This adds support to set different permissions to CCCD so security can
be checked when enabling notification which conforms to:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2360:
'3.3.3.3 Client Characteristic Configuration
Authentication and authorization may be required by the server to
write the configuration descriptor.'
In addition to that also ensure that notification are not re-enabled
until the proper security level is reached to conform to the following
statement:
'10.3.1.1 Handling of GATT indications and notifications
A client “requests” a server to send indications and notifications
by appropriately configuring the server via a Client Characteristic
Configuration Descriptor. Since the configuration is persistent
across a disconnection and reconnection, security requirements must
be checked against the configuration upon a reconnection before
sending indications or notifications. When a server reconnects to a
client to send an indication or notification for which security is
required, the server shall initiate or request encryption with the
client prior to sending an indication or notification. If the client
does not have an LTK indicating that the client has lost the bond,
enabling encryption will fail.'
Fixes#17983
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fix shell build dependencies, subsys/bluetooth/controller is only added
for CONFIG_BT_LL_SW_SPLIT or CONFIG_BT_LL_SW_LEGACY.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename bt_conn_security to bt_conn_set_security, this makes the API
naming more consistent.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename security level enum, using level and number instead of low,
medium, high and fips.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add security error to security_changed callback. Call this callback when
security has failed and provide current security level and error.
Reason for failure can be.
- Pairing procedure failed, pairing aborted before link encryption.
- Link encrypt procedure failed
- Link key refresh procedure failed.
Fix missing bt_conn_unref on encryption key refresh with error status.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This removes the necessity of registering the storage for CCC and make
it part of the declaration itself.
Fixes#18547
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add shell commands to add and remove devices from the shell.
Add commands and options to use whitelist for advertising, scanning,
and creating connections.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update bluetooth help text to include FIPS level in help text.
Also validate input range for the different connection types
Bluetooth security level for LE is from 1-4, while BR/EDR is 0-3
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Authentication using OOB data uses the on-air device addresses used
during connection setup. So we need to check against the on-air
addresses in the info object to see if we have correct OOB data.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix issue with registering authentication callback handlers failing
without notifying the user of the shell.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix the mandatory and optional parameter counts for the
directed adv shell command definition. Also, refactor the
command for consistency.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The 'registered' flag was not cleared when 'gatt metrics off'
was called so that one was unable to register the service again.
Remove 'registered' variable that is actually not needed as there
is no tracking if service is already registered in similar
cmd_register_test_svc command. If the service is already registered,
the host will log an error.
Fixes: #17882
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Error codes are listed in header files and in the core spec as hex
values. Always print them in hex in debug for easier error code
checking.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename the controller Kconfig option BT_LL_SW to
BT_LL_SW_LEGACY in preparation towards switch to new Link
Layer implementation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Bluetooth address parsing has been duplicated across the different
sub-shell files. Also missing parsing of identity/resolved addresses.
Move parsing of string close to parsing to string for a symmetrical API
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move duplicate hex2bin and add bin2hex function so that application can
use the functions and avoid code duplication.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The bt clear command accepts either 'all' or a bluetooth address.
If it is an LE address then type is also needed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
move misc/printk.h to sys/printk.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/byteorder.h to sys/byteorder.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This API had several issues:
- The parameter types and order were inconsistent with e.g.
bt_le_adv_start()
- There were no real users of num_params, which just caused increased
code size and memory consumption for no good reason.
- The error handling policy was arbitrary: if one of the
notifications would fail it would be impossible for the caller to
know if some notifications succeeded, i.e. at what point the
failure happened. Some callers might also want to make note of the
failure but continue trying to notify for the remaining parameters.
The first issue is easily fixable, but because of the other two I
think it's best we don't have this code as part of the stack, rather
require whoever needs it to do the for loop themselves. It's just a
few lines of code, so the benefit of having this in the stack was
anyway quite minimal.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This adds number of matches as optional parameter to gatt show-db:
> gatt show-db 2803 1
attr 0x005065f0 handle 0x0002 uuid 2803 perm 0x01
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Per guidelines, all statements should have braces around them. We do not
have a CI check for this, so a few went in unnoticed.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Fix disconnect command optional argument count to permit the
supply of Bluetooth Address so as to be able to cancel a
pending central initiated connection creation.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This make use of bt_gatt_foreach_attr_type in gatt show-db to match
attributes by UUID.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This prints to the output when a packet finishes transmitting:
uart:~$ l2cap send 2
Outgoing data channel 0x005166a0 transmitted
Outgoing data channel 0x005166a0 transmitted
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This allows setting a custom pointer to be passed back to the complete
callback at expense of increasing the buffers in 4 bytes.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces set command to GATT which can be used to write local
attributes:
uart:~$ gatt set 0x000b 62 6c 61 68
attr 0x004235a8 uuid 2a00 perm 0x09
00000000: 62 6C 61 68
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This introduces get command to GATT which can be used to read the
local attributes:
uart:~$ gatt get 0x000b
attr 0x004235a8 uuid 2a00 perm 0x09
00000000: 74 65 73 74 20 73 68 65 6C 6C
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This enables locating specific attribute in the database:
uart:~$ gatt show-db 0x2a00
attr 0x004235a8 handle 0x000b uuid 2a00 perm 0x09
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fixes:
.../zephyr/subsys/bluetooth/shell/bt.c:906:12:
warning: 'cmd_chan_map' defined but not used [-Wunused-function]
Signed-off-by: Jim Paris <jim@jtan.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Luiz Augusto von Dentz