1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "btstack_debug.h" 48 #include "btstack_event.h" 49 #include "btstack_memory.h" 50 #include "btstack_util.h" 51 #include "classic/core.h" 52 #include "classic/rfcomm.h" 53 #include "hci.h" 54 #include "hci_cmd.h" 55 #include "hci_dump.h" 56 #include "l2cap.h" 57 58 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 59 #ifndef PRIxPTR 60 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 61 #define PRIxPTR "lx" 62 #else 63 #define PRIxPTR "x" 64 #endif 65 #endif 66 67 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 68 69 #define RFCOMM_CREDITS 10 70 71 // FCS calc 72 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 73 #define BT_RFCOMM_CRC_CHECK_LEN 3 74 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 75 76 77 typedef enum { 78 CH_EVT_RCVD_SABM = 1, 79 CH_EVT_RCVD_UA, 80 CH_EVT_RCVD_PN, 81 CH_EVT_RCVD_PN_RSP, 82 CH_EVT_RCVD_DISC, 83 CH_EVT_RCVD_DM, 84 CH_EVT_RCVD_MSC_CMD, 85 CH_EVT_RCVD_MSC_RSP, 86 CH_EVT_RCVD_NSC_RSP, 87 CH_EVT_RCVD_RLS_CMD, 88 CH_EVT_RCVD_RLS_RSP, 89 CH_EVT_RCVD_RPN_CMD, 90 CH_EVT_RCVD_RPN_REQ, 91 CH_EVT_RCVD_CREDITS, 92 CH_EVT_MULTIPLEXER_READY, 93 CH_EVT_READY_TO_SEND, 94 } RFCOMM_CHANNEL_EVENT; 95 96 typedef struct rfcomm_channel_event { 97 RFCOMM_CHANNEL_EVENT type; 98 uint16_t dummy; // force rfcomm_channel_event to be 2-byte aligned -> avoid -Wcast-align warning 99 } rfcomm_channel_event_t; 100 101 typedef struct rfcomm_channel_event_pn { 102 rfcomm_channel_event_t super; 103 uint16_t max_frame_size; 104 uint8_t priority; 105 uint8_t credits_outgoing; 106 } rfcomm_channel_event_pn_t; 107 108 typedef struct rfcomm_channel_event_rpn { 109 rfcomm_channel_event_t super; 110 rfcomm_rpn_data_t data; 111 } rfcomm_channel_event_rpn_t; 112 113 typedef struct rfcomm_channel_event_rls { 114 rfcomm_channel_event_t super; 115 uint8_t line_status; 116 } rfcomm_channel_event_rls_t; 117 118 typedef struct rfcomm_channel_event_msc { 119 rfcomm_channel_event_t super; 120 uint8_t modem_status; 121 } rfcomm_channel_event_msc_t; 122 123 124 // global rfcomm data 125 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 126 127 // linked lists for all 128 static btstack_linked_list_t rfcomm_multiplexers = NULL; 129 static btstack_linked_list_t rfcomm_channels = NULL; 130 static btstack_linked_list_t rfcomm_services = NULL; 131 132 static gap_security_level_t rfcomm_security_level; 133 134 static int rfcomm_channel_can_send(rfcomm_channel_t * channel); 135 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 136 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 137 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 138 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel); 139 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 140 static void rfcomm_run(void); 141 142 // MARK: RFCOMM CLIENT EVENTS 143 144 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 145 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 146 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 147 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 148 uint8_t event[11]; 149 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 150 event[1] = sizeof(event) - 2; 151 reverse_bd_addr(channel->multiplexer->remote_addr, &event[2]); 152 event[8] = channel->dlci >> 1; 153 little_endian_store_16(event, 9, channel->rfcomm_cid); 154 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 155 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 156 } 157 158 // API Change: BTstack-0.3.50x uses 159 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 160 // next Cydia release will use SVN version of this 161 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 162 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 163 log_info("RFCOMM_EVENT_CHANNEL_OPENED status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 164 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 165 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 166 uint8_t event[16]; 167 uint8_t pos = 0; 168 event[pos++] = RFCOMM_EVENT_CHANNEL_OPENED; // 0 169 event[pos++] = sizeof(event) - 2; // 1 170 event[pos++] = status; // 2 171 reverse_bd_addr(channel->multiplexer->remote_addr, &event[pos]); pos += 6; // 3 172 little_endian_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 173 event[pos++] = channel->dlci >> 1; // 11 174 little_endian_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 175 little_endian_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 176 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 177 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, pos); 178 179 // if channel opened successfully, also send can send now if possible 180 if (status) return; 181 if (rfcomm_channel_can_send(channel)){ 182 rfcomm_emit_can_send_now(channel); 183 } 184 } 185 186 // data: event(8), len(8), rfcomm_cid(16) 187 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 188 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 189 uint8_t event[4]; 190 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 191 event[1] = sizeof(event) - 2; 192 little_endian_store_16(event, 2, channel->rfcomm_cid); 193 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 194 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 195 } 196 197 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 198 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 199 uint8_t event[5]; 200 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 201 event[1] = sizeof(event) - 2; 202 little_endian_store_16(event, 2, channel->rfcomm_cid); 203 event[4] = line_status; 204 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 205 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 206 } 207 208 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 209 // notify client about new settings 210 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 211 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 212 event[1] = sizeof(rfcomm_rpn_data_t); 213 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 214 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 215 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 216 } 217 218 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel) { 219 log_info("RFCOMM_EVENT_CHANNEL_CAN_SEND_NOW local_cid 0x%x", channel->rfcomm_cid); 220 uint8_t event[4]; 221 event[0] = RFCOMM_EVENT_CAN_SEND_NOW; 222 event[1] = sizeof(event) - 2; 223 little_endian_store_16(event, 2, channel->rfcomm_cid); 224 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 225 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 226 } 227 228 // MARK RFCOMM RPN DATA HELPER 229 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 230 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 231 rpn_data->flags = 0x03; /* 8-n-1 */ 232 rpn_data->flow_control = 0; /* no flow control */ 233 rpn_data->xon = 0xd1; /* XON */ 234 rpn_data->xoff = 0xd3; /* XOFF */ 235 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 236 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 237 } 238 239 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 240 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 241 dest->baud_rate = src->baud_rate; 242 } 243 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 244 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 245 } 246 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 247 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 248 } 249 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 250 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 251 } 252 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 253 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 254 } 255 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 256 dest->xon = src->xon; 257 } 258 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 259 dest->xoff = src->xoff; 260 } 261 int i; 262 for (i=0; i < 6 ; i++){ 263 uint8_t mask = 1 << i; 264 if (src->parameter_mask_1 & mask){ 265 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 266 } 267 } 268 // always copy parameter mask, too. informative for client, needed for response 269 dest->parameter_mask_0 = src->parameter_mask_0; 270 dest->parameter_mask_1 = src->parameter_mask_1; 271 } 272 // MARK: RFCOMM MULTIPLEXER HELPER 273 274 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 275 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 276 uint16_t max_frame_size = l2cap_mtu - 5; 277 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 278 return max_frame_size; 279 } 280 281 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 282 283 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 284 285 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 286 multiplexer->fcon = 1; 287 multiplexer->send_dm_for_dlci = 0; 288 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 289 multiplexer->test_data_len = 0; 290 multiplexer->nsc_command = 0; 291 } 292 293 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 294 295 // alloc structure 296 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 297 if (!multiplexer) return NULL; 298 299 // fill in 300 rfcomm_multiplexer_initialize(multiplexer); 301 bd_addr_copy(multiplexer->remote_addr, addr); 302 303 // add to services list 304 btstack_linked_list_add(&rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 305 306 return multiplexer; 307 } 308 309 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 310 btstack_linked_item_t *it; 311 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 312 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 313 if (bd_addr_cmp(addr, multiplexer->remote_addr) == 0) { 314 return multiplexer; 315 }; 316 } 317 return NULL; 318 } 319 320 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 321 btstack_linked_item_t *it; 322 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 323 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 324 if (multiplexer->l2cap_cid == l2cap_cid) { 325 return multiplexer; 326 }; 327 } 328 return NULL; 329 } 330 331 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 332 btstack_linked_item_t *it; 333 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 334 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 335 if (channel->multiplexer == multiplexer) { 336 return 1; 337 } 338 } 339 return 0; 340 } 341 342 // MARK: RFCOMM CHANNEL HELPER 343 344 static void rfcomm_dump_channels(void){ 345 btstack_linked_item_t * it; 346 int channels = 0; 347 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 348 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 349 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 350 channels++; 351 } 352 } 353 354 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 355 rfcomm_service_t *service, uint8_t server_channel){ 356 357 // don't use 0 as channel id 358 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 359 360 // setup channel 361 memset(channel, 0, sizeof(rfcomm_channel_t)); 362 363 // set defaults for port configuration (even for services) 364 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 365 366 channel->state = RFCOMM_CHANNEL_CLOSED; 367 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 368 369 channel->multiplexer = multiplexer; 370 channel->rfcomm_cid = rfcomm_client_cid_generator++; 371 channel->max_frame_size = multiplexer->max_frame_size; 372 373 channel->credits_incoming = 0; 374 channel->credits_outgoing = 0; 375 376 // incoming flow control not active 377 channel->new_credits_incoming = RFCOMM_CREDITS; 378 channel->incoming_flow_control = 0; 379 380 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 381 382 channel->service = service; 383 if (service) { 384 // incoming connection 385 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 386 if (channel->max_frame_size > service->max_frame_size) { 387 channel->max_frame_size = service->max_frame_size; 388 } 389 channel->incoming_flow_control = service->incoming_flow_control; 390 channel->new_credits_incoming = service->incoming_initial_credits; 391 channel->packet_handler = service->packet_handler; 392 } else { 393 // outgoing connection 394 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 395 } 396 } 397 398 // service == NULL -> outgoing channel 399 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 400 rfcomm_service_t * service, uint8_t server_channel){ 401 402 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 403 rfcomm_dump_channels(); 404 405 // alloc structure 406 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 407 if (!channel) return NULL; 408 409 // fill in 410 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 411 412 // add to services list 413 btstack_linked_list_add(&rfcomm_channels, (btstack_linked_item_t *) channel); 414 415 return channel; 416 } 417 418 static void rfcomm_notify_channel_can_send(void){ 419 btstack_linked_list_iterator_t it; 420 btstack_linked_list_iterator_init(&it, &rfcomm_channels); 421 while (btstack_linked_list_iterator_has_next(&it)){ 422 rfcomm_channel_t * channel = (rfcomm_channel_t *) btstack_linked_list_iterator_next(&it); 423 if (!channel->waiting_for_can_send_now) continue; // didn't try to send yet 424 if (!rfcomm_channel_can_send(channel)) continue; // or cannot yet either 425 426 channel->waiting_for_can_send_now = 0; 427 rfcomm_emit_can_send_now(channel); 428 } 429 } 430 431 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 432 btstack_linked_item_t *it; 433 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 434 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 435 if (channel->rfcomm_cid == rfcomm_cid) { 436 return channel; 437 }; 438 } 439 return NULL; 440 } 441 442 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 443 btstack_linked_item_t *it; 444 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 445 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 446 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 447 return channel; 448 }; 449 } 450 return NULL; 451 } 452 453 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 454 btstack_linked_item_t *it; 455 for (it = (btstack_linked_item_t *) rfcomm_services; it ; it = it->next){ 456 rfcomm_service_t * service = ((rfcomm_service_t *) it); 457 if ( service->server_channel == server_channel){ 458 return service; 459 }; 460 } 461 return NULL; 462 } 463 464 // MARK: RFCOMM SEND 465 466 /** 467 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 468 */ 469 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 470 471 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 472 473 l2cap_reserve_packet_buffer(); 474 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 475 476 uint16_t pos = 0; 477 uint8_t crc_fields = 3; 478 479 rfcomm_out_buffer[pos++] = address; 480 rfcomm_out_buffer[pos++] = control; 481 482 // length field can be 1 or 2 octets 483 if (len < 128){ 484 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 485 } else { 486 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 487 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 488 crc_fields++; 489 } 490 491 // add credits for UIH frames when PF bit is set 492 if (control == BT_RFCOMM_UIH_PF){ 493 rfcomm_out_buffer[pos++] = credits; 494 } 495 496 // copy actual data 497 if (len) { 498 memcpy(&rfcomm_out_buffer[pos], data, len); 499 pos += len; 500 } 501 502 // UIH frames only calc FCS over address + control (5.1.1) 503 if ((control & 0xef) == BT_RFCOMM_UIH){ 504 crc_fields = 2; 505 } 506 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 507 508 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 509 510 return err; 511 } 512 513 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 514 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 515 516 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 517 uint8_t control = BT_RFCOMM_UIH; 518 519 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 520 521 uint16_t pos = 0; 522 rfcomm_out_buffer[pos++] = address; 523 rfcomm_out_buffer[pos++] = control; 524 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 525 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 526 527 // actual data is already in place 528 pos += len; 529 530 // UIH frames only calc FCS over address + control (5.1.1) 531 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 532 533 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 534 535 return err; 536 } 537 538 // C/R Flag in Address 539 // - terms: initiator = station that creates multiplexer with SABM 540 // - terms: responder = station that responds to multiplexer setup with UA 541 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 542 // - command initiator = 1 /response responder = 1 543 // - command responder = 0 /response initiator = 0 544 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 545 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 546 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 547 548 // C/R Flag in Message 549 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 550 // - If the C/R bit is set to 1 the message is a command 551 // - if it is set to 0 the message is a response. 552 553 // temp/old messge construction 554 555 // new object oriented version 556 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 557 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 558 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 559 } 560 561 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 562 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 563 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 564 } 565 566 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 567 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 568 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 569 } 570 571 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 572 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 573 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 574 } 575 576 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 577 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 578 uint8_t payload[2]; 579 uint8_t pos = 0; 580 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 581 payload[pos++] = (0 << 1) | 1; // len 582 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 583 } 584 585 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 586 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 587 // uint8_t payload[2+len]; 588 // uint8_t pos = 0; 589 // payload[pos++] = BT_RFCOMM_TEST_CMD; 590 // payload[pos++] = (len + 1) << 1 | 1; // len 591 // memcpy(&payload[pos], data, len); 592 // pos += len; 593 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 594 // } 595 596 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 597 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 598 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 599 uint8_t pos = 0; 600 payload[pos++] = BT_RFCOMM_TEST_RSP; 601 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 602 len = RFCOMM_TEST_DATA_MAX_LEN; 603 } 604 payload[pos++] = (len << 1) | 1; // len 605 memcpy(&payload[pos], data, len); 606 pos += len; 607 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 608 } 609 610 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 611 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 612 uint8_t payload[4]; 613 uint8_t pos = 0; 614 payload[pos++] = BT_RFCOMM_MSC_CMD; 615 payload[pos++] = (2 << 1) | 1; // len 616 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 617 payload[pos++] = signals; 618 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 619 } 620 621 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 622 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 623 uint8_t payload[4]; 624 uint8_t pos = 0; 625 payload[pos++] = BT_RFCOMM_MSC_RSP; 626 payload[pos++] = (2 << 1) | 1; // len 627 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 628 payload[pos++] = signals; 629 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 630 } 631 632 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 633 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 634 uint8_t payload[3]; 635 uint8_t pos = 0; 636 payload[pos++] = BT_RFCOMM_NSC_RSP; 637 payload[pos++] = (1 << 1) | 1; // len 638 payload[pos++] = command; 639 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 640 } 641 642 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 643 uint8_t payload[10]; 644 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 645 uint8_t pos = 0; 646 payload[pos++] = BT_RFCOMM_PN_CMD; 647 payload[pos++] = (8 << 1) | 1; // len 648 payload[pos++] = dlci; 649 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 650 payload[pos++] = 0; // priority 651 payload[pos++] = 0; // max 60 seconds ack 652 payload[pos++] = max_frame_size & 0xff; // max framesize low 653 payload[pos++] = max_frame_size >> 8; // max framesize high 654 payload[pos++] = 0x00; // number of retransmissions 655 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 656 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 657 } 658 659 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." rfcomm_tutorial.pdf 660 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 661 uint8_t priority, uint16_t max_frame_size){ 662 uint8_t payload[10]; 663 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 664 uint8_t pos = 0; 665 payload[pos++] = BT_RFCOMM_PN_RSP; 666 payload[pos++] = (8 << 1) | 1; // len 667 payload[pos++] = dlci; 668 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 669 payload[pos++] = priority; // priority 670 payload[pos++] = 0; // max 60 seconds ack 671 payload[pos++] = max_frame_size & 0xff; // max framesize low 672 payload[pos++] = max_frame_size >> 8; // max framesize high 673 payload[pos++] = 0x00; // number of retransmissions 674 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 675 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 676 } 677 678 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 679 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 680 uint8_t payload[4]; 681 uint8_t pos = 0; 682 payload[pos++] = BT_RFCOMM_RLS_CMD; 683 payload[pos++] = (2 << 1) | 1; // len 684 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 685 payload[pos++] = line_status; 686 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 687 } 688 689 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 690 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 691 uint8_t payload[4]; 692 uint8_t pos = 0; 693 payload[pos++] = BT_RFCOMM_RLS_RSP; 694 payload[pos++] = (2 << 1) | 1; // len 695 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 696 payload[pos++] = line_status; 697 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 698 } 699 700 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 701 uint8_t payload[10]; 702 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 703 uint8_t pos = 0; 704 payload[pos++] = BT_RFCOMM_RPN_CMD; 705 payload[pos++] = (8 << 1) | 1; // len 706 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 707 payload[pos++] = rpn_data->baud_rate; 708 payload[pos++] = rpn_data->flags; 709 payload[pos++] = rpn_data->flow_control; 710 payload[pos++] = rpn_data->xon; 711 payload[pos++] = rpn_data->xoff; 712 payload[pos++] = rpn_data->parameter_mask_0; 713 payload[pos++] = rpn_data->parameter_mask_1; 714 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 715 } 716 717 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 718 uint8_t payload[3]; 719 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 720 uint8_t pos = 0; 721 payload[pos++] = BT_RFCOMM_RPN_CMD; 722 payload[pos++] = (1 << 1) | 1; // len 723 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 724 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 725 } 726 727 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 728 uint8_t payload[10]; 729 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 730 uint8_t pos = 0; 731 payload[pos++] = BT_RFCOMM_RPN_RSP; 732 payload[pos++] = (8 << 1) | 1; // len 733 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 734 payload[pos++] = rpn_data->baud_rate; 735 payload[pos++] = rpn_data->flags; 736 payload[pos++] = rpn_data->flow_control; 737 payload[pos++] = rpn_data->xon; 738 payload[pos++] = rpn_data->xoff; 739 payload[pos++] = rpn_data->parameter_mask_0; 740 payload[pos++] = rpn_data->parameter_mask_1; 741 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 742 } 743 744 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 745 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 746 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 747 } 748 749 // MARK: RFCOMM MULTIPLEXER 750 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 751 if (multiplexer->timer_active) { 752 btstack_run_loop_remove_timer(&multiplexer->timer); 753 multiplexer->timer_active = 0; 754 } 755 } 756 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 757 btstack_linked_list_remove( &rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 758 btstack_memory_rfcomm_multiplexer_free(multiplexer); 759 } 760 761 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 762 // remove (potential) timer 763 rfcomm_multiplexer_stop_timer(multiplexer); 764 765 // close and remove all channels 766 btstack_linked_item_t *it = (btstack_linked_item_t *) &rfcomm_channels; 767 while (it->next){ 768 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 769 if (channel->multiplexer == multiplexer) { 770 // emit appropriate events 771 switch(channel->state){ 772 case RFCOMM_CHANNEL_OPEN: 773 rfcomm_emit_channel_closed(channel); 774 break; 775 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 776 // remote didn't wait until we send the UA disc 777 break; 778 default: 779 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 780 break; 781 } 782 // remove from list 783 it->next = it->next->next; 784 // free channel struct 785 btstack_memory_rfcomm_channel_free(channel); 786 } else { 787 it = it->next; 788 } 789 } 790 791 // remove mutliplexer 792 rfcomm_multiplexer_free(multiplexer); 793 } 794 795 static void rfcomm_multiplexer_timer_handler(btstack_timer_source_t *timer){ 796 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t*) btstack_run_loop_get_timer_context(timer); 797 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 798 799 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 800 uint16_t l2cap_cid = multiplexer->l2cap_cid; 801 rfcomm_multiplexer_finalize(multiplexer); 802 l2cap_disconnect(l2cap_cid, 0x13); 803 } 804 805 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 806 if (multiplexer->timer_active) { 807 btstack_run_loop_remove_timer(&multiplexer->timer); 808 multiplexer->timer_active = 0; 809 } 810 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 811 812 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 813 btstack_run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 814 btstack_run_loop_set_timer_handler(&multiplexer->timer, rfcomm_multiplexer_timer_handler); 815 btstack_run_loop_set_timer_context(&multiplexer->timer, multiplexer); 816 btstack_run_loop_add_timer(&multiplexer->timer); 817 multiplexer->timer_active = 1; 818 } 819 820 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 821 log_info("Multiplexer up and running"); 822 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 823 824 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 825 826 // transition of channels that wait for multiplexer 827 btstack_linked_item_t *it; 828 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 829 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 830 if (channel->multiplexer != multiplexer) continue; 831 rfcomm_channel_state_machine(channel, &event); 832 } 833 834 rfcomm_run(); 835 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 836 } 837 838 839 /** 840 * @return handled packet 841 */ 842 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 843 bd_addr_t event_addr; 844 uint16_t psm; 845 uint16_t l2cap_cid; 846 hci_con_handle_t con_handle; 847 rfcomm_multiplexer_t *multiplexer = NULL; 848 uint8_t status; 849 850 switch (hci_event_packet_get_type(packet)) { 851 852 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 853 case L2CAP_EVENT_INCOMING_CONNECTION: 854 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 855 reverse_bd_addr(&packet[2], event_addr); 856 con_handle = little_endian_read_16(packet, 8); 857 psm = little_endian_read_16(packet, 10); 858 l2cap_cid = little_endian_read_16(packet, 12); 859 860 if (psm != PSM_RFCOMM) break; 861 862 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 863 864 if (multiplexer) { 865 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 866 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 867 return 1; 868 } 869 870 // create and inititialize new multiplexer instance (incoming) 871 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 872 if (!multiplexer){ 873 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 874 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 875 return 1; 876 } 877 878 multiplexer->con_handle = con_handle; 879 multiplexer->l2cap_cid = l2cap_cid; 880 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 881 882 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 883 l2cap_accept_connection(l2cap_cid); 884 return 1; 885 886 // l2cap connection opened -> store l2cap_cid, remote_addr 887 case L2CAP_EVENT_CHANNEL_OPENED: 888 889 if (little_endian_read_16(packet, 11) != PSM_RFCOMM) break; 890 891 status = packet[2]; 892 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 893 894 // get multiplexer for remote addr 895 con_handle = little_endian_read_16(packet, 9); 896 l2cap_cid = little_endian_read_16(packet, 13); 897 reverse_bd_addr(&packet[3], event_addr); 898 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 899 if (!multiplexer) { 900 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 901 return 1; 902 } 903 904 // on l2cap open error discard everything 905 if (status){ 906 907 // remove (potential) timer 908 rfcomm_multiplexer_stop_timer(multiplexer); 909 910 // emit rfcomm_channel_opened with status and free channel 911 btstack_linked_item_t * it = (btstack_linked_item_t *) &rfcomm_channels; 912 while (it->next) { 913 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 914 if (channel->multiplexer == multiplexer){ 915 rfcomm_emit_channel_opened(channel, status); 916 it->next = it->next->next; 917 btstack_memory_rfcomm_channel_free(channel); 918 } else { 919 it = it->next; 920 } 921 } 922 923 // free multiplexer 924 rfcomm_multiplexer_free(multiplexer); 925 return 1; 926 } 927 928 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 929 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 930 // wrong remote addr 931 if (bd_addr_cmp(event_addr, multiplexer->remote_addr)) break; 932 multiplexer->l2cap_cid = l2cap_cid; 933 multiplexer->con_handle = con_handle; 934 // send SABM #0 935 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 936 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 937 938 // set max frame size based on l2cap MTU 939 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(little_endian_read_16(packet, 17)); 940 } 941 return 1; 942 943 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 944 945 // Notify channel packet handler if they can send now 946 case L2CAP_EVENT_CAN_SEND_NOW: 947 rfcomm_run(); // rfcomm signaling packets first 948 rfcomm_notify_channel_can_send(); 949 break; 950 951 case L2CAP_EVENT_CHANNEL_CLOSED: 952 // data: event (8), len(8), channel (16) 953 l2cap_cid = little_endian_read_16(packet, 2); 954 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 955 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 956 if (!multiplexer) break; 957 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 958 switch (multiplexer->state) { 959 case RFCOMM_MULTIPLEXER_W4_CONNECT: 960 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 961 case RFCOMM_MULTIPLEXER_W4_SABM_0: 962 case RFCOMM_MULTIPLEXER_SEND_UA_0: 963 case RFCOMM_MULTIPLEXER_W4_UA_0: 964 case RFCOMM_MULTIPLEXER_OPEN: 965 // don't call l2cap_disconnect as it's alreay closed 966 rfcomm_multiplexer_finalize(multiplexer); 967 return 1; 968 default: 969 break; 970 } 971 break; 972 default: 973 break; 974 } 975 return 0; 976 } 977 978 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 979 980 // get or create a multiplexer for a certain device 981 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 982 if (!multiplexer) return 0; 983 984 uint16_t l2cap_cid = multiplexer->l2cap_cid; 985 986 // but only care for multiplexer control channel 987 uint8_t frame_dlci = packet[0] >> 2; 988 if (frame_dlci) return 0; 989 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 990 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 991 const uint8_t payload_offset = 3 + length_offset + credit_offset; 992 switch (packet[1]){ 993 994 case BT_RFCOMM_SABM: 995 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 996 log_info("Received SABM #0"); 997 multiplexer->outgoing = 0; 998 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 999 return 1; 1000 } 1001 break; 1002 1003 case BT_RFCOMM_UA: 1004 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 1005 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 1006 log_info("Received UA #0 "); 1007 rfcomm_multiplexer_opened(multiplexer); 1008 return 1; 1009 } 1010 break; 1011 1012 case BT_RFCOMM_DISC: 1013 // DISC #0 -> send UA #0, close multiplexer 1014 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 1015 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 1016 return 1; 1017 1018 case BT_RFCOMM_DM: 1019 // DM #0 - we shouldn't get this, just give up 1020 log_info("Received DM #0"); 1021 log_info("-> Closing down multiplexer"); 1022 rfcomm_multiplexer_finalize(multiplexer); 1023 l2cap_disconnect(l2cap_cid, 0x13); 1024 return 1; 1025 1026 case BT_RFCOMM_UIH: 1027 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 1028 // Multiplexer close down (CLD) -> close mutliplexer 1029 log_info("Received Multiplexer close down command"); 1030 log_info("-> Closing down multiplexer"); 1031 rfcomm_multiplexer_finalize(multiplexer); 1032 l2cap_disconnect(l2cap_cid, 0x13); 1033 return 1; 1034 } 1035 switch (packet[payload_offset]){ 1036 case BT_RFCOMM_CLD_CMD: 1037 // Multiplexer close down (CLD) -> close mutliplexer 1038 log_info("Received Multiplexer close down command"); 1039 log_info("-> Closing down multiplexer"); 1040 rfcomm_multiplexer_finalize(multiplexer); 1041 l2cap_disconnect(l2cap_cid, 0x13); 1042 return 1; 1043 1044 case BT_RFCOMM_FCON_CMD: 1045 multiplexer->fcon = 0x81; 1046 break; 1047 1048 case BT_RFCOMM_FCOFF_CMD: 1049 multiplexer->fcon = 0x80; 1050 break; 1051 1052 case BT_RFCOMM_TEST_CMD: { 1053 log_info("Received test command"); 1054 int len = packet[payload_offset+1] >> 1; // length < 125 1055 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1056 len = RFCOMM_TEST_DATA_MAX_LEN; 1057 } 1058 multiplexer->test_data_len = len; 1059 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1060 return 1; 1061 } 1062 default: 1063 break; 1064 } 1065 break; 1066 1067 default: 1068 break; 1069 1070 } 1071 return 0; 1072 } 1073 1074 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1075 1076 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1077 1078 // process stored DM responses 1079 if (multiplexer->send_dm_for_dlci){ 1080 uint8_t dlci = multiplexer->send_dm_for_dlci; 1081 multiplexer->send_dm_for_dlci = 0; 1082 rfcomm_send_dm_pf(multiplexer, dlci); 1083 return; 1084 } 1085 1086 if (multiplexer->nsc_command){ 1087 uint8_t command = multiplexer->nsc_command; 1088 multiplexer->nsc_command = 0; 1089 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1090 return; 1091 } 1092 1093 if (multiplexer->fcon & 0x80){ 1094 multiplexer->fcon &= 0x01; 1095 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1096 if (multiplexer->fcon == 0) return; 1097 // trigger client to send again after sending FCon Response 1098 rfcomm_notify_channel_can_send(); 1099 return; 1100 } 1101 1102 switch (multiplexer->state) { 1103 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1104 switch (event) { 1105 case MULT_EV_READY_TO_SEND: 1106 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1107 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1108 rfcomm_send_sabm(multiplexer, 0); 1109 break; 1110 default: 1111 break; 1112 } 1113 break; 1114 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1115 switch (event) { 1116 case MULT_EV_READY_TO_SEND: 1117 log_info("Sending UA #0"); 1118 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1119 rfcomm_send_ua(multiplexer, 0); 1120 rfcomm_multiplexer_opened(multiplexer); 1121 break; 1122 default: 1123 break; 1124 } 1125 break; 1126 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1127 switch (event) { 1128 case MULT_EV_READY_TO_SEND: 1129 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1130 if (!multiplexer->at_least_one_connection){ 1131 log_info("TODO: no connections established - delete link key prophylactically"); 1132 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1133 } 1134 log_info("Sending UA #0"); 1135 log_info("Closing down multiplexer"); 1136 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1137 rfcomm_send_ua(multiplexer, 0); 1138 rfcomm_multiplexer_finalize(multiplexer); 1139 l2cap_disconnect(l2cap_cid, 0x13); 1140 default: 1141 break; 1142 } 1143 break; 1144 case RFCOMM_MULTIPLEXER_OPEN: 1145 switch (event) { 1146 case MULT_EV_READY_TO_SEND: 1147 // respond to test command 1148 if (multiplexer->test_data_len){ 1149 int len = multiplexer->test_data_len; 1150 log_info("Sending TEST Response with %u bytes", len); 1151 multiplexer->test_data_len = 0; 1152 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1153 return; 1154 } 1155 break; 1156 default: 1157 break; 1158 } 1159 break; 1160 default: 1161 break; 1162 } 1163 } 1164 1165 // MARK: RFCOMM CHANNEL 1166 1167 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1168 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1169 channel->credits_incoming += credits; 1170 } 1171 1172 static int rfcomm_channel_can_send(rfcomm_channel_t * channel){ 1173 if (!channel->credits_outgoing) return 0; 1174 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1175 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1176 } 1177 1178 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1179 1180 log_info("rfcomm_channel_opened!"); 1181 1182 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1183 rfcomm_emit_channel_opened(rfChannel, 0); 1184 rfcomm_emit_port_configuration(rfChannel); 1185 1186 // remove (potential) timer 1187 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1188 if (multiplexer->timer_active) { 1189 btstack_run_loop_remove_timer(&multiplexer->timer); 1190 multiplexer->timer_active = 0; 1191 } 1192 // hack for problem detecting authentication failure 1193 multiplexer->at_least_one_connection = 1; 1194 1195 // start next connection request if pending 1196 rfcomm_run(); 1197 } 1198 1199 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1200 const uint8_t frame_dlci = packet[0] >> 2; 1201 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1202 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1203 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1204 1205 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1206 if (!channel) return; 1207 1208 // handle new outgoing credits 1209 if (packet[1] == BT_RFCOMM_UIH_PF) { 1210 1211 // add them 1212 uint16_t new_credits = packet[3+length_offset]; 1213 channel->credits_outgoing += new_credits; 1214 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1215 1216 // notify channel statemachine 1217 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1218 rfcomm_channel_state_machine(channel, &channel_event); 1219 } 1220 1221 // contains payload? 1222 if (size - 1 > payload_offset){ 1223 1224 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1225 1226 // decrease incoming credit counter 1227 if (channel->credits_incoming > 0){ 1228 channel->credits_incoming--; 1229 } 1230 1231 // deliver payload 1232 (channel->packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1233 &packet[payload_offset], size-payload_offset-1); 1234 } 1235 1236 // automatically provide new credits to remote device, if no incoming flow control 1237 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1238 channel->new_credits_incoming =RFCOMM_CREDITS; 1239 } 1240 } 1241 1242 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1243 // priority of client request 1244 channel->pn_priority = event->priority; 1245 1246 // new credits 1247 channel->credits_outgoing = event->credits_outgoing; 1248 1249 // negotiate max frame size 1250 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1251 channel->max_frame_size = channel->multiplexer->max_frame_size; 1252 } 1253 if (channel->max_frame_size > event->max_frame_size) { 1254 channel->max_frame_size = event->max_frame_size; 1255 } 1256 1257 } 1258 1259 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1260 1261 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1262 1263 // remove from list 1264 btstack_linked_list_remove( &rfcomm_channels, (btstack_linked_item_t *) channel); 1265 1266 // free channel 1267 btstack_memory_rfcomm_channel_free(channel); 1268 1269 // update multiplexer timeout after channel was removed from list 1270 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1271 } 1272 1273 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1274 1275 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1276 1277 1278 // lookup existing channel 1279 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1280 1281 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1282 1283 if (channel) { 1284 rfcomm_channel_state_machine(channel, event); 1285 return; 1286 } 1287 1288 // service registered? 1289 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1290 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1291 if (!service) { 1292 // discard request by sending disconnected mode 1293 multiplexer->send_dm_for_dlci = dlci; 1294 return; 1295 } 1296 1297 // create channel for some events 1298 switch (event->type) { 1299 case CH_EVT_RCVD_SABM: 1300 case CH_EVT_RCVD_PN: 1301 case CH_EVT_RCVD_RPN_REQ: 1302 case CH_EVT_RCVD_RPN_CMD: 1303 // setup incoming channel 1304 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1305 if (!channel){ 1306 // discard request by sending disconnected mode 1307 multiplexer->send_dm_for_dlci = dlci; 1308 } 1309 break; 1310 default: 1311 break; 1312 } 1313 1314 if (!channel) { 1315 // discard request by sending disconnected mode 1316 multiplexer->send_dm_for_dlci = dlci; 1317 return; 1318 } 1319 rfcomm_channel_state_machine(channel, event); 1320 } 1321 1322 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1323 1324 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1325 const uint8_t frame_dlci = packet[0] >> 2; 1326 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1327 uint8_t message_len; // " 1328 1329 // rfcomm: (1) command/control 1330 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1331 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1332 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1333 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1334 // rfcomm: (3+length_offset) credits if credits_offset == 1 1335 // rfcomm: (3+length_offest+credits_offset) 1336 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1337 1338 rfcomm_channel_event_t event; 1339 rfcomm_channel_event_pn_t event_pn; 1340 rfcomm_channel_event_rpn_t event_rpn; 1341 rfcomm_channel_event_msc_t event_msc; 1342 1343 // switch by rfcomm message type 1344 switch(packet[1]) { 1345 1346 case BT_RFCOMM_SABM: 1347 event.type = CH_EVT_RCVD_SABM; 1348 log_info("Received SABM #%u", frame_dlci); 1349 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1350 break; 1351 1352 case BT_RFCOMM_UA: 1353 event.type = CH_EVT_RCVD_UA; 1354 log_info("Received UA #%u",frame_dlci); 1355 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1356 break; 1357 1358 case BT_RFCOMM_DISC: 1359 event.type = CH_EVT_RCVD_DISC; 1360 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1361 break; 1362 1363 case BT_RFCOMM_DM: 1364 case BT_RFCOMM_DM_PF: 1365 event.type = CH_EVT_RCVD_DM; 1366 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1367 break; 1368 1369 case BT_RFCOMM_UIH_PF: 1370 case BT_RFCOMM_UIH: 1371 1372 message_len = packet[payload_offset+1] >> 1; 1373 1374 switch (packet[payload_offset]) { 1375 case BT_RFCOMM_PN_CMD: 1376 message_dlci = packet[payload_offset+2]; 1377 event_pn.super.type = CH_EVT_RCVD_PN; 1378 event_pn.priority = packet[payload_offset+4]; 1379 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1380 event_pn.credits_outgoing = packet[payload_offset+9]; 1381 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1382 message_dlci, event_pn.credits_outgoing); 1383 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1384 break; 1385 1386 case BT_RFCOMM_PN_RSP: 1387 message_dlci = packet[payload_offset+2]; 1388 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1389 event_pn.priority = packet[payload_offset+4]; 1390 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1391 event_pn.credits_outgoing = packet[payload_offset+9]; 1392 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1393 event_pn.max_frame_size, event_pn.credits_outgoing); 1394 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1395 break; 1396 1397 case BT_RFCOMM_MSC_CMD: 1398 message_dlci = packet[payload_offset+2] >> 2; 1399 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1400 event_msc.modem_status = packet[payload_offset+3]; 1401 log_info("Received MSC CMD for #%u, ", message_dlci); 1402 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1403 break; 1404 1405 case BT_RFCOMM_MSC_RSP: 1406 message_dlci = packet[payload_offset+2] >> 2; 1407 event.type = CH_EVT_RCVD_MSC_RSP; 1408 log_info("Received MSC RSP for #%u", message_dlci); 1409 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1410 break; 1411 1412 case BT_RFCOMM_RPN_CMD: 1413 message_dlci = packet[payload_offset+2] >> 2; 1414 switch (message_len){ 1415 case 1: 1416 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1417 event.type = CH_EVT_RCVD_RPN_REQ; 1418 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1419 break; 1420 case 8: 1421 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1422 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1423 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1424 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1425 break; 1426 default: 1427 break; 1428 } 1429 break; 1430 1431 case BT_RFCOMM_RPN_RSP: 1432 log_info("Received RPN response"); 1433 break; 1434 1435 case BT_RFCOMM_RLS_CMD: { 1436 log_info("Received RLS command"); 1437 message_dlci = packet[payload_offset+2] >> 2; 1438 rfcomm_channel_event_rls_t event_rls; 1439 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1440 event_rls.line_status = packet[payload_offset+3]; 1441 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1442 break; 1443 } 1444 1445 case BT_RFCOMM_RLS_RSP: 1446 log_info("Received RLS response"); 1447 break; 1448 1449 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1450 // case BT_RFCOMM_TEST_CMD: 1451 // case BT_RFCOMM_FCOFF_CMD: 1452 // case BT_RFCOMM_FCON_CMD: 1453 // everything else is an not supported command 1454 default: { 1455 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1456 multiplexer->nsc_command = packet[payload_offset]; 1457 break; 1458 } 1459 } 1460 break; 1461 1462 default: 1463 log_error("Received unknown RFCOMM message type %x", packet[1]); 1464 break; 1465 } 1466 1467 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1468 rfcomm_run(); 1469 } 1470 1471 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1472 1473 // multiplexer handler 1474 int handled = 0; 1475 switch (packet_type) { 1476 case HCI_EVENT_PACKET: 1477 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1478 break; 1479 case L2CAP_DATA_PACKET: 1480 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1481 break; 1482 default: 1483 break; 1484 } 1485 1486 if (handled) { 1487 rfcomm_run(); 1488 return; 1489 } 1490 1491 // we only handle l2cap packets 1492 if (packet_type != L2CAP_DATA_PACKET) return; 1493 1494 // ... over open multiplexer channel now 1495 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1496 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) return; 1497 1498 // channel data ? 1499 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1500 const uint8_t frame_dlci = packet[0] >> 2; 1501 1502 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1503 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1504 rfcomm_run(); 1505 return; 1506 } 1507 1508 rfcomm_channel_packet_handler(multiplexer, packet, size); 1509 } 1510 1511 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1512 // note: exchanging MSC isn't neccessary to consider channel open 1513 // note: having outgoing credits is also not necessary to consider channel open 1514 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1515 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1516 // if (channel->credits_outgoing == 0) return 0; 1517 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u", 1518 channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing); 1519 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1520 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1521 1522 return 1; 1523 } 1524 1525 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1526 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1527 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1528 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1529 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1530 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1531 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1532 return 1; 1533 } 1534 1535 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1536 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1537 } 1538 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1539 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1540 } 1541 1542 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1543 1544 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1545 1546 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1547 1548 // TODO: integrate in common switch 1549 if (event->type == CH_EVT_RCVD_DISC){ 1550 rfcomm_emit_channel_closed(channel); 1551 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1552 return; 1553 } 1554 1555 // TODO: integrate in common switch 1556 if (event->type == CH_EVT_RCVD_DM){ 1557 log_info("Received DM message for #%u", channel->dlci); 1558 log_info("-> Closing channel locally for #%u", channel->dlci); 1559 rfcomm_emit_channel_closed(channel); 1560 rfcomm_channel_finalize(channel); 1561 return; 1562 } 1563 1564 // remote port negotiation command - just accept everything for now 1565 // 1566 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1567 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1568 // (Although the handling of individual settings are implementation-dependent.)" 1569 // 1570 1571 // TODO: integrate in common switch 1572 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1573 // control port parameters 1574 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1575 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1576 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1577 // notify client about new settings 1578 rfcomm_emit_port_configuration(channel); 1579 return; 1580 } 1581 1582 // TODO: integrate in common switch 1583 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1584 // no values got accepted (no values have beens sent) 1585 channel->rpn_data.parameter_mask_0 = 0x00; 1586 channel->rpn_data.parameter_mask_1 = 0x00; 1587 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1588 return; 1589 } 1590 1591 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1592 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1593 channel->rls_line_status = event_rls->line_status & 0x0f; 1594 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1595 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1596 return; 1597 } 1598 1599 // TODO: integrate in common swich 1600 if (event->type == CH_EVT_READY_TO_SEND){ 1601 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1602 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1603 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1604 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1605 return; 1606 } 1607 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1608 log_info("Sending MSC RSP for #%u", channel->dlci); 1609 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1610 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1611 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1612 return; 1613 } 1614 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1615 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1616 uint8_t line_status = channel->rls_line_status; 1617 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1618 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1619 return; 1620 } 1621 } 1622 1623 // emit MSC status to app 1624 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1625 // notify client about new settings 1626 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1627 uint8_t modem_status_event[2+1]; 1628 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1629 modem_status_event[1] = 1; 1630 modem_status_event[2] = event_msc->modem_status; 1631 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1632 // no return, MSC_CMD will be handled by state machine below 1633 } 1634 1635 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1636 1637 switch (channel->state) { 1638 case RFCOMM_CHANNEL_CLOSED: 1639 switch (event->type){ 1640 case CH_EVT_RCVD_SABM: 1641 log_info("-> Inform app"); 1642 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1643 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1644 rfcomm_emit_connection_request(channel); 1645 break; 1646 case CH_EVT_RCVD_PN: 1647 rfcomm_channel_accept_pn(channel, event_pn); 1648 log_info("-> Inform app"); 1649 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1650 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1651 rfcomm_emit_connection_request(channel); 1652 break; 1653 default: 1654 break; 1655 } 1656 break; 1657 1658 case RFCOMM_CHANNEL_INCOMING_SETUP: 1659 switch (event->type){ 1660 case CH_EVT_RCVD_SABM: 1661 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1662 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1663 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1664 } 1665 break; 1666 case CH_EVT_RCVD_PN: 1667 rfcomm_channel_accept_pn(channel, event_pn); 1668 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1669 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1670 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1671 } 1672 break; 1673 case CH_EVT_READY_TO_SEND: 1674 // if / else if is used to check for state transition after sending 1675 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1676 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1677 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1678 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1679 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1680 log_info("Sending UA #%u", channel->dlci); 1681 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1682 rfcomm_send_ua(multiplexer, channel->dlci); 1683 } 1684 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1685 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1686 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1687 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1688 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1689 } 1690 break; 1691 default: 1692 break; 1693 } 1694 break; 1695 1696 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1697 switch (event->type) { 1698 case CH_EVT_MULTIPLEXER_READY: 1699 log_info("Muliplexer opened, sending UIH PN next"); 1700 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1701 break; 1702 default: 1703 break; 1704 } 1705 break; 1706 1707 case RFCOMM_CHANNEL_SEND_UIH_PN: 1708 switch (event->type) { 1709 case CH_EVT_READY_TO_SEND: 1710 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1711 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1712 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1713 break; 1714 default: 1715 break; 1716 } 1717 break; 1718 1719 case RFCOMM_CHANNEL_W4_PN_RSP: 1720 switch (event->type){ 1721 case CH_EVT_RCVD_PN_RSP: 1722 // update max frame size 1723 if (channel->max_frame_size > event_pn->max_frame_size) { 1724 channel->max_frame_size = event_pn->max_frame_size; 1725 } 1726 // new credits 1727 channel->credits_outgoing = event_pn->credits_outgoing; 1728 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1729 break; 1730 default: 1731 break; 1732 } 1733 break; 1734 1735 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1736 switch (event->type) { 1737 case CH_EVT_READY_TO_SEND: 1738 log_info("Sending SABM #%u", channel->dlci); 1739 channel->state = RFCOMM_CHANNEL_W4_UA; 1740 rfcomm_send_sabm(multiplexer, channel->dlci); 1741 break; 1742 default: 1743 break; 1744 } 1745 break; 1746 1747 case RFCOMM_CHANNEL_W4_UA: 1748 switch (event->type){ 1749 case CH_EVT_RCVD_UA: 1750 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1751 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1752 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1753 break; 1754 default: 1755 break; 1756 } 1757 break; 1758 1759 case RFCOMM_CHANNEL_DLC_SETUP: 1760 switch (event->type){ 1761 case CH_EVT_RCVD_MSC_CMD: 1762 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1763 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1764 break; 1765 case CH_EVT_RCVD_MSC_RSP: 1766 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1767 break; 1768 1769 case CH_EVT_READY_TO_SEND: 1770 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1771 log_info("Sending MSC CMD for #%u", channel->dlci); 1772 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1773 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1774 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1775 break; 1776 } 1777 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1778 log_info("Providing credits for #%u", channel->dlci); 1779 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1780 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1781 1782 if (channel->new_credits_incoming) { 1783 uint8_t new_credits = channel->new_credits_incoming; 1784 channel->new_credits_incoming = 0; 1785 rfcomm_channel_send_credits(channel, new_credits); 1786 } 1787 break; 1788 1789 } 1790 break; 1791 default: 1792 break; 1793 } 1794 // finally done? 1795 if (rfcomm_channel_ready_for_open(channel)){ 1796 channel->state = RFCOMM_CHANNEL_OPEN; 1797 rfcomm_channel_opened(channel); 1798 } 1799 break; 1800 1801 case RFCOMM_CHANNEL_OPEN: 1802 switch (event->type){ 1803 case CH_EVT_RCVD_MSC_CMD: 1804 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1805 break; 1806 case CH_EVT_READY_TO_SEND: 1807 if (channel->new_credits_incoming) { 1808 uint8_t new_credits = channel->new_credits_incoming; 1809 channel->new_credits_incoming = 0; 1810 rfcomm_channel_send_credits(channel, new_credits); 1811 break; 1812 } 1813 break; 1814 case CH_EVT_RCVD_CREDITS: 1815 rfcomm_notify_channel_can_send(); 1816 break; 1817 default: 1818 break; 1819 } 1820 break; 1821 1822 case RFCOMM_CHANNEL_SEND_DM: 1823 switch (event->type) { 1824 case CH_EVT_READY_TO_SEND: 1825 log_info("Sending DM_PF for #%u", channel->dlci); 1826 // don't emit channel closed - channel was never open 1827 channel->state = RFCOMM_CHANNEL_CLOSED; 1828 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1829 rfcomm_channel_finalize(channel); 1830 break; 1831 default: 1832 break; 1833 } 1834 break; 1835 1836 case RFCOMM_CHANNEL_SEND_DISC: 1837 switch (event->type) { 1838 case CH_EVT_READY_TO_SEND: 1839 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1840 rfcomm_send_disc(multiplexer, channel->dlci); 1841 break; 1842 default: 1843 break; 1844 } 1845 break; 1846 1847 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1848 switch (event->type){ 1849 case CH_EVT_RCVD_UA: 1850 channel->state = RFCOMM_CHANNEL_CLOSED; 1851 rfcomm_emit_channel_closed(channel); 1852 rfcomm_channel_finalize(channel); 1853 break; 1854 default: 1855 break; 1856 } 1857 break; 1858 1859 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1860 switch (event->type) { 1861 case CH_EVT_READY_TO_SEND: 1862 log_info("Sending UA after DISC for #%u", channel->dlci); 1863 channel->state = RFCOMM_CHANNEL_CLOSED; 1864 rfcomm_send_ua(multiplexer, channel->dlci); 1865 rfcomm_channel_finalize(channel); 1866 break; 1867 default: 1868 break; 1869 } 1870 break; 1871 1872 default: 1873 break; 1874 } 1875 } 1876 1877 1878 // MARK: RFCOMM RUN 1879 // process outstanding signaling tasks 1880 static void rfcomm_run(void){ 1881 1882 btstack_linked_item_t *it; 1883 btstack_linked_item_t *next; 1884 1885 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1886 1887 next = it->next; // be prepared for removal of channel in state machine 1888 1889 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1890 1891 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1892 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1893 continue; 1894 } 1895 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1896 1897 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1898 } 1899 1900 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = next){ 1901 1902 next = it->next; // be prepared for removal of channel in state machine 1903 1904 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1905 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1906 1907 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1908 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1909 continue; 1910 } 1911 1912 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1913 rfcomm_channel_state_machine(channel, &event); 1914 } 1915 } 1916 1917 // MARK: RFCOMM BTstack API 1918 1919 void rfcomm_init(void){ 1920 rfcomm_client_cid_generator = 0; 1921 rfcomm_multiplexers = NULL; 1922 rfcomm_services = NULL; 1923 rfcomm_channels = NULL; 1924 rfcomm_security_level = LEVEL_2; 1925 } 1926 1927 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1928 rfcomm_security_level = security_level; 1929 } 1930 1931 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1932 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1933 if (!channel){ 1934 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1935 return 0; 1936 } 1937 return rfcomm_channel_can_send(channel); 1938 } 1939 1940 void rfcomm_request_can_send_now_event(uint16_t rfcomm_cid){ 1941 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1942 if (!channel){ 1943 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1944 return; 1945 } 1946 channel->waiting_for_can_send_now = 1; 1947 rfcomm_notify_channel_can_send(); 1948 } 1949 1950 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1951 if (len > channel->max_frame_size){ 1952 log_error("rfcomm_send cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1953 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1954 } 1955 1956 if (!channel->credits_outgoing){ 1957 log_info("rfcomm_send cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1958 return RFCOMM_NO_OUTGOING_CREDITS; 1959 } 1960 1961 if ((channel->multiplexer->fcon & 1) == 0){ 1962 log_info("rfcomm_send cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 1963 return RFCOMM_AGGREGATE_FLOW_OFF; 1964 } 1965 return 0; 1966 } 1967 1968 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 1969 int rfcomm_reserve_packet_buffer(void){ 1970 return l2cap_reserve_packet_buffer(); 1971 } 1972 1973 void rfcomm_release_packet_buffer(void){ 1974 l2cap_release_packet_buffer(); 1975 } 1976 1977 uint8_t * rfcomm_get_outgoing_buffer(void){ 1978 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 1979 // address + control + length (16) + no credit field 1980 return &rfcomm_out_buffer[4]; 1981 } 1982 1983 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 1984 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1985 if (!channel){ 1986 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 1987 return 0; 1988 } 1989 return channel->max_frame_size; 1990 } 1991 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 1992 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1993 if (!channel){ 1994 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 1995 return 0; 1996 } 1997 1998 int err = rfcomm_assert_send_valid(channel, len); 1999 if (err) return err; 2000 if (!l2cap_can_send_prepared_packet_now(channel->multiplexer->l2cap_cid)){ 2001 log_error("rfcomm_send_prepared: l2cap cannot send now"); 2002 return BTSTACK_ACL_BUFFERS_FULL; 2003 } 2004 2005 // send might cause l2cap to emit new credits, update counters first 2006 channel->credits_outgoing--; 2007 2008 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 2009 2010 if (result != 0) { 2011 channel->credits_outgoing++; 2012 log_error("rfcomm_send_prepared: error %d", result); 2013 return result; 2014 } 2015 2016 return result; 2017 } 2018 2019 int rfcomm_send(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 2020 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2021 if (!channel){ 2022 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 2023 return 1; 2024 } 2025 2026 int err = rfcomm_assert_send_valid(channel, len); 2027 if (err) return err; 2028 if (!l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid)){ 2029 log_error("rfcomm_send_internal: l2cap cannot send now"); 2030 return BTSTACK_ACL_BUFFERS_FULL; 2031 } 2032 2033 rfcomm_reserve_packet_buffer(); 2034 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 2035 memcpy(rfcomm_payload, data, len); 2036 err = rfcomm_send_prepared(rfcomm_cid, len); 2037 if (err){ 2038 rfcomm_release_packet_buffer(); 2039 } 2040 return err; 2041 } 2042 2043 // Sends Local Lnie Status, see LINE_STATUS_.. 2044 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 2045 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2046 if (!channel){ 2047 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 2048 return 0; 2049 } 2050 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 2051 } 2052 2053 // Sned local modem status. see MODEM_STAUS_.. 2054 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 2055 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2056 if (!channel){ 2057 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2058 return 0; 2059 } 2060 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2061 } 2062 2063 // Configure remote port 2064 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2065 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2066 if (!channel){ 2067 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2068 return 0; 2069 } 2070 rfcomm_rpn_data_t rpn_data; 2071 rpn_data.baud_rate = baud_rate; 2072 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2073 rpn_data.flow_control = flow_control; 2074 rpn_data.xon = 0; 2075 rpn_data.xoff = 0; 2076 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2077 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2078 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2079 } 2080 2081 // Query remote port 2082 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2083 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2084 if (!channel){ 2085 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2086 return 0; 2087 } 2088 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2089 } 2090 2091 2092 static uint8_t rfcomm_channel_create_internal(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2093 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2094 2095 // create new multiplexer if necessary 2096 uint8_t status = 0; 2097 int new_multiplexer = 0; 2098 rfcomm_channel_t * channel = NULL; 2099 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2100 if (!multiplexer) { 2101 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2102 if (!multiplexer){ 2103 status = BTSTACK_MEMORY_ALLOC_FAILED; 2104 goto fail; 2105 } 2106 multiplexer->outgoing = 1; 2107 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2108 new_multiplexer = 1; 2109 } 2110 2111 // prepare channel 2112 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2113 if (!channel){ 2114 status = BTSTACK_MEMORY_ALLOC_FAILED; 2115 goto fail; 2116 } 2117 2118 // rfcomm_cid is already assigned by rfcomm_channel_create 2119 channel->incoming_flow_control = incoming_flow_control; 2120 channel->new_credits_incoming = initial_credits; 2121 channel->packet_handler = packet_handler; 2122 2123 // return rfcomm_cid 2124 if (out_rfcomm_cid){ 2125 *out_rfcomm_cid = channel->rfcomm_cid; 2126 } 2127 2128 // start multiplexer setup 2129 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2130 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2131 uint16_t l2cap_cid = 0; 2132 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2133 if (status) goto fail; 2134 multiplexer->l2cap_cid = l2cap_cid; 2135 return 0; 2136 } 2137 2138 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2139 2140 // start connecting, if multiplexer is already up and running 2141 rfcomm_run(); 2142 return 0; 2143 2144 fail: 2145 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2146 if (channel) btstack_memory_rfcomm_channel_free(channel); 2147 return status; 2148 } 2149 2150 uint8_t rfcomm_create_channel_with_initial_credits(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2151 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2152 } 2153 2154 uint8_t rfcomm_create_channel(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2155 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2156 } 2157 2158 void rfcomm_disconnect(uint16_t rfcomm_cid){ 2159 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2160 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2161 if (channel) { 2162 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2163 } 2164 2165 // process 2166 rfcomm_run(); 2167 } 2168 2169 static uint8_t rfcomm_register_service_internal(btstack_packet_handler_t packet_handler, 2170 uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2171 2172 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2173 channel, max_frame_size, incoming_flow_control, initial_credits); 2174 2175 // check if already registered 2176 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2177 if (service){ 2178 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2179 } 2180 2181 // alloc structure 2182 service = btstack_memory_rfcomm_service_get(); 2183 if (!service) { 2184 return BTSTACK_MEMORY_ALLOC_FAILED; 2185 } 2186 2187 // register with l2cap if not registered before, max MTU 2188 if (btstack_linked_list_empty(&rfcomm_services)){ 2189 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2190 } 2191 2192 // fill in 2193 service->packet_handler = packet_handler; 2194 service->server_channel = channel; 2195 service->max_frame_size = max_frame_size; 2196 service->incoming_flow_control = incoming_flow_control; 2197 service->incoming_initial_credits = initial_credits; 2198 2199 // add to services list 2200 btstack_linked_list_add(&rfcomm_services, (btstack_linked_item_t *) service); 2201 2202 return 0; 2203 } 2204 2205 uint8_t rfcomm_register_service_with_initial_credits(btstack_packet_handler_t packet_handler, 2206 uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2207 2208 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 1, initial_credits); 2209 } 2210 2211 uint8_t rfcomm_register_service(btstack_packet_handler_t packet_handler, uint8_t channel, 2212 uint16_t max_frame_size){ 2213 2214 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 0,RFCOMM_CREDITS); 2215 } 2216 2217 void rfcomm_unregister_service(uint8_t service_channel){ 2218 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2219 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2220 if (!service) return; 2221 btstack_linked_list_remove(&rfcomm_services, (btstack_linked_item_t *) service); 2222 btstack_memory_rfcomm_service_free(service); 2223 2224 // unregister if no services active 2225 if (btstack_linked_list_empty(&rfcomm_services)){ 2226 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2227 l2cap_unregister_service(PSM_RFCOMM); 2228 } 2229 } 2230 2231 void rfcomm_accept_connection(uint16_t rfcomm_cid){ 2232 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2233 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2234 if (!channel) return; 2235 switch (channel->state) { 2236 case RFCOMM_CHANNEL_INCOMING_SETUP: 2237 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2238 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2239 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2240 } 2241 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2242 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2243 } 2244 // at least one of { PN RSP, UA } needs to be sent 2245 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2246 break; 2247 default: 2248 break; 2249 } 2250 2251 // process 2252 rfcomm_run(); 2253 } 2254 2255 void rfcomm_decline_connection(uint16_t rfcomm_cid){ 2256 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2257 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2258 if (!channel) return; 2259 switch (channel->state) { 2260 case RFCOMM_CHANNEL_INCOMING_SETUP: 2261 channel->state = RFCOMM_CHANNEL_SEND_DM; 2262 break; 2263 default: 2264 break; 2265 } 2266 2267 // process 2268 rfcomm_run(); 2269 } 2270 2271 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2272 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2273 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2274 if (!channel) return; 2275 if (!channel->incoming_flow_control) return; 2276 channel->new_credits_incoming += credits; 2277 2278 // process 2279 rfcomm_run(); 2280 } 2281 2282 2283 /* 2284 * CRC (reversed crc) lookup table as calculated by the table generator in ETSI TS 101 369 V6.3.0. 2285 */ 2286 static const uint8_t crc8table[256] = { /* reversed, 8-bit, poly=0x07 */ 2287 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 2288 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 2289 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 2290 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 2291 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 2292 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 2293 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 2294 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 2295 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 2296 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 2297 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 2298 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 2299 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 2300 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 2301 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 2302 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 2303 }; 2304 2305 #define CRC8_INIT 0xFF // Initial FCS value 2306 #define CRC8_OK 0xCF // Good final FCS value 2307 /*-----------------------------------------------------------------------------------*/ 2308 static uint8_t crc8(uint8_t *data, uint16_t len) 2309 { 2310 uint16_t count; 2311 uint8_t crc = CRC8_INIT; 2312 for (count = 0; count < len; count++) 2313 crc = crc8table[crc ^ data[count]]; 2314 return crc; 2315 } 2316 2317 /*-----------------------------------------------------------------------------------*/ 2318 uint8_t crc8_check(uint8_t *data, uint16_t len, uint8_t check_sum) 2319 { 2320 uint8_t crc; 2321 2322 crc = crc8(data, len); 2323 2324 crc = crc8table[crc ^ check_sum]; 2325 if (crc == CRC8_OK) 2326 return 0; /* Valid */ 2327 else 2328 return 1; /* Failed */ 2329 2330 } 2331 2332 /*-----------------------------------------------------------------------------------*/ 2333 uint8_t crc8_calc(uint8_t *data, uint16_t len) 2334 { 2335 /* Ones complement */ 2336 return 0xFF - crc8(data, len); 2337 } 2338 2339 2340 2341 2342