Re: [PATCH BlueZ v5 4/4] client: Don't require authorization for trusted devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Grzegorz,

On Mon, May 28, 2018 at 6:25 PM, Grzegorz Kołodziejczyk
<grzegorz.kolodziejczyk@xxxxxxxxxxx> wrote:
> Hi Luiz,
> pon., 28 maj 2018 o 15:41 Luiz Augusto von Dentz <luiz.dentz@xxxxxxxxx>
> napisał(a):
>
>> Hi Grzegorz,
>
>> On Mon, May 28, 2018 at 11:20 AM, Grzegorz Kolodziejczyk
>> <grzegorz.kolodziejczyk@xxxxxxxxxxx> wrote:
>> > This patch adds possibility to ommit authorization request from trusted
>> > devices.
>> > ---
>> >  client/gatt.c | 21 ++++++++++++++++++---
>> >  1 file changed, 18 insertions(+), 3 deletions(-)
>> >
>> > diff --git a/client/gatt.c b/client/gatt.c
>> > index 3e70f365c..c7dfe42d7 100644
>> > --- a/client/gatt.c
>> > +++ b/client/gatt.c
>> > @@ -1720,6 +1720,20 @@ error:
>> >         g_free(aad);
>> >  }
>> >
>> > +static bool is_device_trusted(const char *path)
>> > +{
>> > +       GDBusProxy *proxy;
>> > +       DBusMessageIter iter;
>> > +       bool trusted;
>> > +
>> > +       proxy = bt_shell_get_env(path);
>> > +
>> > +       if (g_dbus_proxy_get_property(proxy, "Trusted", &iter))
>> > +               dbus_message_iter_get_basic(&iter, &trusted);
>> > +
>> > +       return trusted;
>> > +}
>> > +
>> >  static DBusMessage *chrc_read_value(DBusConnection *conn, DBusMessage
> *msg,
>> >                                                         void *user_data)
>> >  {
>> > @@ -1739,7 +1753,7 @@ static DBusMessage
> *chrc_read_value(DBusConnection *conn, DBusMessage *msg,
>> >         bt_shell_printf("ReadValue: %s offset %u link %s\n",
>> >                                         path_to_address(device),
> offset, link);
>> >
>> > -       if (chrc->authorization_req) {
>> > +       if (!is_device_trusted(device) && chrc->authorization_req) {
>> >                 struct authorize_attribute_data *aad;
>> >
>> >                 aad = g_new0(struct authorize_attribute_data, 1);
>> > @@ -1865,6 +1879,7 @@ static DBusMessage
> *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
>> >         struct chrc *chrc = user_data;
>> >         uint16_t offset = 0;
>> >         bool prep_authorize = false;
>> > +       char *device = NULL;
>> >         DBusMessageIter iter;
>> >         int value_len;
>> >         uint8_t *value;
>> > @@ -1877,11 +1892,11 @@ static DBusMessage
> *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
>> >                                 "org.bluez.Error.InvalidArguments",
> NULL);
>> >
>> >         dbus_message_iter_next(&iter);
>> > -       if (parse_options(&iter, &offset, NULL, NULL, NULL,
> &prep_authorize))
>> > +       if (parse_options(&iter, &offset, NULL, &device, NULL,
> &prep_authorize))
>> >                 return g_dbus_create_error(msg,
>> >                                 "org.bluez.Error.InvalidArguments",
> NULL);
>> >
>> > -       if (chrc->authorization_req) {
>> > +       if (!is_device_trusted(device) && chrc->authorization_req) {
>> >                 struct authorize_attribute_data *aad;
>> >
>> >                 aad = g_new0(struct authorize_attribute_data, 1);
>> > --
>> > 2.13.6
>
>> We should be able to do this in the daemon so the application wont
>> have to authorize these requests if the device is trusted.
>
> We'll be able to only avoid bothering cllient application for authorizing
> prepare writes of trusted devices - with this I agree. In  all other cases
> it must be checked in app AFAIK.

That is what I had in mind, if it is not to authorize anything then
Trusted shall not be checked.


-- 
Luiz Augusto von Dentz
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux