shared/gatt-server: Fix not properly checking for secure flags

When passing the mask to check_permissions all valid permissions for
the operation must be set including BT_ATT_PERM_SECURE flags.

Signed-off-by: Anuj Jain <anuj01.jain@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>

diff --git a/src/shared/att-types.h b/src/shared/att-types.h
index 0cb5438..ce5d927 100755 (executable)
--- a/src/shared/att-types.h
+++ b/src/shared/att-types.h
@@ -140,6 +140,14 @@ struct bt_att_pdu_error_rsp {
 #define BT_ATT_PERM_WRITE_SECURE       0x0200
 #define BT_ATT_PERM_SECURE             (BT_ATT_PERM_READ_SECURE | \
                                        BT_ATT_PERM_WRITE_SECURE)
+#define BT_ATT_PERM_READ_MASK          (BT_ATT_PERM_READ | \
+                                       BT_ATT_PERM_READ_AUTHEN | \
+                                       BT_ATT_PERM_READ_ENCRYPT | \
+                                       BT_ATT_PERM_READ_SECURE)
+#define BT_ATT_PERM_WRITE_MASK         (BT_ATT_PERM_WRITE | \
+                                       BT_ATT_PERM_WRITE_AUTHEN | \
+                                       BT_ATT_PERM_WRITE_ENCRYPT | \
+                                       BT_ATT_PERM_WRITE_SECURE)
 
 /* GATT Characteristic Properties Bitfield values */
 #define BT_GATT_CHRC_PROP_BROADCAST                    0x01

diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c
index 3aa97b9..32adcd5 100644 (file)
--- a/src/shared/gatt-server.c
+++ b/src/shared/gatt-server.c
@@ -454,9 +454,7 @@ static void process_read_by_type(struct async_read_op *op)
                return;
        }
 
-       ecode = check_permissions(server, attr, BT_ATT_PERM_READ |
-                                               BT_ATT_PERM_READ_AUTHEN |
-                                               BT_ATT_PERM_READ_ENCRYPT);
+       ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK);
        if (ecode)
                goto error;
 
@@ -824,9 +822,7 @@ static void write_cb(struct bt_att_chan *chan, uint8_t opcode, const void *pdu,
                                (opcode == BT_ATT_OP_WRITE_REQ) ? "Req" : "Cmd",
                                handle);
 
-       ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE |
-                                               BT_ATT_PERM_WRITE_AUTHEN |
-                                               BT_ATT_PERM_WRITE_ENCRYPT);
+       ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK);
        if (ecode)
                goto error;
 
@@ -933,9 +929,7 @@ static void handle_read_req(struct bt_att_chan *chan,
                        opcode == BT_ATT_OP_READ_BLOB_REQ ? "Blob " : "",
                        handle);
 
-       ecode = check_permissions(server, attr, BT_ATT_PERM_READ |
-                                               BT_ATT_PERM_READ_AUTHEN |
-                                               BT_ATT_PERM_READ_ENCRYPT);
+       ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK);
        if (ecode)
                goto error;
 
@@ -1077,9 +1071,8 @@ static void read_multiple_complete_cb(struct gatt_db_attribute *attr, int err,
                goto error;
        }
 
-       ecode = check_permissions(data->server, next_attr, BT_ATT_PERM_READ |
-                                               BT_ATT_PERM_READ_AUTHEN |
-                                               BT_ATT_PERM_READ_ENCRYPT);
+       ecode = check_permissions(data->server, next_attr,
+                                               BT_ATT_PERM_READ_MASK);
        if (ecode)
                goto error;
 
@@ -1155,9 +1148,7 @@ static void read_multiple_cb(struct bt_att_chan *chan, uint8_t opcode,
                goto error;
        }
 
-       ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ |
-                                               BT_ATT_PERM_READ_AUTHEN |
-                                               BT_ATT_PERM_READ_ENCRYPT);
+       ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ_MASK);
        if (ecode)
                goto error;
 
@@ -1334,9 +1325,7 @@ static void prep_write_cb(struct bt_att_chan *chan, uint8_t opcode,
        util_debug(server->debug_callback, server->debug_data,
                                "Prep Write Req - handle: 0x%04x", handle);
 
-       ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE |
-                                               BT_ATT_PERM_WRITE_AUTHEN |
-                                               BT_ATT_PERM_WRITE_ENCRYPT);
+       ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK);
        if (ecode)
                goto error;