-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PW_SID:555113] Optionally require security for notify/indicate #1014
Conversation
Allow a GATT server to impose permissions/restrictions on a CCC by setting additional `X-asynchronous` permissions on its associated characteristic. This allows a developer to require encryption/authentication in order for a GATT client to subscribe to server-initiated updates. Test procedure: Attempt to read/write with a "low" security level on an unprotected CCC using gatttool, and succeed Attempt to READ with a "low" security level on an protected CCC using gatttool, and succeed Attempt to WRITE with a "low" security level on an protected CCC using gatttool, and fail Attempt to read/write while paired on a protected CCC using `bluetoothctl`, and succeed
Update docs to reflect the addition of `X-asynchronous` permissions, which allow a GATT server to restrict CCC write permissions via permissions set on its associated characteristic.
CheckPatch Output:
|
GitLint |
Prep - Setup ELL |
Build - Prep |
Build - Configure |
Build - Make Output:
|
Make Check Output:
|
Make Distcheck |
Build w/ext ELL - Configure |
Build w/ext ELL - Make Output:
|
In some cases, it is desirable to require encryption and/or
authentication for server-initiated updates, as they may contain
sensitive data.
Currently, there is no way to do this with BlueZ.
Here is a query about this feature from 2019:
https://stackoverflow.com/questions/55884233
This patch implements this feature by introducing new
x-asynchronous
flags that allow a user to restrict access to a characteristic's CCCD
(as well as documentation for those flags).
Dagan Martinez (2):
gatt: allow GATT server to dicate CCC permissions
doc/gatt-api: Add 'X-asynchronous` permissions
doc/gatt-api.txt | 11 ++++++++++-