Hi Grzegorz,
On Mon, May 28, 2018 at 6:25 PM, Grzegorz Kołodziejczyk
<grzegorz.kolodziejczyk@xxxxxxxxxxx> wrote:
> Hi Luiz,
> pon., 28 maj 2018 o 15:41 Luiz Augusto von Dentz <luiz.dentz@xxxxxxxxx>
> napisał(a):
>
>> Hi Grzegorz,
>
>> On Mon, May 28, 2018 at 11:20 AM, Grzegorz Kolodziejczyk
>> <grzegorz.kolodziejczyk@xxxxxxxxxxx> wrote:
>> > This patch adds possibility to ommit authorization request from trusted
>> > devices.
>> > ---
>> > client/gatt.c | 21 ++++++++++++++++++---
>> > 1 file changed, 18 insertions(+), 3 deletions(-)
>> >
>> > diff --git a/client/gatt.c b/client/gatt.c
>> > index 3e70f365c..c7dfe42d7 100644
>> > --- a/client/gatt.c
>> > +++ b/client/gatt.c
>> > @@ -1720,6 +1720,20 @@ error:
>> > g_free(aad);
>> > }
>> >
>> > +static bool is_device_trusted(const char *path)
>> > +{
>> > + GDBusProxy *proxy;
>> > + DBusMessageIter iter;
>> > + bool trusted;
>> > +
>> > + proxy = bt_shell_get_env(path);
>> > +
>> > + if (g_dbus_proxy_get_property(proxy, "Trusted", &iter))
>> > + dbus_message_iter_get_basic(&iter, &trusted);
>> > +
>> > + return trusted;
>> > +}
>> > +
>> > static DBusMessage *chrc_read_value(DBusConnection *conn, DBusMessage
> *msg,
>> > void *user_data)
>> > {
>> > @@ -1739,7 +1753,7 @@ static DBusMessage
> *chrc_read_value(DBusConnection *conn, DBusMessage *msg,
>> > bt_shell_printf("ReadValue: %s offset %u link %s\n",
>> > path_to_address(device),
> offset, link);
>> >
>> > - if (chrc->authorization_req) {
>> > + if (!is_device_trusted(device) && chrc->authorization_req) {
>> > struct authorize_attribute_data *aad;
>> >
>> > aad = g_new0(struct authorize_attribute_data, 1);
>> > @@ -1865,6 +1879,7 @@ static DBusMessage
> *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
>> > struct chrc *chrc = user_data;
>> > uint16_t offset = 0;
>> > bool prep_authorize = false;
>> > + char *device = NULL;
>> > DBusMessageIter iter;
>> > int value_len;
>> > uint8_t *value;
>> > @@ -1877,11 +1892,11 @@ static DBusMessage
> *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
>> > "org.bluez.Error.InvalidArguments",
> NULL);
>> >
>> > dbus_message_iter_next(&iter);
>> > - if (parse_options(&iter, &offset, NULL, NULL, NULL,
> &prep_authorize))
>> > + if (parse_options(&iter, &offset, NULL, &device, NULL,
> &prep_authorize))
>> > return g_dbus_create_error(msg,
>> > "org.bluez.Error.InvalidArguments",
> NULL);
>> >
>> > - if (chrc->authorization_req) {
>> > + if (!is_device_trusted(device) && chrc->authorization_req) {
>> > struct authorize_attribute_data *aad;
>> >
>> > aad = g_new0(struct authorize_attribute_data, 1);
>> > --
>> > 2.13.6
>
>> We should be able to do this in the daemon so the application wont
>> have to authorize these requests if the device is trusted.
>
> We'll be able to only avoid bothering cllient application for authorizing
> prepare writes of trusted devices - with this I agree. In all other cases
> it must be checked in app AFAIK.
That is what I had in mind, if it is not to authorize anything then
Trusted shall not be checked.
--
Luiz Augusto von Dentz
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
