adapter *adapter;
 	struct device *device;
 	struct agent *agent;
+	struct service *service;
 	char address[18];
+	gboolean trusted;
 
 	adapter = ba2adapter(src);
 	if (!adapter)
@@ -1259,10 +1262,18 @@
 	if (!device)
 		return -EPERM;
 
-	if (!search_service_by_uuid(uuid))
+	service = search_service_by_uuid(uuid);
+	if (!service)
 		return -EPERM;
 
-	/* FIXME: Missing check trusted file entries */
+	trusted = read_trust(src, address, GLOBAL_TRUST);
+	if (!trusted)
+		trusted = read_trust(BDADDR_ANY, address, service->ident);
+
+	if (trusted) {
+		cb(NULL, user_data);
+		return 0;
+	}
 
 	agent = (device->agent ? : adapter->agent);
 	if (!agent)
Index: network/server.c
===================================================================
RCS file: /cvsroot/bluez/utils/network/server.c,v
retrieving revision 1.93
diff -u -r1.93 server.c
--- network/server.c	1 May 2008 13:52:28 -0000	1.93
+++ network/server.c	1 May 2008 22:31:58 -0000
@@ -592,14 +592,16 @@
 		goto reply;
 	}
 
+	setup = setup_session_new(address, dst_role, src_role, sk, to->watch);
+
 	/* Wait authorization before reply success */
 	if (authorize_connection(ns, address) < 0) {
+		setup_session_free(setup);
+		setup = NULL;
 		rsp = BNEP_CONN_NOT_ALLOWED;
 		goto reply;
 	}
 
-	setup = setup_session_new(address, dst_role, src_role, sk, to->watch);
-
 	g_source_remove(to->id);
 	to->id = 0;
 
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Bluez-devel mailing list
Bluez-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/bluez-devel

[Index of Archives]     [Linux Bluetooth Devel]     [Linux USB Devel]     [Network Devel]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux