Skip to content

nimble/host: add support for asynchronous authorization #2013

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

nimble/host: add support for asynchronous authorization #2013

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b92afa0
nimble/host: add support for asynchronous authorization
SumeetSingh19 Dec 29, 2023
f6e3ad6
nimble/host: add support for gatt authorization in btshell app
piotrnarajowski Mar 19, 2025
a3ccc27
apps: bttester: handle GAP authorization event
piotrnarajowski Mar 20, 2025
ebc3c97
nimble/host: add gatts method for async authorization
piotrnarajowski Mar 20, 2025
b93083f
nimble/host: fix code style
piotrnarajowski Sep 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions apps/bleprph/src/main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,14 @@ bleprph_gap_event(struct ble_gap_event *event, void *arg)
phy_update(event->phy_updated.tx_phy);
return 0;
#endif

case BLE_GAP_EVENT_AUTHORIZE:
MODLOG_DFLT(INFO,
"authorize event: conn_handle=%d attr_handle=,"
" is_read=%d\n",
event->authorize.conn_handle, event->authorize.attr_handle,
event->authorize.access_opcode);
return BLE_GAP_AUTHORIZE_REJECT;
}

return 0;
Expand Down
17 changes: 17 additions & 0 deletions apps/btshell/src/btshell.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,23 @@ struct btshell_scan_opts {
extern struct btshell_conn btshell_conns[MYNEWT_VAL(BLE_MAX_CONNECTIONS)];
extern int btshell_num_conns;

/* BLE_GATT_READ_MAX_ATTRS * (1 ATT + 1 EATT chan) */
#define PENDING_ATTR_MAX MYNEWT_VAL(BLE_GATT_READ_MAX_ATTRS) * 2

struct auth_attr {
uint16_t conn_handle;
uint16_t attr_handle;
};

extern struct auth_attr authorized_attrs[PENDING_ATTR_MAX];
Comment on lines +100 to +108
Copy link
Contributor

@MariuszSkamra MariuszSkamra Aug 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not convinced to this approach. It is because, I'm concerned it won't work as expected to the user. As the authorized_attrs size is limited to PENDING_ATTR_MAX, the authorization state can be lost IMO. I would expect the once authorized client won't be asked for authorization again on attribute access attempt.

The solution that comes to my mind would be a authorization state being stored by user. Meaning the user on authorization required characteristic registration provides authorization state block.
Such block would be flags where each flag would correspond to connection index, so the total number of bits would be BLE_MAX_CONNECTIONS.

Copy link
Contributor Author

@piotrnarajowski piotrnarajowski Sep 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand your concern and agree that this is not the best way to store such information. This btshell patch was just added as an example on how asnyc authorization procedure could look like. It is up to application to store information on which peer and what attribute has been already authorized. I'll try coming up with a smarter way to handle this for btshell.


struct pend_attr {
uint16_t attr_handle;
uint16_t cid;
};

extern struct pend_attr pending_attr;

int btshell_exchange_mtu(uint16_t conn_handle);
int btshell_disc_svcs(uint16_t conn_handle);
int btshell_disc_svc_by_uuid(uint16_t conn_handle, const ble_uuid_t *uuid);
Expand Down
Loading