1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "btstack_debug.h" 48 #include "btstack_event.h" 49 #include "btstack_memory.h" 50 #include "btstack_util.h" 51 #include "classic/core.h" 52 #include "classic/rfcomm.h" 53 #include "hci.h" 54 #include "hci_cmd.h" 55 #include "hci_dump.h" 56 #include "l2cap.h" 57 58 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 59 #ifndef PRIxPTR 60 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 61 #define PRIxPTR "lx" 62 #else 63 #define PRIxPTR "x" 64 #endif 65 #endif 66 67 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 68 69 #define RFCOMM_CREDITS 10 70 71 // FCS calc 72 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 73 #define BT_RFCOMM_CRC_CHECK_LEN 3 74 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 75 76 77 typedef enum { 78 CH_EVT_RCVD_SABM = 1, 79 CH_EVT_RCVD_UA, 80 CH_EVT_RCVD_PN, 81 CH_EVT_RCVD_PN_RSP, 82 CH_EVT_RCVD_DISC, 83 CH_EVT_RCVD_DM, 84 CH_EVT_RCVD_MSC_CMD, 85 CH_EVT_RCVD_MSC_RSP, 86 CH_EVT_RCVD_NSC_RSP, 87 CH_EVT_RCVD_RLS_CMD, 88 CH_EVT_RCVD_RLS_RSP, 89 CH_EVT_RCVD_RPN_CMD, 90 CH_EVT_RCVD_RPN_REQ, 91 CH_EVT_RCVD_CREDITS, 92 CH_EVT_MULTIPLEXER_READY, 93 CH_EVT_READY_TO_SEND, 94 } RFCOMM_CHANNEL_EVENT; 95 96 typedef struct rfcomm_channel_event { 97 RFCOMM_CHANNEL_EVENT type; 98 uint16_t dummy; // force rfcomm_channel_event to be 2-byte aligned -> avoid -Wcast-align warning 99 } rfcomm_channel_event_t; 100 101 typedef struct rfcomm_channel_event_pn { 102 rfcomm_channel_event_t super; 103 uint16_t max_frame_size; 104 uint8_t priority; 105 uint8_t credits_outgoing; 106 } rfcomm_channel_event_pn_t; 107 108 typedef struct rfcomm_channel_event_rpn { 109 rfcomm_channel_event_t super; 110 rfcomm_rpn_data_t data; 111 } rfcomm_channel_event_rpn_t; 112 113 typedef struct rfcomm_channel_event_rls { 114 rfcomm_channel_event_t super; 115 uint8_t line_status; 116 } rfcomm_channel_event_rls_t; 117 118 typedef struct rfcomm_channel_event_msc { 119 rfcomm_channel_event_t super; 120 uint8_t modem_status; 121 } rfcomm_channel_event_msc_t; 122 123 124 // global rfcomm data 125 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 126 127 // linked lists for all 128 static btstack_linked_list_t rfcomm_multiplexers = NULL; 129 static btstack_linked_list_t rfcomm_channels = NULL; 130 static btstack_linked_list_t rfcomm_services = NULL; 131 132 static gap_security_level_t rfcomm_security_level; 133 134 static int rfcomm_channel_can_send(rfcomm_channel_t * channel); 135 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 136 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 137 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 138 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel); 139 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 140 static void rfcomm_run(void); 141 142 // MARK: RFCOMM CLIENT EVENTS 143 144 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 145 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 146 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 147 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 148 uint8_t event[11]; 149 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 150 event[1] = sizeof(event) - 2; 151 reverse_bd_addr(channel->multiplexer->remote_addr, &event[2]); 152 event[8] = channel->dlci >> 1; 153 little_endian_store_16(event, 9, channel->rfcomm_cid); 154 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 155 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 156 } 157 158 // API Change: BTstack-0.3.50x uses 159 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 160 // next Cydia release will use SVN version of this 161 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 162 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 163 log_info("RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 164 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 165 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 166 uint8_t event[16]; 167 uint8_t pos = 0; 168 event[pos++] = RFCOMM_EVENT_OPEN_CHANNEL_COMPLETE; // 0 169 event[pos++] = sizeof(event) - 2; // 1 170 event[pos++] = status; // 2 171 reverse_bd_addr(channel->multiplexer->remote_addr, &event[pos]); pos += 6; // 3 172 little_endian_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 173 event[pos++] = channel->dlci >> 1; // 11 174 little_endian_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 175 little_endian_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 176 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 177 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, pos); 178 179 // if channel opened successfully, also send can send now if possible 180 if (status) return; 181 if (rfcomm_channel_can_send(channel)){ 182 rfcomm_emit_can_send_now(channel); 183 } else { 184 channel->waiting_for_can_send_now = 1; 185 } 186 } 187 188 // data: event(8), len(8), rfcomm_cid(16) 189 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 190 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 191 uint8_t event[4]; 192 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 193 event[1] = sizeof(event) - 2; 194 little_endian_store_16(event, 2, channel->rfcomm_cid); 195 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 196 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 197 } 198 199 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 200 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 201 uint8_t event[5]; 202 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 203 event[1] = sizeof(event) - 2; 204 little_endian_store_16(event, 2, channel->rfcomm_cid); 205 event[4] = line_status; 206 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 207 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 208 } 209 210 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 211 // notify client about new settings 212 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 213 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 214 event[1] = sizeof(rfcomm_rpn_data_t); 215 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 216 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 217 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 218 } 219 220 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel) { 221 log_info("RFCOMM_EVENT_CHANNEL_CAN_SEND_NOW local_cid 0x%x", channel->rfcomm_cid); 222 uint8_t event[4]; 223 event[0] = RFCOMM_EVENT_CAN_SEND_NOW; 224 event[1] = sizeof(event) - 2; 225 little_endian_store_16(event, 2, channel->rfcomm_cid); 226 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 227 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 228 } 229 230 // MARK RFCOMM RPN DATA HELPER 231 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 232 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 233 rpn_data->flags = 0x03; /* 8-n-1 */ 234 rpn_data->flow_control = 0; /* no flow control */ 235 rpn_data->xon = 0xd1; /* XON */ 236 rpn_data->xoff = 0xd3; /* XOFF */ 237 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 238 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 239 } 240 241 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 242 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 243 dest->baud_rate = src->baud_rate; 244 } 245 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 246 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 247 } 248 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 249 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 250 } 251 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 252 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 253 } 254 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 255 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 256 } 257 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 258 dest->xon = src->xon; 259 } 260 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 261 dest->xoff = src->xoff; 262 } 263 int i; 264 for (i=0; i < 6 ; i++){ 265 uint8_t mask = 1 << i; 266 if (src->parameter_mask_1 & mask){ 267 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 268 } 269 } 270 // always copy parameter mask, too. informative for client, needed for response 271 dest->parameter_mask_0 = src->parameter_mask_0; 272 dest->parameter_mask_1 = src->parameter_mask_1; 273 } 274 // MARK: RFCOMM MULTIPLEXER HELPER 275 276 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 277 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 278 uint16_t max_frame_size = l2cap_mtu - 5; 279 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 280 return max_frame_size; 281 } 282 283 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 284 285 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 286 287 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 288 multiplexer->fcon = 1; 289 multiplexer->send_dm_for_dlci = 0; 290 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 291 multiplexer->test_data_len = 0; 292 multiplexer->nsc_command = 0; 293 } 294 295 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 296 297 // alloc structure 298 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 299 if (!multiplexer) return NULL; 300 301 // fill in 302 rfcomm_multiplexer_initialize(multiplexer); 303 bd_addr_copy(multiplexer->remote_addr, addr); 304 305 // add to services list 306 btstack_linked_list_add(&rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 307 308 return multiplexer; 309 } 310 311 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 312 btstack_linked_item_t *it; 313 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 314 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 315 if (bd_addr_cmp(addr, multiplexer->remote_addr) == 0) { 316 return multiplexer; 317 }; 318 } 319 return NULL; 320 } 321 322 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 323 btstack_linked_item_t *it; 324 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 325 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 326 if (multiplexer->l2cap_cid == l2cap_cid) { 327 return multiplexer; 328 }; 329 } 330 return NULL; 331 } 332 333 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 334 btstack_linked_item_t *it; 335 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 336 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 337 if (channel->multiplexer == multiplexer) { 338 return 1; 339 } 340 } 341 return 0; 342 } 343 344 // MARK: RFCOMM CHANNEL HELPER 345 346 static void rfcomm_dump_channels(void){ 347 btstack_linked_item_t * it; 348 int channels = 0; 349 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 350 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 351 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 352 channels++; 353 } 354 } 355 356 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 357 rfcomm_service_t *service, uint8_t server_channel){ 358 359 // don't use 0 as channel id 360 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 361 362 // setup channel 363 memset(channel, 0, sizeof(rfcomm_channel_t)); 364 365 // set defaults for port configuration (even for services) 366 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 367 368 channel->state = RFCOMM_CHANNEL_CLOSED; 369 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 370 371 channel->multiplexer = multiplexer; 372 channel->rfcomm_cid = rfcomm_client_cid_generator++; 373 channel->max_frame_size = multiplexer->max_frame_size; 374 375 channel->credits_incoming = 0; 376 channel->credits_outgoing = 0; 377 378 // incoming flow control not active 379 channel->new_credits_incoming = RFCOMM_CREDITS; 380 channel->incoming_flow_control = 0; 381 382 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 383 384 channel->service = service; 385 if (service) { 386 // incoming connection 387 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 388 if (channel->max_frame_size > service->max_frame_size) { 389 channel->max_frame_size = service->max_frame_size; 390 } 391 channel->incoming_flow_control = service->incoming_flow_control; 392 channel->new_credits_incoming = service->incoming_initial_credits; 393 channel->packet_handler = service->packet_handler; 394 } else { 395 // outgoing connection 396 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 397 } 398 } 399 400 // service == NULL -> outgoing channel 401 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 402 rfcomm_service_t * service, uint8_t server_channel){ 403 404 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 405 rfcomm_dump_channels(); 406 407 // alloc structure 408 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 409 if (!channel) return NULL; 410 411 // fill in 412 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 413 414 // add to services list 415 btstack_linked_list_add(&rfcomm_channels, (btstack_linked_item_t *) channel); 416 417 return channel; 418 } 419 420 static void rfcomm_notify_channel_can_send(void){ 421 btstack_linked_list_iterator_t it; 422 btstack_linked_list_iterator_init(&it, &rfcomm_channels); 423 while (btstack_linked_list_iterator_has_next(&it)){ 424 rfcomm_channel_t * channel = (rfcomm_channel_t *) btstack_linked_list_iterator_next(&it); 425 if (!channel->waiting_for_can_send_now) continue; // didn't try to send yet 426 if (!rfcomm_channel_can_send(channel)) continue; // or cannot yet either 427 428 channel->waiting_for_can_send_now = 0; 429 rfcomm_emit_can_send_now(channel); 430 } 431 } 432 433 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 434 btstack_linked_item_t *it; 435 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 436 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 437 if (channel->rfcomm_cid == rfcomm_cid) { 438 return channel; 439 }; 440 } 441 return NULL; 442 } 443 444 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 445 btstack_linked_item_t *it; 446 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 447 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 448 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 449 return channel; 450 }; 451 } 452 return NULL; 453 } 454 455 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 456 btstack_linked_item_t *it; 457 for (it = (btstack_linked_item_t *) rfcomm_services; it ; it = it->next){ 458 rfcomm_service_t * service = ((rfcomm_service_t *) it); 459 if ( service->server_channel == server_channel){ 460 return service; 461 }; 462 } 463 return NULL; 464 } 465 466 // MARK: RFCOMM SEND 467 468 /** 469 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 470 */ 471 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 472 473 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 474 475 l2cap_reserve_packet_buffer(); 476 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 477 478 uint16_t pos = 0; 479 uint8_t crc_fields = 3; 480 481 rfcomm_out_buffer[pos++] = address; 482 rfcomm_out_buffer[pos++] = control; 483 484 // length field can be 1 or 2 octets 485 if (len < 128){ 486 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 487 } else { 488 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 489 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 490 crc_fields++; 491 } 492 493 // add credits for UIH frames when PF bit is set 494 if (control == BT_RFCOMM_UIH_PF){ 495 rfcomm_out_buffer[pos++] = credits; 496 } 497 498 // copy actual data 499 if (len) { 500 memcpy(&rfcomm_out_buffer[pos], data, len); 501 pos += len; 502 } 503 504 // UIH frames only calc FCS over address + control (5.1.1) 505 if ((control & 0xef) == BT_RFCOMM_UIH){ 506 crc_fields = 2; 507 } 508 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 509 510 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 511 512 return err; 513 } 514 515 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 516 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 517 518 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 519 uint8_t control = BT_RFCOMM_UIH; 520 521 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 522 523 uint16_t pos = 0; 524 rfcomm_out_buffer[pos++] = address; 525 rfcomm_out_buffer[pos++] = control; 526 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 527 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 528 529 // actual data is already in place 530 pos += len; 531 532 // UIH frames only calc FCS over address + control (5.1.1) 533 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 534 535 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 536 537 return err; 538 } 539 540 // C/R Flag in Address 541 // - terms: initiator = station that creates multiplexer with SABM 542 // - terms: responder = station that responds to multiplexer setup with UA 543 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 544 // - command initiator = 1 /response responder = 1 545 // - command responder = 0 /response initiator = 0 546 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 547 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 548 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 549 550 // C/R Flag in Message 551 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 552 // - If the C/R bit is set to 1 the message is a command 553 // - if it is set to 0 the message is a response. 554 555 // temp/old messge construction 556 557 // new object oriented version 558 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 559 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 560 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 561 } 562 563 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 564 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 565 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 566 } 567 568 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 569 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 570 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 571 } 572 573 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 574 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 575 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 576 } 577 578 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 579 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 580 uint8_t payload[2]; 581 uint8_t pos = 0; 582 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 583 payload[pos++] = (0 << 1) | 1; // len 584 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 585 } 586 587 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 588 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 589 // uint8_t payload[2+len]; 590 // uint8_t pos = 0; 591 // payload[pos++] = BT_RFCOMM_TEST_CMD; 592 // payload[pos++] = (len + 1) << 1 | 1; // len 593 // memcpy(&payload[pos], data, len); 594 // pos += len; 595 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 596 // } 597 598 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 599 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 600 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 601 uint8_t pos = 0; 602 payload[pos++] = BT_RFCOMM_TEST_RSP; 603 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 604 len = RFCOMM_TEST_DATA_MAX_LEN; 605 } 606 payload[pos++] = (len << 1) | 1; // len 607 memcpy(&payload[pos], data, len); 608 pos += len; 609 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 610 } 611 612 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 613 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 614 uint8_t payload[4]; 615 uint8_t pos = 0; 616 payload[pos++] = BT_RFCOMM_MSC_CMD; 617 payload[pos++] = (2 << 1) | 1; // len 618 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 619 payload[pos++] = signals; 620 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 621 } 622 623 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 624 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 625 uint8_t payload[4]; 626 uint8_t pos = 0; 627 payload[pos++] = BT_RFCOMM_MSC_RSP; 628 payload[pos++] = (2 << 1) | 1; // len 629 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 630 payload[pos++] = signals; 631 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 632 } 633 634 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 635 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 636 uint8_t payload[3]; 637 uint8_t pos = 0; 638 payload[pos++] = BT_RFCOMM_NSC_RSP; 639 payload[pos++] = (1 << 1) | 1; // len 640 payload[pos++] = command; 641 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 642 } 643 644 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 645 uint8_t payload[10]; 646 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 647 uint8_t pos = 0; 648 payload[pos++] = BT_RFCOMM_PN_CMD; 649 payload[pos++] = (8 << 1) | 1; // len 650 payload[pos++] = dlci; 651 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 652 payload[pos++] = 0; // priority 653 payload[pos++] = 0; // max 60 seconds ack 654 payload[pos++] = max_frame_size & 0xff; // max framesize low 655 payload[pos++] = max_frame_size >> 8; // max framesize high 656 payload[pos++] = 0x00; // number of retransmissions 657 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 658 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 659 } 660 661 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." rfcomm_tutorial.pdf 662 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 663 uint8_t priority, uint16_t max_frame_size){ 664 uint8_t payload[10]; 665 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 666 uint8_t pos = 0; 667 payload[pos++] = BT_RFCOMM_PN_RSP; 668 payload[pos++] = (8 << 1) | 1; // len 669 payload[pos++] = dlci; 670 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 671 payload[pos++] = priority; // priority 672 payload[pos++] = 0; // max 60 seconds ack 673 payload[pos++] = max_frame_size & 0xff; // max framesize low 674 payload[pos++] = max_frame_size >> 8; // max framesize high 675 payload[pos++] = 0x00; // number of retransmissions 676 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 677 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 678 } 679 680 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 681 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 682 uint8_t payload[4]; 683 uint8_t pos = 0; 684 payload[pos++] = BT_RFCOMM_RLS_CMD; 685 payload[pos++] = (2 << 1) | 1; // len 686 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 687 payload[pos++] = line_status; 688 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 689 } 690 691 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 692 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 693 uint8_t payload[4]; 694 uint8_t pos = 0; 695 payload[pos++] = BT_RFCOMM_RLS_RSP; 696 payload[pos++] = (2 << 1) | 1; // len 697 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 698 payload[pos++] = line_status; 699 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 700 } 701 702 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 703 uint8_t payload[10]; 704 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 705 uint8_t pos = 0; 706 payload[pos++] = BT_RFCOMM_RPN_CMD; 707 payload[pos++] = (8 << 1) | 1; // len 708 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 709 payload[pos++] = rpn_data->baud_rate; 710 payload[pos++] = rpn_data->flags; 711 payload[pos++] = rpn_data->flow_control; 712 payload[pos++] = rpn_data->xon; 713 payload[pos++] = rpn_data->xoff; 714 payload[pos++] = rpn_data->parameter_mask_0; 715 payload[pos++] = rpn_data->parameter_mask_1; 716 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 717 } 718 719 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 720 uint8_t payload[3]; 721 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 722 uint8_t pos = 0; 723 payload[pos++] = BT_RFCOMM_RPN_CMD; 724 payload[pos++] = (1 << 1) | 1; // len 725 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 726 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 727 } 728 729 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 730 uint8_t payload[10]; 731 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 732 uint8_t pos = 0; 733 payload[pos++] = BT_RFCOMM_RPN_RSP; 734 payload[pos++] = (8 << 1) | 1; // len 735 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 736 payload[pos++] = rpn_data->baud_rate; 737 payload[pos++] = rpn_data->flags; 738 payload[pos++] = rpn_data->flow_control; 739 payload[pos++] = rpn_data->xon; 740 payload[pos++] = rpn_data->xoff; 741 payload[pos++] = rpn_data->parameter_mask_0; 742 payload[pos++] = rpn_data->parameter_mask_1; 743 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 744 } 745 746 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 747 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 748 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 749 } 750 751 // MARK: RFCOMM MULTIPLEXER 752 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 753 if (multiplexer->timer_active) { 754 btstack_run_loop_remove_timer(&multiplexer->timer); 755 multiplexer->timer_active = 0; 756 } 757 } 758 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 759 btstack_linked_list_remove( &rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 760 btstack_memory_rfcomm_multiplexer_free(multiplexer); 761 } 762 763 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 764 // remove (potential) timer 765 rfcomm_multiplexer_stop_timer(multiplexer); 766 767 // close and remove all channels 768 btstack_linked_item_t *it = (btstack_linked_item_t *) &rfcomm_channels; 769 while (it->next){ 770 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 771 if (channel->multiplexer == multiplexer) { 772 // emit appropriate events 773 if (channel->state == RFCOMM_CHANNEL_OPEN) { 774 rfcomm_emit_channel_closed(channel); 775 } else { 776 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 777 } 778 // remove from list 779 it->next = it->next->next; 780 // free channel struct 781 btstack_memory_rfcomm_channel_free(channel); 782 } else { 783 it = it->next; 784 } 785 } 786 787 // remove mutliplexer 788 rfcomm_multiplexer_free(multiplexer); 789 } 790 791 static void rfcomm_multiplexer_timer_handler(btstack_timer_source_t *timer){ 792 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t*) btstack_run_loop_get_timer_context(timer); 793 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 794 795 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 796 uint16_t l2cap_cid = multiplexer->l2cap_cid; 797 rfcomm_multiplexer_finalize(multiplexer); 798 l2cap_disconnect(l2cap_cid, 0x13); 799 } 800 801 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 802 if (multiplexer->timer_active) { 803 btstack_run_loop_remove_timer(&multiplexer->timer); 804 multiplexer->timer_active = 0; 805 } 806 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 807 808 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 809 btstack_run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 810 btstack_run_loop_set_timer_handler(&multiplexer->timer, rfcomm_multiplexer_timer_handler); 811 btstack_run_loop_set_timer_context(&multiplexer->timer, multiplexer); 812 btstack_run_loop_add_timer(&multiplexer->timer); 813 multiplexer->timer_active = 1; 814 } 815 816 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 817 log_info("Multiplexer up and running"); 818 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 819 820 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 821 822 // transition of channels that wait for multiplexer 823 btstack_linked_item_t *it; 824 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 825 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 826 if (channel->multiplexer != multiplexer) continue; 827 rfcomm_channel_state_machine(channel, &event); 828 } 829 830 rfcomm_run(); 831 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 832 } 833 834 835 /** 836 * @return handled packet 837 */ 838 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 839 bd_addr_t event_addr; 840 uint16_t psm; 841 uint16_t l2cap_cid; 842 hci_con_handle_t con_handle; 843 rfcomm_multiplexer_t *multiplexer = NULL; 844 uint8_t status; 845 846 switch (hci_event_packet_get_type(packet)) { 847 848 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 849 case L2CAP_EVENT_INCOMING_CONNECTION: 850 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 851 reverse_bd_addr(&packet[2], event_addr); 852 con_handle = little_endian_read_16(packet, 8); 853 psm = little_endian_read_16(packet, 10); 854 l2cap_cid = little_endian_read_16(packet, 12); 855 856 if (psm != PSM_RFCOMM) break; 857 858 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 859 860 if (multiplexer) { 861 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 862 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 863 return 1; 864 } 865 866 // create and inititialize new multiplexer instance (incoming) 867 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 868 if (!multiplexer){ 869 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 870 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 871 return 1; 872 } 873 874 multiplexer->con_handle = con_handle; 875 multiplexer->l2cap_cid = l2cap_cid; 876 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 877 878 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 879 l2cap_accept_connection(l2cap_cid); 880 return 1; 881 882 // l2cap connection opened -> store l2cap_cid, remote_addr 883 case L2CAP_EVENT_CHANNEL_OPENED: 884 885 if (little_endian_read_16(packet, 11) != PSM_RFCOMM) break; 886 887 status = packet[2]; 888 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 889 890 // get multiplexer for remote addr 891 con_handle = little_endian_read_16(packet, 9); 892 l2cap_cid = little_endian_read_16(packet, 13); 893 reverse_bd_addr(&packet[3], event_addr); 894 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 895 if (!multiplexer) { 896 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 897 return 1; 898 } 899 900 // on l2cap open error discard everything 901 if (status){ 902 903 // remove (potential) timer 904 rfcomm_multiplexer_stop_timer(multiplexer); 905 906 // emit rfcomm_channel_opened with status and free channel 907 btstack_linked_item_t * it = (btstack_linked_item_t *) &rfcomm_channels; 908 while (it->next) { 909 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 910 if (channel->multiplexer == multiplexer){ 911 rfcomm_emit_channel_opened(channel, status); 912 it->next = it->next->next; 913 btstack_memory_rfcomm_channel_free(channel); 914 } else { 915 it = it->next; 916 } 917 } 918 919 // free multiplexer 920 rfcomm_multiplexer_free(multiplexer); 921 return 1; 922 } 923 924 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 925 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 926 // wrong remote addr 927 if (bd_addr_cmp(event_addr, multiplexer->remote_addr)) break; 928 multiplexer->l2cap_cid = l2cap_cid; 929 multiplexer->con_handle = con_handle; 930 // send SABM #0 931 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 932 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 933 934 // set max frame size based on l2cap MTU 935 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(little_endian_read_16(packet, 17)); 936 } 937 return 1; 938 939 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 940 941 // Notify channel packet handler if they can send now 942 case L2CAP_EVENT_CAN_SEND_NOW: 943 rfcomm_run(); // rfcomm signaling packets first 944 rfcomm_notify_channel_can_send(); 945 break; 946 947 case L2CAP_EVENT_CHANNEL_CLOSED: 948 // data: event (8), len(8), channel (16) 949 l2cap_cid = little_endian_read_16(packet, 2); 950 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 951 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 952 if (!multiplexer) break; 953 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 954 switch (multiplexer->state) { 955 case RFCOMM_MULTIPLEXER_W4_CONNECT: 956 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 957 case RFCOMM_MULTIPLEXER_W4_SABM_0: 958 case RFCOMM_MULTIPLEXER_SEND_UA_0: 959 case RFCOMM_MULTIPLEXER_W4_UA_0: 960 case RFCOMM_MULTIPLEXER_OPEN: 961 // don't call l2cap_disconnect as it's alreay closed 962 rfcomm_multiplexer_finalize(multiplexer); 963 return 1; 964 default: 965 break; 966 } 967 break; 968 default: 969 break; 970 } 971 return 0; 972 } 973 974 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 975 976 // get or create a multiplexer for a certain device 977 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 978 if (!multiplexer) return 0; 979 980 uint16_t l2cap_cid = multiplexer->l2cap_cid; 981 982 // but only care for multiplexer control channel 983 uint8_t frame_dlci = packet[0] >> 2; 984 if (frame_dlci) return 0; 985 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 986 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 987 const uint8_t payload_offset = 3 + length_offset + credit_offset; 988 switch (packet[1]){ 989 990 case BT_RFCOMM_SABM: 991 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 992 log_info("Received SABM #0"); 993 multiplexer->outgoing = 0; 994 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 995 return 1; 996 } 997 break; 998 999 case BT_RFCOMM_UA: 1000 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 1001 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 1002 log_info("Received UA #0 "); 1003 rfcomm_multiplexer_opened(multiplexer); 1004 return 1; 1005 } 1006 break; 1007 1008 case BT_RFCOMM_DISC: 1009 // DISC #0 -> send UA #0, close multiplexer 1010 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 1011 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 1012 return 1; 1013 1014 case BT_RFCOMM_DM: 1015 // DM #0 - we shouldn't get this, just give up 1016 log_info("Received DM #0"); 1017 log_info("-> Closing down multiplexer"); 1018 rfcomm_multiplexer_finalize(multiplexer); 1019 l2cap_disconnect(l2cap_cid, 0x13); 1020 return 1; 1021 1022 case BT_RFCOMM_UIH: 1023 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 1024 // Multiplexer close down (CLD) -> close mutliplexer 1025 log_info("Received Multiplexer close down command"); 1026 log_info("-> Closing down multiplexer"); 1027 rfcomm_multiplexer_finalize(multiplexer); 1028 l2cap_disconnect(l2cap_cid, 0x13); 1029 return 1; 1030 } 1031 switch (packet[payload_offset]){ 1032 case BT_RFCOMM_CLD_CMD: 1033 // Multiplexer close down (CLD) -> close mutliplexer 1034 log_info("Received Multiplexer close down command"); 1035 log_info("-> Closing down multiplexer"); 1036 rfcomm_multiplexer_finalize(multiplexer); 1037 l2cap_disconnect(l2cap_cid, 0x13); 1038 return 1; 1039 1040 case BT_RFCOMM_FCON_CMD: 1041 multiplexer->fcon = 0x81; 1042 break; 1043 1044 case BT_RFCOMM_FCOFF_CMD: 1045 multiplexer->fcon = 0x80; 1046 break; 1047 1048 case BT_RFCOMM_TEST_CMD: { 1049 log_info("Received test command"); 1050 int len = packet[payload_offset+1] >> 1; // length < 125 1051 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1052 len = RFCOMM_TEST_DATA_MAX_LEN; 1053 } 1054 multiplexer->test_data_len = len; 1055 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1056 return 1; 1057 } 1058 default: 1059 break; 1060 } 1061 break; 1062 1063 default: 1064 break; 1065 1066 } 1067 return 0; 1068 } 1069 1070 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1071 1072 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1073 1074 // process stored DM responses 1075 if (multiplexer->send_dm_for_dlci){ 1076 uint8_t dlci = multiplexer->send_dm_for_dlci; 1077 multiplexer->send_dm_for_dlci = 0; 1078 rfcomm_send_dm_pf(multiplexer, dlci); 1079 return; 1080 } 1081 1082 if (multiplexer->nsc_command){ 1083 uint8_t command = multiplexer->nsc_command; 1084 multiplexer->nsc_command = 0; 1085 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1086 return; 1087 } 1088 1089 if (multiplexer->fcon & 0x80){ 1090 multiplexer->fcon &= 0x01; 1091 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1092 if (multiplexer->fcon == 0) return; 1093 // trigger client to send again after sending FCon Response 1094 rfcomm_notify_channel_can_send(); 1095 return; 1096 } 1097 1098 switch (multiplexer->state) { 1099 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1100 switch (event) { 1101 case MULT_EV_READY_TO_SEND: 1102 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1103 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1104 rfcomm_send_sabm(multiplexer, 0); 1105 break; 1106 default: 1107 break; 1108 } 1109 break; 1110 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1111 switch (event) { 1112 case MULT_EV_READY_TO_SEND: 1113 log_info("Sending UA #0"); 1114 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1115 rfcomm_send_ua(multiplexer, 0); 1116 rfcomm_multiplexer_opened(multiplexer); 1117 break; 1118 default: 1119 break; 1120 } 1121 break; 1122 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1123 switch (event) { 1124 case MULT_EV_READY_TO_SEND: 1125 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1126 if (!multiplexer->at_least_one_connection){ 1127 log_info("TODO: no connections established - delete link key prophylactically"); 1128 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1129 } 1130 log_info("Sending UA #0"); 1131 log_info("Closing down multiplexer"); 1132 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1133 rfcomm_send_ua(multiplexer, 0); 1134 rfcomm_multiplexer_finalize(multiplexer); 1135 l2cap_disconnect(l2cap_cid, 0x13); 1136 default: 1137 break; 1138 } 1139 break; 1140 case RFCOMM_MULTIPLEXER_OPEN: 1141 switch (event) { 1142 case MULT_EV_READY_TO_SEND: 1143 // respond to test command 1144 if (multiplexer->test_data_len){ 1145 int len = multiplexer->test_data_len; 1146 log_info("Sending TEST Response with %u bytes", len); 1147 multiplexer->test_data_len = 0; 1148 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1149 return; 1150 } 1151 break; 1152 default: 1153 break; 1154 } 1155 break; 1156 default: 1157 break; 1158 } 1159 } 1160 1161 // MARK: RFCOMM CHANNEL 1162 1163 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1164 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1165 channel->credits_incoming += credits; 1166 } 1167 1168 static int rfcomm_channel_can_send(rfcomm_channel_t * channel){ 1169 if (!channel->credits_outgoing) return 0; 1170 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1171 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1172 } 1173 1174 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1175 1176 log_info("rfcomm_channel_opened!"); 1177 1178 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1179 rfcomm_emit_channel_opened(rfChannel, 0); 1180 rfcomm_emit_port_configuration(rfChannel); 1181 1182 // remove (potential) timer 1183 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1184 if (multiplexer->timer_active) { 1185 btstack_run_loop_remove_timer(&multiplexer->timer); 1186 multiplexer->timer_active = 0; 1187 } 1188 // hack for problem detecting authentication failure 1189 multiplexer->at_least_one_connection = 1; 1190 1191 // start next connection request if pending 1192 rfcomm_run(); 1193 } 1194 1195 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1196 const uint8_t frame_dlci = packet[0] >> 2; 1197 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1198 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1199 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1200 1201 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1202 if (!channel) return; 1203 1204 // handle new outgoing credits 1205 if (packet[1] == BT_RFCOMM_UIH_PF) { 1206 1207 // add them 1208 uint16_t new_credits = packet[3+length_offset]; 1209 channel->credits_outgoing += new_credits; 1210 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1211 1212 // notify channel statemachine 1213 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1214 rfcomm_channel_state_machine(channel, &channel_event); 1215 } 1216 1217 // contains payload? 1218 if (size - 1 > payload_offset){ 1219 1220 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1221 1222 // decrease incoming credit counter 1223 if (channel->credits_incoming > 0){ 1224 channel->credits_incoming--; 1225 } 1226 1227 // deliver payload 1228 (channel->packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1229 &packet[payload_offset], size-payload_offset-1); 1230 } 1231 1232 // automatically provide new credits to remote device, if no incoming flow control 1233 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1234 channel->new_credits_incoming =RFCOMM_CREDITS; 1235 } 1236 } 1237 1238 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1239 // priority of client request 1240 channel->pn_priority = event->priority; 1241 1242 // new credits 1243 channel->credits_outgoing = event->credits_outgoing; 1244 1245 // negotiate max frame size 1246 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1247 channel->max_frame_size = channel->multiplexer->max_frame_size; 1248 } 1249 if (channel->max_frame_size > event->max_frame_size) { 1250 channel->max_frame_size = event->max_frame_size; 1251 } 1252 1253 } 1254 1255 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1256 1257 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1258 1259 // remove from list 1260 btstack_linked_list_remove( &rfcomm_channels, (btstack_linked_item_t *) channel); 1261 1262 // free channel 1263 btstack_memory_rfcomm_channel_free(channel); 1264 1265 // update multiplexer timeout after channel was removed from list 1266 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1267 } 1268 1269 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1270 1271 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1272 1273 1274 // lookup existing channel 1275 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1276 1277 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1278 1279 if (channel) { 1280 rfcomm_channel_state_machine(channel, event); 1281 return; 1282 } 1283 1284 // service registered? 1285 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1286 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1287 if (!service) { 1288 // discard request by sending disconnected mode 1289 multiplexer->send_dm_for_dlci = dlci; 1290 return; 1291 } 1292 1293 // create channel for some events 1294 switch (event->type) { 1295 case CH_EVT_RCVD_SABM: 1296 case CH_EVT_RCVD_PN: 1297 case CH_EVT_RCVD_RPN_REQ: 1298 case CH_EVT_RCVD_RPN_CMD: 1299 // setup incoming channel 1300 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1301 if (!channel){ 1302 // discard request by sending disconnected mode 1303 multiplexer->send_dm_for_dlci = dlci; 1304 } 1305 break; 1306 default: 1307 break; 1308 } 1309 1310 if (!channel) { 1311 // discard request by sending disconnected mode 1312 multiplexer->send_dm_for_dlci = dlci; 1313 return; 1314 } 1315 rfcomm_channel_state_machine(channel, event); 1316 } 1317 1318 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1319 1320 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1321 const uint8_t frame_dlci = packet[0] >> 2; 1322 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1323 uint8_t message_len; // " 1324 1325 // rfcomm: (1) command/control 1326 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1327 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1328 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1329 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1330 // rfcomm: (3+length_offset) credits if credits_offset == 1 1331 // rfcomm: (3+length_offest+credits_offset) 1332 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1333 1334 rfcomm_channel_event_t event; 1335 rfcomm_channel_event_pn_t event_pn; 1336 rfcomm_channel_event_rpn_t event_rpn; 1337 rfcomm_channel_event_msc_t event_msc; 1338 1339 // switch by rfcomm message type 1340 switch(packet[1]) { 1341 1342 case BT_RFCOMM_SABM: 1343 event.type = CH_EVT_RCVD_SABM; 1344 log_info("Received SABM #%u", frame_dlci); 1345 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1346 break; 1347 1348 case BT_RFCOMM_UA: 1349 event.type = CH_EVT_RCVD_UA; 1350 log_info("Received UA #%u",frame_dlci); 1351 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1352 break; 1353 1354 case BT_RFCOMM_DISC: 1355 event.type = CH_EVT_RCVD_DISC; 1356 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1357 break; 1358 1359 case BT_RFCOMM_DM: 1360 case BT_RFCOMM_DM_PF: 1361 event.type = CH_EVT_RCVD_DM; 1362 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1363 break; 1364 1365 case BT_RFCOMM_UIH_PF: 1366 case BT_RFCOMM_UIH: 1367 1368 message_len = packet[payload_offset+1] >> 1; 1369 1370 switch (packet[payload_offset]) { 1371 case BT_RFCOMM_PN_CMD: 1372 message_dlci = packet[payload_offset+2]; 1373 event_pn.super.type = CH_EVT_RCVD_PN; 1374 event_pn.priority = packet[payload_offset+4]; 1375 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1376 event_pn.credits_outgoing = packet[payload_offset+9]; 1377 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1378 message_dlci, event_pn.credits_outgoing); 1379 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1380 break; 1381 1382 case BT_RFCOMM_PN_RSP: 1383 message_dlci = packet[payload_offset+2]; 1384 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1385 event_pn.priority = packet[payload_offset+4]; 1386 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1387 event_pn.credits_outgoing = packet[payload_offset+9]; 1388 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1389 event_pn.max_frame_size, event_pn.credits_outgoing); 1390 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1391 break; 1392 1393 case BT_RFCOMM_MSC_CMD: 1394 message_dlci = packet[payload_offset+2] >> 2; 1395 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1396 event_msc.modem_status = packet[payload_offset+3]; 1397 log_info("Received MSC CMD for #%u, ", message_dlci); 1398 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1399 break; 1400 1401 case BT_RFCOMM_MSC_RSP: 1402 message_dlci = packet[payload_offset+2] >> 2; 1403 event.type = CH_EVT_RCVD_MSC_RSP; 1404 log_info("Received MSC RSP for #%u", message_dlci); 1405 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1406 break; 1407 1408 case BT_RFCOMM_RPN_CMD: 1409 message_dlci = packet[payload_offset+2] >> 2; 1410 switch (message_len){ 1411 case 1: 1412 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1413 event.type = CH_EVT_RCVD_RPN_REQ; 1414 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1415 break; 1416 case 8: 1417 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1418 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1419 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1420 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1421 break; 1422 default: 1423 break; 1424 } 1425 break; 1426 1427 case BT_RFCOMM_RPN_RSP: 1428 log_info("Received RPN response"); 1429 break; 1430 1431 case BT_RFCOMM_RLS_CMD: { 1432 log_info("Received RLS command"); 1433 message_dlci = packet[payload_offset+2] >> 2; 1434 rfcomm_channel_event_rls_t event_rls; 1435 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1436 event_rls.line_status = packet[payload_offset+3]; 1437 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1438 break; 1439 } 1440 1441 case BT_RFCOMM_RLS_RSP: 1442 log_info("Received RLS response"); 1443 break; 1444 1445 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1446 // case BT_RFCOMM_TEST_CMD: 1447 // case BT_RFCOMM_FCOFF_CMD: 1448 // case BT_RFCOMM_FCON_CMD: 1449 // everything else is an not supported command 1450 default: { 1451 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1452 multiplexer->nsc_command = packet[payload_offset]; 1453 break; 1454 } 1455 } 1456 break; 1457 1458 default: 1459 log_error("Received unknown RFCOMM message type %x", packet[1]); 1460 break; 1461 } 1462 1463 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1464 rfcomm_run(); 1465 } 1466 1467 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1468 1469 // multiplexer handler 1470 int handled = 0; 1471 switch (packet_type) { 1472 case HCI_EVENT_PACKET: 1473 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1474 break; 1475 case L2CAP_DATA_PACKET: 1476 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1477 break; 1478 default: 1479 break; 1480 } 1481 1482 if (handled) { 1483 rfcomm_run(); 1484 return; 1485 } 1486 1487 // we only handle l2cap packets 1488 if (packet_type != L2CAP_DATA_PACKET) return; 1489 1490 // ... over open multiplexer channel now 1491 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1492 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) return; 1493 1494 // channel data ? 1495 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1496 const uint8_t frame_dlci = packet[0] >> 2; 1497 1498 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1499 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1500 rfcomm_run(); 1501 return; 1502 } 1503 1504 rfcomm_channel_packet_handler(multiplexer, packet, size); 1505 } 1506 1507 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1508 // note: exchanging MSC isn't neccessary to consider channel open 1509 // note: having outgoing credits is also not necessary to consider channel open 1510 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1511 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1512 // if (channel->credits_outgoing == 0) return 0; 1513 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u", 1514 channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing); 1515 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1516 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1517 1518 return 1; 1519 } 1520 1521 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1522 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1523 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1524 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1525 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1526 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1527 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1528 return 1; 1529 } 1530 1531 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1532 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1533 } 1534 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1535 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1536 } 1537 1538 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1539 1540 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1541 1542 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1543 1544 // TODO: integrate in common switch 1545 if (event->type == CH_EVT_RCVD_DISC){ 1546 rfcomm_emit_channel_closed(channel); 1547 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1548 return; 1549 } 1550 1551 // TODO: integrate in common switch 1552 if (event->type == CH_EVT_RCVD_DM){ 1553 log_info("Received DM message for #%u", channel->dlci); 1554 log_info("-> Closing channel locally for #%u", channel->dlci); 1555 rfcomm_emit_channel_closed(channel); 1556 rfcomm_channel_finalize(channel); 1557 return; 1558 } 1559 1560 // remote port negotiation command - just accept everything for now 1561 // 1562 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1563 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1564 // (Although the handling of individual settings are implementation-dependent.)" 1565 // 1566 1567 // TODO: integrate in common switch 1568 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1569 // control port parameters 1570 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1571 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1572 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1573 // notify client about new settings 1574 rfcomm_emit_port_configuration(channel); 1575 return; 1576 } 1577 1578 // TODO: integrate in common switch 1579 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1580 // no values got accepted (no values have beens sent) 1581 channel->rpn_data.parameter_mask_0 = 0x00; 1582 channel->rpn_data.parameter_mask_1 = 0x00; 1583 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1584 return; 1585 } 1586 1587 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1588 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1589 channel->rls_line_status = event_rls->line_status & 0x0f; 1590 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1591 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1592 return; 1593 } 1594 1595 // TODO: integrate in common swich 1596 if (event->type == CH_EVT_READY_TO_SEND){ 1597 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1598 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1599 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1600 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1601 return; 1602 } 1603 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1604 log_info("Sending MSC RSP for #%u", channel->dlci); 1605 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1606 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1607 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1608 return; 1609 } 1610 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1611 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1612 uint8_t line_status = channel->rls_line_status; 1613 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1614 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1615 return; 1616 } 1617 } 1618 1619 // emit MSC status to app 1620 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1621 // notify client about new settings 1622 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1623 uint8_t modem_status_event[2+1]; 1624 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1625 modem_status_event[1] = 1; 1626 modem_status_event[2] = event_msc->modem_status; 1627 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1628 // no return, MSC_CMD will be handled by state machine below 1629 } 1630 1631 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1632 1633 switch (channel->state) { 1634 case RFCOMM_CHANNEL_CLOSED: 1635 switch (event->type){ 1636 case CH_EVT_RCVD_SABM: 1637 log_info("-> Inform app"); 1638 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1639 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1640 rfcomm_emit_connection_request(channel); 1641 break; 1642 case CH_EVT_RCVD_PN: 1643 rfcomm_channel_accept_pn(channel, event_pn); 1644 log_info("-> Inform app"); 1645 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1646 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1647 rfcomm_emit_connection_request(channel); 1648 break; 1649 default: 1650 break; 1651 } 1652 break; 1653 1654 case RFCOMM_CHANNEL_INCOMING_SETUP: 1655 switch (event->type){ 1656 case CH_EVT_RCVD_SABM: 1657 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1658 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1659 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1660 } 1661 break; 1662 case CH_EVT_RCVD_PN: 1663 rfcomm_channel_accept_pn(channel, event_pn); 1664 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1665 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1666 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1667 } 1668 break; 1669 case CH_EVT_READY_TO_SEND: 1670 // if / else if is used to check for state transition after sending 1671 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1672 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1673 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1674 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1675 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1676 log_info("Sending UA #%u", channel->dlci); 1677 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1678 rfcomm_send_ua(multiplexer, channel->dlci); 1679 } 1680 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1681 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1682 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1683 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1684 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1685 } 1686 break; 1687 default: 1688 break; 1689 } 1690 break; 1691 1692 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1693 switch (event->type) { 1694 case CH_EVT_MULTIPLEXER_READY: 1695 log_info("Muliplexer opened, sending UIH PN next"); 1696 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1697 break; 1698 default: 1699 break; 1700 } 1701 break; 1702 1703 case RFCOMM_CHANNEL_SEND_UIH_PN: 1704 switch (event->type) { 1705 case CH_EVT_READY_TO_SEND: 1706 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1707 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1708 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1709 break; 1710 default: 1711 break; 1712 } 1713 break; 1714 1715 case RFCOMM_CHANNEL_W4_PN_RSP: 1716 switch (event->type){ 1717 case CH_EVT_RCVD_PN_RSP: 1718 // update max frame size 1719 if (channel->max_frame_size > event_pn->max_frame_size) { 1720 channel->max_frame_size = event_pn->max_frame_size; 1721 } 1722 // new credits 1723 channel->credits_outgoing = event_pn->credits_outgoing; 1724 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1725 break; 1726 default: 1727 break; 1728 } 1729 break; 1730 1731 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1732 switch (event->type) { 1733 case CH_EVT_READY_TO_SEND: 1734 log_info("Sending SABM #%u", channel->dlci); 1735 channel->state = RFCOMM_CHANNEL_W4_UA; 1736 rfcomm_send_sabm(multiplexer, channel->dlci); 1737 break; 1738 default: 1739 break; 1740 } 1741 break; 1742 1743 case RFCOMM_CHANNEL_W4_UA: 1744 switch (event->type){ 1745 case CH_EVT_RCVD_UA: 1746 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1747 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1748 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1749 break; 1750 default: 1751 break; 1752 } 1753 break; 1754 1755 case RFCOMM_CHANNEL_DLC_SETUP: 1756 switch (event->type){ 1757 case CH_EVT_RCVD_MSC_CMD: 1758 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1759 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1760 break; 1761 case CH_EVT_RCVD_MSC_RSP: 1762 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1763 break; 1764 1765 case CH_EVT_READY_TO_SEND: 1766 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1767 log_info("Sending MSC CMD for #%u", channel->dlci); 1768 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1769 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1770 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1771 break; 1772 } 1773 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1774 log_info("Providing credits for #%u", channel->dlci); 1775 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1776 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1777 1778 if (channel->new_credits_incoming) { 1779 uint8_t new_credits = channel->new_credits_incoming; 1780 channel->new_credits_incoming = 0; 1781 rfcomm_channel_send_credits(channel, new_credits); 1782 } 1783 break; 1784 1785 } 1786 break; 1787 default: 1788 break; 1789 } 1790 // finally done? 1791 if (rfcomm_channel_ready_for_open(channel)){ 1792 channel->state = RFCOMM_CHANNEL_OPEN; 1793 rfcomm_channel_opened(channel); 1794 } 1795 break; 1796 1797 case RFCOMM_CHANNEL_OPEN: 1798 switch (event->type){ 1799 case CH_EVT_RCVD_MSC_CMD: 1800 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1801 break; 1802 case CH_EVT_READY_TO_SEND: 1803 if (channel->new_credits_incoming) { 1804 uint8_t new_credits = channel->new_credits_incoming; 1805 channel->new_credits_incoming = 0; 1806 rfcomm_channel_send_credits(channel, new_credits); 1807 break; 1808 } 1809 break; 1810 case CH_EVT_RCVD_CREDITS: 1811 rfcomm_notify_channel_can_send(); 1812 break; 1813 default: 1814 break; 1815 } 1816 break; 1817 1818 case RFCOMM_CHANNEL_SEND_DM: 1819 switch (event->type) { 1820 case CH_EVT_READY_TO_SEND: 1821 log_info("Sending DM_PF for #%u", channel->dlci); 1822 // don't emit channel closed - channel was never open 1823 channel->state = RFCOMM_CHANNEL_CLOSED; 1824 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1825 rfcomm_channel_finalize(channel); 1826 break; 1827 default: 1828 break; 1829 } 1830 break; 1831 1832 case RFCOMM_CHANNEL_SEND_DISC: 1833 switch (event->type) { 1834 case CH_EVT_READY_TO_SEND: 1835 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1836 rfcomm_send_disc(multiplexer, channel->dlci); 1837 break; 1838 default: 1839 break; 1840 } 1841 break; 1842 1843 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1844 switch (event->type){ 1845 case CH_EVT_RCVD_UA: 1846 channel->state = RFCOMM_CHANNEL_CLOSED; 1847 rfcomm_emit_channel_closed(channel); 1848 rfcomm_channel_finalize(channel); 1849 break; 1850 default: 1851 break; 1852 } 1853 break; 1854 1855 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1856 switch (event->type) { 1857 case CH_EVT_READY_TO_SEND: 1858 log_info("Sending UA after DISC for #%u", channel->dlci); 1859 channel->state = RFCOMM_CHANNEL_CLOSED; 1860 rfcomm_send_ua(multiplexer, channel->dlci); 1861 rfcomm_channel_finalize(channel); 1862 break; 1863 default: 1864 break; 1865 } 1866 break; 1867 1868 default: 1869 break; 1870 } 1871 } 1872 1873 1874 // MARK: RFCOMM RUN 1875 // process outstanding signaling tasks 1876 static void rfcomm_run(void){ 1877 1878 btstack_linked_item_t *it; 1879 btstack_linked_item_t *next; 1880 1881 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1882 1883 next = it->next; // be prepared for removal of channel in state machine 1884 1885 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1886 1887 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1888 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1889 continue; 1890 } 1891 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1892 1893 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1894 } 1895 1896 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = next){ 1897 1898 next = it->next; // be prepared for removal of channel in state machine 1899 1900 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1901 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1902 1903 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1904 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1905 continue; 1906 } 1907 1908 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1909 rfcomm_channel_state_machine(channel, &event); 1910 } 1911 } 1912 1913 // MARK: RFCOMM BTstack API 1914 1915 void rfcomm_init(void){ 1916 rfcomm_client_cid_generator = 0; 1917 rfcomm_multiplexers = NULL; 1918 rfcomm_services = NULL; 1919 rfcomm_channels = NULL; 1920 rfcomm_security_level = LEVEL_2; 1921 } 1922 1923 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1924 rfcomm_security_level = security_level; 1925 } 1926 1927 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1928 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1929 if (!channel){ 1930 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1931 return 0; 1932 } 1933 int res = rfcomm_channel_can_send(channel); 1934 if (!res){ 1935 channel->waiting_for_can_send_now = 1; 1936 } 1937 return res; 1938 } 1939 1940 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1941 if (len > channel->max_frame_size){ 1942 log_error("rfcomm_send cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1943 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1944 } 1945 1946 if (!channel->credits_outgoing){ 1947 log_info("rfcomm_send cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1948 return RFCOMM_NO_OUTGOING_CREDITS; 1949 } 1950 1951 if ((channel->multiplexer->fcon & 1) == 0){ 1952 log_info("rfcomm_send cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 1953 return RFCOMM_AGGREGATE_FLOW_OFF; 1954 } 1955 return 0; 1956 } 1957 1958 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 1959 int rfcomm_reserve_packet_buffer(void){ 1960 return l2cap_reserve_packet_buffer(); 1961 } 1962 1963 void rfcomm_release_packet_buffer(void){ 1964 l2cap_release_packet_buffer(); 1965 } 1966 1967 uint8_t * rfcomm_get_outgoing_buffer(void){ 1968 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 1969 // address + control + length (16) + no credit field 1970 return &rfcomm_out_buffer[4]; 1971 } 1972 1973 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 1974 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1975 if (!channel){ 1976 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 1977 return 0; 1978 } 1979 return channel->max_frame_size; 1980 } 1981 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 1982 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1983 if (!channel){ 1984 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 1985 return 0; 1986 } 1987 1988 int err = rfcomm_assert_send_valid(channel, len); 1989 if (err) return err; 1990 if (!l2cap_can_send_prepared_packet_now(channel->multiplexer->l2cap_cid)){ 1991 log_error("rfcomm_send_prepared: l2cap cannot send now"); 1992 return BTSTACK_ACL_BUFFERS_FULL; 1993 } 1994 1995 // send might cause l2cap to emit new credits, update counters first 1996 channel->credits_outgoing--; 1997 1998 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 1999 2000 if (result != 0) { 2001 channel->credits_outgoing++; 2002 log_error("rfcomm_send_prepared: error %d", result); 2003 return result; 2004 } 2005 2006 return result; 2007 } 2008 2009 int rfcomm_send(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 2010 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2011 if (!channel){ 2012 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 2013 return 1; 2014 } 2015 2016 int err = rfcomm_assert_send_valid(channel, len); 2017 if (err) return err; 2018 if (!l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid)){ 2019 log_error("rfcomm_send_internal: l2cap cannot send now"); 2020 return BTSTACK_ACL_BUFFERS_FULL; 2021 } 2022 2023 rfcomm_reserve_packet_buffer(); 2024 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 2025 memcpy(rfcomm_payload, data, len); 2026 err = rfcomm_send_prepared(rfcomm_cid, len); 2027 if (err){ 2028 rfcomm_release_packet_buffer(); 2029 } 2030 return err; 2031 } 2032 2033 // Sends Local Lnie Status, see LINE_STATUS_.. 2034 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 2035 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2036 if (!channel){ 2037 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 2038 return 0; 2039 } 2040 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 2041 } 2042 2043 // Sned local modem status. see MODEM_STAUS_.. 2044 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 2045 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2046 if (!channel){ 2047 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2048 return 0; 2049 } 2050 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2051 } 2052 2053 // Configure remote port 2054 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2055 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2056 if (!channel){ 2057 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2058 return 0; 2059 } 2060 rfcomm_rpn_data_t rpn_data; 2061 rpn_data.baud_rate = baud_rate; 2062 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2063 rpn_data.flow_control = flow_control; 2064 rpn_data.xon = 0; 2065 rpn_data.xoff = 0; 2066 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2067 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2068 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2069 } 2070 2071 // Query remote port 2072 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2073 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2074 if (!channel){ 2075 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2076 return 0; 2077 } 2078 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2079 } 2080 2081 2082 static uint8_t rfcomm_channel_create_internal(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2083 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2084 2085 // create new multiplexer if necessary 2086 uint8_t status = 0; 2087 int new_multiplexer = 0; 2088 rfcomm_channel_t * channel = NULL; 2089 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2090 if (!multiplexer) { 2091 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2092 if (!multiplexer){ 2093 status = BTSTACK_MEMORY_ALLOC_FAILED; 2094 goto fail; 2095 } 2096 multiplexer->outgoing = 1; 2097 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2098 new_multiplexer = 1; 2099 } 2100 2101 // prepare channel 2102 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2103 if (!channel){ 2104 status = BTSTACK_MEMORY_ALLOC_FAILED; 2105 goto fail; 2106 } 2107 2108 // rfcomm_cid is already assigned by rfcomm_channel_create 2109 channel->incoming_flow_control = incoming_flow_control; 2110 channel->new_credits_incoming = initial_credits; 2111 channel->packet_handler = packet_handler; 2112 2113 // return rfcomm_cid 2114 if (out_rfcomm_cid){ 2115 *out_rfcomm_cid = channel->rfcomm_cid; 2116 } 2117 2118 // start multiplexer setup 2119 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2120 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2121 uint16_t l2cap_cid = 0; 2122 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2123 if (status) goto fail; 2124 multiplexer->l2cap_cid = l2cap_cid; 2125 return 0; 2126 } 2127 2128 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2129 2130 // start connecting, if multiplexer is already up and running 2131 rfcomm_run(); 2132 return 0; 2133 2134 fail: 2135 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2136 if (channel) btstack_memory_rfcomm_channel_free(channel); 2137 return status; 2138 } 2139 2140 uint8_t rfcomm_create_channel_with_initial_credits(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2141 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2142 } 2143 2144 uint8_t rfcomm_create_channel(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2145 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2146 } 2147 2148 void rfcomm_disconnect(uint16_t rfcomm_cid){ 2149 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2150 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2151 if (channel) { 2152 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2153 } 2154 2155 // process 2156 rfcomm_run(); 2157 } 2158 2159 static uint8_t rfcomm_register_service_internal(btstack_packet_handler_t packet_handler, 2160 uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2161 2162 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2163 channel, max_frame_size, incoming_flow_control, initial_credits); 2164 2165 // check if already registered 2166 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2167 if (service){ 2168 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2169 } 2170 2171 // alloc structure 2172 service = btstack_memory_rfcomm_service_get(); 2173 if (!service) { 2174 return BTSTACK_MEMORY_ALLOC_FAILED; 2175 } 2176 2177 // register with l2cap if not registered before, max MTU 2178 if (btstack_linked_list_empty(&rfcomm_services)){ 2179 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2180 } 2181 2182 // fill in 2183 service->packet_handler = packet_handler; 2184 service->server_channel = channel; 2185 service->max_frame_size = max_frame_size; 2186 service->incoming_flow_control = incoming_flow_control; 2187 service->incoming_initial_credits = initial_credits; 2188 2189 // add to services list 2190 btstack_linked_list_add(&rfcomm_services, (btstack_linked_item_t *) service); 2191 2192 return 0; 2193 } 2194 2195 uint8_t rfcomm_register_service_with_initial_credits(btstack_packet_handler_t packet_handler, 2196 uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2197 2198 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 1, initial_credits); 2199 } 2200 2201 uint8_t rfcomm_register_service(btstack_packet_handler_t packet_handler, uint8_t channel, 2202 uint16_t max_frame_size){ 2203 2204 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 0,RFCOMM_CREDITS); 2205 } 2206 2207 void rfcomm_unregister_service(uint8_t service_channel){ 2208 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2209 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2210 if (!service) return; 2211 btstack_linked_list_remove(&rfcomm_services, (btstack_linked_item_t *) service); 2212 btstack_memory_rfcomm_service_free(service); 2213 2214 // unregister if no services active 2215 if (btstack_linked_list_empty(&rfcomm_services)){ 2216 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2217 l2cap_unregister_service(PSM_RFCOMM); 2218 } 2219 } 2220 2221 void rfcomm_accept_connection(uint16_t rfcomm_cid){ 2222 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2223 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2224 if (!channel) return; 2225 switch (channel->state) { 2226 case RFCOMM_CHANNEL_INCOMING_SETUP: 2227 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2228 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2229 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2230 } 2231 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2232 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2233 } 2234 // at least one of { PN RSP, UA } needs to be sent 2235 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2236 break; 2237 default: 2238 break; 2239 } 2240 2241 // process 2242 rfcomm_run(); 2243 } 2244 2245 void rfcomm_decline_connection(uint16_t rfcomm_cid){ 2246 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2247 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2248 if (!channel) return; 2249 switch (channel->state) { 2250 case RFCOMM_CHANNEL_INCOMING_SETUP: 2251 channel->state = RFCOMM_CHANNEL_SEND_DM; 2252 break; 2253 default: 2254 break; 2255 } 2256 2257 // process 2258 rfcomm_run(); 2259 } 2260 2261 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2262 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2263 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2264 if (!channel) return; 2265 if (!channel->incoming_flow_control) return; 2266 channel->new_credits_incoming += credits; 2267 2268 // process 2269 rfcomm_run(); 2270 } 2271 2272 2273 /* 2274 * CRC (reversed crc) lookup table as calculated by the table generator in ETSI TS 101 369 V6.3.0. 2275 */ 2276 static const uint8_t crc8table[256] = { /* reversed, 8-bit, poly=0x07 */ 2277 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 2278 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 2279 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 2280 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 2281 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 2282 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 2283 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 2284 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 2285 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 2286 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 2287 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 2288 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 2289 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 2290 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 2291 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 2292 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 2293 }; 2294 2295 #define CRC8_INIT 0xFF // Initial FCS value 2296 #define CRC8_OK 0xCF // Good final FCS value 2297 /*-----------------------------------------------------------------------------------*/ 2298 static uint8_t crc8(uint8_t *data, uint16_t len) 2299 { 2300 uint16_t count; 2301 uint8_t crc = CRC8_INIT; 2302 for (count = 0; count < len; count++) 2303 crc = crc8table[crc ^ data[count]]; 2304 return crc; 2305 } 2306 2307 /*-----------------------------------------------------------------------------------*/ 2308 uint8_t crc8_check(uint8_t *data, uint16_t len, uint8_t check_sum) 2309 { 2310 uint8_t crc; 2311 2312 crc = crc8(data, len); 2313 2314 crc = crc8table[crc ^ check_sum]; 2315 if (crc == CRC8_OK) 2316 return 0; /* Valid */ 2317 else 2318 return 1; /* Failed */ 2319 2320 } 2321 2322 /*-----------------------------------------------------------------------------------*/ 2323 uint8_t crc8_calc(uint8_t *data, uint16_t len) 2324 { 2325 /* Ones complement */ 2326 return 0xFF - crc8(data, len); 2327 } 2328 2329 2330 2331 2332