From 3fdad47b4cedc00b85af9535d404ca75cd7267cc Mon Sep 17 00:00:00 2001
From: Marcin Kraglak <marcin.kraglak@tieto.com>
Date: Thu, 12 Jun 2014 11:08:23 +0200
Subject: [PATCH] android/gatt: Change check permissions order

Firstly we should check if characteristic needs MITM permissions,
and next check for ENCRYPTION permissions. Now remote device can
increase security to MITM immediatelly (i.e. from sec LOW to HIGH).
---
 android/gatt.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/android/gatt.c b/android/gatt.c
index 3ec4118f4..2cfa0a19e 100644
--- a/android/gatt.c
+++ b/android/gatt.c
@@ -4064,14 +4064,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
 		if (!(permissions & GATT_PERM_READ))
 			return ATT_ECODE_READ_NOT_PERM;
 
-		if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
-						sec_level < BT_SECURITY_MEDIUM)
-			return ATT_ECODE_INSUFF_ENC;
-
 		if ((permissions & GATT_PERM_READ_MITM) &&
 						sec_level < BT_SECURITY_HIGH)
 			return ATT_ECODE_AUTHENTICATION;
 
+		if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
+						sec_level < BT_SECURITY_MEDIUM)
+			return ATT_ECODE_INSUFF_ENC;
+
 		if (permissions & GATT_PERM_READ_AUTHORIZATION)
 			return ATT_ECODE_AUTHORIZATION;
 		break;
@@ -4082,14 +4082,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
 		if (!(permissions & GATT_PERM_WRITE))
 			return ATT_ECODE_WRITE_NOT_PERM;
 
-		if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
-						sec_level < BT_SECURITY_MEDIUM)
-			return ATT_ECODE_INSUFF_ENC;
-
 		if ((permissions & GATT_PERM_WRITE_MITM) &&
 						sec_level < BT_SECURITY_HIGH)
 			return ATT_ECODE_AUTHENTICATION;
 
+		if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
+						sec_level < BT_SECURITY_MEDIUM)
+			return ATT_ECODE_INSUFF_ENC;
+
 		if (permissions & GATT_PERM_WRITE_AUTHORIZATION)
 			return ATT_ECODE_AUTHORIZATION;
 		break;
-- 
2.47.3