1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "btstack_debug.h" 48 #include "btstack_memory.h" 49 #include "btstack_util.h" 50 #include "classic/rfcomm.h" 51 #include "hci.h" 52 #include "hci_cmd.h" 53 #include "hci_dump.h" 54 #include "l2cap.h" 55 56 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 57 #ifndef PRIxPTR 58 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 59 #define PRIxPTR "lx" 60 #else 61 #define PRIxPTR "x" 62 #endif 63 #endif 64 65 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 66 67 #define RFCOMM_CREDITS 10 68 69 // FCS calc 70 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 71 #define BT_RFCOMM_CRC_CHECK_LEN 3 72 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 73 74 75 typedef enum { 76 CH_EVT_RCVD_SABM = 1, 77 CH_EVT_RCVD_UA, 78 CH_EVT_RCVD_PN, 79 CH_EVT_RCVD_PN_RSP, 80 CH_EVT_RCVD_DISC, 81 CH_EVT_RCVD_DM, 82 CH_EVT_RCVD_MSC_CMD, 83 CH_EVT_RCVD_MSC_RSP, 84 CH_EVT_RCVD_NSC_RSP, 85 CH_EVT_RCVD_RLS_CMD, 86 CH_EVT_RCVD_RLS_RSP, 87 CH_EVT_RCVD_RPN_CMD, 88 CH_EVT_RCVD_RPN_REQ, 89 CH_EVT_RCVD_CREDITS, 90 CH_EVT_MULTIPLEXER_READY, 91 CH_EVT_READY_TO_SEND, 92 } RFCOMM_CHANNEL_EVENT; 93 94 typedef struct rfcomm_channel_event { 95 RFCOMM_CHANNEL_EVENT type; 96 uint16_t dummy; // force rfcomm_channel_event to be 2-byte aligned -> avoid -Wcast-align warning 97 } rfcomm_channel_event_t; 98 99 typedef struct rfcomm_channel_event_pn { 100 rfcomm_channel_event_t super; 101 uint16_t max_frame_size; 102 uint8_t priority; 103 uint8_t credits_outgoing; 104 } rfcomm_channel_event_pn_t; 105 106 typedef struct rfcomm_channel_event_rpn { 107 rfcomm_channel_event_t super; 108 rfcomm_rpn_data_t data; 109 } rfcomm_channel_event_rpn_t; 110 111 typedef struct rfcomm_channel_event_rls { 112 rfcomm_channel_event_t super; 113 uint8_t line_status; 114 } rfcomm_channel_event_rls_t; 115 116 typedef struct rfcomm_channel_event_msc { 117 rfcomm_channel_event_t super; 118 uint8_t modem_status; 119 } rfcomm_channel_event_msc_t; 120 121 122 // global rfcomm data 123 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 124 125 // linked lists for all 126 static btstack_linked_list_t rfcomm_multiplexers = NULL; 127 static btstack_linked_list_t rfcomm_channels = NULL; 128 static btstack_linked_list_t rfcomm_services = NULL; 129 130 static gap_security_level_t rfcomm_security_level; 131 132 static int rfcomm_channel_can_send(rfcomm_channel_t * channel); 133 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 134 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 135 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 136 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel); 137 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 138 static void rfcomm_run(void); 139 140 // MARK: RFCOMM CLIENT EVENTS 141 142 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 143 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 144 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 145 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 146 uint8_t event[11]; 147 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 148 event[1] = sizeof(event) - 2; 149 reverse_bd_addr(channel->multiplexer->remote_addr, &event[2]); 150 event[8] = channel->dlci >> 1; 151 little_endian_store_16(event, 9, channel->rfcomm_cid); 152 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 153 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 154 } 155 156 // API Change: BTstack-0.3.50x uses 157 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 158 // next Cydia release will use SVN version of this 159 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 160 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 161 log_info("RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 162 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 163 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 164 uint8_t event[16]; 165 uint8_t pos = 0; 166 event[pos++] = RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE; // 0 167 event[pos++] = sizeof(event) - 2; // 1 168 event[pos++] = status; // 2 169 reverse_bd_addr(channel->multiplexer->remote_addr, &event[pos]); pos += 6; // 3 170 little_endian_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 171 event[pos++] = channel->dlci >> 1; // 11 172 little_endian_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 173 little_endian_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 174 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 175 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, pos); 176 177 // if channel opened successfully, also send can send now if possible 178 if (status) return; 179 if (rfcomm_channel_can_send(channel)){ 180 rfcomm_emit_can_send_now(channel); 181 } else { 182 channel->waiting_for_can_send_now = 1; 183 } 184 } 185 186 // data: event(8), len(8), rfcomm_cid(16) 187 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 188 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 189 uint8_t event[4]; 190 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 191 event[1] = sizeof(event) - 2; 192 little_endian_store_16(event, 2, channel->rfcomm_cid); 193 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 194 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 195 } 196 197 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 198 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 199 uint8_t event[5]; 200 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 201 event[1] = sizeof(event) - 2; 202 little_endian_store_16(event, 2, channel->rfcomm_cid); 203 event[4] = line_status; 204 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 205 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 206 } 207 208 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 209 // notify client about new settings 210 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 211 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 212 event[1] = sizeof(rfcomm_rpn_data_t); 213 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 214 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 215 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 216 } 217 218 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel) { 219 log_info("RFCOMM_EVENT_CHANNEL_CAN_SEND_NOW local_cid 0x%x", channel->rfcomm_cid); 220 uint8_t event[4]; 221 event[0] = RFCOMM_EVENT_CAN_SEND_NOW; 222 event[1] = sizeof(event) - 2; 223 little_endian_store_16(event, 2, channel->rfcomm_cid); 224 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 225 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 226 } 227 228 // MARK RFCOMM RPN DATA HELPER 229 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 230 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 231 rpn_data->flags = 0x03; /* 8-n-1 */ 232 rpn_data->flow_control = 0; /* no flow control */ 233 rpn_data->xon = 0xd1; /* XON */ 234 rpn_data->xoff = 0xd3; /* XOFF */ 235 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 236 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 237 } 238 239 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 240 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 241 dest->baud_rate = src->baud_rate; 242 } 243 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 244 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 245 } 246 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 247 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 248 } 249 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 250 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 251 } 252 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 253 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 254 } 255 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 256 dest->xon = src->xon; 257 } 258 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 259 dest->xoff = src->xoff; 260 } 261 int i; 262 for (i=0; i < 6 ; i++){ 263 uint8_t mask = 1 << i; 264 if (src->parameter_mask_1 & mask){ 265 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 266 } 267 } 268 // always copy parameter mask, too. informative for client, needed for response 269 dest->parameter_mask_0 = src->parameter_mask_0; 270 dest->parameter_mask_1 = src->parameter_mask_1; 271 } 272 // MARK: RFCOMM MULTIPLEXER HELPER 273 274 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 275 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 276 uint16_t max_frame_size = l2cap_mtu - 5; 277 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 278 return max_frame_size; 279 } 280 281 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 282 283 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 284 285 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 286 multiplexer->fcon = 1; 287 multiplexer->send_dm_for_dlci = 0; 288 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 289 multiplexer->test_data_len = 0; 290 multiplexer->nsc_command = 0; 291 } 292 293 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 294 295 // alloc structure 296 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 297 if (!multiplexer) return NULL; 298 299 // fill in 300 rfcomm_multiplexer_initialize(multiplexer); 301 bd_addr_copy(multiplexer->remote_addr, addr); 302 303 // add to services list 304 btstack_linked_list_add(&rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 305 306 return multiplexer; 307 } 308 309 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 310 btstack_linked_item_t *it; 311 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 312 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 313 if (bd_addr_cmp(addr, multiplexer->remote_addr) == 0) { 314 return multiplexer; 315 }; 316 } 317 return NULL; 318 } 319 320 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 321 btstack_linked_item_t *it; 322 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 323 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 324 if (multiplexer->l2cap_cid == l2cap_cid) { 325 return multiplexer; 326 }; 327 } 328 return NULL; 329 } 330 331 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 332 btstack_linked_item_t *it; 333 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 334 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 335 if (channel->multiplexer == multiplexer) { 336 return 1; 337 } 338 } 339 return 0; 340 } 341 342 // MARK: RFCOMM CHANNEL HELPER 343 344 static void rfcomm_dump_channels(void){ 345 btstack_linked_item_t * it; 346 int channels = 0; 347 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 348 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 349 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 350 channels++; 351 } 352 } 353 354 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 355 rfcomm_service_t *service, uint8_t server_channel){ 356 357 // don't use 0 as channel id 358 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 359 360 // setup channel 361 memset(channel, 0, sizeof(rfcomm_channel_t)); 362 363 // set defaults for port configuration (even for services) 364 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 365 366 channel->state = RFCOMM_CHANNEL_CLOSED; 367 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 368 369 channel->multiplexer = multiplexer; 370 channel->rfcomm_cid = rfcomm_client_cid_generator++; 371 channel->max_frame_size = multiplexer->max_frame_size; 372 373 channel->credits_incoming = 0; 374 channel->credits_outgoing = 0; 375 376 // incoming flow control not active 377 channel->new_credits_incoming = RFCOMM_CREDITS; 378 channel->incoming_flow_control = 0; 379 380 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 381 382 channel->service = service; 383 if (service) { 384 // incoming connection 385 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 386 if (channel->max_frame_size > service->max_frame_size) { 387 channel->max_frame_size = service->max_frame_size; 388 } 389 channel->incoming_flow_control = service->incoming_flow_control; 390 channel->new_credits_incoming = service->incoming_initial_credits; 391 channel->packet_handler = service->packet_handler; 392 } else { 393 // outgoing connection 394 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 395 } 396 } 397 398 // service == NULL -> outgoing channel 399 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 400 rfcomm_service_t * service, uint8_t server_channel){ 401 402 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 403 rfcomm_dump_channels(); 404 405 // alloc structure 406 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 407 if (!channel) return NULL; 408 409 // fill in 410 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 411 412 // add to services list 413 btstack_linked_list_add(&rfcomm_channels, (btstack_linked_item_t *) channel); 414 415 return channel; 416 } 417 418 static void rfcomm_notify_channel_can_send(void){ 419 btstack_linked_list_iterator_t it; 420 btstack_linked_list_iterator_init(&it, &rfcomm_channels); 421 while (btstack_linked_list_iterator_has_next(&it)){ 422 rfcomm_channel_t * channel = (rfcomm_channel_t *) btstack_linked_list_iterator_next(&it); 423 if (!channel->waiting_for_can_send_now) continue; // didn't try to send yet 424 if (!rfcomm_channel_can_send(channel)) continue; // or cannot yet either 425 426 channel->waiting_for_can_send_now = 0; 427 rfcomm_emit_can_send_now(channel); 428 } 429 } 430 431 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 432 btstack_linked_item_t *it; 433 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 434 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 435 if (channel->rfcomm_cid == rfcomm_cid) { 436 return channel; 437 }; 438 } 439 return NULL; 440 } 441 442 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 443 btstack_linked_item_t *it; 444 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 445 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 446 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 447 return channel; 448 }; 449 } 450 return NULL; 451 } 452 453 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 454 btstack_linked_item_t *it; 455 for (it = (btstack_linked_item_t *) rfcomm_services; it ; it = it->next){ 456 rfcomm_service_t * service = ((rfcomm_service_t *) it); 457 if ( service->server_channel == server_channel){ 458 return service; 459 }; 460 } 461 return NULL; 462 } 463 464 // MARK: RFCOMM SEND 465 466 /** 467 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 468 */ 469 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 470 471 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 472 473 l2cap_reserve_packet_buffer(); 474 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 475 476 uint16_t pos = 0; 477 uint8_t crc_fields = 3; 478 479 rfcomm_out_buffer[pos++] = address; 480 rfcomm_out_buffer[pos++] = control; 481 482 // length field can be 1 or 2 octets 483 if (len < 128){ 484 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 485 } else { 486 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 487 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 488 crc_fields++; 489 } 490 491 // add credits for UIH frames when PF bit is set 492 if (control == BT_RFCOMM_UIH_PF){ 493 rfcomm_out_buffer[pos++] = credits; 494 } 495 496 // copy actual data 497 if (len) { 498 memcpy(&rfcomm_out_buffer[pos], data, len); 499 pos += len; 500 } 501 502 // UIH frames only calc FCS over address + control (5.1.1) 503 if ((control & 0xef) == BT_RFCOMM_UIH){ 504 crc_fields = 2; 505 } 506 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 507 508 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 509 510 return err; 511 } 512 513 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 514 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 515 516 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 517 uint8_t control = BT_RFCOMM_UIH; 518 519 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 520 521 uint16_t pos = 0; 522 rfcomm_out_buffer[pos++] = address; 523 rfcomm_out_buffer[pos++] = control; 524 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 525 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 526 527 // actual data is already in place 528 pos += len; 529 530 // UIH frames only calc FCS over address + control (5.1.1) 531 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 532 533 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 534 535 return err; 536 } 537 538 // C/R Flag in Address 539 // - terms: initiator = station that creates multiplexer with SABM 540 // - terms: responder = station that responds to multiplexer setup with UA 541 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 542 // - command initiator = 1 /response responder = 1 543 // - command responder = 0 /response initiator = 0 544 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 545 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 546 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 547 548 // C/R Flag in Message 549 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 550 // - If the C/R bit is set to 1 the message is a command 551 // - if it is set to 0 the message is a response. 552 553 // temp/old messge construction 554 555 // new object oriented version 556 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 557 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 558 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 559 } 560 561 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 562 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 563 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 564 } 565 566 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 567 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 568 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 569 } 570 571 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 572 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 573 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 574 } 575 576 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 577 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 578 uint8_t payload[2]; 579 uint8_t pos = 0; 580 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 581 payload[pos++] = (0 << 1) | 1; // len 582 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 583 } 584 585 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 586 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 587 // uint8_t payload[2+len]; 588 // uint8_t pos = 0; 589 // payload[pos++] = BT_RFCOMM_TEST_CMD; 590 // payload[pos++] = (len + 1) << 1 | 1; // len 591 // memcpy(&payload[pos], data, len); 592 // pos += len; 593 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 594 // } 595 596 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 597 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 598 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 599 uint8_t pos = 0; 600 payload[pos++] = BT_RFCOMM_TEST_RSP; 601 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 602 len = RFCOMM_TEST_DATA_MAX_LEN; 603 } 604 payload[pos++] = (len << 1) | 1; // len 605 memcpy(&payload[pos], data, len); 606 pos += len; 607 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 608 } 609 610 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 611 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 612 uint8_t payload[4]; 613 uint8_t pos = 0; 614 payload[pos++] = BT_RFCOMM_MSC_CMD; 615 payload[pos++] = (2 << 1) | 1; // len 616 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 617 payload[pos++] = signals; 618 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 619 } 620 621 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 622 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 623 uint8_t payload[4]; 624 uint8_t pos = 0; 625 payload[pos++] = BT_RFCOMM_MSC_RSP; 626 payload[pos++] = (2 << 1) | 1; // len 627 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 628 payload[pos++] = signals; 629 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 630 } 631 632 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 633 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 634 uint8_t payload[3]; 635 uint8_t pos = 0; 636 payload[pos++] = BT_RFCOMM_NSC_RSP; 637 payload[pos++] = (1 << 1) | 1; // len 638 payload[pos++] = command; 639 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 640 } 641 642 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 643 uint8_t payload[10]; 644 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 645 uint8_t pos = 0; 646 payload[pos++] = BT_RFCOMM_PN_CMD; 647 payload[pos++] = (8 << 1) | 1; // len 648 payload[pos++] = dlci; 649 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 650 payload[pos++] = 0; // priority 651 payload[pos++] = 0; // max 60 seconds ack 652 payload[pos++] = max_frame_size & 0xff; // max framesize low 653 payload[pos++] = max_frame_size >> 8; // max framesize high 654 payload[pos++] = 0x00; // number of retransmissions 655 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 656 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 657 } 658 659 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." rfcomm_tutorial.pdf 660 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 661 uint8_t priority, uint16_t max_frame_size){ 662 uint8_t payload[10]; 663 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 664 uint8_t pos = 0; 665 payload[pos++] = BT_RFCOMM_PN_RSP; 666 payload[pos++] = (8 << 1) | 1; // len 667 payload[pos++] = dlci; 668 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 669 payload[pos++] = priority; // priority 670 payload[pos++] = 0; // max 60 seconds ack 671 payload[pos++] = max_frame_size & 0xff; // max framesize low 672 payload[pos++] = max_frame_size >> 8; // max framesize high 673 payload[pos++] = 0x00; // number of retransmissions 674 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 675 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 676 } 677 678 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 679 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 680 uint8_t payload[4]; 681 uint8_t pos = 0; 682 payload[pos++] = BT_RFCOMM_RLS_CMD; 683 payload[pos++] = (2 << 1) | 1; // len 684 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 685 payload[pos++] = line_status; 686 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 687 } 688 689 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 690 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 691 uint8_t payload[4]; 692 uint8_t pos = 0; 693 payload[pos++] = BT_RFCOMM_RLS_RSP; 694 payload[pos++] = (2 << 1) | 1; // len 695 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 696 payload[pos++] = line_status; 697 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 698 } 699 700 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 701 uint8_t payload[10]; 702 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 703 uint8_t pos = 0; 704 payload[pos++] = BT_RFCOMM_RPN_CMD; 705 payload[pos++] = (8 << 1) | 1; // len 706 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 707 payload[pos++] = rpn_data->baud_rate; 708 payload[pos++] = rpn_data->flags; 709 payload[pos++] = rpn_data->flow_control; 710 payload[pos++] = rpn_data->xon; 711 payload[pos++] = rpn_data->xoff; 712 payload[pos++] = rpn_data->parameter_mask_0; 713 payload[pos++] = rpn_data->parameter_mask_1; 714 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 715 } 716 717 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 718 uint8_t payload[3]; 719 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 720 uint8_t pos = 0; 721 payload[pos++] = BT_RFCOMM_RPN_CMD; 722 payload[pos++] = (1 << 1) | 1; // len 723 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 724 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 725 } 726 727 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 728 uint8_t payload[10]; 729 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 730 uint8_t pos = 0; 731 payload[pos++] = BT_RFCOMM_RPN_RSP; 732 payload[pos++] = (8 << 1) | 1; // len 733 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 734 payload[pos++] = rpn_data->baud_rate; 735 payload[pos++] = rpn_data->flags; 736 payload[pos++] = rpn_data->flow_control; 737 payload[pos++] = rpn_data->xon; 738 payload[pos++] = rpn_data->xoff; 739 payload[pos++] = rpn_data->parameter_mask_0; 740 payload[pos++] = rpn_data->parameter_mask_1; 741 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 742 } 743 744 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 745 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 746 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 747 } 748 749 // MARK: RFCOMM MULTIPLEXER 750 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 751 if (multiplexer->timer_active) { 752 btstack_run_loop_remove_timer(&multiplexer->timer); 753 multiplexer->timer_active = 0; 754 } 755 } 756 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 757 btstack_linked_list_remove( &rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 758 btstack_memory_rfcomm_multiplexer_free(multiplexer); 759 } 760 761 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 762 // remove (potential) timer 763 rfcomm_multiplexer_stop_timer(multiplexer); 764 765 // close and remove all channels 766 btstack_linked_item_t *it = (btstack_linked_item_t *) &rfcomm_channels; 767 while (it->next){ 768 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 769 if (channel->multiplexer == multiplexer) { 770 // emit appropriate events 771 if (channel->state == RFCOMM_CHANNEL_OPEN) { 772 rfcomm_emit_channel_closed(channel); 773 } else { 774 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 775 } 776 // remove from list 777 it->next = it->next->next; 778 // free channel struct 779 btstack_memory_rfcomm_channel_free(channel); 780 } else { 781 it = it->next; 782 } 783 } 784 785 // remove mutliplexer 786 rfcomm_multiplexer_free(multiplexer); 787 } 788 789 static void rfcomm_multiplexer_timer_handler(btstack_timer_source_t *timer){ 790 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t*) btstack_run_loop_get_timer_context(timer); 791 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 792 793 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 794 uint16_t l2cap_cid = multiplexer->l2cap_cid; 795 rfcomm_multiplexer_finalize(multiplexer); 796 l2cap_disconnect(l2cap_cid, 0x13); 797 } 798 799 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 800 if (multiplexer->timer_active) { 801 btstack_run_loop_remove_timer(&multiplexer->timer); 802 multiplexer->timer_active = 0; 803 } 804 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 805 806 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 807 btstack_run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 808 btstack_run_loop_set_timer_handler(&multiplexer->timer, rfcomm_multiplexer_timer_handler); 809 btstack_run_loop_set_timer_context(&multiplexer->timer, multiplexer); 810 btstack_run_loop_add_timer(&multiplexer->timer); 811 multiplexer->timer_active = 1; 812 } 813 814 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 815 log_info("Multiplexer up and running"); 816 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 817 818 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 819 820 // transition of channels that wait for multiplexer 821 btstack_linked_item_t *it; 822 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 823 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 824 if (channel->multiplexer != multiplexer) continue; 825 rfcomm_channel_state_machine(channel, &event); 826 } 827 828 rfcomm_run(); 829 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 830 } 831 832 833 /** 834 * @return handled packet 835 */ 836 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 837 bd_addr_t event_addr; 838 uint16_t psm; 839 uint16_t l2cap_cid; 840 hci_con_handle_t con_handle; 841 rfcomm_multiplexer_t *multiplexer = NULL; 842 uint8_t status; 843 844 switch (packet[0]) { 845 846 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 847 case L2CAP_EVENT_INCOMING_CONNECTION: 848 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 849 reverse_bd_addr(&packet[2], event_addr); 850 con_handle = little_endian_read_16(packet, 8); 851 psm = little_endian_read_16(packet, 10); 852 l2cap_cid = little_endian_read_16(packet, 12); 853 854 if (psm != PSM_RFCOMM) break; 855 856 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 857 858 if (multiplexer) { 859 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 860 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 861 return 1; 862 } 863 864 // create and inititialize new multiplexer instance (incoming) 865 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 866 if (!multiplexer){ 867 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 868 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 869 return 1; 870 } 871 872 multiplexer->con_handle = con_handle; 873 multiplexer->l2cap_cid = l2cap_cid; 874 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 875 876 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 877 l2cap_accept_connection(l2cap_cid); 878 return 1; 879 880 // l2cap connection opened -> store l2cap_cid, remote_addr 881 case L2CAP_EVENT_CHANNEL_OPENED: 882 883 if (little_endian_read_16(packet, 11) != PSM_RFCOMM) break; 884 885 status = packet[2]; 886 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 887 888 // get multiplexer for remote addr 889 con_handle = little_endian_read_16(packet, 9); 890 l2cap_cid = little_endian_read_16(packet, 13); 891 reverse_bd_addr(&packet[3], event_addr); 892 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 893 if (!multiplexer) { 894 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 895 return 1; 896 } 897 898 // on l2cap open error discard everything 899 if (status){ 900 901 // remove (potential) timer 902 rfcomm_multiplexer_stop_timer(multiplexer); 903 904 // emit rfcomm_channel_opened with status and free channel 905 btstack_linked_item_t * it = (btstack_linked_item_t *) &rfcomm_channels; 906 while (it->next) { 907 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 908 if (channel->multiplexer == multiplexer){ 909 rfcomm_emit_channel_opened(channel, status); 910 it->next = it->next->next; 911 btstack_memory_rfcomm_channel_free(channel); 912 } else { 913 it = it->next; 914 } 915 } 916 917 // free multiplexer 918 rfcomm_multiplexer_free(multiplexer); 919 return 1; 920 } 921 922 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 923 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 924 // wrong remote addr 925 if (bd_addr_cmp(event_addr, multiplexer->remote_addr)) break; 926 multiplexer->l2cap_cid = l2cap_cid; 927 multiplexer->con_handle = con_handle; 928 // send SABM #0 929 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 930 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 931 932 // set max frame size based on l2cap MTU 933 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(little_endian_read_16(packet, 17)); 934 } 935 return 1; 936 937 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 938 939 // Notify channel packet handler if they can send now 940 case L2CAP_EVENT_CAN_SEND_NOW: 941 rfcomm_run(); // rfcomm signaling packets first 942 rfcomm_notify_channel_can_send(); 943 break; 944 945 case L2CAP_EVENT_CHANNEL_CLOSED: 946 // data: event (8), len(8), channel (16) 947 l2cap_cid = little_endian_read_16(packet, 2); 948 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 949 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 950 if (!multiplexer) break; 951 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 952 switch (multiplexer->state) { 953 case RFCOMM_MULTIPLEXER_W4_CONNECT: 954 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 955 case RFCOMM_MULTIPLEXER_W4_SABM_0: 956 case RFCOMM_MULTIPLEXER_SEND_UA_0: 957 case RFCOMM_MULTIPLEXER_W4_UA_0: 958 case RFCOMM_MULTIPLEXER_OPEN: 959 // don't call l2cap_disconnect as it's alreay closed 960 rfcomm_multiplexer_finalize(multiplexer); 961 return 1; 962 default: 963 break; 964 } 965 break; 966 default: 967 break; 968 } 969 return 0; 970 } 971 972 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 973 974 // get or create a multiplexer for a certain device 975 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 976 if (!multiplexer) return 0; 977 978 uint16_t l2cap_cid = multiplexer->l2cap_cid; 979 980 // but only care for multiplexer control channel 981 uint8_t frame_dlci = packet[0] >> 2; 982 if (frame_dlci) return 0; 983 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 984 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 985 const uint8_t payload_offset = 3 + length_offset + credit_offset; 986 switch (packet[1]){ 987 988 case BT_RFCOMM_SABM: 989 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 990 log_info("Received SABM #0"); 991 multiplexer->outgoing = 0; 992 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 993 return 1; 994 } 995 break; 996 997 case BT_RFCOMM_UA: 998 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 999 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 1000 log_info("Received UA #0 "); 1001 rfcomm_multiplexer_opened(multiplexer); 1002 return 1; 1003 } 1004 break; 1005 1006 case BT_RFCOMM_DISC: 1007 // DISC #0 -> send UA #0, close multiplexer 1008 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 1009 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 1010 return 1; 1011 1012 case BT_RFCOMM_DM: 1013 // DM #0 - we shouldn't get this, just give up 1014 log_info("Received DM #0"); 1015 log_info("-> Closing down multiplexer"); 1016 rfcomm_multiplexer_finalize(multiplexer); 1017 l2cap_disconnect(l2cap_cid, 0x13); 1018 return 1; 1019 1020 case BT_RFCOMM_UIH: 1021 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 1022 // Multiplexer close down (CLD) -> close mutliplexer 1023 log_info("Received Multiplexer close down command"); 1024 log_info("-> Closing down multiplexer"); 1025 rfcomm_multiplexer_finalize(multiplexer); 1026 l2cap_disconnect(l2cap_cid, 0x13); 1027 return 1; 1028 } 1029 switch (packet[payload_offset]){ 1030 case BT_RFCOMM_CLD_CMD: 1031 // Multiplexer close down (CLD) -> close mutliplexer 1032 log_info("Received Multiplexer close down command"); 1033 log_info("-> Closing down multiplexer"); 1034 rfcomm_multiplexer_finalize(multiplexer); 1035 l2cap_disconnect(l2cap_cid, 0x13); 1036 return 1; 1037 1038 case BT_RFCOMM_FCON_CMD: 1039 multiplexer->fcon = 0x81; 1040 break; 1041 1042 case BT_RFCOMM_FCOFF_CMD: 1043 multiplexer->fcon = 0x80; 1044 break; 1045 1046 case BT_RFCOMM_TEST_CMD: { 1047 log_info("Received test command"); 1048 int len = packet[payload_offset+1] >> 1; // length < 125 1049 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1050 len = RFCOMM_TEST_DATA_MAX_LEN; 1051 } 1052 multiplexer->test_data_len = len; 1053 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1054 return 1; 1055 } 1056 default: 1057 break; 1058 } 1059 break; 1060 1061 default: 1062 break; 1063 1064 } 1065 return 0; 1066 } 1067 1068 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1069 1070 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1071 1072 // process stored DM responses 1073 if (multiplexer->send_dm_for_dlci){ 1074 uint8_t dlci = multiplexer->send_dm_for_dlci; 1075 multiplexer->send_dm_for_dlci = 0; 1076 rfcomm_send_dm_pf(multiplexer, dlci); 1077 return; 1078 } 1079 1080 if (multiplexer->nsc_command){ 1081 uint8_t command = multiplexer->nsc_command; 1082 multiplexer->nsc_command = 0; 1083 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1084 return; 1085 } 1086 1087 if (multiplexer->fcon & 0x80){ 1088 multiplexer->fcon &= 0x01; 1089 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1090 if (multiplexer->fcon == 0) return; 1091 // trigger client to send again after sending FCon Response 1092 rfcomm_notify_channel_can_send(); 1093 return; 1094 } 1095 1096 switch (multiplexer->state) { 1097 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1098 switch (event) { 1099 case MULT_EV_READY_TO_SEND: 1100 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1101 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1102 rfcomm_send_sabm(multiplexer, 0); 1103 break; 1104 default: 1105 break; 1106 } 1107 break; 1108 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1109 switch (event) { 1110 case MULT_EV_READY_TO_SEND: 1111 log_info("Sending UA #0"); 1112 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1113 rfcomm_send_ua(multiplexer, 0); 1114 rfcomm_multiplexer_opened(multiplexer); 1115 break; 1116 default: 1117 break; 1118 } 1119 break; 1120 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1121 switch (event) { 1122 case MULT_EV_READY_TO_SEND: 1123 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1124 if (!multiplexer->at_least_one_connection){ 1125 log_info("TODO: no connections established - delete link key prophylactically"); 1126 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1127 } 1128 log_info("Sending UA #0"); 1129 log_info("Closing down multiplexer"); 1130 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1131 rfcomm_send_ua(multiplexer, 0); 1132 rfcomm_multiplexer_finalize(multiplexer); 1133 l2cap_disconnect(l2cap_cid, 0x13); 1134 default: 1135 break; 1136 } 1137 break; 1138 case RFCOMM_MULTIPLEXER_OPEN: 1139 switch (event) { 1140 case MULT_EV_READY_TO_SEND: 1141 // respond to test command 1142 if (multiplexer->test_data_len){ 1143 int len = multiplexer->test_data_len; 1144 log_info("Sending TEST Response with %u bytes", len); 1145 multiplexer->test_data_len = 0; 1146 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1147 return; 1148 } 1149 break; 1150 default: 1151 break; 1152 } 1153 break; 1154 default: 1155 break; 1156 } 1157 } 1158 1159 // MARK: RFCOMM CHANNEL 1160 1161 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1162 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1163 channel->credits_incoming += credits; 1164 } 1165 1166 static int rfcomm_channel_can_send(rfcomm_channel_t * channel){ 1167 if (!channel->credits_outgoing) return 0; 1168 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1169 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1170 } 1171 1172 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1173 1174 log_info("rfcomm_channel_opened!"); 1175 1176 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1177 rfcomm_emit_channel_opened(rfChannel, 0); 1178 rfcomm_emit_port_configuration(rfChannel); 1179 1180 // remove (potential) timer 1181 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1182 if (multiplexer->timer_active) { 1183 btstack_run_loop_remove_timer(&multiplexer->timer); 1184 multiplexer->timer_active = 0; 1185 } 1186 // hack for problem detecting authentication failure 1187 multiplexer->at_least_one_connection = 1; 1188 1189 // start next connection request if pending 1190 rfcomm_run(); 1191 } 1192 1193 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1194 const uint8_t frame_dlci = packet[0] >> 2; 1195 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1196 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1197 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1198 1199 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1200 if (!channel) return; 1201 1202 // handle new outgoing credits 1203 if (packet[1] == BT_RFCOMM_UIH_PF) { 1204 1205 // add them 1206 uint16_t new_credits = packet[3+length_offset]; 1207 channel->credits_outgoing += new_credits; 1208 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1209 1210 // notify channel statemachine 1211 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1212 rfcomm_channel_state_machine(channel, &channel_event); 1213 } 1214 1215 // contains payload? 1216 if (size - 1 > payload_offset){ 1217 1218 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1219 1220 // decrease incoming credit counter 1221 if (channel->credits_incoming > 0){ 1222 channel->credits_incoming--; 1223 } 1224 1225 // deliver payload 1226 (channel->packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1227 &packet[payload_offset], size-payload_offset-1); 1228 } 1229 1230 // automatically provide new credits to remote device, if no incoming flow control 1231 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1232 channel->new_credits_incoming =RFCOMM_CREDITS; 1233 } 1234 } 1235 1236 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1237 // priority of client request 1238 channel->pn_priority = event->priority; 1239 1240 // new credits 1241 channel->credits_outgoing = event->credits_outgoing; 1242 1243 // negotiate max frame size 1244 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1245 channel->max_frame_size = channel->multiplexer->max_frame_size; 1246 } 1247 if (channel->max_frame_size > event->max_frame_size) { 1248 channel->max_frame_size = event->max_frame_size; 1249 } 1250 1251 } 1252 1253 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1254 1255 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1256 1257 // remove from list 1258 btstack_linked_list_remove( &rfcomm_channels, (btstack_linked_item_t *) channel); 1259 1260 // free channel 1261 btstack_memory_rfcomm_channel_free(channel); 1262 1263 // update multiplexer timeout after channel was removed from list 1264 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1265 } 1266 1267 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1268 1269 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1270 1271 1272 // lookup existing channel 1273 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1274 1275 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1276 1277 if (channel) { 1278 rfcomm_channel_state_machine(channel, event); 1279 return; 1280 } 1281 1282 // service registered? 1283 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1284 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1285 if (!service) { 1286 // discard request by sending disconnected mode 1287 multiplexer->send_dm_for_dlci = dlci; 1288 return; 1289 } 1290 1291 // create channel for some events 1292 switch (event->type) { 1293 case CH_EVT_RCVD_SABM: 1294 case CH_EVT_RCVD_PN: 1295 case CH_EVT_RCVD_RPN_REQ: 1296 case CH_EVT_RCVD_RPN_CMD: 1297 // setup incoming channel 1298 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1299 if (!channel){ 1300 // discard request by sending disconnected mode 1301 multiplexer->send_dm_for_dlci = dlci; 1302 } 1303 break; 1304 default: 1305 break; 1306 } 1307 1308 if (!channel) { 1309 // discard request by sending disconnected mode 1310 multiplexer->send_dm_for_dlci = dlci; 1311 return; 1312 } 1313 rfcomm_channel_state_machine(channel, event); 1314 } 1315 1316 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1317 1318 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1319 const uint8_t frame_dlci = packet[0] >> 2; 1320 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1321 uint8_t message_len; // " 1322 1323 // rfcomm: (1) command/control 1324 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1325 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1326 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1327 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1328 // rfcomm: (3+length_offset) credits if credits_offset == 1 1329 // rfcomm: (3+length_offest+credits_offset) 1330 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1331 1332 rfcomm_channel_event_t event; 1333 rfcomm_channel_event_pn_t event_pn; 1334 rfcomm_channel_event_rpn_t event_rpn; 1335 rfcomm_channel_event_msc_t event_msc; 1336 1337 // switch by rfcomm message type 1338 switch(packet[1]) { 1339 1340 case BT_RFCOMM_SABM: 1341 event.type = CH_EVT_RCVD_SABM; 1342 log_info("Received SABM #%u", frame_dlci); 1343 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1344 break; 1345 1346 case BT_RFCOMM_UA: 1347 event.type = CH_EVT_RCVD_UA; 1348 log_info("Received UA #%u",frame_dlci); 1349 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1350 break; 1351 1352 case BT_RFCOMM_DISC: 1353 event.type = CH_EVT_RCVD_DISC; 1354 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1355 break; 1356 1357 case BT_RFCOMM_DM: 1358 case BT_RFCOMM_DM_PF: 1359 event.type = CH_EVT_RCVD_DM; 1360 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1361 break; 1362 1363 case BT_RFCOMM_UIH_PF: 1364 case BT_RFCOMM_UIH: 1365 1366 message_len = packet[payload_offset+1] >> 1; 1367 1368 switch (packet[payload_offset]) { 1369 case BT_RFCOMM_PN_CMD: 1370 message_dlci = packet[payload_offset+2]; 1371 event_pn.super.type = CH_EVT_RCVD_PN; 1372 event_pn.priority = packet[payload_offset+4]; 1373 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1374 event_pn.credits_outgoing = packet[payload_offset+9]; 1375 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1376 message_dlci, event_pn.credits_outgoing); 1377 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1378 break; 1379 1380 case BT_RFCOMM_PN_RSP: 1381 message_dlci = packet[payload_offset+2]; 1382 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1383 event_pn.priority = packet[payload_offset+4]; 1384 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1385 event_pn.credits_outgoing = packet[payload_offset+9]; 1386 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1387 event_pn.max_frame_size, event_pn.credits_outgoing); 1388 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1389 break; 1390 1391 case BT_RFCOMM_MSC_CMD: 1392 message_dlci = packet[payload_offset+2] >> 2; 1393 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1394 event_msc.modem_status = packet[payload_offset+3]; 1395 log_info("Received MSC CMD for #%u, ", message_dlci); 1396 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1397 break; 1398 1399 case BT_RFCOMM_MSC_RSP: 1400 message_dlci = packet[payload_offset+2] >> 2; 1401 event.type = CH_EVT_RCVD_MSC_RSP; 1402 log_info("Received MSC RSP for #%u", message_dlci); 1403 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1404 break; 1405 1406 case BT_RFCOMM_RPN_CMD: 1407 message_dlci = packet[payload_offset+2] >> 2; 1408 switch (message_len){ 1409 case 1: 1410 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1411 event.type = CH_EVT_RCVD_RPN_REQ; 1412 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1413 break; 1414 case 8: 1415 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1416 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1417 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1418 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1419 break; 1420 default: 1421 break; 1422 } 1423 break; 1424 1425 case BT_RFCOMM_RPN_RSP: 1426 log_info("Received RPN response"); 1427 break; 1428 1429 case BT_RFCOMM_RLS_CMD: { 1430 log_info("Received RLS command"); 1431 message_dlci = packet[payload_offset+2] >> 2; 1432 rfcomm_channel_event_rls_t event_rls; 1433 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1434 event_rls.line_status = packet[payload_offset+3]; 1435 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1436 break; 1437 } 1438 1439 case BT_RFCOMM_RLS_RSP: 1440 log_info("Received RLS response"); 1441 break; 1442 1443 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1444 // case BT_RFCOMM_TEST_CMD: 1445 // case BT_RFCOMM_FCOFF_CMD: 1446 // case BT_RFCOMM_FCON_CMD: 1447 // everything else is an not supported command 1448 default: { 1449 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1450 multiplexer->nsc_command = packet[payload_offset]; 1451 break; 1452 } 1453 } 1454 break; 1455 1456 default: 1457 log_error("Received unknown RFCOMM message type %x", packet[1]); 1458 break; 1459 } 1460 1461 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1462 rfcomm_run(); 1463 } 1464 1465 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1466 1467 // multiplexer handler 1468 int handled = 0; 1469 switch (packet_type) { 1470 case HCI_EVENT_PACKET: 1471 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1472 break; 1473 case L2CAP_DATA_PACKET: 1474 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1475 break; 1476 default: 1477 break; 1478 } 1479 1480 if (handled) { 1481 rfcomm_run(); 1482 return; 1483 } 1484 1485 // we only handle l2cap packets 1486 if (packet_type != L2CAP_DATA_PACKET) return; 1487 1488 // ... over open multiplexer channel now 1489 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1490 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) return; 1491 1492 // channel data ? 1493 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1494 const uint8_t frame_dlci = packet[0] >> 2; 1495 1496 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1497 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1498 rfcomm_run(); 1499 return; 1500 } 1501 1502 rfcomm_channel_packet_handler(multiplexer, packet, size); 1503 } 1504 1505 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1506 // note: exchanging MSC isn't neccessary to consider channel open 1507 // note: having outgoing credits is also not necessary to consider channel open 1508 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1509 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1510 // if (channel->credits_outgoing == 0) return 0; 1511 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u", 1512 channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing); 1513 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1514 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1515 1516 return 1; 1517 } 1518 1519 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1520 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1521 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1522 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1523 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1524 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1525 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1526 return 1; 1527 } 1528 1529 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1530 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1531 } 1532 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1533 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1534 } 1535 1536 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1537 1538 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1539 1540 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1541 1542 // TODO: integrate in common switch 1543 if (event->type == CH_EVT_RCVD_DISC){ 1544 rfcomm_emit_channel_closed(channel); 1545 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1546 return; 1547 } 1548 1549 // TODO: integrate in common switch 1550 if (event->type == CH_EVT_RCVD_DM){ 1551 log_info("Received DM message for #%u", channel->dlci); 1552 log_info("-> Closing channel locally for #%u", channel->dlci); 1553 rfcomm_emit_channel_closed(channel); 1554 rfcomm_channel_finalize(channel); 1555 return; 1556 } 1557 1558 // remote port negotiation command - just accept everything for now 1559 // 1560 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1561 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1562 // (Although the handling of individual settings are implementation-dependent.)" 1563 // 1564 1565 // TODO: integrate in common switch 1566 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1567 // control port parameters 1568 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1569 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1570 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1571 // notify client about new settings 1572 rfcomm_emit_port_configuration(channel); 1573 return; 1574 } 1575 1576 // TODO: integrate in common switch 1577 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1578 // no values got accepted (no values have beens sent) 1579 channel->rpn_data.parameter_mask_0 = 0x00; 1580 channel->rpn_data.parameter_mask_1 = 0x00; 1581 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1582 return; 1583 } 1584 1585 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1586 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1587 channel->rls_line_status = event_rls->line_status & 0x0f; 1588 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1589 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1590 return; 1591 } 1592 1593 // TODO: integrate in common swich 1594 if (event->type == CH_EVT_READY_TO_SEND){ 1595 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1596 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1597 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1598 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1599 return; 1600 } 1601 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1602 log_info("Sending MSC RSP for #%u", channel->dlci); 1603 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1604 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1605 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1606 return; 1607 } 1608 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1609 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1610 uint8_t line_status = channel->rls_line_status; 1611 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1612 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1613 return; 1614 } 1615 } 1616 1617 // emit MSC status to app 1618 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1619 // notify client about new settings 1620 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1621 uint8_t modem_status_event[2+1]; 1622 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1623 modem_status_event[1] = 1; 1624 modem_status_event[2] = event_msc->modem_status; 1625 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1626 // no return, MSC_CMD will be handled by state machine below 1627 } 1628 1629 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1630 1631 switch (channel->state) { 1632 case RFCOMM_CHANNEL_CLOSED: 1633 switch (event->type){ 1634 case CH_EVT_RCVD_SABM: 1635 log_info("-> Inform app"); 1636 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1637 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1638 rfcomm_emit_connection_request(channel); 1639 break; 1640 case CH_EVT_RCVD_PN: 1641 rfcomm_channel_accept_pn(channel, event_pn); 1642 log_info("-> Inform app"); 1643 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1644 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1645 rfcomm_emit_connection_request(channel); 1646 break; 1647 default: 1648 break; 1649 } 1650 break; 1651 1652 case RFCOMM_CHANNEL_INCOMING_SETUP: 1653 switch (event->type){ 1654 case CH_EVT_RCVD_SABM: 1655 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1656 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1657 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1658 } 1659 break; 1660 case CH_EVT_RCVD_PN: 1661 rfcomm_channel_accept_pn(channel, event_pn); 1662 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1663 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1664 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1665 } 1666 break; 1667 case CH_EVT_READY_TO_SEND: 1668 // if / else if is used to check for state transition after sending 1669 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1670 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1671 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1672 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1673 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1674 log_info("Sending UA #%u", channel->dlci); 1675 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1676 rfcomm_send_ua(multiplexer, channel->dlci); 1677 } 1678 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1679 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1680 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1681 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1682 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1683 } 1684 break; 1685 default: 1686 break; 1687 } 1688 break; 1689 1690 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1691 switch (event->type) { 1692 case CH_EVT_MULTIPLEXER_READY: 1693 log_info("Muliplexer opened, sending UIH PN next"); 1694 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1695 break; 1696 default: 1697 break; 1698 } 1699 break; 1700 1701 case RFCOMM_CHANNEL_SEND_UIH_PN: 1702 switch (event->type) { 1703 case CH_EVT_READY_TO_SEND: 1704 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1705 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1706 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1707 break; 1708 default: 1709 break; 1710 } 1711 break; 1712 1713 case RFCOMM_CHANNEL_W4_PN_RSP: 1714 switch (event->type){ 1715 case CH_EVT_RCVD_PN_RSP: 1716 // update max frame size 1717 if (channel->max_frame_size > event_pn->max_frame_size) { 1718 channel->max_frame_size = event_pn->max_frame_size; 1719 } 1720 // new credits 1721 channel->credits_outgoing = event_pn->credits_outgoing; 1722 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1723 break; 1724 default: 1725 break; 1726 } 1727 break; 1728 1729 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1730 switch (event->type) { 1731 case CH_EVT_READY_TO_SEND: 1732 log_info("Sending SABM #%u", channel->dlci); 1733 channel->state = RFCOMM_CHANNEL_W4_UA; 1734 rfcomm_send_sabm(multiplexer, channel->dlci); 1735 break; 1736 default: 1737 break; 1738 } 1739 break; 1740 1741 case RFCOMM_CHANNEL_W4_UA: 1742 switch (event->type){ 1743 case CH_EVT_RCVD_UA: 1744 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1745 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1746 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1747 break; 1748 default: 1749 break; 1750 } 1751 break; 1752 1753 case RFCOMM_CHANNEL_DLC_SETUP: 1754 switch (event->type){ 1755 case CH_EVT_RCVD_MSC_CMD: 1756 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1757 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1758 break; 1759 case CH_EVT_RCVD_MSC_RSP: 1760 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1761 break; 1762 1763 case CH_EVT_READY_TO_SEND: 1764 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1765 log_info("Sending MSC CMD for #%u", channel->dlci); 1766 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1767 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1768 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1769 break; 1770 } 1771 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1772 log_info("Providing credits for #%u", channel->dlci); 1773 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1774 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1775 1776 if (channel->new_credits_incoming) { 1777 uint8_t new_credits = channel->new_credits_incoming; 1778 channel->new_credits_incoming = 0; 1779 rfcomm_channel_send_credits(channel, new_credits); 1780 } 1781 break; 1782 1783 } 1784 break; 1785 default: 1786 break; 1787 } 1788 // finally done? 1789 if (rfcomm_channel_ready_for_open(channel)){ 1790 channel->state = RFCOMM_CHANNEL_OPEN; 1791 rfcomm_channel_opened(channel); 1792 } 1793 break; 1794 1795 case RFCOMM_CHANNEL_OPEN: 1796 switch (event->type){ 1797 case CH_EVT_RCVD_MSC_CMD: 1798 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1799 break; 1800 case CH_EVT_READY_TO_SEND: 1801 if (channel->new_credits_incoming) { 1802 uint8_t new_credits = channel->new_credits_incoming; 1803 channel->new_credits_incoming = 0; 1804 rfcomm_channel_send_credits(channel, new_credits); 1805 break; 1806 } 1807 break; 1808 case CH_EVT_RCVD_CREDITS: 1809 rfcomm_notify_channel_can_send(); 1810 break; 1811 default: 1812 break; 1813 } 1814 break; 1815 1816 case RFCOMM_CHANNEL_SEND_DM: 1817 switch (event->type) { 1818 case CH_EVT_READY_TO_SEND: 1819 log_info("Sending DM_PF for #%u", channel->dlci); 1820 // don't emit channel closed - channel was never open 1821 channel->state = RFCOMM_CHANNEL_CLOSED; 1822 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1823 rfcomm_channel_finalize(channel); 1824 break; 1825 default: 1826 break; 1827 } 1828 break; 1829 1830 case RFCOMM_CHANNEL_SEND_DISC: 1831 switch (event->type) { 1832 case CH_EVT_READY_TO_SEND: 1833 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1834 rfcomm_send_disc(multiplexer, channel->dlci); 1835 break; 1836 default: 1837 break; 1838 } 1839 break; 1840 1841 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1842 switch (event->type){ 1843 case CH_EVT_RCVD_UA: 1844 channel->state = RFCOMM_CHANNEL_CLOSED; 1845 rfcomm_emit_channel_closed(channel); 1846 rfcomm_channel_finalize(channel); 1847 break; 1848 default: 1849 break; 1850 } 1851 break; 1852 1853 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1854 switch (event->type) { 1855 case CH_EVT_READY_TO_SEND: 1856 log_info("Sending UA after DISC for #%u", channel->dlci); 1857 channel->state = RFCOMM_CHANNEL_CLOSED; 1858 rfcomm_send_ua(multiplexer, channel->dlci); 1859 rfcomm_channel_finalize(channel); 1860 break; 1861 default: 1862 break; 1863 } 1864 break; 1865 1866 default: 1867 break; 1868 } 1869 } 1870 1871 1872 // MARK: RFCOMM RUN 1873 // process outstanding signaling tasks 1874 static void rfcomm_run(void){ 1875 1876 btstack_linked_item_t *it; 1877 btstack_linked_item_t *next; 1878 1879 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1880 1881 next = it->next; // be prepared for removal of channel in state machine 1882 1883 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1884 1885 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1886 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1887 continue; 1888 } 1889 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1890 1891 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1892 } 1893 1894 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = next){ 1895 1896 next = it->next; // be prepared for removal of channel in state machine 1897 1898 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1899 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1900 1901 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1902 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1903 continue; 1904 } 1905 1906 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1907 rfcomm_channel_state_machine(channel, &event); 1908 } 1909 } 1910 1911 // MARK: RFCOMM BTstack API 1912 1913 void rfcomm_init(void){ 1914 rfcomm_client_cid_generator = 0; 1915 rfcomm_multiplexers = NULL; 1916 rfcomm_services = NULL; 1917 rfcomm_channels = NULL; 1918 rfcomm_security_level = LEVEL_2; 1919 } 1920 1921 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1922 rfcomm_security_level = security_level; 1923 } 1924 1925 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1926 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1927 if (!channel){ 1928 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1929 return 0; 1930 } 1931 int res = rfcomm_channel_can_send(channel); 1932 if (!res){ 1933 channel->waiting_for_can_send_now = 1; 1934 } 1935 return res; 1936 } 1937 1938 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1939 if (len > channel->max_frame_size){ 1940 log_error("rfcomm_send cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1941 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1942 } 1943 1944 if (!channel->credits_outgoing){ 1945 log_info("rfcomm_send cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1946 return RFCOMM_NO_OUTGOING_CREDITS; 1947 } 1948 1949 if ((channel->multiplexer->fcon & 1) == 0){ 1950 log_info("rfcomm_send cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 1951 return RFCOMM_AGGREGATE_FLOW_OFF; 1952 } 1953 return 0; 1954 } 1955 1956 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 1957 int rfcomm_reserve_packet_buffer(void){ 1958 return l2cap_reserve_packet_buffer(); 1959 } 1960 1961 void rfcomm_release_packet_buffer(void){ 1962 l2cap_release_packet_buffer(); 1963 } 1964 1965 uint8_t * rfcomm_get_outgoing_buffer(void){ 1966 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 1967 // address + control + length (16) + no credit field 1968 return &rfcomm_out_buffer[4]; 1969 } 1970 1971 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 1972 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1973 if (!channel){ 1974 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 1975 return 0; 1976 } 1977 return channel->max_frame_size; 1978 } 1979 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 1980 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1981 if (!channel){ 1982 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 1983 return 0; 1984 } 1985 1986 int err = rfcomm_assert_send_valid(channel, len); 1987 if (err) return err; 1988 if (!l2cap_can_send_prepared_packet_now(channel->multiplexer->l2cap_cid)){ 1989 log_error("rfcomm_send_prepared: l2cap cannot send now"); 1990 return BTSTACK_ACL_BUFFERS_FULL; 1991 } 1992 1993 // send might cause l2cap to emit new credits, update counters first 1994 channel->credits_outgoing--; 1995 1996 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 1997 1998 if (result != 0) { 1999 channel->credits_outgoing++; 2000 log_error("rfcomm_send_prepared: error %d", result); 2001 return result; 2002 } 2003 2004 return result; 2005 } 2006 2007 int rfcomm_send(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 2008 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2009 if (!channel){ 2010 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 2011 return 1; 2012 } 2013 2014 int err = rfcomm_assert_send_valid(channel, len); 2015 if (err) return err; 2016 if (!l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid)){ 2017 log_error("rfcomm_send_internal: l2cap cannot send now"); 2018 return BTSTACK_ACL_BUFFERS_FULL; 2019 } 2020 2021 rfcomm_reserve_packet_buffer(); 2022 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 2023 memcpy(rfcomm_payload, data, len); 2024 err = rfcomm_send_prepared(rfcomm_cid, len); 2025 if (err){ 2026 rfcomm_release_packet_buffer(); 2027 } 2028 return err; 2029 } 2030 2031 // Sends Local Lnie Status, see LINE_STATUS_.. 2032 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 2033 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2034 if (!channel){ 2035 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 2036 return 0; 2037 } 2038 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 2039 } 2040 2041 // Sned local modem status. see MODEM_STAUS_.. 2042 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 2043 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2044 if (!channel){ 2045 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2046 return 0; 2047 } 2048 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2049 } 2050 2051 // Configure remote port 2052 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2053 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2054 if (!channel){ 2055 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2056 return 0; 2057 } 2058 rfcomm_rpn_data_t rpn_data; 2059 rpn_data.baud_rate = baud_rate; 2060 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2061 rpn_data.flow_control = flow_control; 2062 rpn_data.xon = 0; 2063 rpn_data.xoff = 0; 2064 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2065 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2066 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2067 } 2068 2069 // Query remote port 2070 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2071 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2072 if (!channel){ 2073 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2074 return 0; 2075 } 2076 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2077 } 2078 2079 2080 static uint8_t rfcomm_channel_create_internal(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2081 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2082 2083 // create new multiplexer if necessary 2084 uint8_t status = 0; 2085 int new_multiplexer = 0; 2086 rfcomm_channel_t * channel = NULL; 2087 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2088 if (!multiplexer) { 2089 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2090 if (!multiplexer){ 2091 status = BTSTACK_MEMORY_ALLOC_FAILED; 2092 goto fail; 2093 } 2094 multiplexer->outgoing = 1; 2095 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2096 new_multiplexer = 1; 2097 } 2098 2099 // prepare channel 2100 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2101 if (!channel){ 2102 status = BTSTACK_MEMORY_ALLOC_FAILED; 2103 goto fail; 2104 } 2105 2106 // rfcomm_cid is already assigned by rfcomm_channel_create 2107 channel->incoming_flow_control = incoming_flow_control; 2108 channel->new_credits_incoming = initial_credits; 2109 channel->packet_handler = packet_handler; 2110 2111 // return rfcomm_cid 2112 if (out_rfcomm_cid){ 2113 *out_rfcomm_cid = channel->rfcomm_cid; 2114 } 2115 2116 // start multiplexer setup 2117 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2118 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2119 uint16_t l2cap_cid = 0; 2120 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2121 if (status) goto fail; 2122 multiplexer->l2cap_cid = l2cap_cid; 2123 return 0; 2124 } 2125 2126 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2127 2128 // start connecting, if multiplexer is already up and running 2129 rfcomm_run(); 2130 return 0; 2131 2132 fail: 2133 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2134 if (channel) btstack_memory_rfcomm_channel_free(channel); 2135 return status; 2136 } 2137 2138 uint8_t rfcomm_create_channel_with_initial_credits(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2139 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2140 } 2141 2142 uint8_t rfcomm_create_channel(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2143 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2144 } 2145 2146 void rfcomm_disconnect(uint16_t rfcomm_cid){ 2147 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2148 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2149 if (channel) { 2150 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2151 } 2152 2153 // process 2154 rfcomm_run(); 2155 } 2156 2157 static uint8_t rfcomm_register_service_internal(btstack_packet_handler_t packet_handler, 2158 uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2159 2160 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2161 channel, max_frame_size, incoming_flow_control, initial_credits); 2162 2163 // check if already registered 2164 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2165 if (service){ 2166 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2167 } 2168 2169 // alloc structure 2170 service = btstack_memory_rfcomm_service_get(); 2171 if (!service) { 2172 return BTSTACK_MEMORY_ALLOC_FAILED; 2173 } 2174 2175 // register with l2cap if not registered before, max MTU 2176 if (btstack_linked_list_empty(&rfcomm_services)){ 2177 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2178 } 2179 2180 // fill in 2181 service->packet_handler = packet_handler; 2182 service->server_channel = channel; 2183 service->max_frame_size = max_frame_size; 2184 service->incoming_flow_control = incoming_flow_control; 2185 service->incoming_initial_credits = initial_credits; 2186 2187 // add to services list 2188 btstack_linked_list_add(&rfcomm_services, (btstack_linked_item_t *) service); 2189 2190 return 0; 2191 } 2192 2193 uint8_t rfcomm_register_service_with_initial_credits(btstack_packet_handler_t packet_handler, 2194 uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2195 2196 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 1, initial_credits); 2197 } 2198 2199 uint8_t rfcomm_register_service(btstack_packet_handler_t packet_handler, uint8_t channel, 2200 uint16_t max_frame_size){ 2201 2202 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 0,RFCOMM_CREDITS); 2203 } 2204 2205 void rfcomm_unregister_service(uint8_t service_channel){ 2206 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2207 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2208 if (!service) return; 2209 btstack_linked_list_remove(&rfcomm_services, (btstack_linked_item_t *) service); 2210 btstack_memory_rfcomm_service_free(service); 2211 2212 // unregister if no services active 2213 if (btstack_linked_list_empty(&rfcomm_services)){ 2214 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2215 l2cap_unregister_service(PSM_RFCOMM); 2216 } 2217 } 2218 2219 void rfcomm_accept_connection(uint16_t rfcomm_cid){ 2220 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2221 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2222 if (!channel) return; 2223 switch (channel->state) { 2224 case RFCOMM_CHANNEL_INCOMING_SETUP: 2225 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2226 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2227 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2228 } 2229 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2230 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2231 } 2232 // at least one of { PN RSP, UA } needs to be sent 2233 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2234 break; 2235 default: 2236 break; 2237 } 2238 2239 // process 2240 rfcomm_run(); 2241 } 2242 2243 void rfcomm_decline_connection(uint16_t rfcomm_cid){ 2244 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2245 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2246 if (!channel) return; 2247 switch (channel->state) { 2248 case RFCOMM_CHANNEL_INCOMING_SETUP: 2249 channel->state = RFCOMM_CHANNEL_SEND_DM; 2250 break; 2251 default: 2252 break; 2253 } 2254 2255 // process 2256 rfcomm_run(); 2257 } 2258 2259 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2260 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2261 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2262 if (!channel) return; 2263 if (!channel->incoming_flow_control) return; 2264 channel->new_credits_incoming += credits; 2265 2266 // process 2267 rfcomm_run(); 2268 } 2269 2270 2271 /* 2272 * CRC (reversed crc) lookup table as calculated by the table generator in ETSI TS 101 369 V6.3.0. 2273 */ 2274 static const uint8_t crc8table[256] = { /* reversed, 8-bit, poly=0x07 */ 2275 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 2276 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 2277 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 2278 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 2279 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 2280 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 2281 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 2282 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 2283 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 2284 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 2285 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 2286 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 2287 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 2288 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 2289 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 2290 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 2291 }; 2292 2293 #define CRC8_INIT 0xFF // Initial FCS value 2294 #define CRC8_OK 0xCF // Good final FCS value 2295 /*-----------------------------------------------------------------------------------*/ 2296 static uint8_t crc8(uint8_t *data, uint16_t len) 2297 { 2298 uint16_t count; 2299 uint8_t crc = CRC8_INIT; 2300 for (count = 0; count < len; count++) 2301 crc = crc8table[crc ^ data[count]]; 2302 return crc; 2303 } 2304 2305 /*-----------------------------------------------------------------------------------*/ 2306 uint8_t crc8_check(uint8_t *data, uint16_t len, uint8_t check_sum) 2307 { 2308 uint8_t crc; 2309 2310 crc = crc8(data, len); 2311 2312 crc = crc8table[crc ^ check_sum]; 2313 if (crc == CRC8_OK) 2314 return 0; /* Valid */ 2315 else 2316 return 1; /* Failed */ 2317 2318 } 2319 2320 /*-----------------------------------------------------------------------------------*/ 2321 uint8_t crc8_calc(uint8_t *data, uint16_t len) 2322 { 2323 /* Ones complement */ 2324 return 0xFF - crc8(data, len); 2325 } 2326 2327 2328 2329 2330