From abb97f57dda0cdb5b79fb893061d7f035ecf6f61 Mon Sep 17 00:00:00 2001 From: Emil Gydesen Date: Wed, 31 Mar 2021 17:09:41 +0200 Subject: [PATCH] Bluetooth: GATT: Extend GATT notify/indicate security check with auth Add authentication check to the security checks for GATT notify and indicate. Signed-off-by: Emil Gydesen --- subsys/bluetooth/host/gatt.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/subsys/bluetooth/host/gatt.c b/subsys/bluetooth/host/gatt.c index d398c161a27..aeae0e25879 100644 --- a/subsys/bluetooth/host/gatt.c +++ b/subsys/bluetooth/host/gatt.c @@ -1888,7 +1888,9 @@ static int gatt_notify(struct bt_conn *conn, uint16_t handle, #endif /* Confirm that the connection has the correct level of security */ - if (bt_gatt_check_perm(conn, params->attr, BT_GATT_PERM_READ_ENCRYPT)) { + if (bt_gatt_check_perm(conn, params->attr, + BT_GATT_PERM_READ_ENCRYPT | BT_GATT_PERM_READ_AUTHEN)) { + BT_WARN("Link is not encrypted"); return -EPERM; } @@ -2020,7 +2022,9 @@ static int gatt_indicate(struct bt_conn *conn, uint16_t handle, #endif /* Confirm that the connection has the correct level of security */ - if (bt_gatt_check_perm(conn, params->attr, BT_GATT_PERM_READ_ENCRYPT)) { + if (bt_gatt_check_perm(conn, params->attr, + BT_GATT_PERM_READ_ENCRYPT | BT_GATT_PERM_READ_AUTHEN)) { + BT_WARN("Link is not encrypted"); return -EPERM; } @@ -2127,7 +2131,9 @@ static uint8_t notify_cb(const struct bt_gatt_attr *attr, uint16_t handle, } /* Confirm that the connection has the correct level of security */ - if (bt_gatt_check_perm(conn, attr, BT_GATT_PERM_READ_ENCRYPT)) { + if (bt_gatt_check_perm(conn, attr, + BT_GATT_PERM_READ_ENCRYPT | BT_GATT_PERM_READ_AUTHEN)) { + BT_WARN("Link is not encrypted"); continue; }