Hi Łukasz, On Thursday 12 of June 2014 13:12:30 Lukasz Rymanowski wrote: > --- > android/gatt.c | 32 ++++++++++++++++++++++++++++++-- > 1 file changed, 30 insertions(+), 2 deletions(-) > > diff --git a/android/gatt.c b/android/gatt.c > index 3ec4118..3e9f092 100644 > --- a/android/gatt.c > +++ b/android/gatt.c > @@ -2719,6 +2719,22 @@ static bool signed_write_cmd(struct gatt_device *dev, uint16_t handle, > return true; > } > > +static int get_sec_level(struct gatt_device *dev) > +{ > + GIOChannel *io; > + int sec_level; > + > + io = g_attrib_get_channel(dev->attrib); > + > + if (!bt_io_get(io, NULL, BT_IO_OPT_SEC_LEVEL, &sec_level, > + BT_IO_OPT_INVALID)) { > + error("gatt: Failed to get sec_level"); > + return -1; > + } > + > + return sec_level; > +} > + > static void handle_client_write_characteristic(const void *buf, uint16_t len) > { > const struct hal_cmd_gatt_client_write_characteristic *cmd = buf; > @@ -2784,8 +2800,14 @@ static void handle_client_write_characteristic(const void *buf, uint16_t len) > write_char_cb, cb_data); > break; > case GATT_WRITE_TYPE_SIGNED: > - res = signed_write_cmd(conn->device, ch->ch.value_handle, > - cmd->value, cmd->len); > + if (get_sec_level(conn->device) != BT_SECURITY_LOW) { > + error("gatt: Cannot write signed on encrypted link"); > + res = HAL_STATUS_FAILED; > + } else { > + res = signed_write_cmd(conn->device, > + ch->ch.value_handle, > + cmd->value, cmd->len); > + } > break; > default: > error("gatt: Write type %d unsupported", cmd->write_type); > @@ -5184,6 +5206,12 @@ static void write_signed_cmd_request(const uint8_t *cmd, uint16_t cmd_len, > uint8_t csrk[16]; > uint32_t sign_cnt; > > + if (get_sec_level(dev) != BT_SECURITY_LOW) { > + error("gatt: Remote tries write signed on encrypted link"); > + connection_cleanup(dev); > + return; > + } > + > if (!bt_get_csrk(&dev->bdaddr, REMOTE_CSRK, csrk, &sign_cnt)) { > error("gatt: No valid csrk from remote device"); > return; > Patch has been applied, thanks. -- Best regards, Szymon Janc -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html