From b5d7e24390217687529406e98af34057c78ccd8d Mon Sep 17 00:00:00 2001 From: Yun-Hao Chung Date: Tue, 3 Aug 2021 19:43:08 +0800 Subject: [PATCH] core: block not allowed UUID connect in auth This ensures any incoming profile connection will be blocked if its UUID is not allowed by the following assumption: 1. Each system profile asks adapter authorization when seeing a incoming connection. 2. Each external profile checks if its UUID is allowed by adapter when seeing a incoming connection. Signed-off-by: Ayush Garg --- src/adapter.c | 4 ++++ src/profile.c | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/src/adapter.c b/src/adapter.c index b44527b..f0bf408 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -12494,6 +12494,10 @@ static gboolean process_auth_queue(gpointer user_data) #endif return FALSE; } + if (!btd_adapter_is_uuid_allowed(adapter, auth->uuid)) { + auth->cb(&err, auth->user_data); + goto next; + } #ifndef TIZEN_FEATURE_BLUEZ_MODIFY if (device_is_trusted(device) == TRUE) { diff --git a/src/profile.c b/src/profile.c index 1d49574..0b2ed2b 100644 --- a/src/profile.c +++ b/src/profile.c @@ -1544,6 +1544,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data) DBG("incoming connect from %s", addr); + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + #ifdef TIZEN_FEATURE_BLUEZ_MODIFY if (g_strcmp0(uuid, HFP_AG_UUID) == 0) { struct btd_device *device; @@ -1583,6 +1588,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) struct ext_profile *ext = server->ext; GError *gerr = NULL; struct ext_io *conn; + const char *uuid = ext->service ? ext->service : ext->uuid; bdaddr_t src, dst; bt_io_get(io, &gerr, @@ -1596,6 +1602,11 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) return; } + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; -- 2.7.4