aioble/security: Control order of bond database and allow limiting of the number of pairs. #448
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Jim Mussared <jim.mussared@gmail.com>
50850bc to
d370855
Compare
Was getting occasional: RuntimeError: schedule queue full
d370855 to
5d57231
Compare
84926f0 to
bc3f4cf
Compare
Will be True if the pairing process has been started but is waiting for ack from remote device.
bc3f4cf to
adf3dd2
Compare
|
This PR has been split out into separate ones for each feature |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Requires: micropython/micropython#7845
In my application, we have a stm327f765 chip running micropython, with a build of the official nimble uart/hci application running on a separate nrf52810 (https://github.com/apache/mynewt-nimble/tree/master/apps/blehci)
We use this with aioble and paring/bonding.
It's been found that this nimble hci radio only has buffer/storage for 4 RPA / IRK addressing lookups, so if you've got more devices than this stored in the pairing/bonding database, any new devices that come along and try to pair/bond seem to work initially, but upon disconnect/reconnect the pairing details are lost.
Also, if you've got more devices than this stored in the bond database, with the current inplementation of aioble the fact these are stored in a dict/json file means the order is not strictly controlled, so you can't know for certain which devices keys will be loaded first/last into the radio - which ever ones don't fit can fail to connect correctly.
This PR aims to control the order of keys to maintain knowledge of newest / oldest keys.
A limit on the number of peers can be configured eg.
aioble.security.limit_peers = 3In this case, only the newest 3 peers will be loaded into the radio at startup.
If a new peer tries to pair/bond and this limit has already been reached, the oldest device in the database will be dropped / unpaired to make space for the new one.