1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "hci_cmds.h" 48 #include "utils.h" 49 50 #include "utils.h" 51 #include "btstack_memory.h" 52 #include "hci.h" 53 #include "hci_dump.h" 54 #include "debug.h" 55 #include "classic/rfcomm.h" 56 57 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 58 #ifndef PRIxPTR 59 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 60 #define PRIxPTR "lx" 61 #else 62 #define PRIxPTR "x" 63 #endif 64 #endif 65 66 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 67 68 #define RFCOMM_CREDITS 10 69 70 // FCS calc 71 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 72 #define BT_RFCOMM_CRC_CHECK_LEN 3 73 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 74 75 #include "l2cap.h" 76 77 // used for debugging 78 // #define RFCOMM_LOG_CREDITS 79 80 // global rfcomm data 81 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 82 83 // linked lists for all 84 static linked_list_t rfcomm_multiplexers = NULL; 85 static linked_list_t rfcomm_channels = NULL; 86 static linked_list_t rfcomm_services = NULL; 87 88 static gap_security_level_t rfcomm_security_level; 89 90 static void (*app_packet_handler)(uint8_t packet_type, 91 uint16_t channel, uint8_t *packet, uint16_t size); 92 93 static void rfcomm_run(void); 94 static void rfcomm_hand_out_credits(void); 95 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 96 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 97 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 98 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 99 100 101 // MARK: RFCOMM CLIENT EVENTS 102 103 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 104 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 105 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 106 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 107 uint8_t event[11]; 108 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 109 event[1] = sizeof(event) - 2; 110 bt_flip_addr(&event[2], channel->multiplexer->remote_addr); 111 event[8] = channel->dlci >> 1; 112 bt_store_16(event, 9, channel->rfcomm_cid); 113 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 114 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) event, sizeof(event)); 115 } 116 117 // API Change: BTstack-0.3.50x uses 118 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 119 // next Cydia release will use SVN version of this 120 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 121 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 122 log_info("RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 123 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 124 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 125 uint8_t event[16]; 126 uint8_t pos = 0; 127 event[pos++] = RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE; // 0 128 event[pos++] = sizeof(event) - 2; // 1 129 event[pos++] = status; // 2 130 bt_flip_addr(&event[pos], channel->multiplexer->remote_addr); pos += 6; // 3 131 bt_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 132 event[pos++] = channel->dlci >> 1; // 11 133 bt_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 134 bt_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 135 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 136 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) event, pos); 137 } 138 139 // data: event(8), len(8), creidts incoming(8), new credits incoming(8), credits outgoing(8) 140 static inline void rfcomm_emit_credit_status(rfcomm_channel_t * channel) { 141 #ifdef RFCOMM_LOG_CREDITS 142 log_info("RFCOMM_LOG_CREDITS incoming %u new_incoming %u outgoing %u", channel->credits_incoming, channel->new_credits_incoming, channel->credits_outgoing); 143 uint8_t event[5]; 144 event[0] = 0x88; 145 event[1] = sizeof(event) - 2; 146 event[2] = channel->credits_incoming; 147 event[3] = channel->new_credits_incoming; 148 event[4] = channel->credits_outgoing; 149 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 150 #endif 151 } 152 153 // data: event(8), len(8), rfcomm_cid(16) 154 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 155 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 156 uint8_t event[4]; 157 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 158 event[1] = sizeof(event) - 2; 159 bt_store_16(event, 2, channel->rfcomm_cid); 160 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 161 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) event, sizeof(event)); 162 } 163 164 static void rfcomm_emit_credits(rfcomm_channel_t * channel, uint8_t credits) { 165 log_info("RFCOMM_EVENT_CREDITS cid 0x%02x credits %u", channel->rfcomm_cid, credits); 166 uint8_t event[5]; 167 event[0] = RFCOMM_EVENT_CREDITS; 168 event[1] = sizeof(event) - 2; 169 bt_store_16(event, 2, channel->rfcomm_cid); 170 event[4] = credits; 171 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 172 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) event, sizeof(event)); 173 } 174 175 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 176 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 177 uint8_t event[5]; 178 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 179 event[1] = sizeof(event) - 2; 180 bt_store_16(event, 2, channel->rfcomm_cid); 181 event[4] = line_status; 182 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 183 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) event, sizeof(event)); 184 } 185 186 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 187 // notify client about new settings 188 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 189 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 190 event[1] = sizeof(rfcomm_rpn_data_t); 191 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 192 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 193 (*app_packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)event, sizeof(event)); 194 } 195 196 // MARK RFCOMM RPN DATA HELPER 197 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 198 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 199 rpn_data->flags = 0x03; /* 8-n-1 */ 200 rpn_data->flow_control = 0; /* no flow control */ 201 rpn_data->xon = 0xd1; /* XON */ 202 rpn_data->xoff = 0xd3; /* XOFF */ 203 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 204 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 205 } 206 207 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 208 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 209 dest->baud_rate = src->baud_rate; 210 } 211 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 212 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 213 } 214 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 215 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 216 } 217 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 218 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 219 } 220 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 221 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 222 } 223 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 224 dest->xon = src->xon; 225 } 226 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 227 dest->xoff = src->xoff; 228 } 229 int i; 230 for (i=0; i < 6 ; i++){ 231 uint8_t mask = 1 << i; 232 if (src->parameter_mask_1 & mask){ 233 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 234 } 235 } 236 // always copy parameter mask, too. informative for client, needed for response 237 dest->parameter_mask_0 = src->parameter_mask_0; 238 dest->parameter_mask_1 = src->parameter_mask_1; 239 } 240 // MARK: RFCOMM MULTIPLEXER HELPER 241 242 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 243 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 244 uint16_t max_frame_size = l2cap_mtu - 5; 245 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 246 return max_frame_size; 247 } 248 249 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 250 251 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 252 253 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 254 multiplexer->l2cap_credits = 0; 255 multiplexer->fcon = 1; 256 multiplexer->send_dm_for_dlci = 0; 257 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 258 multiplexer->test_data_len = 0; 259 multiplexer->nsc_command = 0; 260 } 261 262 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 263 264 // alloc structure 265 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 266 if (!multiplexer) return NULL; 267 268 // fill in 269 rfcomm_multiplexer_initialize(multiplexer); 270 BD_ADDR_COPY(&multiplexer->remote_addr, addr); 271 272 // add to services list 273 linked_list_add(&rfcomm_multiplexers, (linked_item_t *) multiplexer); 274 275 return multiplexer; 276 } 277 278 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 279 linked_item_t *it; 280 for (it = (linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 281 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 282 if (BD_ADDR_CMP(addr, multiplexer->remote_addr) == 0) { 283 return multiplexer; 284 }; 285 } 286 return NULL; 287 } 288 289 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 290 linked_item_t *it; 291 for (it = (linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 292 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 293 if (multiplexer->l2cap_cid == l2cap_cid) { 294 return multiplexer; 295 }; 296 } 297 return NULL; 298 } 299 300 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 301 linked_item_t *it; 302 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 303 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 304 if (channel->multiplexer == multiplexer) { 305 return 1; 306 } 307 } 308 return 0; 309 } 310 311 // MARK: RFCOMM CHANNEL HELPER 312 313 static void rfcomm_dump_channels(void){ 314 #ifndef EMBEDDED 315 linked_item_t * it; 316 int channels = 0; 317 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 318 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 319 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 320 channels++; 321 } 322 #endif 323 } 324 325 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 326 rfcomm_service_t *service, uint8_t server_channel){ 327 328 // don't use 0 as channel id 329 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 330 331 // setup channel 332 memset(channel, 0, sizeof(rfcomm_channel_t)); 333 334 channel->state = RFCOMM_CHANNEL_CLOSED; 335 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 336 337 channel->multiplexer = multiplexer; 338 channel->service = service; 339 channel->rfcomm_cid = rfcomm_client_cid_generator++; 340 channel->max_frame_size = multiplexer->max_frame_size; 341 342 channel->credits_incoming = 0; 343 channel->credits_outgoing = 0; 344 channel->packets_granted = 0; 345 346 // set defaults for port configuration (even for services) 347 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 348 349 // incoming flow control not active 350 channel->new_credits_incoming =RFCOMM_CREDITS; 351 channel->incoming_flow_control = 0; 352 353 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 354 355 if (service) { 356 // incoming connection 357 channel->outgoing = 0; 358 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 359 if (channel->max_frame_size > service->max_frame_size) { 360 channel->max_frame_size = service->max_frame_size; 361 } 362 channel->incoming_flow_control = service->incoming_flow_control; 363 channel->new_credits_incoming = service->incoming_initial_credits; 364 } else { 365 // outgoing connection 366 channel->outgoing = 1; 367 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 368 369 } 370 } 371 372 // service == NULL -> outgoing channel 373 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 374 rfcomm_service_t * service, uint8_t server_channel){ 375 376 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 377 rfcomm_dump_channels(); 378 379 // alloc structure 380 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 381 if (!channel) return NULL; 382 383 // fill in 384 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 385 386 // add to services list 387 linked_list_add(&rfcomm_channels, (linked_item_t *) channel); 388 389 return channel; 390 } 391 392 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 393 linked_item_t *it; 394 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 395 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 396 if (channel->rfcomm_cid == rfcomm_cid) { 397 return channel; 398 }; 399 } 400 return NULL; 401 } 402 403 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 404 linked_item_t *it; 405 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 406 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 407 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 408 return channel; 409 }; 410 } 411 return NULL; 412 } 413 414 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 415 linked_item_t *it; 416 for (it = (linked_item_t *) rfcomm_services; it ; it = it->next){ 417 rfcomm_service_t * service = ((rfcomm_service_t *) it); 418 if ( service->server_channel == server_channel){ 419 return service; 420 }; 421 } 422 return NULL; 423 } 424 425 // MARK: RFCOMM SEND 426 427 /** 428 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 429 */ 430 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 431 432 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 433 434 l2cap_reserve_packet_buffer(); 435 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 436 437 uint16_t pos = 0; 438 uint8_t crc_fields = 3; 439 440 rfcomm_out_buffer[pos++] = address; 441 rfcomm_out_buffer[pos++] = control; 442 443 // length field can be 1 or 2 octets 444 if (len < 128){ 445 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 446 } else { 447 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 448 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 449 crc_fields++; 450 } 451 452 // add credits for UIH frames when PF bit is set 453 if (control == BT_RFCOMM_UIH_PF){ 454 rfcomm_out_buffer[pos++] = credits; 455 } 456 457 // copy actual data 458 if (len) { 459 memcpy(&rfcomm_out_buffer[pos], data, len); 460 pos += len; 461 } 462 463 // UIH frames only calc FCS over address + control (5.1.1) 464 if ((control & 0xef) == BT_RFCOMM_UIH){ 465 crc_fields = 2; 466 } 467 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 468 469 int credits_taken = 0; 470 if (multiplexer->l2cap_credits){ 471 credits_taken++; 472 multiplexer->l2cap_credits--; 473 } else { 474 log_info( "rfcomm_send_packet addr %02x, ctrl %02x size %u without l2cap credits", address, control, pos); 475 } 476 477 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 478 479 if (err) { 480 // undo credit counting 481 multiplexer->l2cap_credits += credits_taken; 482 } 483 return err; 484 } 485 486 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 487 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 488 489 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 490 uint8_t control = BT_RFCOMM_UIH; 491 492 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 493 494 uint16_t pos = 0; 495 rfcomm_out_buffer[pos++] = address; 496 rfcomm_out_buffer[pos++] = control; 497 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 498 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 499 500 // actual data is already in place 501 pos += len; 502 503 // UIH frames only calc FCS over address + control (5.1.1) 504 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 505 506 int credits_taken = 0; 507 if (multiplexer->l2cap_credits){ 508 credits_taken++; 509 multiplexer->l2cap_credits--; 510 } else { 511 log_info( "rfcomm_send_uih_prepared addr %02x, ctrl %02x size %u without l2cap credits", address, control, pos); 512 } 513 514 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 515 516 if (err) { 517 // undo credit counting 518 multiplexer->l2cap_credits += credits_taken; 519 } 520 return err; 521 } 522 523 // C/R Flag in Address 524 // - terms: initiator = station that creates multiplexer with SABM 525 // - terms: responder = station that responds to multiplexer setup with UA 526 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 527 // - command initiator = 1 /response responder = 1 528 // - command responder = 0 /response initiator = 0 529 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 530 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 531 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 532 533 // C/R Flag in Message 534 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 535 // - If the C/R bit is set to 1 the message is a command 536 // - if it is set to 0 the message is a response. 537 538 // temp/old messge construction 539 540 // new object oriented version 541 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 542 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 543 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 544 } 545 546 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 547 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 548 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 549 } 550 551 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 552 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 553 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 554 } 555 556 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 557 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 558 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 559 } 560 561 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 562 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 563 uint8_t payload[2]; 564 uint8_t pos = 0; 565 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 566 payload[pos++] = (0 << 1) | 1; // len 567 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 568 } 569 570 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 571 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 572 // uint8_t payload[2+len]; 573 // uint8_t pos = 0; 574 // payload[pos++] = BT_RFCOMM_TEST_CMD; 575 // payload[pos++] = (len + 1) << 1 | 1; // len 576 // memcpy(&payload[pos], data, len); 577 // pos += len; 578 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 579 // } 580 581 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 582 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 583 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 584 uint8_t pos = 0; 585 payload[pos++] = BT_RFCOMM_TEST_RSP; 586 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 587 len = RFCOMM_TEST_DATA_MAX_LEN; 588 } 589 payload[pos++] = (len << 1) | 1; // len 590 memcpy(&payload[pos], data, len); 591 pos += len; 592 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 593 } 594 595 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 596 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 597 uint8_t payload[4]; 598 uint8_t pos = 0; 599 payload[pos++] = BT_RFCOMM_MSC_CMD; 600 payload[pos++] = (2 << 1) | 1; // len 601 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 602 payload[pos++] = signals; 603 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 604 } 605 606 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 607 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 608 uint8_t payload[4]; 609 uint8_t pos = 0; 610 payload[pos++] = BT_RFCOMM_MSC_RSP; 611 payload[pos++] = (2 << 1) | 1; // len 612 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 613 payload[pos++] = signals; 614 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 615 } 616 617 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 618 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 619 uint8_t payload[3]; 620 uint8_t pos = 0; 621 payload[pos++] = BT_RFCOMM_NSC_RSP; 622 payload[pos++] = (1 << 1) | 1; // len 623 payload[pos++] = command; 624 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 625 } 626 627 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 628 uint8_t payload[10]; 629 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 630 uint8_t pos = 0; 631 payload[pos++] = BT_RFCOMM_PN_CMD; 632 payload[pos++] = (8 << 1) | 1; // len 633 payload[pos++] = dlci; 634 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 635 payload[pos++] = 0; // priority 636 payload[pos++] = 0; // max 60 seconds ack 637 payload[pos++] = max_frame_size & 0xff; // max framesize low 638 payload[pos++] = max_frame_size >> 8; // max framesize high 639 payload[pos++] = 0x00; // number of retransmissions 640 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 641 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 642 } 643 644 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." RFCOMM-tutorial.pdf 645 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 646 uint8_t priority, uint16_t max_frame_size){ 647 uint8_t payload[10]; 648 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 649 uint8_t pos = 0; 650 payload[pos++] = BT_RFCOMM_PN_RSP; 651 payload[pos++] = (8 << 1) | 1; // len 652 payload[pos++] = dlci; 653 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 654 payload[pos++] = priority; // priority 655 payload[pos++] = 0; // max 60 seconds ack 656 payload[pos++] = max_frame_size & 0xff; // max framesize low 657 payload[pos++] = max_frame_size >> 8; // max framesize high 658 payload[pos++] = 0x00; // number of retransmissions 659 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 660 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 661 } 662 663 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 664 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 665 uint8_t payload[4]; 666 uint8_t pos = 0; 667 payload[pos++] = BT_RFCOMM_RLS_CMD; 668 payload[pos++] = (2 << 1) | 1; // len 669 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 670 payload[pos++] = line_status; 671 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 672 } 673 674 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 675 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 676 uint8_t payload[4]; 677 uint8_t pos = 0; 678 payload[pos++] = BT_RFCOMM_RLS_RSP; 679 payload[pos++] = (2 << 1) | 1; // len 680 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 681 payload[pos++] = line_status; 682 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 683 } 684 685 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 686 uint8_t payload[10]; 687 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 688 uint8_t pos = 0; 689 payload[pos++] = BT_RFCOMM_RPN_CMD; 690 payload[pos++] = (8 << 1) | 1; // len 691 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 692 payload[pos++] = rpn_data->baud_rate; 693 payload[pos++] = rpn_data->flags; 694 payload[pos++] = rpn_data->flow_control; 695 payload[pos++] = rpn_data->xon; 696 payload[pos++] = rpn_data->xoff; 697 payload[pos++] = rpn_data->parameter_mask_0; 698 payload[pos++] = rpn_data->parameter_mask_1; 699 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 700 } 701 702 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 703 uint8_t payload[3]; 704 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 705 uint8_t pos = 0; 706 payload[pos++] = BT_RFCOMM_RPN_CMD; 707 payload[pos++] = (1 << 1) | 1; // len 708 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 709 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 710 } 711 712 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 713 uint8_t payload[10]; 714 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 715 uint8_t pos = 0; 716 payload[pos++] = BT_RFCOMM_RPN_RSP; 717 payload[pos++] = (8 << 1) | 1; // len 718 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 719 payload[pos++] = rpn_data->baud_rate; 720 payload[pos++] = rpn_data->flags; 721 payload[pos++] = rpn_data->flow_control; 722 payload[pos++] = rpn_data->xon; 723 payload[pos++] = rpn_data->xoff; 724 payload[pos++] = rpn_data->parameter_mask_0; 725 payload[pos++] = rpn_data->parameter_mask_1; 726 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 727 } 728 729 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 730 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 731 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 732 } 733 734 // MARK: RFCOMM MULTIPLEXER 735 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 736 if (multiplexer->timer_active) { 737 run_loop_remove_timer(&multiplexer->timer); 738 multiplexer->timer_active = 0; 739 } 740 } 741 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 742 linked_list_remove( &rfcomm_multiplexers, (linked_item_t *) multiplexer); 743 btstack_memory_rfcomm_multiplexer_free(multiplexer); 744 } 745 746 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 747 // remove (potential) timer 748 rfcomm_multiplexer_stop_timer(multiplexer); 749 750 // close and remove all channels 751 linked_item_t *it = (linked_item_t *) &rfcomm_channels; 752 while (it->next){ 753 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 754 if (channel->multiplexer == multiplexer) { 755 // emit appropriate events 756 if (channel->state == RFCOMM_CHANNEL_OPEN) { 757 rfcomm_emit_channel_closed(channel); 758 } else { 759 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 760 } 761 // remove from list 762 it->next = it->next->next; 763 // free channel struct 764 btstack_memory_rfcomm_channel_free(channel); 765 } else { 766 it = it->next; 767 } 768 } 769 770 // remove mutliplexer 771 rfcomm_multiplexer_free(multiplexer); 772 } 773 774 static void rfcomm_multiplexer_timer_handler(timer_source_t *timer){ 775 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t *) linked_item_get_user( (linked_item_t *) timer); 776 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 777 778 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 779 uint16_t l2cap_cid = multiplexer->l2cap_cid; 780 rfcomm_multiplexer_finalize(multiplexer); 781 l2cap_disconnect_internal(l2cap_cid, 0x13); 782 } 783 784 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 785 if (multiplexer->timer_active) { 786 run_loop_remove_timer(&multiplexer->timer); 787 multiplexer->timer_active = 0; 788 } 789 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 790 791 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 792 run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 793 multiplexer->timer.process = rfcomm_multiplexer_timer_handler; 794 linked_item_set_user((linked_item_t*) &multiplexer->timer, multiplexer); 795 run_loop_add_timer(&multiplexer->timer); 796 multiplexer->timer_active = 1; 797 } 798 799 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 800 log_info("Multiplexer up and running"); 801 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 802 803 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 804 805 // transition of channels that wait for multiplexer 806 linked_item_t *it; 807 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 808 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 809 if (channel->multiplexer != multiplexer) continue; 810 rfcomm_channel_state_machine(channel, &event); 811 } 812 813 rfcomm_run(); 814 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 815 } 816 817 818 /** 819 * @return handled packet 820 */ 821 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 822 bd_addr_t event_addr; 823 uint16_t psm; 824 uint16_t l2cap_cid; 825 hci_con_handle_t con_handle; 826 rfcomm_multiplexer_t *multiplexer = NULL; 827 uint8_t status; 828 829 switch (packet[0]) { 830 831 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 832 case L2CAP_EVENT_INCOMING_CONNECTION: 833 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 834 bt_flip_addr(event_addr, &packet[2]); 835 con_handle = READ_BT_16(packet, 8); 836 psm = READ_BT_16(packet, 10); 837 l2cap_cid = READ_BT_16(packet, 12); 838 839 if (psm != PSM_RFCOMM) break; 840 841 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 842 843 if (multiplexer) { 844 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 845 l2cap_decline_connection_internal(l2cap_cid, 0x04); // no resources available 846 return 1; 847 } 848 849 // create and inititialize new multiplexer instance (incoming) 850 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 851 if (!multiplexer){ 852 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 853 l2cap_decline_connection_internal(l2cap_cid, 0x04); // no resources available 854 return 1; 855 } 856 857 multiplexer->con_handle = con_handle; 858 multiplexer->l2cap_cid = l2cap_cid; 859 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 860 861 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 862 l2cap_accept_connection_internal(l2cap_cid); 863 return 1; 864 865 // l2cap connection opened -> store l2cap_cid, remote_addr 866 case L2CAP_EVENT_CHANNEL_OPENED: 867 868 if (READ_BT_16(packet, 11) != PSM_RFCOMM) break; 869 870 status = packet[2]; 871 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 872 873 // get multiplexer for remote addr 874 con_handle = READ_BT_16(packet, 9); 875 l2cap_cid = READ_BT_16(packet, 13); 876 bt_flip_addr(event_addr, &packet[3]); 877 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 878 if (!multiplexer) { 879 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 880 return 1; 881 } 882 883 // on l2cap open error discard everything 884 if (status){ 885 886 // remove (potential) timer 887 rfcomm_multiplexer_stop_timer(multiplexer); 888 889 // emit rfcomm_channel_opened with status and free channel 890 linked_item_t * it = (linked_item_t *) &rfcomm_channels; 891 while (it->next) { 892 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 893 if (channel->multiplexer == multiplexer){ 894 rfcomm_emit_channel_opened(channel, status); 895 it->next = it->next->next; 896 btstack_memory_rfcomm_channel_free(channel); 897 } else { 898 it = it->next; 899 } 900 } 901 902 // free multiplexer 903 rfcomm_multiplexer_free(multiplexer); 904 return 1; 905 } 906 907 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 908 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 909 // wrong remote addr 910 if (BD_ADDR_CMP(event_addr, multiplexer->remote_addr)) break; 911 multiplexer->l2cap_cid = l2cap_cid; 912 multiplexer->con_handle = con_handle; 913 // send SABM #0 914 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 915 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 916 917 // set max frame size based on l2cap MTU 918 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(READ_BT_16(packet, 17)); 919 } 920 return 1; 921 922 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 923 924 case L2CAP_EVENT_CREDITS: 925 // data: event(8), len(8), local_cid(16), credits(8) 926 l2cap_cid = READ_BT_16(packet, 2); 927 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 928 if (!multiplexer) break; 929 multiplexer->l2cap_credits += packet[4]; 930 931 // log_info("L2CAP_EVENT_CREDITS: %u (now %u)", packet[4], multiplexer->l2cap_credits); 932 933 // new credits, continue with signaling 934 rfcomm_run(); 935 936 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) break; 937 rfcomm_hand_out_credits(); 938 return 1; 939 940 case DAEMON_EVENT_HCI_PACKET_SENT: 941 // testing DMA done code 942 rfcomm_run(); 943 break; 944 945 case L2CAP_EVENT_CHANNEL_CLOSED: 946 // data: event (8), len(8), channel (16) 947 l2cap_cid = READ_BT_16(packet, 2); 948 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 949 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 950 if (!multiplexer) break; 951 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 952 switch (multiplexer->state) { 953 case RFCOMM_MULTIPLEXER_W4_CONNECT: 954 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 955 case RFCOMM_MULTIPLEXER_W4_SABM_0: 956 case RFCOMM_MULTIPLEXER_SEND_UA_0: 957 case RFCOMM_MULTIPLEXER_W4_UA_0: 958 case RFCOMM_MULTIPLEXER_OPEN: 959 // don't call l2cap_disconnect as it's alreay closed 960 rfcomm_multiplexer_finalize(multiplexer); 961 return 1; 962 default: 963 break; 964 } 965 break; 966 default: 967 break; 968 } 969 return 0; 970 } 971 972 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 973 974 // get or create a multiplexer for a certain device 975 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 976 if (!multiplexer) return 0; 977 978 uint16_t l2cap_cid = multiplexer->l2cap_cid; 979 980 // but only care for multiplexer control channel 981 uint8_t frame_dlci = packet[0] >> 2; 982 if (frame_dlci) return 0; 983 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 984 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 985 const uint8_t payload_offset = 3 + length_offset + credit_offset; 986 switch (packet[1]){ 987 988 case BT_RFCOMM_SABM: 989 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 990 log_info("Received SABM #0"); 991 multiplexer->outgoing = 0; 992 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 993 return 1; 994 } 995 break; 996 997 case BT_RFCOMM_UA: 998 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 999 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 1000 log_info("Received UA #0 "); 1001 rfcomm_multiplexer_opened(multiplexer); 1002 return 1; 1003 } 1004 break; 1005 1006 case BT_RFCOMM_DISC: 1007 // DISC #0 -> send UA #0, close multiplexer 1008 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 1009 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 1010 return 1; 1011 1012 case BT_RFCOMM_DM: 1013 // DM #0 - we shouldn't get this, just give up 1014 log_info("Received DM #0"); 1015 log_info("-> Closing down multiplexer"); 1016 rfcomm_multiplexer_finalize(multiplexer); 1017 l2cap_disconnect_internal(l2cap_cid, 0x13); 1018 return 1; 1019 1020 case BT_RFCOMM_UIH: 1021 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 1022 // Multiplexer close down (CLD) -> close mutliplexer 1023 log_info("Received Multiplexer close down command"); 1024 log_info("-> Closing down multiplexer"); 1025 rfcomm_multiplexer_finalize(multiplexer); 1026 l2cap_disconnect_internal(l2cap_cid, 0x13); 1027 return 1; 1028 } 1029 switch (packet[payload_offset]){ 1030 case BT_RFCOMM_CLD_CMD: 1031 // Multiplexer close down (CLD) -> close mutliplexer 1032 log_info("Received Multiplexer close down command"); 1033 log_info("-> Closing down multiplexer"); 1034 rfcomm_multiplexer_finalize(multiplexer); 1035 l2cap_disconnect_internal(l2cap_cid, 0x13); 1036 return 1; 1037 1038 case BT_RFCOMM_FCON_CMD: 1039 multiplexer->fcon = 0x81; 1040 break; 1041 1042 case BT_RFCOMM_FCOFF_CMD: 1043 multiplexer->fcon = 0x80; 1044 break; 1045 1046 case BT_RFCOMM_TEST_CMD: { 1047 log_info("Received test command"); 1048 int len = packet[payload_offset+1] >> 1; // length < 125 1049 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1050 len = RFCOMM_TEST_DATA_MAX_LEN; 1051 } 1052 multiplexer->test_data_len = len; 1053 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1054 return 1; 1055 } 1056 default: 1057 break; 1058 } 1059 break; 1060 1061 default: 1062 break; 1063 1064 } 1065 return 0; 1066 } 1067 1068 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1069 1070 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1071 1072 // process stored DM responses 1073 if (multiplexer->send_dm_for_dlci){ 1074 uint8_t dlci = multiplexer->send_dm_for_dlci; 1075 multiplexer->send_dm_for_dlci = 0; 1076 rfcomm_send_dm_pf(multiplexer, dlci); 1077 return; 1078 } 1079 1080 if (multiplexer->nsc_command){ 1081 uint8_t command = multiplexer->nsc_command; 1082 multiplexer->nsc_command = 0; 1083 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1084 return; 1085 } 1086 1087 if (multiplexer->fcon & 0x80){ 1088 multiplexer->fcon &= 0x01; 1089 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1090 if (multiplexer->fcon == 0) return; 1091 // trigger client to send again after sending FCon Response 1092 uint8_t packet_sent_event[] = { DAEMON_EVENT_HCI_PACKET_SENT, 0}; 1093 linked_item_t *it; 1094 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 1095 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1096 if (channel->multiplexer != multiplexer) continue; 1097 (*app_packet_handler)(HCI_EVENT_PACKET, 0, (uint8_t *) packet_sent_event, sizeof(packet_sent_event)); 1098 } 1099 return; 1100 } 1101 1102 switch (multiplexer->state) { 1103 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1104 switch (event) { 1105 case MULT_EV_READY_TO_SEND: 1106 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1107 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1108 rfcomm_send_sabm(multiplexer, 0); 1109 break; 1110 default: 1111 break; 1112 } 1113 break; 1114 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1115 switch (event) { 1116 case MULT_EV_READY_TO_SEND: 1117 log_info("Sending UA #0"); 1118 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1119 rfcomm_send_ua(multiplexer, 0); 1120 rfcomm_multiplexer_opened(multiplexer); 1121 break; 1122 default: 1123 break; 1124 } 1125 break; 1126 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1127 switch (event) { 1128 case MULT_EV_READY_TO_SEND: 1129 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1130 if (!multiplexer->at_least_one_connection){ 1131 log_info("TODO: no connections established - delete link key prophylactically"); 1132 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1133 } 1134 log_info("Sending UA #0"); 1135 log_info("Closing down multiplexer"); 1136 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1137 rfcomm_send_ua(multiplexer, 0); 1138 rfcomm_multiplexer_finalize(multiplexer); 1139 l2cap_disconnect_internal(l2cap_cid, 0x13); 1140 default: 1141 break; 1142 } 1143 break; 1144 case RFCOMM_MULTIPLEXER_OPEN: 1145 switch (event) { 1146 case MULT_EV_READY_TO_SEND: 1147 // respond to test command 1148 if (multiplexer->test_data_len){ 1149 int len = multiplexer->test_data_len; 1150 log_info("Sending TEST Response with %u bytes", len); 1151 multiplexer->test_data_len = 0; 1152 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1153 return; 1154 } 1155 break; 1156 default: 1157 break; 1158 } 1159 break; 1160 default: 1161 break; 1162 } 1163 } 1164 1165 // MARK: RFCOMM CHANNEL 1166 1167 static void rfcomm_hand_out_credits(void){ 1168 linked_item_t * it; 1169 for (it = (linked_item_t *) rfcomm_channels; it ; it = it->next){ 1170 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 1171 if (channel->state != RFCOMM_CHANNEL_OPEN) { 1172 // log_info("RFCOMM_EVENT_CREDITS: multiplexer not open"); 1173 continue; 1174 } 1175 if (channel->packets_granted) { 1176 // log_info("RFCOMM_EVENT_CREDITS: already packets granted"); 1177 continue; 1178 } 1179 if (!channel->credits_outgoing) { 1180 // log_info("RFCOMM_EVENT_CREDITS: no outgoing credits"); 1181 continue; 1182 } 1183 if (!channel->multiplexer->l2cap_credits){ 1184 // log_info("RFCOMM_EVENT_CREDITS: no l2cap credits"); 1185 continue; 1186 } 1187 // channel open, multiplexer has l2cap credits and we didn't hand out credit before -> go! 1188 // log_info("RFCOMM_EVENT_CREDITS: 1"); 1189 channel->packets_granted += 1; 1190 rfcomm_emit_credits(channel, 1); 1191 } 1192 } 1193 1194 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1195 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1196 channel->credits_incoming += credits; 1197 1198 rfcomm_emit_credit_status(channel); 1199 } 1200 1201 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1202 1203 log_info("rfcomm_channel_opened!"); 1204 1205 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1206 rfcomm_emit_channel_opened(rfChannel, 0); 1207 rfcomm_emit_port_configuration(rfChannel); 1208 rfcomm_hand_out_credits(); 1209 1210 // remove (potential) timer 1211 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1212 if (multiplexer->timer_active) { 1213 run_loop_remove_timer(&multiplexer->timer); 1214 multiplexer->timer_active = 0; 1215 } 1216 // hack for problem detecting authentication failure 1217 multiplexer->at_least_one_connection = 1; 1218 1219 // start next connection request if pending 1220 rfcomm_run(); 1221 } 1222 1223 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1224 const uint8_t frame_dlci = packet[0] >> 2; 1225 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1226 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1227 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1228 1229 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1230 if (!channel) return; 1231 1232 // handle new outgoing credits 1233 if (packet[1] == BT_RFCOMM_UIH_PF) { 1234 1235 // add them 1236 uint16_t new_credits = packet[3+length_offset]; 1237 channel->credits_outgoing += new_credits; 1238 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1239 1240 // notify channel statemachine 1241 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1242 rfcomm_channel_state_machine(channel, &channel_event); 1243 } 1244 1245 // contains payload? 1246 if (size - 1 > payload_offset){ 1247 1248 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1249 1250 // decrease incoming credit counter 1251 if (channel->credits_incoming > 0){ 1252 channel->credits_incoming--; 1253 } 1254 1255 // deliver payload 1256 (*app_packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1257 &packet[payload_offset], size-payload_offset-1); 1258 } 1259 1260 // automatically provide new credits to remote device, if no incoming flow control 1261 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1262 channel->new_credits_incoming =RFCOMM_CREDITS; 1263 } 1264 1265 rfcomm_emit_credit_status(channel); 1266 1267 // we received new RFCOMM credits, hand them out if possible 1268 rfcomm_hand_out_credits(); 1269 } 1270 1271 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1272 // priority of client request 1273 channel->pn_priority = event->priority; 1274 1275 // new credits 1276 channel->credits_outgoing = event->credits_outgoing; 1277 1278 // negotiate max frame size 1279 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1280 channel->max_frame_size = channel->multiplexer->max_frame_size; 1281 } 1282 if (channel->max_frame_size > event->max_frame_size) { 1283 channel->max_frame_size = event->max_frame_size; 1284 } 1285 1286 } 1287 1288 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1289 1290 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1291 1292 // remove from list 1293 linked_list_remove( &rfcomm_channels, (linked_item_t *) channel); 1294 1295 // free channel 1296 btstack_memory_rfcomm_channel_free(channel); 1297 1298 // update multiplexer timeout after channel was removed from list 1299 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1300 } 1301 1302 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1303 1304 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1305 1306 1307 // lookup existing channel 1308 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1309 1310 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1311 1312 if (channel) { 1313 rfcomm_channel_state_machine(channel, event); 1314 return; 1315 } 1316 1317 // service registered? 1318 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1319 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1320 if (!service) { 1321 // discard request by sending disconnected mode 1322 multiplexer->send_dm_for_dlci = dlci; 1323 return; 1324 } 1325 1326 // create channel for some events 1327 switch (event->type) { 1328 case CH_EVT_RCVD_SABM: 1329 case CH_EVT_RCVD_PN: 1330 case CH_EVT_RCVD_RPN_REQ: 1331 case CH_EVT_RCVD_RPN_CMD: 1332 // setup incoming channel 1333 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1334 if (!channel){ 1335 // discard request by sending disconnected mode 1336 multiplexer->send_dm_for_dlci = dlci; 1337 } 1338 break; 1339 default: 1340 break; 1341 } 1342 1343 if (!channel) { 1344 // discard request by sending disconnected mode 1345 multiplexer->send_dm_for_dlci = dlci; 1346 return; 1347 } 1348 rfcomm_channel_state_machine(channel, event); 1349 } 1350 1351 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1352 1353 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1354 const uint8_t frame_dlci = packet[0] >> 2; 1355 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1356 uint8_t message_len; // " 1357 1358 // rfcomm: (1) command/control 1359 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1360 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1361 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1362 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1363 // rfcomm: (3+length_offset) credits if credits_offset == 1 1364 // rfcomm: (3+length_offest+credits_offset) 1365 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1366 1367 rfcomm_channel_event_t event; 1368 rfcomm_channel_event_pn_t event_pn; 1369 rfcomm_channel_event_rpn_t event_rpn; 1370 rfcomm_channel_event_msc_t event_msc; 1371 1372 // switch by rfcomm message type 1373 switch(packet[1]) { 1374 1375 case BT_RFCOMM_SABM: 1376 event.type = CH_EVT_RCVD_SABM; 1377 log_info("Received SABM #%u", frame_dlci); 1378 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1379 break; 1380 1381 case BT_RFCOMM_UA: 1382 event.type = CH_EVT_RCVD_UA; 1383 log_info("Received UA #%u",frame_dlci); 1384 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1385 break; 1386 1387 case BT_RFCOMM_DISC: 1388 event.type = CH_EVT_RCVD_DISC; 1389 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1390 break; 1391 1392 case BT_RFCOMM_DM: 1393 case BT_RFCOMM_DM_PF: 1394 event.type = CH_EVT_RCVD_DM; 1395 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1396 break; 1397 1398 case BT_RFCOMM_UIH_PF: 1399 case BT_RFCOMM_UIH: 1400 1401 message_len = packet[payload_offset+1] >> 1; 1402 1403 switch (packet[payload_offset]) { 1404 case BT_RFCOMM_PN_CMD: 1405 message_dlci = packet[payload_offset+2]; 1406 event_pn.super.type = CH_EVT_RCVD_PN; 1407 event_pn.priority = packet[payload_offset+4]; 1408 event_pn.max_frame_size = READ_BT_16(packet, payload_offset+6); 1409 event_pn.credits_outgoing = packet[payload_offset+9]; 1410 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1411 message_dlci, event_pn.credits_outgoing); 1412 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1413 break; 1414 1415 case BT_RFCOMM_PN_RSP: 1416 message_dlci = packet[payload_offset+2]; 1417 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1418 event_pn.priority = packet[payload_offset+4]; 1419 event_pn.max_frame_size = READ_BT_16(packet, payload_offset+6); 1420 event_pn.credits_outgoing = packet[payload_offset+9]; 1421 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1422 event_pn.max_frame_size, event_pn.credits_outgoing); 1423 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1424 break; 1425 1426 case BT_RFCOMM_MSC_CMD: 1427 message_dlci = packet[payload_offset+2] >> 2; 1428 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1429 event_msc.modem_status = packet[payload_offset+3]; 1430 log_info("Received MSC CMD for #%u, ", message_dlci); 1431 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1432 break; 1433 1434 case BT_RFCOMM_MSC_RSP: 1435 message_dlci = packet[payload_offset+2] >> 2; 1436 event.type = CH_EVT_RCVD_MSC_RSP; 1437 log_info("Received MSC RSP for #%u", message_dlci); 1438 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1439 break; 1440 1441 case BT_RFCOMM_RPN_CMD: 1442 message_dlci = packet[payload_offset+2] >> 2; 1443 switch (message_len){ 1444 case 1: 1445 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1446 event.type = CH_EVT_RCVD_RPN_REQ; 1447 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1448 break; 1449 case 8: 1450 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1451 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1452 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1453 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1454 break; 1455 default: 1456 break; 1457 } 1458 break; 1459 1460 case BT_RFCOMM_RPN_RSP: 1461 log_info("Received RPN response"); 1462 break; 1463 1464 case BT_RFCOMM_RLS_CMD: { 1465 log_info("Received RLS command"); 1466 message_dlci = packet[payload_offset+2] >> 2; 1467 rfcomm_channel_event_rls_t event_rls; 1468 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1469 event_rls.line_status = packet[payload_offset+3]; 1470 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1471 break; 1472 } 1473 1474 case BT_RFCOMM_RLS_RSP: 1475 log_info("Received RLS response"); 1476 break; 1477 1478 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1479 // case BT_RFCOMM_TEST_CMD: 1480 // case BT_RFCOMM_FCOFF_CMD: 1481 // case BT_RFCOMM_FCON_CMD: 1482 // everything else is an not supported command 1483 default: { 1484 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1485 multiplexer->nsc_command = packet[payload_offset]; 1486 break; 1487 } 1488 } 1489 break; 1490 1491 default: 1492 log_error("Received unknown RFCOMM message type %x", packet[1]); 1493 break; 1494 } 1495 1496 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1497 rfcomm_run(); 1498 } 1499 1500 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1501 1502 // multiplexer handler 1503 int handled = 0; 1504 switch (packet_type) { 1505 case HCI_EVENT_PACKET: 1506 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1507 break; 1508 case L2CAP_DATA_PACKET: 1509 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1510 break; 1511 default: 1512 break; 1513 } 1514 1515 if (handled) { 1516 rfcomm_run(); 1517 return; 1518 } 1519 1520 // we only handle l2cap packet over open multiplexer channel now 1521 if (packet_type != L2CAP_DATA_PACKET) { 1522 (*app_packet_handler)(packet_type, channel, packet, size); 1523 return; 1524 } 1525 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1526 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 1527 (*app_packet_handler)(packet_type, channel, packet, size); 1528 return; 1529 } 1530 1531 // channel data ? 1532 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1533 const uint8_t frame_dlci = packet[0] >> 2; 1534 1535 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1536 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1537 rfcomm_run(); 1538 return; 1539 } 1540 1541 rfcomm_channel_packet_handler(multiplexer, packet, size); 1542 } 1543 1544 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1545 // note: exchanging MSC isn't neccessary to consider channel open 1546 // note: having outgoing credits is also not necessary to consider channel open 1547 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1548 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1549 // if (channel->credits_outgoing == 0) return 0; 1550 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1551 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1552 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1553 1554 return 1; 1555 } 1556 1557 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1558 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1559 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1560 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1561 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1562 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1563 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1564 return 1; 1565 } 1566 1567 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1568 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1569 } 1570 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1571 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1572 } 1573 1574 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1575 1576 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1577 1578 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1579 1580 // TODO: integrate in common switch 1581 if (event->type == CH_EVT_RCVD_DISC){ 1582 rfcomm_emit_channel_closed(channel); 1583 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1584 return; 1585 } 1586 1587 // TODO: integrate in common switch 1588 if (event->type == CH_EVT_RCVD_DM){ 1589 log_info("Received DM message for #%u", channel->dlci); 1590 log_info("-> Closing channel locally for #%u", channel->dlci); 1591 rfcomm_emit_channel_closed(channel); 1592 rfcomm_channel_finalize(channel); 1593 return; 1594 } 1595 1596 // remote port negotiation command - just accept everything for now 1597 // 1598 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1599 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1600 // (Although the handling of individual settings are implementation-dependent.)" 1601 // 1602 1603 // TODO: integrate in common switch 1604 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1605 // control port parameters 1606 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1607 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1608 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1609 // notify client about new settings 1610 rfcomm_emit_port_configuration(channel); 1611 return; 1612 } 1613 1614 // TODO: integrate in common switch 1615 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1616 // no values got accepted (no values have beens sent) 1617 channel->rpn_data.parameter_mask_0 = 0x00; 1618 channel->rpn_data.parameter_mask_1 = 0x00; 1619 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1620 return; 1621 } 1622 1623 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1624 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1625 channel->rls_line_status = event_rls->line_status & 0x0f; 1626 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1627 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1628 return; 1629 } 1630 1631 // TODO: integrate in common swich 1632 if (event->type == CH_EVT_READY_TO_SEND){ 1633 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1634 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1635 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1636 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1637 return; 1638 } 1639 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1640 log_info("Sending MSC RSP for #%u", channel->dlci); 1641 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1642 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1643 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1644 return; 1645 } 1646 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1647 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1648 uint8_t line_status = channel->rls_line_status; 1649 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1650 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1651 return; 1652 } 1653 } 1654 1655 // emit MSC status to app 1656 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1657 // notify client about new settings 1658 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1659 uint8_t modem_status_event[2+1]; 1660 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1661 modem_status_event[1] = 1; 1662 modem_status_event[2] = event_msc->modem_status; 1663 (*app_packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1664 // no return, MSC_CMD will be handled by state machine below 1665 } 1666 1667 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1668 1669 switch (channel->state) { 1670 case RFCOMM_CHANNEL_CLOSED: 1671 switch (event->type){ 1672 case CH_EVT_RCVD_SABM: 1673 log_info("-> Inform app"); 1674 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1675 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1676 rfcomm_emit_connection_request(channel); 1677 break; 1678 case CH_EVT_RCVD_PN: 1679 rfcomm_channel_accept_pn(channel, event_pn); 1680 log_info("-> Inform app"); 1681 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1682 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1683 rfcomm_emit_connection_request(channel); 1684 break; 1685 default: 1686 break; 1687 } 1688 break; 1689 1690 case RFCOMM_CHANNEL_INCOMING_SETUP: 1691 switch (event->type){ 1692 case CH_EVT_RCVD_SABM: 1693 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1694 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1695 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1696 } 1697 break; 1698 case CH_EVT_RCVD_PN: 1699 rfcomm_channel_accept_pn(channel, event_pn); 1700 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1701 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1702 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1703 } 1704 break; 1705 case CH_EVT_READY_TO_SEND: 1706 // if / else if is used to check for state transition after sending 1707 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1708 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1709 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1710 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1711 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1712 log_info("Sending UA #%u", channel->dlci); 1713 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1714 rfcomm_send_ua(multiplexer, channel->dlci); 1715 } 1716 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1717 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1718 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1719 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1720 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1721 } 1722 break; 1723 default: 1724 break; 1725 } 1726 break; 1727 1728 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1729 switch (event->type) { 1730 case CH_EVT_MULTIPLEXER_READY: 1731 log_info("Muliplexer opened, sending UIH PN next"); 1732 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1733 break; 1734 default: 1735 break; 1736 } 1737 break; 1738 1739 case RFCOMM_CHANNEL_SEND_UIH_PN: 1740 switch (event->type) { 1741 case CH_EVT_READY_TO_SEND: 1742 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1743 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1744 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1745 break; 1746 default: 1747 break; 1748 } 1749 break; 1750 1751 case RFCOMM_CHANNEL_W4_PN_RSP: 1752 switch (event->type){ 1753 case CH_EVT_RCVD_PN_RSP: 1754 // update max frame size 1755 if (channel->max_frame_size > event_pn->max_frame_size) { 1756 channel->max_frame_size = event_pn->max_frame_size; 1757 } 1758 // new credits 1759 channel->credits_outgoing = event_pn->credits_outgoing; 1760 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1761 break; 1762 default: 1763 break; 1764 } 1765 break; 1766 1767 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1768 switch (event->type) { 1769 case CH_EVT_READY_TO_SEND: 1770 log_info("Sending SABM #%u", channel->dlci); 1771 channel->state = RFCOMM_CHANNEL_W4_UA; 1772 rfcomm_send_sabm(multiplexer, channel->dlci); 1773 break; 1774 default: 1775 break; 1776 } 1777 break; 1778 1779 case RFCOMM_CHANNEL_W4_UA: 1780 switch (event->type){ 1781 case CH_EVT_RCVD_UA: 1782 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1783 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1784 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1785 break; 1786 default: 1787 break; 1788 } 1789 break; 1790 1791 case RFCOMM_CHANNEL_DLC_SETUP: 1792 switch (event->type){ 1793 case CH_EVT_RCVD_MSC_CMD: 1794 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1795 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1796 break; 1797 case CH_EVT_RCVD_MSC_RSP: 1798 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1799 break; 1800 1801 case CH_EVT_READY_TO_SEND: 1802 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1803 log_info("Sending MSC CMD for #%u", channel->dlci); 1804 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1805 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1806 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1807 break; 1808 } 1809 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1810 log_info("Providing credits for #%u", channel->dlci); 1811 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1812 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1813 1814 if (channel->new_credits_incoming) { 1815 uint8_t new_credits = channel->new_credits_incoming; 1816 channel->new_credits_incoming = 0; 1817 rfcomm_channel_send_credits(channel, new_credits); 1818 } 1819 break; 1820 1821 } 1822 break; 1823 default: 1824 break; 1825 } 1826 // finally done? 1827 if (rfcomm_channel_ready_for_open(channel)){ 1828 channel->state = RFCOMM_CHANNEL_OPEN; 1829 rfcomm_channel_opened(channel); 1830 } 1831 break; 1832 1833 case RFCOMM_CHANNEL_OPEN: 1834 switch (event->type){ 1835 case CH_EVT_RCVD_MSC_CMD: 1836 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1837 break; 1838 case CH_EVT_READY_TO_SEND: 1839 if (channel->new_credits_incoming) { 1840 uint8_t new_credits = channel->new_credits_incoming; 1841 channel->new_credits_incoming = 0; 1842 rfcomm_channel_send_credits(channel, new_credits); 1843 break; 1844 } 1845 break; 1846 case CH_EVT_RCVD_CREDITS: { 1847 // notify daemon -> might trigger re-try of parked connections 1848 uint8_t credits_event[2] = { DAEMON_EVENT_NEW_RFCOMM_CREDITS, 0 }; 1849 (*app_packet_handler)(DAEMON_EVENT_PACKET, channel->rfcomm_cid, credits_event, sizeof(credits_event)); 1850 break; 1851 } 1852 default: 1853 break; 1854 } 1855 break; 1856 1857 case RFCOMM_CHANNEL_SEND_DM: 1858 switch (event->type) { 1859 case CH_EVT_READY_TO_SEND: 1860 log_info("Sending DM_PF for #%u", channel->dlci); 1861 // don't emit channel closed - channel was never open 1862 channel->state = RFCOMM_CHANNEL_CLOSED; 1863 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1864 rfcomm_channel_finalize(channel); 1865 break; 1866 default: 1867 break; 1868 } 1869 break; 1870 1871 case RFCOMM_CHANNEL_SEND_DISC: 1872 switch (event->type) { 1873 case CH_EVT_READY_TO_SEND: 1874 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1875 rfcomm_send_disc(multiplexer, channel->dlci); 1876 break; 1877 default: 1878 break; 1879 } 1880 break; 1881 1882 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1883 switch (event->type){ 1884 case CH_EVT_RCVD_UA: 1885 channel->state = RFCOMM_CHANNEL_CLOSED; 1886 rfcomm_emit_channel_closed(channel); 1887 rfcomm_channel_finalize(channel); 1888 break; 1889 default: 1890 break; 1891 } 1892 break; 1893 1894 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1895 switch (event->type) { 1896 case CH_EVT_READY_TO_SEND: 1897 log_info("Sending UA after DISC for #%u", channel->dlci); 1898 channel->state = RFCOMM_CHANNEL_CLOSED; 1899 rfcomm_send_ua(multiplexer, channel->dlci); 1900 rfcomm_channel_finalize(channel); 1901 break; 1902 default: 1903 break; 1904 } 1905 break; 1906 1907 default: 1908 break; 1909 } 1910 } 1911 1912 1913 // MARK: RFCOMM RUN 1914 // process outstanding signaling tasks 1915 static void rfcomm_run(void){ 1916 1917 linked_item_t *it; 1918 linked_item_t *next; 1919 1920 for (it = (linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1921 1922 next = it->next; // be prepared for removal of channel in state machine 1923 1924 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1925 1926 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1927 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1928 continue; 1929 } 1930 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1931 1932 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1933 } 1934 1935 for (it = (linked_item_t *) rfcomm_channels; it ; it = next){ 1936 1937 next = it->next; // be prepared for removal of channel in state machine 1938 1939 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1940 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1941 1942 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1943 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1944 continue; 1945 } 1946 1947 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1948 rfcomm_channel_state_machine(channel, &event); 1949 } 1950 } 1951 1952 // MARK: RFCOMM BTstack API 1953 1954 void rfcomm_init(void){ 1955 rfcomm_client_cid_generator = 0; 1956 rfcomm_multiplexers = NULL; 1957 rfcomm_services = NULL; 1958 rfcomm_channels = NULL; 1959 rfcomm_security_level = LEVEL_2; 1960 } 1961 1962 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1963 rfcomm_security_level = security_level; 1964 } 1965 1966 // register packet handler 1967 void rfcomm_register_packet_handler(void (*handler)(uint8_t packet_type, 1968 uint16_t channel, uint8_t *packet, uint16_t size)){ 1969 app_packet_handler = handler; 1970 } 1971 1972 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1973 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1974 if (!channel){ 1975 log_error("rfcomm_send_internal cid 0x%02x doesn't exist!", rfcomm_cid); 1976 return 1; 1977 } 1978 if (!channel->credits_outgoing) return 0; 1979 if (!channel->packets_granted) return 0; 1980 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1981 1982 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1983 } 1984 1985 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1986 if (len > channel->max_frame_size){ 1987 log_error("rfcomm_send_internal cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1988 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1989 } 1990 1991 if (!channel->credits_outgoing){ 1992 log_info("rfcomm_send_internal cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1993 return RFCOMM_NO_OUTGOING_CREDITS; 1994 } 1995 1996 if (!channel->packets_granted){ 1997 log_info("rfcomm_send_internal cid 0x%02x, no rfcomm credits granted!", channel->rfcomm_cid); 1998 return RFCOMM_NO_OUTGOING_CREDITS; 1999 } 2000 2001 if ((channel->multiplexer->fcon & 1) == 0){ 2002 log_info("rfcomm_send_internal cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 2003 return RFCOMM_AGGREGATE_FLOW_OFF; 2004 } 2005 return 0; 2006 } 2007 2008 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 2009 int rfcomm_reserve_packet_buffer(void){ 2010 return l2cap_reserve_packet_buffer(); 2011 } 2012 2013 void rfcomm_release_packet_buffer(void){ 2014 l2cap_release_packet_buffer(); 2015 } 2016 2017 uint8_t * rfcomm_get_outgoing_buffer(void){ 2018 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 2019 // address + control + length (16) + no credit field 2020 return &rfcomm_out_buffer[4]; 2021 } 2022 2023 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 2024 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2025 if (!channel){ 2026 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 2027 return 0; 2028 } 2029 return channel->max_frame_size; 2030 } 2031 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 2032 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2033 if (!channel){ 2034 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 2035 return 0; 2036 } 2037 2038 int err = rfcomm_assert_send_valid(channel, len); 2039 if (err) return err; 2040 2041 // send might cause l2cap to emit new credits, update counters first 2042 channel->credits_outgoing--; 2043 int packets_granted_decreased = 0; 2044 if (channel->packets_granted) { 2045 channel->packets_granted--; 2046 packets_granted_decreased++; 2047 } 2048 2049 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 2050 2051 if (result != 0) { 2052 channel->credits_outgoing++; 2053 channel->packets_granted += packets_granted_decreased; 2054 log_info("rfcomm_send_internal: error %d", result); 2055 return result; 2056 } 2057 2058 rfcomm_hand_out_credits(); 2059 2060 return result; 2061 } 2062 2063 int rfcomm_send_internal(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 2064 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2065 if (!channel){ 2066 log_error("rfcomm_send_internal cid 0x%02x doesn't exist!", rfcomm_cid); 2067 return 1; 2068 } 2069 2070 int err = rfcomm_assert_send_valid(channel, len); 2071 if (err) return err; 2072 2073 rfcomm_reserve_packet_buffer(); 2074 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 2075 memcpy(rfcomm_payload, data, len); 2076 return rfcomm_send_prepared(rfcomm_cid, len); 2077 } 2078 2079 // Sends Local Lnie Status, see LINE_STATUS_.. 2080 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 2081 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2082 if (!channel){ 2083 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 2084 return 0; 2085 } 2086 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 2087 } 2088 2089 // Sned local modem status. see MODEM_STAUS_.. 2090 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 2091 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2092 if (!channel){ 2093 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2094 return 0; 2095 } 2096 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2097 } 2098 2099 // Configure remote port 2100 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2101 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2102 if (!channel){ 2103 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2104 return 0; 2105 } 2106 rfcomm_rpn_data_t rpn_data; 2107 rpn_data.baud_rate = baud_rate; 2108 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2109 rpn_data.flow_control = flow_control; 2110 rpn_data.xon = 0; 2111 rpn_data.xoff = 0; 2112 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2113 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2114 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2115 } 2116 2117 // Query remote port 2118 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2119 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2120 if (!channel){ 2121 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2122 return 0; 2123 } 2124 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2125 } 2126 2127 static uint8_t rfcomm_create_channel_internal(bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2128 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2129 2130 // create new multiplexer if necessary 2131 uint8_t status = 0; 2132 int new_multiplexer = 0; 2133 rfcomm_channel_t * channel = NULL; 2134 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2135 if (!multiplexer) { 2136 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2137 if (!multiplexer){ 2138 status = BTSTACK_MEMORY_ALLOC_FAILED; 2139 goto fail; 2140 } 2141 multiplexer->outgoing = 1; 2142 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2143 new_multiplexer = 1; 2144 } 2145 2146 // prepare channel 2147 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2148 if (!channel){ 2149 status = BTSTACK_MEMORY_ALLOC_FAILED; 2150 goto fail; 2151 } 2152 // rfcomm_cid is already assigned by rfcomm_channel_create 2153 channel->incoming_flow_control = incoming_flow_control; 2154 channel->new_credits_incoming = initial_credits; 2155 2156 // return rfcomm_cid 2157 if (out_rfcomm_cid){ 2158 *out_rfcomm_cid = channel->rfcomm_cid; 2159 } 2160 2161 // start multiplexer setup 2162 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2163 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2164 uint16_t l2cap_cid = 0; 2165 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2166 if (status) goto fail; 2167 multiplexer->l2cap_cid = l2cap_cid; 2168 return 0; 2169 } 2170 2171 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2172 2173 // start connecting, if multiplexer is already up and running 2174 rfcomm_run(); 2175 return 0; 2176 2177 fail: 2178 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2179 if (channel) btstack_memory_rfcomm_channel_free(channel); 2180 return status; 2181 } 2182 2183 uint8_t rfcomm_create_channel_with_initial_credits(bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2184 return rfcomm_create_channel_internal(addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2185 } 2186 2187 uint8_t rfcomm_create_channel(bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2188 return rfcomm_create_channel_internal(addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2189 } 2190 2191 void rfcomm_disconnect_internal(uint16_t rfcomm_cid){ 2192 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2193 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2194 if (channel) { 2195 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2196 } 2197 2198 // process 2199 rfcomm_run(); 2200 } 2201 2202 static uint8_t rfcomm_register_service_internal(uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2203 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2204 channel, max_frame_size, incoming_flow_control, initial_credits); 2205 2206 // check if already registered 2207 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2208 if (service){ 2209 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2210 } 2211 2212 // alloc structure 2213 service = btstack_memory_rfcomm_service_get(); 2214 if (!service) { 2215 return BTSTACK_MEMORY_ALLOC_FAILED; 2216 } 2217 2218 // register with l2cap if not registered before, max MTU 2219 if (linked_list_empty(&rfcomm_services)){ 2220 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2221 } 2222 2223 // fill in 2224 service->server_channel = channel; 2225 service->max_frame_size = max_frame_size; 2226 service->incoming_flow_control = incoming_flow_control; 2227 service->incoming_initial_credits = initial_credits; 2228 2229 // add to services list 2230 linked_list_add(&rfcomm_services, (linked_item_t *) service); 2231 2232 return 0; 2233 } 2234 2235 uint8_t rfcomm_register_service_with_initial_credits(uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2236 return rfcomm_register_service_internal(channel, max_frame_size, 1, initial_credits); 2237 } 2238 2239 uint8_t rfcomm_register_service(uint8_t channel, uint16_t max_frame_size){ 2240 return rfcomm_register_service_internal(channel, max_frame_size, 0,RFCOMM_CREDITS); 2241 } 2242 2243 void rfcomm_unregister_service(uint8_t service_channel){ 2244 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2245 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2246 if (!service) return; 2247 linked_list_remove(&rfcomm_services, (linked_item_t *) service); 2248 btstack_memory_rfcomm_service_free(service); 2249 2250 // unregister if no services active 2251 if (linked_list_empty(&rfcomm_services)){ 2252 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2253 l2cap_unregister_service(PSM_RFCOMM); 2254 } 2255 } 2256 2257 void rfcomm_accept_connection_internal(uint16_t rfcomm_cid){ 2258 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2259 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2260 if (!channel) return; 2261 switch (channel->state) { 2262 case RFCOMM_CHANNEL_INCOMING_SETUP: 2263 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2264 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2265 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2266 } 2267 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2268 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2269 } 2270 // at least one of { PN RSP, UA } needs to be sent 2271 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2272 break; 2273 default: 2274 break; 2275 } 2276 2277 // process 2278 rfcomm_run(); 2279 } 2280 2281 void rfcomm_decline_connection_internal(uint16_t rfcomm_cid){ 2282 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2283 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2284 if (!channel) return; 2285 switch (channel->state) { 2286 case RFCOMM_CHANNEL_INCOMING_SETUP: 2287 channel->state = RFCOMM_CHANNEL_SEND_DM; 2288 break; 2289 default: 2290 break; 2291 } 2292 2293 // process 2294 rfcomm_run(); 2295 } 2296 2297 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2298 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2299 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2300 if (!channel) return; 2301 if (!channel->incoming_flow_control) return; 2302 channel->new_credits_incoming += credits; 2303 2304 // process 2305 rfcomm_run(); 2306 } 2307 2308 2309 2310 2311