1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "hci_cmd.h" 48 #include "btstack_util.h" 49 50 #include "btstack_util.h" 51 #include "btstack_memory.h" 52 #include "hci.h" 53 #include "hci_dump.h" 54 #include "btstack_debug.h" 55 #include "classic/rfcomm.h" 56 57 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 58 #ifndef PRIxPTR 59 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 60 #define PRIxPTR "lx" 61 #else 62 #define PRIxPTR "x" 63 #endif 64 #endif 65 66 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 67 68 #define RFCOMM_CREDITS 10 69 70 // FCS calc 71 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 72 #define BT_RFCOMM_CRC_CHECK_LEN 3 73 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 74 75 #include "l2cap.h" 76 77 // global rfcomm data 78 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 79 80 // linked lists for all 81 static btstack_linked_list_t rfcomm_multiplexers = NULL; 82 static btstack_linked_list_t rfcomm_channels = NULL; 83 static btstack_linked_list_t rfcomm_services = NULL; 84 85 static gap_security_level_t rfcomm_security_level; 86 87 static int rfcomm_channel_can_send(rfcomm_channel_t * channel); 88 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 89 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 90 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 91 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel); 92 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 93 static void rfcomm_run(void); 94 95 // MARK: RFCOMM CLIENT EVENTS 96 97 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 98 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 99 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 100 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 101 uint8_t event[11]; 102 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 103 event[1] = sizeof(event) - 2; 104 reverse_bd_addr(channel->multiplexer->remote_addr, &event[2]); 105 event[8] = channel->dlci >> 1; 106 little_endian_store_16(event, 9, channel->rfcomm_cid); 107 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 108 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 109 } 110 111 // API Change: BTstack-0.3.50x uses 112 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 113 // next Cydia release will use SVN version of this 114 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 115 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 116 log_info("RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 117 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 118 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 119 uint8_t event[16]; 120 uint8_t pos = 0; 121 event[pos++] = RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE; // 0 122 event[pos++] = sizeof(event) - 2; // 1 123 event[pos++] = status; // 2 124 reverse_bd_addr(channel->multiplexer->remote_addr, &event[pos]); pos += 6; // 3 125 little_endian_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 126 event[pos++] = channel->dlci >> 1; // 11 127 little_endian_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 128 little_endian_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 129 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 130 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, pos); 131 132 // if channel opened successfully, also send can send now if possible 133 if (status) return; 134 if (rfcomm_channel_can_send(channel)){ 135 rfcomm_emit_can_send_now(channel); 136 } else { 137 channel->waiting_for_can_send_now = 1; 138 } 139 } 140 141 // data: event(8), len(8), rfcomm_cid(16) 142 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 143 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 144 uint8_t event[4]; 145 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 146 event[1] = sizeof(event) - 2; 147 little_endian_store_16(event, 2, channel->rfcomm_cid); 148 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 149 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 150 } 151 152 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 153 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 154 uint8_t event[5]; 155 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 156 event[1] = sizeof(event) - 2; 157 little_endian_store_16(event, 2, channel->rfcomm_cid); 158 event[4] = line_status; 159 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 160 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 161 } 162 163 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 164 // notify client about new settings 165 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 166 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 167 event[1] = sizeof(rfcomm_rpn_data_t); 168 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 169 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 170 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 171 } 172 173 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel) { 174 log_info("RFCOMM_EVENT_CHANNEL_CAN_SEND_NOW local_cid 0x%x", channel->rfcomm_cid); 175 uint8_t event[4]; 176 event[0] = RFCOMM_EVENT_CAN_SEND_NOW; 177 event[1] = sizeof(event) - 2; 178 little_endian_store_16(event, 2, channel->rfcomm_cid); 179 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 180 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 181 } 182 183 // MARK RFCOMM RPN DATA HELPER 184 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 185 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 186 rpn_data->flags = 0x03; /* 8-n-1 */ 187 rpn_data->flow_control = 0; /* no flow control */ 188 rpn_data->xon = 0xd1; /* XON */ 189 rpn_data->xoff = 0xd3; /* XOFF */ 190 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 191 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 192 } 193 194 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 195 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 196 dest->baud_rate = src->baud_rate; 197 } 198 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 199 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 200 } 201 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 202 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 203 } 204 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 205 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 206 } 207 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 208 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 209 } 210 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 211 dest->xon = src->xon; 212 } 213 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 214 dest->xoff = src->xoff; 215 } 216 int i; 217 for (i=0; i < 6 ; i++){ 218 uint8_t mask = 1 << i; 219 if (src->parameter_mask_1 & mask){ 220 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 221 } 222 } 223 // always copy parameter mask, too. informative for client, needed for response 224 dest->parameter_mask_0 = src->parameter_mask_0; 225 dest->parameter_mask_1 = src->parameter_mask_1; 226 } 227 // MARK: RFCOMM MULTIPLEXER HELPER 228 229 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 230 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 231 uint16_t max_frame_size = l2cap_mtu - 5; 232 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 233 return max_frame_size; 234 } 235 236 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 237 238 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 239 240 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 241 multiplexer->fcon = 1; 242 multiplexer->send_dm_for_dlci = 0; 243 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 244 multiplexer->test_data_len = 0; 245 multiplexer->nsc_command = 0; 246 } 247 248 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 249 250 // alloc structure 251 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 252 if (!multiplexer) return NULL; 253 254 // fill in 255 rfcomm_multiplexer_initialize(multiplexer); 256 bd_addr_copy(multiplexer->remote_addr, addr); 257 258 // add to services list 259 btstack_linked_list_add(&rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 260 261 return multiplexer; 262 } 263 264 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 265 btstack_linked_item_t *it; 266 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 267 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 268 if (bd_addr_cmp(addr, multiplexer->remote_addr) == 0) { 269 return multiplexer; 270 }; 271 } 272 return NULL; 273 } 274 275 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 276 btstack_linked_item_t *it; 277 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 278 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 279 if (multiplexer->l2cap_cid == l2cap_cid) { 280 return multiplexer; 281 }; 282 } 283 return NULL; 284 } 285 286 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 287 btstack_linked_item_t *it; 288 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 289 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 290 if (channel->multiplexer == multiplexer) { 291 return 1; 292 } 293 } 294 return 0; 295 } 296 297 // MARK: RFCOMM CHANNEL HELPER 298 299 static void rfcomm_dump_channels(void){ 300 btstack_linked_item_t * it; 301 int channels = 0; 302 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 303 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 304 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 305 channels++; 306 } 307 } 308 309 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 310 rfcomm_service_t *service, uint8_t server_channel){ 311 312 // don't use 0 as channel id 313 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 314 315 // setup channel 316 memset(channel, 0, sizeof(rfcomm_channel_t)); 317 318 // set defaults for port configuration (even for services) 319 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 320 321 channel->state = RFCOMM_CHANNEL_CLOSED; 322 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 323 324 channel->multiplexer = multiplexer; 325 channel->rfcomm_cid = rfcomm_client_cid_generator++; 326 channel->max_frame_size = multiplexer->max_frame_size; 327 328 channel->credits_incoming = 0; 329 channel->credits_outgoing = 0; 330 331 // incoming flow control not active 332 channel->new_credits_incoming = RFCOMM_CREDITS; 333 channel->incoming_flow_control = 0; 334 335 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 336 337 channel->service = service; 338 if (service) { 339 // incoming connection 340 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 341 if (channel->max_frame_size > service->max_frame_size) { 342 channel->max_frame_size = service->max_frame_size; 343 } 344 channel->incoming_flow_control = service->incoming_flow_control; 345 channel->new_credits_incoming = service->incoming_initial_credits; 346 channel->packet_handler = service->packet_handler; 347 } else { 348 // outgoing connection 349 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 350 } 351 } 352 353 // service == NULL -> outgoing channel 354 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 355 rfcomm_service_t * service, uint8_t server_channel){ 356 357 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 358 rfcomm_dump_channels(); 359 360 // alloc structure 361 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 362 if (!channel) return NULL; 363 364 // fill in 365 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 366 367 // add to services list 368 btstack_linked_list_add(&rfcomm_channels, (btstack_linked_item_t *) channel); 369 370 return channel; 371 } 372 373 static void rfcomm_notify_channel_can_send(void){ 374 btstack_linked_list_iterator_t it; 375 btstack_linked_list_iterator_init(&it, &rfcomm_channels); 376 while (btstack_linked_list_iterator_has_next(&it)){ 377 rfcomm_channel_t * channel = (rfcomm_channel_t *) btstack_linked_list_iterator_next(&it); 378 if (!channel->waiting_for_can_send_now) continue; // didn't try to send yet 379 if (!rfcomm_channel_can_send(channel)) continue; // or cannot yet either 380 381 channel->waiting_for_can_send_now = 0; 382 rfcomm_emit_can_send_now(channel); 383 } 384 } 385 386 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 387 btstack_linked_item_t *it; 388 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 389 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 390 if (channel->rfcomm_cid == rfcomm_cid) { 391 return channel; 392 }; 393 } 394 return NULL; 395 } 396 397 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 398 btstack_linked_item_t *it; 399 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 400 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 401 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 402 return channel; 403 }; 404 } 405 return NULL; 406 } 407 408 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 409 btstack_linked_item_t *it; 410 for (it = (btstack_linked_item_t *) rfcomm_services; it ; it = it->next){ 411 rfcomm_service_t * service = ((rfcomm_service_t *) it); 412 if ( service->server_channel == server_channel){ 413 return service; 414 }; 415 } 416 return NULL; 417 } 418 419 // MARK: RFCOMM SEND 420 421 /** 422 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 423 */ 424 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 425 426 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 427 428 l2cap_reserve_packet_buffer(); 429 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 430 431 uint16_t pos = 0; 432 uint8_t crc_fields = 3; 433 434 rfcomm_out_buffer[pos++] = address; 435 rfcomm_out_buffer[pos++] = control; 436 437 // length field can be 1 or 2 octets 438 if (len < 128){ 439 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 440 } else { 441 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 442 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 443 crc_fields++; 444 } 445 446 // add credits for UIH frames when PF bit is set 447 if (control == BT_RFCOMM_UIH_PF){ 448 rfcomm_out_buffer[pos++] = credits; 449 } 450 451 // copy actual data 452 if (len) { 453 memcpy(&rfcomm_out_buffer[pos], data, len); 454 pos += len; 455 } 456 457 // UIH frames only calc FCS over address + control (5.1.1) 458 if ((control & 0xef) == BT_RFCOMM_UIH){ 459 crc_fields = 2; 460 } 461 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 462 463 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 464 465 return err; 466 } 467 468 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 469 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 470 471 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 472 uint8_t control = BT_RFCOMM_UIH; 473 474 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 475 476 uint16_t pos = 0; 477 rfcomm_out_buffer[pos++] = address; 478 rfcomm_out_buffer[pos++] = control; 479 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 480 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 481 482 // actual data is already in place 483 pos += len; 484 485 // UIH frames only calc FCS over address + control (5.1.1) 486 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 487 488 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 489 490 return err; 491 } 492 493 // C/R Flag in Address 494 // - terms: initiator = station that creates multiplexer with SABM 495 // - terms: responder = station that responds to multiplexer setup with UA 496 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 497 // - command initiator = 1 /response responder = 1 498 // - command responder = 0 /response initiator = 0 499 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 500 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 501 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 502 503 // C/R Flag in Message 504 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 505 // - If the C/R bit is set to 1 the message is a command 506 // - if it is set to 0 the message is a response. 507 508 // temp/old messge construction 509 510 // new object oriented version 511 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 512 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 513 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 514 } 515 516 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 517 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 518 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 519 } 520 521 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 522 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 523 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 524 } 525 526 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 527 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 528 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 529 } 530 531 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 532 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 533 uint8_t payload[2]; 534 uint8_t pos = 0; 535 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 536 payload[pos++] = (0 << 1) | 1; // len 537 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 538 } 539 540 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 541 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 542 // uint8_t payload[2+len]; 543 // uint8_t pos = 0; 544 // payload[pos++] = BT_RFCOMM_TEST_CMD; 545 // payload[pos++] = (len + 1) << 1 | 1; // len 546 // memcpy(&payload[pos], data, len); 547 // pos += len; 548 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 549 // } 550 551 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 552 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 553 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 554 uint8_t pos = 0; 555 payload[pos++] = BT_RFCOMM_TEST_RSP; 556 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 557 len = RFCOMM_TEST_DATA_MAX_LEN; 558 } 559 payload[pos++] = (len << 1) | 1; // len 560 memcpy(&payload[pos], data, len); 561 pos += len; 562 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 563 } 564 565 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 566 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 567 uint8_t payload[4]; 568 uint8_t pos = 0; 569 payload[pos++] = BT_RFCOMM_MSC_CMD; 570 payload[pos++] = (2 << 1) | 1; // len 571 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 572 payload[pos++] = signals; 573 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 574 } 575 576 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 577 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 578 uint8_t payload[4]; 579 uint8_t pos = 0; 580 payload[pos++] = BT_RFCOMM_MSC_RSP; 581 payload[pos++] = (2 << 1) | 1; // len 582 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 583 payload[pos++] = signals; 584 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 585 } 586 587 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 588 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 589 uint8_t payload[3]; 590 uint8_t pos = 0; 591 payload[pos++] = BT_RFCOMM_NSC_RSP; 592 payload[pos++] = (1 << 1) | 1; // len 593 payload[pos++] = command; 594 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 595 } 596 597 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 598 uint8_t payload[10]; 599 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 600 uint8_t pos = 0; 601 payload[pos++] = BT_RFCOMM_PN_CMD; 602 payload[pos++] = (8 << 1) | 1; // len 603 payload[pos++] = dlci; 604 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 605 payload[pos++] = 0; // priority 606 payload[pos++] = 0; // max 60 seconds ack 607 payload[pos++] = max_frame_size & 0xff; // max framesize low 608 payload[pos++] = max_frame_size >> 8; // max framesize high 609 payload[pos++] = 0x00; // number of retransmissions 610 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 611 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 612 } 613 614 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." rfcomm_tutorial.pdf 615 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 616 uint8_t priority, uint16_t max_frame_size){ 617 uint8_t payload[10]; 618 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 619 uint8_t pos = 0; 620 payload[pos++] = BT_RFCOMM_PN_RSP; 621 payload[pos++] = (8 << 1) | 1; // len 622 payload[pos++] = dlci; 623 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 624 payload[pos++] = priority; // priority 625 payload[pos++] = 0; // max 60 seconds ack 626 payload[pos++] = max_frame_size & 0xff; // max framesize low 627 payload[pos++] = max_frame_size >> 8; // max framesize high 628 payload[pos++] = 0x00; // number of retransmissions 629 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 630 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 631 } 632 633 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 634 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 635 uint8_t payload[4]; 636 uint8_t pos = 0; 637 payload[pos++] = BT_RFCOMM_RLS_CMD; 638 payload[pos++] = (2 << 1) | 1; // len 639 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 640 payload[pos++] = line_status; 641 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 642 } 643 644 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 645 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 646 uint8_t payload[4]; 647 uint8_t pos = 0; 648 payload[pos++] = BT_RFCOMM_RLS_RSP; 649 payload[pos++] = (2 << 1) | 1; // len 650 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 651 payload[pos++] = line_status; 652 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 653 } 654 655 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 656 uint8_t payload[10]; 657 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 658 uint8_t pos = 0; 659 payload[pos++] = BT_RFCOMM_RPN_CMD; 660 payload[pos++] = (8 << 1) | 1; // len 661 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 662 payload[pos++] = rpn_data->baud_rate; 663 payload[pos++] = rpn_data->flags; 664 payload[pos++] = rpn_data->flow_control; 665 payload[pos++] = rpn_data->xon; 666 payload[pos++] = rpn_data->xoff; 667 payload[pos++] = rpn_data->parameter_mask_0; 668 payload[pos++] = rpn_data->parameter_mask_1; 669 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 670 } 671 672 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 673 uint8_t payload[3]; 674 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 675 uint8_t pos = 0; 676 payload[pos++] = BT_RFCOMM_RPN_CMD; 677 payload[pos++] = (1 << 1) | 1; // len 678 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 679 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 680 } 681 682 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 683 uint8_t payload[10]; 684 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 685 uint8_t pos = 0; 686 payload[pos++] = BT_RFCOMM_RPN_RSP; 687 payload[pos++] = (8 << 1) | 1; // len 688 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 689 payload[pos++] = rpn_data->baud_rate; 690 payload[pos++] = rpn_data->flags; 691 payload[pos++] = rpn_data->flow_control; 692 payload[pos++] = rpn_data->xon; 693 payload[pos++] = rpn_data->xoff; 694 payload[pos++] = rpn_data->parameter_mask_0; 695 payload[pos++] = rpn_data->parameter_mask_1; 696 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 697 } 698 699 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 700 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 701 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 702 } 703 704 // MARK: RFCOMM MULTIPLEXER 705 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 706 if (multiplexer->timer_active) { 707 btstack_run_loop_remove_timer(&multiplexer->timer); 708 multiplexer->timer_active = 0; 709 } 710 } 711 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 712 btstack_linked_list_remove( &rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 713 btstack_memory_rfcomm_multiplexer_free(multiplexer); 714 } 715 716 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 717 // remove (potential) timer 718 rfcomm_multiplexer_stop_timer(multiplexer); 719 720 // close and remove all channels 721 btstack_linked_item_t *it = (btstack_linked_item_t *) &rfcomm_channels; 722 while (it->next){ 723 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 724 if (channel->multiplexer == multiplexer) { 725 // emit appropriate events 726 if (channel->state == RFCOMM_CHANNEL_OPEN) { 727 rfcomm_emit_channel_closed(channel); 728 } else { 729 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 730 } 731 // remove from list 732 it->next = it->next->next; 733 // free channel struct 734 btstack_memory_rfcomm_channel_free(channel); 735 } else { 736 it = it->next; 737 } 738 } 739 740 // remove mutliplexer 741 rfcomm_multiplexer_free(multiplexer); 742 } 743 744 static void rfcomm_multiplexer_timer_handler(btstack_timer_source_t *timer){ 745 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t*) btstack_run_loop_get_timer_context(timer); 746 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 747 748 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 749 uint16_t l2cap_cid = multiplexer->l2cap_cid; 750 rfcomm_multiplexer_finalize(multiplexer); 751 l2cap_disconnect(l2cap_cid, 0x13); 752 } 753 754 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 755 if (multiplexer->timer_active) { 756 btstack_run_loop_remove_timer(&multiplexer->timer); 757 multiplexer->timer_active = 0; 758 } 759 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 760 761 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 762 btstack_run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 763 btstack_run_loop_set_timer_handler(&multiplexer->timer, rfcomm_multiplexer_timer_handler); 764 btstack_run_loop_set_timer_context(&multiplexer->timer, multiplexer); 765 btstack_run_loop_add_timer(&multiplexer->timer); 766 multiplexer->timer_active = 1; 767 } 768 769 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 770 log_info("Multiplexer up and running"); 771 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 772 773 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 774 775 // transition of channels that wait for multiplexer 776 btstack_linked_item_t *it; 777 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 778 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 779 if (channel->multiplexer != multiplexer) continue; 780 rfcomm_channel_state_machine(channel, &event); 781 } 782 783 rfcomm_run(); 784 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 785 } 786 787 788 /** 789 * @return handled packet 790 */ 791 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 792 bd_addr_t event_addr; 793 uint16_t psm; 794 uint16_t l2cap_cid; 795 hci_con_handle_t con_handle; 796 rfcomm_multiplexer_t *multiplexer = NULL; 797 uint8_t status; 798 799 switch (packet[0]) { 800 801 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 802 case L2CAP_EVENT_INCOMING_CONNECTION: 803 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 804 reverse_bd_addr(&packet[2], event_addr); 805 con_handle = little_endian_read_16(packet, 8); 806 psm = little_endian_read_16(packet, 10); 807 l2cap_cid = little_endian_read_16(packet, 12); 808 809 if (psm != PSM_RFCOMM) break; 810 811 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 812 813 if (multiplexer) { 814 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 815 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 816 return 1; 817 } 818 819 // create and inititialize new multiplexer instance (incoming) 820 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 821 if (!multiplexer){ 822 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 823 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 824 return 1; 825 } 826 827 multiplexer->con_handle = con_handle; 828 multiplexer->l2cap_cid = l2cap_cid; 829 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 830 831 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 832 l2cap_accept_connection(l2cap_cid); 833 return 1; 834 835 // l2cap connection opened -> store l2cap_cid, remote_addr 836 case L2CAP_EVENT_CHANNEL_OPENED: 837 838 if (little_endian_read_16(packet, 11) != PSM_RFCOMM) break; 839 840 status = packet[2]; 841 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 842 843 // get multiplexer for remote addr 844 con_handle = little_endian_read_16(packet, 9); 845 l2cap_cid = little_endian_read_16(packet, 13); 846 reverse_bd_addr(&packet[3], event_addr); 847 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 848 if (!multiplexer) { 849 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 850 return 1; 851 } 852 853 // on l2cap open error discard everything 854 if (status){ 855 856 // remove (potential) timer 857 rfcomm_multiplexer_stop_timer(multiplexer); 858 859 // emit rfcomm_channel_opened with status and free channel 860 btstack_linked_item_t * it = (btstack_linked_item_t *) &rfcomm_channels; 861 while (it->next) { 862 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 863 if (channel->multiplexer == multiplexer){ 864 rfcomm_emit_channel_opened(channel, status); 865 it->next = it->next->next; 866 btstack_memory_rfcomm_channel_free(channel); 867 } else { 868 it = it->next; 869 } 870 } 871 872 // free multiplexer 873 rfcomm_multiplexer_free(multiplexer); 874 return 1; 875 } 876 877 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 878 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 879 // wrong remote addr 880 if (bd_addr_cmp(event_addr, multiplexer->remote_addr)) break; 881 multiplexer->l2cap_cid = l2cap_cid; 882 multiplexer->con_handle = con_handle; 883 // send SABM #0 884 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 885 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 886 887 // set max frame size based on l2cap MTU 888 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(little_endian_read_16(packet, 17)); 889 } 890 return 1; 891 892 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 893 894 // Notify channel packet handler if they can send now 895 case L2CAP_EVENT_CAN_SEND_NOW: 896 rfcomm_run(); // rfcomm signaling packets first 897 rfcomm_notify_channel_can_send(); 898 break; 899 900 case L2CAP_EVENT_CHANNEL_CLOSED: 901 // data: event (8), len(8), channel (16) 902 l2cap_cid = little_endian_read_16(packet, 2); 903 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 904 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 905 if (!multiplexer) break; 906 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 907 switch (multiplexer->state) { 908 case RFCOMM_MULTIPLEXER_W4_CONNECT: 909 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 910 case RFCOMM_MULTIPLEXER_W4_SABM_0: 911 case RFCOMM_MULTIPLEXER_SEND_UA_0: 912 case RFCOMM_MULTIPLEXER_W4_UA_0: 913 case RFCOMM_MULTIPLEXER_OPEN: 914 // don't call l2cap_disconnect as it's alreay closed 915 rfcomm_multiplexer_finalize(multiplexer); 916 return 1; 917 default: 918 break; 919 } 920 break; 921 default: 922 break; 923 } 924 return 0; 925 } 926 927 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 928 929 // get or create a multiplexer for a certain device 930 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 931 if (!multiplexer) return 0; 932 933 uint16_t l2cap_cid = multiplexer->l2cap_cid; 934 935 // but only care for multiplexer control channel 936 uint8_t frame_dlci = packet[0] >> 2; 937 if (frame_dlci) return 0; 938 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 939 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 940 const uint8_t payload_offset = 3 + length_offset + credit_offset; 941 switch (packet[1]){ 942 943 case BT_RFCOMM_SABM: 944 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 945 log_info("Received SABM #0"); 946 multiplexer->outgoing = 0; 947 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 948 return 1; 949 } 950 break; 951 952 case BT_RFCOMM_UA: 953 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 954 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 955 log_info("Received UA #0 "); 956 rfcomm_multiplexer_opened(multiplexer); 957 return 1; 958 } 959 break; 960 961 case BT_RFCOMM_DISC: 962 // DISC #0 -> send UA #0, close multiplexer 963 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 964 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 965 return 1; 966 967 case BT_RFCOMM_DM: 968 // DM #0 - we shouldn't get this, just give up 969 log_info("Received DM #0"); 970 log_info("-> Closing down multiplexer"); 971 rfcomm_multiplexer_finalize(multiplexer); 972 l2cap_disconnect(l2cap_cid, 0x13); 973 return 1; 974 975 case BT_RFCOMM_UIH: 976 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 977 // Multiplexer close down (CLD) -> close mutliplexer 978 log_info("Received Multiplexer close down command"); 979 log_info("-> Closing down multiplexer"); 980 rfcomm_multiplexer_finalize(multiplexer); 981 l2cap_disconnect(l2cap_cid, 0x13); 982 return 1; 983 } 984 switch (packet[payload_offset]){ 985 case BT_RFCOMM_CLD_CMD: 986 // Multiplexer close down (CLD) -> close mutliplexer 987 log_info("Received Multiplexer close down command"); 988 log_info("-> Closing down multiplexer"); 989 rfcomm_multiplexer_finalize(multiplexer); 990 l2cap_disconnect(l2cap_cid, 0x13); 991 return 1; 992 993 case BT_RFCOMM_FCON_CMD: 994 multiplexer->fcon = 0x81; 995 break; 996 997 case BT_RFCOMM_FCOFF_CMD: 998 multiplexer->fcon = 0x80; 999 break; 1000 1001 case BT_RFCOMM_TEST_CMD: { 1002 log_info("Received test command"); 1003 int len = packet[payload_offset+1] >> 1; // length < 125 1004 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1005 len = RFCOMM_TEST_DATA_MAX_LEN; 1006 } 1007 multiplexer->test_data_len = len; 1008 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1009 return 1; 1010 } 1011 default: 1012 break; 1013 } 1014 break; 1015 1016 default: 1017 break; 1018 1019 } 1020 return 0; 1021 } 1022 1023 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1024 1025 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1026 1027 // process stored DM responses 1028 if (multiplexer->send_dm_for_dlci){ 1029 uint8_t dlci = multiplexer->send_dm_for_dlci; 1030 multiplexer->send_dm_for_dlci = 0; 1031 rfcomm_send_dm_pf(multiplexer, dlci); 1032 return; 1033 } 1034 1035 if (multiplexer->nsc_command){ 1036 uint8_t command = multiplexer->nsc_command; 1037 multiplexer->nsc_command = 0; 1038 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1039 return; 1040 } 1041 1042 if (multiplexer->fcon & 0x80){ 1043 multiplexer->fcon &= 0x01; 1044 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1045 if (multiplexer->fcon == 0) return; 1046 // trigger client to send again after sending FCon Response 1047 rfcomm_notify_channel_can_send(); 1048 return; 1049 } 1050 1051 switch (multiplexer->state) { 1052 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1053 switch (event) { 1054 case MULT_EV_READY_TO_SEND: 1055 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1056 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1057 rfcomm_send_sabm(multiplexer, 0); 1058 break; 1059 default: 1060 break; 1061 } 1062 break; 1063 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1064 switch (event) { 1065 case MULT_EV_READY_TO_SEND: 1066 log_info("Sending UA #0"); 1067 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1068 rfcomm_send_ua(multiplexer, 0); 1069 rfcomm_multiplexer_opened(multiplexer); 1070 break; 1071 default: 1072 break; 1073 } 1074 break; 1075 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1076 switch (event) { 1077 case MULT_EV_READY_TO_SEND: 1078 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1079 if (!multiplexer->at_least_one_connection){ 1080 log_info("TODO: no connections established - delete link key prophylactically"); 1081 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1082 } 1083 log_info("Sending UA #0"); 1084 log_info("Closing down multiplexer"); 1085 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1086 rfcomm_send_ua(multiplexer, 0); 1087 rfcomm_multiplexer_finalize(multiplexer); 1088 l2cap_disconnect(l2cap_cid, 0x13); 1089 default: 1090 break; 1091 } 1092 break; 1093 case RFCOMM_MULTIPLEXER_OPEN: 1094 switch (event) { 1095 case MULT_EV_READY_TO_SEND: 1096 // respond to test command 1097 if (multiplexer->test_data_len){ 1098 int len = multiplexer->test_data_len; 1099 log_info("Sending TEST Response with %u bytes", len); 1100 multiplexer->test_data_len = 0; 1101 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1102 return; 1103 } 1104 break; 1105 default: 1106 break; 1107 } 1108 break; 1109 default: 1110 break; 1111 } 1112 } 1113 1114 // MARK: RFCOMM CHANNEL 1115 1116 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1117 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1118 channel->credits_incoming += credits; 1119 } 1120 1121 static int rfcomm_channel_can_send(rfcomm_channel_t * channel){ 1122 if (!channel->credits_outgoing) return 0; 1123 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1124 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1125 } 1126 1127 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1128 1129 log_info("rfcomm_channel_opened!"); 1130 1131 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1132 rfcomm_emit_channel_opened(rfChannel, 0); 1133 rfcomm_emit_port_configuration(rfChannel); 1134 1135 // remove (potential) timer 1136 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1137 if (multiplexer->timer_active) { 1138 btstack_run_loop_remove_timer(&multiplexer->timer); 1139 multiplexer->timer_active = 0; 1140 } 1141 // hack for problem detecting authentication failure 1142 multiplexer->at_least_one_connection = 1; 1143 1144 // start next connection request if pending 1145 rfcomm_run(); 1146 } 1147 1148 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1149 const uint8_t frame_dlci = packet[0] >> 2; 1150 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1151 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1152 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1153 1154 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1155 if (!channel) return; 1156 1157 // handle new outgoing credits 1158 if (packet[1] == BT_RFCOMM_UIH_PF) { 1159 1160 // add them 1161 uint16_t new_credits = packet[3+length_offset]; 1162 channel->credits_outgoing += new_credits; 1163 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1164 1165 // notify channel statemachine 1166 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1167 rfcomm_channel_state_machine(channel, &channel_event); 1168 } 1169 1170 // contains payload? 1171 if (size - 1 > payload_offset){ 1172 1173 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1174 1175 // decrease incoming credit counter 1176 if (channel->credits_incoming > 0){ 1177 channel->credits_incoming--; 1178 } 1179 1180 // deliver payload 1181 (channel->packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1182 &packet[payload_offset], size-payload_offset-1); 1183 } 1184 1185 // automatically provide new credits to remote device, if no incoming flow control 1186 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1187 channel->new_credits_incoming =RFCOMM_CREDITS; 1188 } 1189 } 1190 1191 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1192 // priority of client request 1193 channel->pn_priority = event->priority; 1194 1195 // new credits 1196 channel->credits_outgoing = event->credits_outgoing; 1197 1198 // negotiate max frame size 1199 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1200 channel->max_frame_size = channel->multiplexer->max_frame_size; 1201 } 1202 if (channel->max_frame_size > event->max_frame_size) { 1203 channel->max_frame_size = event->max_frame_size; 1204 } 1205 1206 } 1207 1208 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1209 1210 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1211 1212 // remove from list 1213 btstack_linked_list_remove( &rfcomm_channels, (btstack_linked_item_t *) channel); 1214 1215 // free channel 1216 btstack_memory_rfcomm_channel_free(channel); 1217 1218 // update multiplexer timeout after channel was removed from list 1219 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1220 } 1221 1222 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1223 1224 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1225 1226 1227 // lookup existing channel 1228 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1229 1230 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1231 1232 if (channel) { 1233 rfcomm_channel_state_machine(channel, event); 1234 return; 1235 } 1236 1237 // service registered? 1238 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1239 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1240 if (!service) { 1241 // discard request by sending disconnected mode 1242 multiplexer->send_dm_for_dlci = dlci; 1243 return; 1244 } 1245 1246 // create channel for some events 1247 switch (event->type) { 1248 case CH_EVT_RCVD_SABM: 1249 case CH_EVT_RCVD_PN: 1250 case CH_EVT_RCVD_RPN_REQ: 1251 case CH_EVT_RCVD_RPN_CMD: 1252 // setup incoming channel 1253 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1254 if (!channel){ 1255 // discard request by sending disconnected mode 1256 multiplexer->send_dm_for_dlci = dlci; 1257 } 1258 break; 1259 default: 1260 break; 1261 } 1262 1263 if (!channel) { 1264 // discard request by sending disconnected mode 1265 multiplexer->send_dm_for_dlci = dlci; 1266 return; 1267 } 1268 rfcomm_channel_state_machine(channel, event); 1269 } 1270 1271 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1272 1273 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1274 const uint8_t frame_dlci = packet[0] >> 2; 1275 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1276 uint8_t message_len; // " 1277 1278 // rfcomm: (1) command/control 1279 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1280 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1281 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1282 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1283 // rfcomm: (3+length_offset) credits if credits_offset == 1 1284 // rfcomm: (3+length_offest+credits_offset) 1285 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1286 1287 rfcomm_channel_event_t event; 1288 rfcomm_channel_event_pn_t event_pn; 1289 rfcomm_channel_event_rpn_t event_rpn; 1290 rfcomm_channel_event_msc_t event_msc; 1291 1292 // switch by rfcomm message type 1293 switch(packet[1]) { 1294 1295 case BT_RFCOMM_SABM: 1296 event.type = CH_EVT_RCVD_SABM; 1297 log_info("Received SABM #%u", frame_dlci); 1298 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1299 break; 1300 1301 case BT_RFCOMM_UA: 1302 event.type = CH_EVT_RCVD_UA; 1303 log_info("Received UA #%u",frame_dlci); 1304 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1305 break; 1306 1307 case BT_RFCOMM_DISC: 1308 event.type = CH_EVT_RCVD_DISC; 1309 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1310 break; 1311 1312 case BT_RFCOMM_DM: 1313 case BT_RFCOMM_DM_PF: 1314 event.type = CH_EVT_RCVD_DM; 1315 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1316 break; 1317 1318 case BT_RFCOMM_UIH_PF: 1319 case BT_RFCOMM_UIH: 1320 1321 message_len = packet[payload_offset+1] >> 1; 1322 1323 switch (packet[payload_offset]) { 1324 case BT_RFCOMM_PN_CMD: 1325 message_dlci = packet[payload_offset+2]; 1326 event_pn.super.type = CH_EVT_RCVD_PN; 1327 event_pn.priority = packet[payload_offset+4]; 1328 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1329 event_pn.credits_outgoing = packet[payload_offset+9]; 1330 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1331 message_dlci, event_pn.credits_outgoing); 1332 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1333 break; 1334 1335 case BT_RFCOMM_PN_RSP: 1336 message_dlci = packet[payload_offset+2]; 1337 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1338 event_pn.priority = packet[payload_offset+4]; 1339 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1340 event_pn.credits_outgoing = packet[payload_offset+9]; 1341 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1342 event_pn.max_frame_size, event_pn.credits_outgoing); 1343 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1344 break; 1345 1346 case BT_RFCOMM_MSC_CMD: 1347 message_dlci = packet[payload_offset+2] >> 2; 1348 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1349 event_msc.modem_status = packet[payload_offset+3]; 1350 log_info("Received MSC CMD for #%u, ", message_dlci); 1351 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1352 break; 1353 1354 case BT_RFCOMM_MSC_RSP: 1355 message_dlci = packet[payload_offset+2] >> 2; 1356 event.type = CH_EVT_RCVD_MSC_RSP; 1357 log_info("Received MSC RSP for #%u", message_dlci); 1358 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1359 break; 1360 1361 case BT_RFCOMM_RPN_CMD: 1362 message_dlci = packet[payload_offset+2] >> 2; 1363 switch (message_len){ 1364 case 1: 1365 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1366 event.type = CH_EVT_RCVD_RPN_REQ; 1367 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1368 break; 1369 case 8: 1370 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1371 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1372 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1373 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1374 break; 1375 default: 1376 break; 1377 } 1378 break; 1379 1380 case BT_RFCOMM_RPN_RSP: 1381 log_info("Received RPN response"); 1382 break; 1383 1384 case BT_RFCOMM_RLS_CMD: { 1385 log_info("Received RLS command"); 1386 message_dlci = packet[payload_offset+2] >> 2; 1387 rfcomm_channel_event_rls_t event_rls; 1388 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1389 event_rls.line_status = packet[payload_offset+3]; 1390 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1391 break; 1392 } 1393 1394 case BT_RFCOMM_RLS_RSP: 1395 log_info("Received RLS response"); 1396 break; 1397 1398 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1399 // case BT_RFCOMM_TEST_CMD: 1400 // case BT_RFCOMM_FCOFF_CMD: 1401 // case BT_RFCOMM_FCON_CMD: 1402 // everything else is an not supported command 1403 default: { 1404 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1405 multiplexer->nsc_command = packet[payload_offset]; 1406 break; 1407 } 1408 } 1409 break; 1410 1411 default: 1412 log_error("Received unknown RFCOMM message type %x", packet[1]); 1413 break; 1414 } 1415 1416 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1417 rfcomm_run(); 1418 } 1419 1420 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1421 1422 // multiplexer handler 1423 int handled = 0; 1424 switch (packet_type) { 1425 case HCI_EVENT_PACKET: 1426 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1427 break; 1428 case L2CAP_DATA_PACKET: 1429 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1430 break; 1431 default: 1432 break; 1433 } 1434 1435 if (handled) { 1436 rfcomm_run(); 1437 return; 1438 } 1439 1440 // we only handle l2cap packets 1441 if (packet_type != L2CAP_DATA_PACKET) return; 1442 1443 // ... over open multiplexer channel now 1444 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1445 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) return; 1446 1447 // channel data ? 1448 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1449 const uint8_t frame_dlci = packet[0] >> 2; 1450 1451 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1452 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1453 rfcomm_run(); 1454 return; 1455 } 1456 1457 rfcomm_channel_packet_handler(multiplexer, packet, size); 1458 } 1459 1460 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1461 // note: exchanging MSC isn't neccessary to consider channel open 1462 // note: having outgoing credits is also not necessary to consider channel open 1463 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1464 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1465 // if (channel->credits_outgoing == 0) return 0; 1466 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u", 1467 channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing); 1468 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1469 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1470 1471 return 1; 1472 } 1473 1474 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1475 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1476 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1477 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1478 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1479 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1480 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1481 return 1; 1482 } 1483 1484 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1485 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1486 } 1487 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1488 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1489 } 1490 1491 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1492 1493 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1494 1495 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1496 1497 // TODO: integrate in common switch 1498 if (event->type == CH_EVT_RCVD_DISC){ 1499 rfcomm_emit_channel_closed(channel); 1500 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1501 return; 1502 } 1503 1504 // TODO: integrate in common switch 1505 if (event->type == CH_EVT_RCVD_DM){ 1506 log_info("Received DM message for #%u", channel->dlci); 1507 log_info("-> Closing channel locally for #%u", channel->dlci); 1508 rfcomm_emit_channel_closed(channel); 1509 rfcomm_channel_finalize(channel); 1510 return; 1511 } 1512 1513 // remote port negotiation command - just accept everything for now 1514 // 1515 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1516 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1517 // (Although the handling of individual settings are implementation-dependent.)" 1518 // 1519 1520 // TODO: integrate in common switch 1521 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1522 // control port parameters 1523 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1524 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1525 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1526 // notify client about new settings 1527 rfcomm_emit_port_configuration(channel); 1528 return; 1529 } 1530 1531 // TODO: integrate in common switch 1532 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1533 // no values got accepted (no values have beens sent) 1534 channel->rpn_data.parameter_mask_0 = 0x00; 1535 channel->rpn_data.parameter_mask_1 = 0x00; 1536 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1537 return; 1538 } 1539 1540 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1541 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1542 channel->rls_line_status = event_rls->line_status & 0x0f; 1543 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1544 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1545 return; 1546 } 1547 1548 // TODO: integrate in common swich 1549 if (event->type == CH_EVT_READY_TO_SEND){ 1550 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1551 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1552 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1553 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1554 return; 1555 } 1556 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1557 log_info("Sending MSC RSP for #%u", channel->dlci); 1558 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1559 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1560 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1561 return; 1562 } 1563 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1564 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1565 uint8_t line_status = channel->rls_line_status; 1566 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1567 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1568 return; 1569 } 1570 } 1571 1572 // emit MSC status to app 1573 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1574 // notify client about new settings 1575 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1576 uint8_t modem_status_event[2+1]; 1577 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1578 modem_status_event[1] = 1; 1579 modem_status_event[2] = event_msc->modem_status; 1580 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1581 // no return, MSC_CMD will be handled by state machine below 1582 } 1583 1584 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1585 1586 switch (channel->state) { 1587 case RFCOMM_CHANNEL_CLOSED: 1588 switch (event->type){ 1589 case CH_EVT_RCVD_SABM: 1590 log_info("-> Inform app"); 1591 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1592 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1593 rfcomm_emit_connection_request(channel); 1594 break; 1595 case CH_EVT_RCVD_PN: 1596 rfcomm_channel_accept_pn(channel, event_pn); 1597 log_info("-> Inform app"); 1598 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1599 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1600 rfcomm_emit_connection_request(channel); 1601 break; 1602 default: 1603 break; 1604 } 1605 break; 1606 1607 case RFCOMM_CHANNEL_INCOMING_SETUP: 1608 switch (event->type){ 1609 case CH_EVT_RCVD_SABM: 1610 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1611 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1612 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1613 } 1614 break; 1615 case CH_EVT_RCVD_PN: 1616 rfcomm_channel_accept_pn(channel, event_pn); 1617 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1618 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1619 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1620 } 1621 break; 1622 case CH_EVT_READY_TO_SEND: 1623 // if / else if is used to check for state transition after sending 1624 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1625 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1626 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1627 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1628 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1629 log_info("Sending UA #%u", channel->dlci); 1630 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1631 rfcomm_send_ua(multiplexer, channel->dlci); 1632 } 1633 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1634 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1635 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1636 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1637 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1638 } 1639 break; 1640 default: 1641 break; 1642 } 1643 break; 1644 1645 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1646 switch (event->type) { 1647 case CH_EVT_MULTIPLEXER_READY: 1648 log_info("Muliplexer opened, sending UIH PN next"); 1649 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1650 break; 1651 default: 1652 break; 1653 } 1654 break; 1655 1656 case RFCOMM_CHANNEL_SEND_UIH_PN: 1657 switch (event->type) { 1658 case CH_EVT_READY_TO_SEND: 1659 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1660 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1661 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1662 break; 1663 default: 1664 break; 1665 } 1666 break; 1667 1668 case RFCOMM_CHANNEL_W4_PN_RSP: 1669 switch (event->type){ 1670 case CH_EVT_RCVD_PN_RSP: 1671 // update max frame size 1672 if (channel->max_frame_size > event_pn->max_frame_size) { 1673 channel->max_frame_size = event_pn->max_frame_size; 1674 } 1675 // new credits 1676 channel->credits_outgoing = event_pn->credits_outgoing; 1677 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1678 break; 1679 default: 1680 break; 1681 } 1682 break; 1683 1684 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1685 switch (event->type) { 1686 case CH_EVT_READY_TO_SEND: 1687 log_info("Sending SABM #%u", channel->dlci); 1688 channel->state = RFCOMM_CHANNEL_W4_UA; 1689 rfcomm_send_sabm(multiplexer, channel->dlci); 1690 break; 1691 default: 1692 break; 1693 } 1694 break; 1695 1696 case RFCOMM_CHANNEL_W4_UA: 1697 switch (event->type){ 1698 case CH_EVT_RCVD_UA: 1699 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1700 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1701 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1702 break; 1703 default: 1704 break; 1705 } 1706 break; 1707 1708 case RFCOMM_CHANNEL_DLC_SETUP: 1709 switch (event->type){ 1710 case CH_EVT_RCVD_MSC_CMD: 1711 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1712 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1713 break; 1714 case CH_EVT_RCVD_MSC_RSP: 1715 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1716 break; 1717 1718 case CH_EVT_READY_TO_SEND: 1719 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1720 log_info("Sending MSC CMD for #%u", channel->dlci); 1721 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1722 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1723 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1724 break; 1725 } 1726 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1727 log_info("Providing credits for #%u", channel->dlci); 1728 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1729 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1730 1731 if (channel->new_credits_incoming) { 1732 uint8_t new_credits = channel->new_credits_incoming; 1733 channel->new_credits_incoming = 0; 1734 rfcomm_channel_send_credits(channel, new_credits); 1735 } 1736 break; 1737 1738 } 1739 break; 1740 default: 1741 break; 1742 } 1743 // finally done? 1744 if (rfcomm_channel_ready_for_open(channel)){ 1745 channel->state = RFCOMM_CHANNEL_OPEN; 1746 rfcomm_channel_opened(channel); 1747 } 1748 break; 1749 1750 case RFCOMM_CHANNEL_OPEN: 1751 switch (event->type){ 1752 case CH_EVT_RCVD_MSC_CMD: 1753 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1754 break; 1755 case CH_EVT_READY_TO_SEND: 1756 if (channel->new_credits_incoming) { 1757 uint8_t new_credits = channel->new_credits_incoming; 1758 channel->new_credits_incoming = 0; 1759 rfcomm_channel_send_credits(channel, new_credits); 1760 break; 1761 } 1762 break; 1763 case CH_EVT_RCVD_CREDITS: 1764 rfcomm_notify_channel_can_send(); 1765 break; 1766 default: 1767 break; 1768 } 1769 break; 1770 1771 case RFCOMM_CHANNEL_SEND_DM: 1772 switch (event->type) { 1773 case CH_EVT_READY_TO_SEND: 1774 log_info("Sending DM_PF for #%u", channel->dlci); 1775 // don't emit channel closed - channel was never open 1776 channel->state = RFCOMM_CHANNEL_CLOSED; 1777 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1778 rfcomm_channel_finalize(channel); 1779 break; 1780 default: 1781 break; 1782 } 1783 break; 1784 1785 case RFCOMM_CHANNEL_SEND_DISC: 1786 switch (event->type) { 1787 case CH_EVT_READY_TO_SEND: 1788 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1789 rfcomm_send_disc(multiplexer, channel->dlci); 1790 break; 1791 default: 1792 break; 1793 } 1794 break; 1795 1796 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1797 switch (event->type){ 1798 case CH_EVT_RCVD_UA: 1799 channel->state = RFCOMM_CHANNEL_CLOSED; 1800 rfcomm_emit_channel_closed(channel); 1801 rfcomm_channel_finalize(channel); 1802 break; 1803 default: 1804 break; 1805 } 1806 break; 1807 1808 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1809 switch (event->type) { 1810 case CH_EVT_READY_TO_SEND: 1811 log_info("Sending UA after DISC for #%u", channel->dlci); 1812 channel->state = RFCOMM_CHANNEL_CLOSED; 1813 rfcomm_send_ua(multiplexer, channel->dlci); 1814 rfcomm_channel_finalize(channel); 1815 break; 1816 default: 1817 break; 1818 } 1819 break; 1820 1821 default: 1822 break; 1823 } 1824 } 1825 1826 1827 // MARK: RFCOMM RUN 1828 // process outstanding signaling tasks 1829 static void rfcomm_run(void){ 1830 1831 btstack_linked_item_t *it; 1832 btstack_linked_item_t *next; 1833 1834 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1835 1836 next = it->next; // be prepared for removal of channel in state machine 1837 1838 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1839 1840 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1841 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1842 continue; 1843 } 1844 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1845 1846 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1847 } 1848 1849 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = next){ 1850 1851 next = it->next; // be prepared for removal of channel in state machine 1852 1853 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1854 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1855 1856 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1857 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1858 continue; 1859 } 1860 1861 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1862 rfcomm_channel_state_machine(channel, &event); 1863 } 1864 } 1865 1866 // MARK: RFCOMM BTstack API 1867 1868 void rfcomm_init(void){ 1869 rfcomm_client_cid_generator = 0; 1870 rfcomm_multiplexers = NULL; 1871 rfcomm_services = NULL; 1872 rfcomm_channels = NULL; 1873 rfcomm_security_level = LEVEL_2; 1874 } 1875 1876 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1877 rfcomm_security_level = security_level; 1878 } 1879 1880 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1881 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1882 if (!channel){ 1883 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1884 return 0; 1885 } 1886 int res = rfcomm_channel_can_send(channel); 1887 if (!res){ 1888 channel->waiting_for_can_send_now = 1; 1889 } 1890 return res; 1891 } 1892 1893 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1894 if (len > channel->max_frame_size){ 1895 log_error("rfcomm_send cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1896 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1897 } 1898 1899 if (!channel->credits_outgoing){ 1900 log_info("rfcomm_send cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1901 return RFCOMM_NO_OUTGOING_CREDITS; 1902 } 1903 1904 if ((channel->multiplexer->fcon & 1) == 0){ 1905 log_info("rfcomm_send cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 1906 return RFCOMM_AGGREGATE_FLOW_OFF; 1907 } 1908 return 0; 1909 } 1910 1911 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 1912 int rfcomm_reserve_packet_buffer(void){ 1913 return l2cap_reserve_packet_buffer(); 1914 } 1915 1916 void rfcomm_release_packet_buffer(void){ 1917 l2cap_release_packet_buffer(); 1918 } 1919 1920 uint8_t * rfcomm_get_outgoing_buffer(void){ 1921 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 1922 // address + control + length (16) + no credit field 1923 return &rfcomm_out_buffer[4]; 1924 } 1925 1926 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 1927 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1928 if (!channel){ 1929 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 1930 return 0; 1931 } 1932 return channel->max_frame_size; 1933 } 1934 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 1935 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1936 if (!channel){ 1937 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 1938 return 0; 1939 } 1940 1941 int err = rfcomm_assert_send_valid(channel, len); 1942 if (err) return err; 1943 if (!l2cap_can_send_prepared_packet_now(channel->multiplexer->l2cap_cid)){ 1944 log_error("rfcomm_send_prepared: l2cap cannot send now"); 1945 return BTSTACK_ACL_BUFFERS_FULL; 1946 } 1947 1948 // send might cause l2cap to emit new credits, update counters first 1949 channel->credits_outgoing--; 1950 1951 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 1952 1953 if (result != 0) { 1954 channel->credits_outgoing++; 1955 log_error("rfcomm_send_prepared: error %d", result); 1956 return result; 1957 } 1958 1959 return result; 1960 } 1961 1962 int rfcomm_send(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 1963 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1964 if (!channel){ 1965 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1966 return 1; 1967 } 1968 1969 int err = rfcomm_assert_send_valid(channel, len); 1970 if (err) return err; 1971 if (!l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid)){ 1972 log_error("rfcomm_send_internal: l2cap cannot send now"); 1973 return BTSTACK_ACL_BUFFERS_FULL; 1974 } 1975 1976 rfcomm_reserve_packet_buffer(); 1977 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 1978 memcpy(rfcomm_payload, data, len); 1979 err = rfcomm_send_prepared(rfcomm_cid, len); 1980 if (err){ 1981 rfcomm_release_packet_buffer(); 1982 } 1983 return err; 1984 } 1985 1986 // Sends Local Lnie Status, see LINE_STATUS_.. 1987 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 1988 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1989 if (!channel){ 1990 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 1991 return 0; 1992 } 1993 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 1994 } 1995 1996 // Sned local modem status. see MODEM_STAUS_.. 1997 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 1998 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1999 if (!channel){ 2000 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2001 return 0; 2002 } 2003 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2004 } 2005 2006 // Configure remote port 2007 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2008 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2009 if (!channel){ 2010 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2011 return 0; 2012 } 2013 rfcomm_rpn_data_t rpn_data; 2014 rpn_data.baud_rate = baud_rate; 2015 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2016 rpn_data.flow_control = flow_control; 2017 rpn_data.xon = 0; 2018 rpn_data.xoff = 0; 2019 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2020 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2021 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2022 } 2023 2024 // Query remote port 2025 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2026 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2027 if (!channel){ 2028 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2029 return 0; 2030 } 2031 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2032 } 2033 2034 2035 static uint8_t rfcomm_channel_create_internal(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2036 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2037 2038 // create new multiplexer if necessary 2039 uint8_t status = 0; 2040 int new_multiplexer = 0; 2041 rfcomm_channel_t * channel = NULL; 2042 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2043 if (!multiplexer) { 2044 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2045 if (!multiplexer){ 2046 status = BTSTACK_MEMORY_ALLOC_FAILED; 2047 goto fail; 2048 } 2049 multiplexer->outgoing = 1; 2050 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2051 new_multiplexer = 1; 2052 } 2053 2054 // prepare channel 2055 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2056 if (!channel){ 2057 status = BTSTACK_MEMORY_ALLOC_FAILED; 2058 goto fail; 2059 } 2060 2061 // rfcomm_cid is already assigned by rfcomm_channel_create 2062 channel->incoming_flow_control = incoming_flow_control; 2063 channel->new_credits_incoming = initial_credits; 2064 channel->packet_handler = packet_handler; 2065 2066 // return rfcomm_cid 2067 if (out_rfcomm_cid){ 2068 *out_rfcomm_cid = channel->rfcomm_cid; 2069 } 2070 2071 // start multiplexer setup 2072 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2073 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2074 uint16_t l2cap_cid = 0; 2075 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2076 if (status) goto fail; 2077 multiplexer->l2cap_cid = l2cap_cid; 2078 return 0; 2079 } 2080 2081 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2082 2083 // start connecting, if multiplexer is already up and running 2084 rfcomm_run(); 2085 return 0; 2086 2087 fail: 2088 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2089 if (channel) btstack_memory_rfcomm_channel_free(channel); 2090 return status; 2091 } 2092 2093 uint8_t rfcomm_create_channel_with_initial_credits(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2094 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2095 } 2096 2097 uint8_t rfcomm_create_channel(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2098 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2099 } 2100 2101 void rfcomm_disconnect(uint16_t rfcomm_cid){ 2102 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2103 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2104 if (channel) { 2105 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2106 } 2107 2108 // process 2109 rfcomm_run(); 2110 } 2111 2112 static uint8_t rfcomm_register_service_internal(btstack_packet_handler_t packet_handler, 2113 uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2114 2115 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2116 channel, max_frame_size, incoming_flow_control, initial_credits); 2117 2118 // check if already registered 2119 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2120 if (service){ 2121 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2122 } 2123 2124 // alloc structure 2125 service = btstack_memory_rfcomm_service_get(); 2126 if (!service) { 2127 return BTSTACK_MEMORY_ALLOC_FAILED; 2128 } 2129 2130 // register with l2cap if not registered before, max MTU 2131 if (btstack_linked_list_empty(&rfcomm_services)){ 2132 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2133 } 2134 2135 // fill in 2136 service->packet_handler = packet_handler; 2137 service->server_channel = channel; 2138 service->max_frame_size = max_frame_size; 2139 service->incoming_flow_control = incoming_flow_control; 2140 service->incoming_initial_credits = initial_credits; 2141 2142 // add to services list 2143 btstack_linked_list_add(&rfcomm_services, (btstack_linked_item_t *) service); 2144 2145 return 0; 2146 } 2147 2148 uint8_t rfcomm_register_service_with_initial_credits(btstack_packet_handler_t packet_handler, 2149 uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2150 2151 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 1, initial_credits); 2152 } 2153 2154 uint8_t rfcomm_register_service(btstack_packet_handler_t packet_handler, uint8_t channel, 2155 uint16_t max_frame_size){ 2156 2157 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 0,RFCOMM_CREDITS); 2158 } 2159 2160 void rfcomm_unregister_service(uint8_t service_channel){ 2161 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2162 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2163 if (!service) return; 2164 btstack_linked_list_remove(&rfcomm_services, (btstack_linked_item_t *) service); 2165 btstack_memory_rfcomm_service_free(service); 2166 2167 // unregister if no services active 2168 if (btstack_linked_list_empty(&rfcomm_services)){ 2169 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2170 l2cap_unregister_service(PSM_RFCOMM); 2171 } 2172 } 2173 2174 void rfcomm_accept_connection(uint16_t rfcomm_cid){ 2175 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2176 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2177 if (!channel) return; 2178 switch (channel->state) { 2179 case RFCOMM_CHANNEL_INCOMING_SETUP: 2180 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2181 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2182 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2183 } 2184 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2185 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2186 } 2187 // at least one of { PN RSP, UA } needs to be sent 2188 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2189 break; 2190 default: 2191 break; 2192 } 2193 2194 // process 2195 rfcomm_run(); 2196 } 2197 2198 void rfcomm_decline_connection(uint16_t rfcomm_cid){ 2199 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2200 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2201 if (!channel) return; 2202 switch (channel->state) { 2203 case RFCOMM_CHANNEL_INCOMING_SETUP: 2204 channel->state = RFCOMM_CHANNEL_SEND_DM; 2205 break; 2206 default: 2207 break; 2208 } 2209 2210 // process 2211 rfcomm_run(); 2212 } 2213 2214 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2215 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2216 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2217 if (!channel) return; 2218 if (!channel->incoming_flow_control) return; 2219 channel->new_credits_incoming += credits; 2220 2221 // process 2222 rfcomm_run(); 2223 } 2224 2225 2226 /* 2227 * CRC (reversed crc) lookup table as calculated by the table generator in ETSI TS 101 369 V6.3.0. 2228 */ 2229 static const uint8_t crc8table[256] = { /* reversed, 8-bit, poly=0x07 */ 2230 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 2231 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 2232 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 2233 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 2234 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 2235 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 2236 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 2237 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 2238 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 2239 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 2240 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 2241 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 2242 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 2243 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 2244 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 2245 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 2246 }; 2247 2248 #define CRC8_INIT 0xFF // Initial FCS value 2249 #define CRC8_OK 0xCF // Good final FCS value 2250 /*-----------------------------------------------------------------------------------*/ 2251 static uint8_t crc8(uint8_t *data, uint16_t len) 2252 { 2253 uint16_t count; 2254 uint8_t crc = CRC8_INIT; 2255 for (count = 0; count < len; count++) 2256 crc = crc8table[crc ^ data[count]]; 2257 return crc; 2258 } 2259 2260 /*-----------------------------------------------------------------------------------*/ 2261 uint8_t crc8_check(uint8_t *data, uint16_t len, uint8_t check_sum) 2262 { 2263 uint8_t crc; 2264 2265 crc = crc8(data, len); 2266 2267 crc = crc8table[crc ^ check_sum]; 2268 if (crc == CRC8_OK) 2269 return 0; /* Valid */ 2270 else 2271 return 1; /* Failed */ 2272 2273 } 2274 2275 /*-----------------------------------------------------------------------------------*/ 2276 uint8_t crc8_calc(uint8_t *data, uint16_t len) 2277 { 2278 /* Ones complement */ 2279 return 0xFF - crc8(data, len); 2280 } 2281 2282 2283 2284 2285