[PATCH] Return an error if the attribute requires authorization

[PATCH] Return an error if the attribute requires authorization

[Claudio Takahasi]

If an attribute requires authorization, Insuficient Authorization
will be returned by the attribute server until the Agent supports
a method to authorize attribute access.
---
 src/attrib-server.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/src/attrib-server.c b/src/attrib-server.c
index 9543da6..dc05d7e 100644
--- a/src/attrib-server.c
+++ b/src/attrib-server.c
@@ -173,6 +173,8 @@ static uint8_t att_check_reqs(struct gatt_channel *channel, uint8_t opcode,
 		channel->encrypted = g_attrib_is_encrypted(channel->attrib);
 	if (reqs == ATT_AUTHENTICATION && !channel->encrypted)
 		return ATT_ECODE_INSUFF_AUTHEN;
+	else if (reqs == ATT_AUTHORIZATION)
+		return ATT_ECODE_INSUFF_AUTHO;
 
 	switch (opcode) {
 	case ATT_OP_READ_BY_GROUP_REQ:
-- 
1.7.4.1

[PATCH] TODO: Add item related to authorization and authentication

[Claudio Takahasi]

---
 TODO |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/TODO b/TODO
index b05cfc0..0e06f99 100644
--- a/TODO
+++ b/TODO
@@ -124,6 +124,15 @@ ATT/GATT
   Priority: Medium
   Complexity: C1
 
+- At the moment authentication and authorization is not supported at the
+  same time, read/write requirements in the attribute server needs to
+  be extended. According to Bluetooth Specification a server shall check
+  authentication and authorization requirements before any other check is
+  performed.
+
+  Priority: Medium
+  Complexity: C1
+
 - ATT/GATT parsing to hcidump. Partially implemented, missing to fix
   multiple advertises in the same event and RSSI.
 
-- 
1.7.4.1

Re: [PATCH] Return an error if the attribute requires authorization

[Johan Hedberg]

Hi Claudio,

On Wed, Mar 23, 2011, Claudio Takahasi wrote:
> If an attribute requires authorization, Insuficient Authorization
> will be returned by the attribute server until the Agent supports
> a method to authorize attribute access.
> ---
>  src/attrib-server.c |    2 ++
>  1 files changed, 2 insertions(+), 0 deletions(-)
> 
> diff --git a/src/attrib-server.c b/src/attrib-server.c
> index 9543da6..dc05d7e 100644
> --- a/src/attrib-server.c
> +++ b/src/attrib-server.c
> @@ -173,6 +173,8 @@ static uint8_t att_check_reqs(struct gatt_channel *channel, uint8_t opcode,
>  		channel->encrypted = g_attrib_is_encrypted(channel->attrib);
>  	if (reqs == ATT_AUTHENTICATION && !channel->encrypted)
>  		return ATT_ECODE_INSUFF_AUTHEN;
> +	else if (reqs == ATT_AUTHORIZATION)
> +		return ATT_ECODE_INSUFF_AUTHO;
>  
>  	switch (opcode) {
>  	case ATT_OP_READ_BY_GROUP_REQ:

Pushed upstream. Thanks.

Btw, I'm not really a fan of those "authen" and "autho" short versions.
Since you're already spelling the words out in other defines (e.g.
ATT_AUTHENTICATION) I suppose it'd make sense to do the same for the
error codes as well.

Johan

Re: [PATCH] TODO: Add item related to authorization and authentication

[Johan Hedberg]

Hi Claudio,

On Wed, Mar 23, 2011, Claudio Takahasi wrote:
> ---
>  TODO |    9 +++++++++
>  1 files changed, 9 insertions(+), 0 deletions(-)

Applied. Thanks.

Johan