3535limit_peers = None
3636
3737SEC_TYPES_SELF = (10 , )
38- SEC_TYPES_PEER = (1 , 2 , 3 , 4 )
39-
38+ SEC_TYPES_PEER = (1 , 2 , 4 )
39+ SEC_TYPES_CCCD = ( 3 , )
4040
4141# Must call this before stack startup.
4242def load_secrets (path = None ):
@@ -124,7 +124,7 @@ def _log_peers(heading=""):
124124 if core .log_level <= 2 :
125125 return
126126 log_info ("secrets:" , heading )
127- for sec_type in SEC_TYPES_PEER :
127+ for sec_type in SEC_TYPES_PEER + SEC_TYPES_CCCD :
128128 log_info ("-" , sec_type )
129129
130130 if sec_type not in _secrets :
@@ -151,8 +151,10 @@ def _security_irq(event, data):
151151 connection ._pair_event .set ()
152152
153153 elif event == _IRQ_SET_SECRET :
154- sec_type , key , value = data
154+ sec_type , key , key2 , value = data
155155 key = bytes (key )
156+ if key2 :
157+ key += bytes (key2 )
156158 value = bytes (value ) if value else None
157159
158160 is_saving = value is not None
@@ -197,9 +199,12 @@ def _security_irq(event, data):
197199 return True
198200
199201 elif event == _IRQ_GET_SECRET :
200- sec_type , index , key = data
201-
202- log_info ("get secret:" , sec_type , index , bytes (key ) if key else None )
202+ sec_type , index , key , key2 = data
203+ key = bytes (key ) if key else None
204+ if key2 :
205+ assert key , "can't have key2 without key"
206+ key += bytes (key2 )
207+ log_info ("get secret:" , sec_type , index , key )
203208
204209 secrets = _secrets .get (sec_type , [])
205210 if key is None :
@@ -212,10 +217,13 @@ def _security_irq(event, data):
212217 return None
213218 else :
214219 # Return the secret for this key (or None).
215- key = bytes (key )
216-
217220 for k , v in secrets :
218- if k == key :
221+ # For CCCD, the requested key might be just handle at start of stored key
222+ match = k .startswith (key )
223+ if match :
224+ if index :
225+ index -= 1
226+ continue
219227 return v
220228 return None
221229
0 commit comments