In some cases, it is desirable to require encryption and/or authentication for server-initiated updates, as they may contain sensitive data. Currently, there is no way to do this with BlueZ. Here is a query about this feature from 2019: https://stackoverflow.com/questions/55884233 This patch implements this feature by introducing new `x-notify` and `x-indicate` flags that allow a user to restrict access to a characteristic's CCCD (as well as documentation for those flags). Note that `x-notify` and `x-indicate` each enforce security for ALL server-initiated updates. That is, you cannot require one level of security for notifications and another security level for indications on the same CCCD. I could not think of a reason why somebody would want that feature, and did not think the accuracy of terms would be worth the introduced complexity, so I didn't implement it. --- Changes in v4: - Directly set flags on CCCD instead of having new intermediate permissions Changes in v3: - Split the `x-asynchronous` flags into `x-notify` and `x-indicate` - Fix a mixed code and declaration error Changes in v2: - Fix line-width issues brought up by CI Dagan Martinez (2): gatt: Allow GATT server to dicate CCC permissions doc/gatt-api: Add 'X-notify`/`X-indicate` doc/gatt-api.txt | 15 ++++++++++++- src/gatt-database.c | 52 ++++++++++++++++++++++++++++++++++++--------- 2 files changed, 56 insertions(+), 11 deletions(-) -- 2.31.1
