mirror of
https://github.com/h2zero/esp-nimble-cpp.git
synced 2024-11-22 05:00:55 +01:00
Don't send notifications to un-paired peers when READ_ENC set (#14)
* start security when peer subscribes to secured characteristic * Don't send notifications to non-secure clients
This commit is contained in:
h2zero
GitHub
parent
afb2f8d4c7
commit
0712f606f1
3 changed files with 28 additions and 6 deletions
|
|
@ -137,7 +137,7 @@ uint16_t NimBLECharacteristic::getHandle() {
|
||||||
} // getHandle
|
} // getHandle
|
||||||
|
|
||||||
|
|
||||||
uint8_t NimBLECharacteristic::getProperties() {
|
uint16_t NimBLECharacteristic::getProperties() {
|
||||||
return m_properties;
|
return m_properties;
|
||||||
} // getProperties
|
} // getProperties
|
||||||
|
|
||||||
|
|
@ -346,6 +346,9 @@ void NimBLECharacteristic::notify(bool is_notification) {
|
||||||
|
|
||||||
std::string value = getValue();
|
std::string value = getValue();
|
||||||
size_t length = value.length();
|
size_t length = value.length();
|
||||||
|
bool reqSec = (m_properties & BLE_GATT_CHR_F_READ_AUTHEN) ||
|
||||||
|
(m_properties & BLE_GATT_CHR_F_READ_AUTHOR) ||
|
||||||
|
(m_properties & BLE_GATT_CHR_F_READ_ENC);
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
|
|
||||||
for (auto &it : p2902->m_subscribedVec) {
|
for (auto &it : p2902->m_subscribedVec) {
|
||||||
|
|
@ -353,10 +356,18 @@ void NimBLECharacteristic::notify(bool is_notification) {
|
||||||
|
|
||||||
// check if connected and subscribed
|
// check if connected and subscribed
|
||||||
if(_mtu == 0 || it.sub_val == 0) {
|
if(_mtu == 0 || it.sub_val == 0) {
|
||||||
//NIMBLE_LOGD(LOG_TAG, "peer not connected");
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check if security requirements are satisfied
|
||||||
|
if(reqSec) {
|
||||||
|
struct ble_gap_conn_desc desc;
|
||||||
|
rc = ble_gap_conn_find(it.conn_id, &desc);
|
||||||
|
if(rc != 0 || !desc.sec_state.encrypted) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (length > _mtu - 3) {
|
if (length > _mtu - 3) {
|
||||||
NIMBLE_LOGW(LOG_TAG, "- Truncating to %d bytes (maximum notify size)", _mtu - 3);
|
NIMBLE_LOGW(LOG_TAG, "- Truncating to %d bytes (maximum notify size)", _mtu - 3);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -107,7 +107,7 @@ private:
|
||||||
~NimBLECharacteristic();
|
~NimBLECharacteristic();
|
||||||
|
|
||||||
NimBLEService* getService();
|
NimBLEService* getService();
|
||||||
uint8_t getProperties();
|
uint16_t getProperties();
|
||||||
void setSubscribe(struct ble_gap_event *event);
|
void setSubscribe(struct ble_gap_event *event);
|
||||||
static int handleGapEvent(uint16_t conn_handle, uint16_t attr_handle,
|
static int handleGapEvent(uint16_t conn_handle, uint16_t attr_handle,
|
||||||
struct ble_gatt_access_ctxt *ctxt, void *arg);
|
struct ble_gatt_access_ctxt *ctxt, void *arg);
|
||||||
|
|
|
||||||
|
|
@ -181,8 +181,8 @@ int NimBLEServer::disconnect(uint16_t connId, uint8_t reason) {
|
||||||
NimBLEUtils::returnCodeToString(rc));
|
NimBLEUtils::returnCodeToString(rc));
|
||||||
}
|
}
|
||||||
|
|
||||||
return rc;
|
|
||||||
NIMBLE_LOGD(LOG_TAG, "<< disconnect()");
|
NIMBLE_LOGD(LOG_TAG, "<< disconnect()");
|
||||||
|
return rc;
|
||||||
} // disconnect
|
} // disconnect
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -230,7 +230,6 @@ size_t NimBLEServer::getConnectedCount() {
|
||||||
else {
|
else {
|
||||||
server->m_connectedPeersVec.push_back(event->connect.conn_handle);
|
server->m_connectedPeersVec.push_back(event->connect.conn_handle);
|
||||||
|
|
||||||
ble_gap_conn_desc desc;
|
|
||||||
rc = ble_gap_conn_find(event->connect.conn_handle, &desc);
|
rc = ble_gap_conn_find(event->connect.conn_handle, &desc);
|
||||||
assert(rc == 0);
|
assert(rc == 0);
|
||||||
|
|
||||||
|
|
@ -276,6 +275,18 @@ size_t NimBLEServer::getConnectedCount() {
|
||||||
|
|
||||||
for(auto &it : server->m_notifyChrVec) {
|
for(auto &it : server->m_notifyChrVec) {
|
||||||
if(it->getHandle() == event->subscribe.attr_handle) {
|
if(it->getHandle() == event->subscribe.attr_handle) {
|
||||||
|
if((it->getProperties() & BLE_GATT_CHR_F_READ_AUTHEN) ||
|
||||||
|
(it->getProperties() & BLE_GATT_CHR_F_READ_AUTHOR) ||
|
||||||
|
(it->getProperties() & BLE_GATT_CHR_F_READ_ENC))
|
||||||
|
{
|
||||||
|
rc = ble_gap_conn_find(event->subscribe.conn_handle, &desc);
|
||||||
|
assert(rc == 0);
|
||||||
|
|
||||||
|
if(!desc.sec_state.encrypted) {
|
||||||
|
NimBLEDevice::startSecurity(event->subscribe.conn_handle);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
it->setSubscribe(event);
|
it->setSubscribe(event);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
@ -330,7 +341,7 @@ size_t NimBLEServer::getConnectedCount() {
|
||||||
} // BLE_GAP_EVENT_REPEAT_PAIRING
|
} // BLE_GAP_EVENT_REPEAT_PAIRING
|
||||||
|
|
||||||
case BLE_GAP_EVENT_ENC_CHANGE: {
|
case BLE_GAP_EVENT_ENC_CHANGE: {
|
||||||
rc = ble_gap_conn_find(event->conn_update.conn_handle, &desc);
|
rc = ble_gap_conn_find(event->enc_change.conn_handle, &desc);
|
||||||
if(rc != 0) {
|
if(rc != 0) {
|
||||||
return BLE_ATT_ERR_INVALID_HANDLE;
|
return BLE_ATT_ERR_INVALID_HANDLE;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue