1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 /* 39 * rfcomm.c 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> // memcpy 45 #include <stdint.h> 46 47 #include "btstack_debug.h" 48 #include "btstack_event.h" 49 #include "btstack_memory.h" 50 #include "btstack_util.h" 51 #include "classic/core.h" 52 #include "classic/rfcomm.h" 53 #include "hci.h" 54 #include "hci_cmd.h" 55 #include "hci_dump.h" 56 #include "l2cap.h" 57 58 // workaround for missing PRIxPTR on mspgcc (16/20-bit MCU) 59 #ifndef PRIxPTR 60 #if defined(__MSP430X__) && defined(__MSP430X_LARGE__) 61 #define PRIxPTR "lx" 62 #else 63 #define PRIxPTR "x" 64 #endif 65 #endif 66 67 #define RFCOMM_MULIPLEXER_TIMEOUT_MS 60000 68 69 #define RFCOMM_CREDITS 10 70 71 // FCS calc 72 #define BT_RFCOMM_CODE_WORD 0xE0 // pol = x8+x2+x1+1 73 #define BT_RFCOMM_CRC_CHECK_LEN 3 74 #define BT_RFCOMM_UIHCRC_CHECK_LEN 2 75 76 77 typedef enum { 78 CH_EVT_RCVD_SABM = 1, 79 CH_EVT_RCVD_UA, 80 CH_EVT_RCVD_PN, 81 CH_EVT_RCVD_PN_RSP, 82 CH_EVT_RCVD_DISC, 83 CH_EVT_RCVD_DM, 84 CH_EVT_RCVD_MSC_CMD, 85 CH_EVT_RCVD_MSC_RSP, 86 CH_EVT_RCVD_NSC_RSP, 87 CH_EVT_RCVD_RLS_CMD, 88 CH_EVT_RCVD_RLS_RSP, 89 CH_EVT_RCVD_RPN_CMD, 90 CH_EVT_RCVD_RPN_REQ, 91 CH_EVT_RCVD_CREDITS, 92 CH_EVT_MULTIPLEXER_READY, 93 CH_EVT_READY_TO_SEND, 94 } RFCOMM_CHANNEL_EVENT; 95 96 typedef struct rfcomm_channel_event { 97 RFCOMM_CHANNEL_EVENT type; 98 uint16_t dummy; // force rfcomm_channel_event to be 2-byte aligned -> avoid -Wcast-align warning 99 } rfcomm_channel_event_t; 100 101 typedef struct rfcomm_channel_event_pn { 102 rfcomm_channel_event_t super; 103 uint16_t max_frame_size; 104 uint8_t priority; 105 uint8_t credits_outgoing; 106 } rfcomm_channel_event_pn_t; 107 108 typedef struct rfcomm_channel_event_rpn { 109 rfcomm_channel_event_t super; 110 rfcomm_rpn_data_t data; 111 } rfcomm_channel_event_rpn_t; 112 113 typedef struct rfcomm_channel_event_rls { 114 rfcomm_channel_event_t super; 115 uint8_t line_status; 116 } rfcomm_channel_event_rls_t; 117 118 typedef struct rfcomm_channel_event_msc { 119 rfcomm_channel_event_t super; 120 uint8_t modem_status; 121 } rfcomm_channel_event_msc_t; 122 123 124 // global rfcomm data 125 static uint16_t rfcomm_client_cid_generator; // used for client channel IDs 126 127 // linked lists for all 128 static btstack_linked_list_t rfcomm_multiplexers = NULL; 129 static btstack_linked_list_t rfcomm_channels = NULL; 130 static btstack_linked_list_t rfcomm_services = NULL; 131 132 static gap_security_level_t rfcomm_security_level; 133 134 static int rfcomm_channel_can_send(rfcomm_channel_t * channel); 135 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel); 136 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event); 137 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event); 138 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel); 139 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event); 140 static void rfcomm_run(void); 141 142 // MARK: RFCOMM CLIENT EVENTS 143 144 // data: event (8), len(8), address(48), channel (8), rfcomm_cid (16) 145 static void rfcomm_emit_connection_request(rfcomm_channel_t *channel) { 146 log_info("RFCOMM_EVENT_INCOMING_CONNECTION addr %s channel #%u cid 0x%02x", 147 bd_addr_to_str(channel->multiplexer->remote_addr), channel->dlci>>1, channel->rfcomm_cid); 148 uint8_t event[11]; 149 event[0] = RFCOMM_EVENT_INCOMING_CONNECTION; 150 event[1] = sizeof(event) - 2; 151 reverse_bd_addr(channel->multiplexer->remote_addr, &event[2]); 152 event[8] = channel->dlci >> 1; 153 little_endian_store_16(event, 9, channel->rfcomm_cid); 154 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 155 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 156 } 157 158 // API Change: BTstack-0.3.50x uses 159 // data: event(8), len(8), status (8), address (48), server channel(8), rfcomm_cid(16), max frame size(16) 160 // next Cydia release will use SVN version of this 161 // data: event(8), len(8), status (8), address (48), handle (16), server channel(8), rfcomm_cid(16), max frame size(16) 162 static void rfcomm_emit_channel_opened(rfcomm_channel_t *channel, uint8_t status) { 163 log_info("RFCOMM_EVENT_CHANNEL_OPENED status 0x%x addr %s handle 0x%x channel #%u cid 0x%02x mtu %u", 164 status, bd_addr_to_str(channel->multiplexer->remote_addr), channel->multiplexer->con_handle, 165 channel->dlci>>1, channel->rfcomm_cid, channel->max_frame_size); 166 uint8_t event[16]; 167 uint8_t pos = 0; 168 event[pos++] = RFCOMM_EVENT_CHANNEL_OPENED; // 0 169 event[pos++] = sizeof(event) - 2; // 1 170 event[pos++] = status; // 2 171 reverse_bd_addr(channel->multiplexer->remote_addr, &event[pos]); pos += 6; // 3 172 little_endian_store_16(event, pos, channel->multiplexer->con_handle); pos += 2; // 9 173 event[pos++] = channel->dlci >> 1; // 11 174 little_endian_store_16(event, pos, channel->rfcomm_cid); pos += 2; // 12 - channel ID 175 little_endian_store_16(event, pos, channel->max_frame_size); pos += 2; // max frame size 176 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 177 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, pos); 178 179 // if channel opened successfully, also send can send now if possible 180 if (status) return; 181 if (rfcomm_channel_can_send(channel)){ 182 rfcomm_emit_can_send_now(channel); 183 } 184 } 185 186 // data: event(8), len(8), rfcomm_cid(16) 187 static void rfcomm_emit_channel_closed(rfcomm_channel_t * channel) { 188 log_info("RFCOMM_EVENT_CHANNEL_CLOSED cid 0x%02x", channel->rfcomm_cid); 189 uint8_t event[4]; 190 event[0] = RFCOMM_EVENT_CHANNEL_CLOSED; 191 event[1] = sizeof(event) - 2; 192 little_endian_store_16(event, 2, channel->rfcomm_cid); 193 hci_dump_packet(HCI_EVENT_PACKET, 0, event, sizeof(event)); 194 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 195 } 196 197 static void rfcomm_emit_remote_line_status(rfcomm_channel_t *channel, uint8_t line_status){ 198 log_info("RFCOMM_EVENT_REMOTE_LINE_STATUS cid 0x%02x c, line status 0x%x", channel->rfcomm_cid, line_status); 199 uint8_t event[5]; 200 event[0] = RFCOMM_EVENT_REMOTE_LINE_STATUS; 201 event[1] = sizeof(event) - 2; 202 little_endian_store_16(event, 2, channel->rfcomm_cid); 203 event[4] = line_status; 204 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 205 (channel->packet_handler)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 206 } 207 208 static void rfcomm_emit_port_configuration(rfcomm_channel_t *channel){ 209 // notify client about new settings 210 uint8_t event[2+sizeof(rfcomm_rpn_data_t)]; 211 event[0] = RFCOMM_EVENT_PORT_CONFIGURATION; 212 event[1] = sizeof(rfcomm_rpn_data_t); 213 memcpy(&event[2], (uint8_t*) &channel->rpn_data, sizeof(rfcomm_rpn_data_t)); 214 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 215 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 216 } 217 218 static void rfcomm_emit_can_send_now(rfcomm_channel_t *channel) { 219 log_info("RFCOMM_EVENT_CHANNEL_CAN_SEND_NOW local_cid 0x%x", channel->rfcomm_cid); 220 uint8_t event[4]; 221 event[0] = RFCOMM_EVENT_CAN_SEND_NOW; 222 event[1] = sizeof(event) - 2; 223 little_endian_store_16(event, 2, channel->rfcomm_cid); 224 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 225 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, event, sizeof(event)); 226 } 227 228 // MARK RFCOMM RPN DATA HELPER 229 static void rfcomm_rpn_data_set_defaults(rfcomm_rpn_data_t * rpn_data){ 230 rpn_data->baud_rate = RPN_BAUD_9600; /* 9600 bps */ 231 rpn_data->flags = 0x03; /* 8-n-1 */ 232 rpn_data->flow_control = 0; /* no flow control */ 233 rpn_data->xon = 0xd1; /* XON */ 234 rpn_data->xoff = 0xd3; /* XOFF */ 235 rpn_data->parameter_mask_0 = 0x7f; /* parameter mask, all values set */ 236 rpn_data->parameter_mask_1 = 0x3f; /* parameter mask, all values set */ 237 } 238 239 static void rfcomm_rpn_data_update(rfcomm_rpn_data_t * dest, rfcomm_rpn_data_t * src){ 240 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_BAUD){ 241 dest->baud_rate = src->baud_rate; 242 } 243 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_DATA_BITS){ 244 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x03); 245 } 246 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_STOP_BITS){ 247 dest->flags = (dest->flags & 0xfb) | (src->flags & 0x04); 248 } 249 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY){ 250 dest->flags = (dest->flags & 0xf7) | (src->flags & 0x08); 251 } 252 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_PARITY_TYPE){ 253 dest->flags = (dest->flags & 0xfc) | (src->flags & 0x30); 254 } 255 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XON_CHAR){ 256 dest->xon = src->xon; 257 } 258 if (src->parameter_mask_0 & RPN_PARAM_MASK_0_XOFF_CHAR){ 259 dest->xoff = src->xoff; 260 } 261 int i; 262 for (i=0; i < 6 ; i++){ 263 uint8_t mask = 1 << i; 264 if (src->parameter_mask_1 & mask){ 265 dest->flags = (dest->flags & ~mask) | (src->flags & mask); 266 } 267 } 268 // always copy parameter mask, too. informative for client, needed for response 269 dest->parameter_mask_0 = src->parameter_mask_0; 270 dest->parameter_mask_1 = src->parameter_mask_1; 271 } 272 // MARK: RFCOMM MULTIPLEXER HELPER 273 274 static uint16_t rfcomm_max_frame_size_for_l2cap_mtu(uint16_t l2cap_mtu){ 275 // Assume RFCOMM header without credits and 2 byte (14 bit) length field 276 uint16_t max_frame_size = l2cap_mtu - 5; 277 log_info("rfcomm_max_frame_size_for_l2cap_mtu: %u -> %u", l2cap_mtu, max_frame_size); 278 return max_frame_size; 279 } 280 281 static void rfcomm_multiplexer_initialize(rfcomm_multiplexer_t *multiplexer){ 282 283 memset(multiplexer, 0, sizeof(rfcomm_multiplexer_t)); 284 285 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 286 multiplexer->fcon = 1; 287 multiplexer->send_dm_for_dlci = 0; 288 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(l2cap_max_mtu()); 289 multiplexer->test_data_len = 0; 290 multiplexer->nsc_command = 0; 291 } 292 293 static rfcomm_multiplexer_t * rfcomm_multiplexer_create_for_addr(bd_addr_t addr){ 294 295 // alloc structure 296 rfcomm_multiplexer_t * multiplexer = btstack_memory_rfcomm_multiplexer_get(); 297 if (!multiplexer) return NULL; 298 299 // fill in 300 rfcomm_multiplexer_initialize(multiplexer); 301 bd_addr_copy(multiplexer->remote_addr, addr); 302 303 // add to services list 304 btstack_linked_list_add(&rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 305 306 return multiplexer; 307 } 308 309 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_addr(bd_addr_t addr){ 310 btstack_linked_item_t *it; 311 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 312 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 313 if (bd_addr_cmp(addr, multiplexer->remote_addr) == 0) { 314 return multiplexer; 315 }; 316 } 317 return NULL; 318 } 319 320 static rfcomm_multiplexer_t * rfcomm_multiplexer_for_l2cap_cid(uint16_t l2cap_cid) { 321 btstack_linked_item_t *it; 322 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = it->next){ 323 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 324 if (multiplexer->l2cap_cid == l2cap_cid) { 325 return multiplexer; 326 }; 327 } 328 return NULL; 329 } 330 331 static int rfcomm_multiplexer_has_channels(rfcomm_multiplexer_t * multiplexer){ 332 btstack_linked_item_t *it; 333 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 334 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 335 if (channel->multiplexer == multiplexer) { 336 return 1; 337 } 338 } 339 return 0; 340 } 341 342 // MARK: RFCOMM CHANNEL HELPER 343 344 static void rfcomm_dump_channels(void){ 345 btstack_linked_item_t * it; 346 int channels = 0; 347 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 348 rfcomm_channel_t * channel = (rfcomm_channel_t *) it; 349 log_info("Channel #%u: addr %p, state %u", channels, channel, channel->state); 350 channels++; 351 } 352 } 353 354 static void rfcomm_channel_initialize(rfcomm_channel_t *channel, rfcomm_multiplexer_t *multiplexer, 355 rfcomm_service_t *service, uint8_t server_channel){ 356 357 // don't use 0 as channel id 358 if (rfcomm_client_cid_generator == 0) ++rfcomm_client_cid_generator; 359 360 // setup channel 361 memset(channel, 0, sizeof(rfcomm_channel_t)); 362 363 // set defaults for port configuration (even for services) 364 rfcomm_rpn_data_set_defaults(&channel->rpn_data); 365 366 channel->state = RFCOMM_CHANNEL_CLOSED; 367 channel->state_var = RFCOMM_CHANNEL_STATE_VAR_NONE; 368 369 channel->multiplexer = multiplexer; 370 channel->rfcomm_cid = rfcomm_client_cid_generator++; 371 channel->max_frame_size = multiplexer->max_frame_size; 372 373 channel->credits_incoming = 0; 374 channel->credits_outgoing = 0; 375 376 // incoming flow control not active 377 channel->new_credits_incoming = RFCOMM_CREDITS; 378 channel->incoming_flow_control = 0; 379 380 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 381 382 channel->service = service; 383 if (service) { 384 // incoming connection 385 channel->dlci = (server_channel << 1) | multiplexer->outgoing; 386 if (channel->max_frame_size > service->max_frame_size) { 387 channel->max_frame_size = service->max_frame_size; 388 } 389 channel->incoming_flow_control = service->incoming_flow_control; 390 channel->new_credits_incoming = service->incoming_initial_credits; 391 channel->packet_handler = service->packet_handler; 392 } else { 393 // outgoing connection 394 channel->dlci = (server_channel << 1) | (multiplexer->outgoing ^ 1); 395 } 396 } 397 398 // service == NULL -> outgoing channel 399 static rfcomm_channel_t * rfcomm_channel_create(rfcomm_multiplexer_t * multiplexer, 400 rfcomm_service_t * service, uint8_t server_channel){ 401 402 log_info("rfcomm_channel_create for service %p, channel %u --- list of channels:", service, server_channel); 403 rfcomm_dump_channels(); 404 405 // alloc structure 406 rfcomm_channel_t * channel = btstack_memory_rfcomm_channel_get(); 407 if (!channel) return NULL; 408 409 // fill in 410 rfcomm_channel_initialize(channel, multiplexer, service, server_channel); 411 412 // add to services list 413 btstack_linked_list_add(&rfcomm_channels, (btstack_linked_item_t *) channel); 414 415 return channel; 416 } 417 418 static void rfcomm_notify_channel_can_send(void){ 419 btstack_linked_list_iterator_t it; 420 btstack_linked_list_iterator_init(&it, &rfcomm_channels); 421 while (btstack_linked_list_iterator_has_next(&it)){ 422 rfcomm_channel_t * channel = (rfcomm_channel_t *) btstack_linked_list_iterator_next(&it); 423 if (!channel->waiting_for_can_send_now) continue; // didn't try to send yet 424 if (!rfcomm_channel_can_send(channel)) continue; // or cannot yet either 425 426 channel->waiting_for_can_send_now = 0; 427 rfcomm_emit_can_send_now(channel); 428 } 429 } 430 431 static rfcomm_channel_t * rfcomm_channel_for_rfcomm_cid(uint16_t rfcomm_cid){ 432 btstack_linked_item_t *it; 433 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 434 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 435 if (channel->rfcomm_cid == rfcomm_cid) { 436 return channel; 437 }; 438 } 439 return NULL; 440 } 441 442 static rfcomm_channel_t * rfcomm_channel_for_multiplexer_and_dlci(rfcomm_multiplexer_t * multiplexer, uint8_t dlci){ 443 btstack_linked_item_t *it; 444 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 445 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 446 if (channel->dlci == dlci && channel->multiplexer == multiplexer) { 447 return channel; 448 }; 449 } 450 return NULL; 451 } 452 453 static rfcomm_service_t * rfcomm_service_for_channel(uint8_t server_channel){ 454 btstack_linked_item_t *it; 455 for (it = (btstack_linked_item_t *) rfcomm_services; it ; it = it->next){ 456 rfcomm_service_t * service = ((rfcomm_service_t *) it); 457 if ( service->server_channel == server_channel){ 458 return service; 459 }; 460 } 461 return NULL; 462 } 463 464 // MARK: RFCOMM SEND 465 466 /** 467 * @param credits - only used for RFCOMM flow control in UIH wiht P/F = 1 468 */ 469 static int rfcomm_send_packet_for_multiplexer(rfcomm_multiplexer_t *multiplexer, uint8_t address, uint8_t control, uint8_t credits, uint8_t *data, uint16_t len){ 470 471 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) return BTSTACK_ACL_BUFFERS_FULL; 472 473 l2cap_reserve_packet_buffer(); 474 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 475 476 uint16_t pos = 0; 477 uint8_t crc_fields = 3; 478 479 rfcomm_out_buffer[pos++] = address; 480 rfcomm_out_buffer[pos++] = control; 481 482 // length field can be 1 or 2 octets 483 if (len < 128){ 484 rfcomm_out_buffer[pos++] = (len << 1)| 1; // bits 0-6 485 } else { 486 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 487 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 488 crc_fields++; 489 } 490 491 // add credits for UIH frames when PF bit is set 492 if (control == BT_RFCOMM_UIH_PF){ 493 rfcomm_out_buffer[pos++] = credits; 494 } 495 496 // copy actual data 497 if (len) { 498 memcpy(&rfcomm_out_buffer[pos], data, len); 499 pos += len; 500 } 501 502 // UIH frames only calc FCS over address + control (5.1.1) 503 if ((control & 0xef) == BT_RFCOMM_UIH){ 504 crc_fields = 2; 505 } 506 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, crc_fields); // calc fcs 507 508 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 509 510 return err; 511 } 512 513 // simplified version of rfcomm_send_packet_for_multiplexer for prepared rfcomm packet (UIH, 2 byte len, no credits) 514 static int rfcomm_send_uih_prepared(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t len){ 515 516 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 517 uint8_t control = BT_RFCOMM_UIH; 518 519 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 520 521 uint16_t pos = 0; 522 rfcomm_out_buffer[pos++] = address; 523 rfcomm_out_buffer[pos++] = control; 524 rfcomm_out_buffer[pos++] = (len & 0x7f) << 1; // bits 0-6 525 rfcomm_out_buffer[pos++] = len >> 7; // bits 7-14 526 527 // actual data is already in place 528 pos += len; 529 530 // UIH frames only calc FCS over address + control (5.1.1) 531 rfcomm_out_buffer[pos++] = crc8_calc(rfcomm_out_buffer, 2); // calc fcs 532 533 int err = l2cap_send_prepared(multiplexer->l2cap_cid, pos); 534 535 return err; 536 } 537 538 // C/R Flag in Address 539 // - terms: initiator = station that creates multiplexer with SABM 540 // - terms: responder = station that responds to multiplexer setup with UA 541 // "For SABM, UA, DM and DISC frames C/R bit is set according to Table 1 in GSM 07.10, section 5.2.1.2" 542 // - command initiator = 1 /response responder = 1 543 // - command responder = 0 /response initiator = 0 544 // "For UIH frames, the C/R bit is always set according to section 5.4.3.1 in GSM 07.10. 545 // This applies independently of what is contained wthin the UIH frames, either data or control messages." 546 // - c/r = 1 for frames by initiating station, 0 = for frames by responding station 547 548 // C/R Flag in Message 549 // "In the message level, the C/R bit in the command type field is set as stated in section 5.4.6.2 in GSM 07.10." 550 // - If the C/R bit is set to 1 the message is a command 551 // - if it is set to 0 the message is a response. 552 553 // temp/old messge construction 554 555 // new object oriented version 556 static int rfcomm_send_sabm(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 557 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 558 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_SABM, 0, NULL, 0); 559 } 560 561 static int rfcomm_send_disc(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 562 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); // command 563 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DISC, 0, NULL, 0); 564 } 565 566 static int rfcomm_send_ua(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 567 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 568 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UA, 0, NULL, 0); 569 } 570 571 static int rfcomm_send_dm_pf(rfcomm_multiplexer_t *multiplexer, uint8_t dlci){ 572 uint8_t address = (1 << 0) | ((multiplexer->outgoing ^ 1) << 1) | (dlci << 2); // response 573 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_DM_PF, 0, NULL, 0); 574 } 575 576 static int rfcomm_send_uih_fc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t fcon) { 577 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 578 uint8_t payload[2]; 579 uint8_t pos = 0; 580 payload[pos++] = fcon ? BT_RFCOMM_FCON_RSP : BT_RFCOMM_FCOFF_RSP; 581 payload[pos++] = (0 << 1) | 1; // len 582 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 583 } 584 585 // static int rfcomm_send_uih_test_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 586 // uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 587 // uint8_t payload[2+len]; 588 // uint8_t pos = 0; 589 // payload[pos++] = BT_RFCOMM_TEST_CMD; 590 // payload[pos++] = (len + 1) << 1 | 1; // len 591 // memcpy(&payload[pos], data, len); 592 // pos += len; 593 // return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 594 // } 595 596 static int rfcomm_send_uih_test_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t * data, uint16_t len) { 597 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 598 uint8_t payload[2+RFCOMM_TEST_DATA_MAX_LEN]; 599 uint8_t pos = 0; 600 payload[pos++] = BT_RFCOMM_TEST_RSP; 601 if (len > RFCOMM_TEST_DATA_MAX_LEN) { 602 len = RFCOMM_TEST_DATA_MAX_LEN; 603 } 604 payload[pos++] = (len << 1) | 1; // len 605 memcpy(&payload[pos], data, len); 606 pos += len; 607 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 608 } 609 610 static int rfcomm_send_uih_msc_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 611 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 612 uint8_t payload[4]; 613 uint8_t pos = 0; 614 payload[pos++] = BT_RFCOMM_MSC_CMD; 615 payload[pos++] = (2 << 1) | 1; // len 616 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 617 payload[pos++] = signals; 618 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 619 } 620 621 static int rfcomm_send_uih_msc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t signals) { 622 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 623 uint8_t payload[4]; 624 uint8_t pos = 0; 625 payload[pos++] = BT_RFCOMM_MSC_RSP; 626 payload[pos++] = (2 << 1) | 1; // len 627 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 628 payload[pos++] = signals; 629 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 630 } 631 632 static int rfcomm_send_uih_nsc_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t command) { 633 uint8_t address = (1 << 0) | (multiplexer->outgoing<< 1); 634 uint8_t payload[3]; 635 uint8_t pos = 0; 636 payload[pos++] = BT_RFCOMM_NSC_RSP; 637 payload[pos++] = (1 << 1) | 1; // len 638 payload[pos++] = command; 639 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 640 } 641 642 static int rfcomm_send_uih_pn_command(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint16_t max_frame_size){ 643 uint8_t payload[10]; 644 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 645 uint8_t pos = 0; 646 payload[pos++] = BT_RFCOMM_PN_CMD; 647 payload[pos++] = (8 << 1) | 1; // len 648 payload[pos++] = dlci; 649 payload[pos++] = 0xf0; // pre-defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 650 payload[pos++] = 0; // priority 651 payload[pos++] = 0; // max 60 seconds ack 652 payload[pos++] = max_frame_size & 0xff; // max framesize low 653 payload[pos++] = max_frame_size >> 8; // max framesize high 654 payload[pos++] = 0x00; // number of retransmissions 655 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 656 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 657 } 658 659 // "The response may not change the DLCI, the priority, the convergence layer, or the timer value." rfcomm_tutorial.pdf 660 static int rfcomm_send_uih_pn_response(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, 661 uint8_t priority, uint16_t max_frame_size){ 662 uint8_t payload[10]; 663 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 664 uint8_t pos = 0; 665 payload[pos++] = BT_RFCOMM_PN_RSP; 666 payload[pos++] = (8 << 1) | 1; // len 667 payload[pos++] = dlci; 668 payload[pos++] = 0xe0; // pre defined for Bluetooth, see 5.5.3 of TS 07.10 Adaption for RFCOMM 669 payload[pos++] = priority; // priority 670 payload[pos++] = 0; // max 60 seconds ack 671 payload[pos++] = max_frame_size & 0xff; // max framesize low 672 payload[pos++] = max_frame_size >> 8; // max framesize high 673 payload[pos++] = 0x00; // number of retransmissions 674 payload[pos++] = 0x00; // (unused error recovery window) initial number of credits 675 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 676 } 677 678 static int rfcomm_send_uih_rls_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 679 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 680 uint8_t payload[4]; 681 uint8_t pos = 0; 682 payload[pos++] = BT_RFCOMM_RLS_CMD; 683 payload[pos++] = (2 << 1) | 1; // len 684 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 685 payload[pos++] = line_status; 686 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 687 } 688 689 static int rfcomm_send_uih_rls_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t line_status) { 690 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 691 uint8_t payload[4]; 692 uint8_t pos = 0; 693 payload[pos++] = BT_RFCOMM_RLS_RSP; 694 payload[pos++] = (2 << 1) | 1; // len 695 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 696 payload[pos++] = line_status; 697 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 698 } 699 700 static int rfcomm_send_uih_rpn_cmd(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 701 uint8_t payload[10]; 702 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 703 uint8_t pos = 0; 704 payload[pos++] = BT_RFCOMM_RPN_CMD; 705 payload[pos++] = (8 << 1) | 1; // len 706 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 707 payload[pos++] = rpn_data->baud_rate; 708 payload[pos++] = rpn_data->flags; 709 payload[pos++] = rpn_data->flow_control; 710 payload[pos++] = rpn_data->xon; 711 payload[pos++] = rpn_data->xoff; 712 payload[pos++] = rpn_data->parameter_mask_0; 713 payload[pos++] = rpn_data->parameter_mask_1; 714 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 715 } 716 717 static int rfcomm_send_uih_rpn_req(rfcomm_multiplexer_t *multiplexer, uint8_t dlci) { 718 uint8_t payload[3]; 719 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 720 uint8_t pos = 0; 721 payload[pos++] = BT_RFCOMM_RPN_CMD; 722 payload[pos++] = (1 << 1) | 1; // len 723 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 724 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 725 } 726 727 static int rfcomm_send_uih_rpn_rsp(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, rfcomm_rpn_data_t *rpn_data) { 728 uint8_t payload[10]; 729 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1); 730 uint8_t pos = 0; 731 payload[pos++] = BT_RFCOMM_RPN_RSP; 732 payload[pos++] = (8 << 1) | 1; // len 733 payload[pos++] = (1 << 0) | (1 << 1) | (dlci << 2); // CMD => C/R = 1 734 payload[pos++] = rpn_data->baud_rate; 735 payload[pos++] = rpn_data->flags; 736 payload[pos++] = rpn_data->flow_control; 737 payload[pos++] = rpn_data->xon; 738 payload[pos++] = rpn_data->xoff; 739 payload[pos++] = rpn_data->parameter_mask_0; 740 payload[pos++] = rpn_data->parameter_mask_1; 741 return rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH, 0, (uint8_t *) payload, pos); 742 } 743 744 static void rfcomm_send_uih_credits(rfcomm_multiplexer_t *multiplexer, uint8_t dlci, uint8_t credits){ 745 uint8_t address = (1 << 0) | (multiplexer->outgoing << 1) | (dlci << 2); 746 rfcomm_send_packet_for_multiplexer(multiplexer, address, BT_RFCOMM_UIH_PF, credits, NULL, 0); 747 } 748 749 // MARK: RFCOMM MULTIPLEXER 750 static void rfcomm_multiplexer_stop_timer(rfcomm_multiplexer_t * multiplexer){ 751 if (multiplexer->timer_active) { 752 btstack_run_loop_remove_timer(&multiplexer->timer); 753 multiplexer->timer_active = 0; 754 } 755 } 756 static void rfcomm_multiplexer_free(rfcomm_multiplexer_t * multiplexer){ 757 btstack_linked_list_remove( &rfcomm_multiplexers, (btstack_linked_item_t *) multiplexer); 758 btstack_memory_rfcomm_multiplexer_free(multiplexer); 759 } 760 761 static void rfcomm_multiplexer_finalize(rfcomm_multiplexer_t * multiplexer){ 762 // remove (potential) timer 763 rfcomm_multiplexer_stop_timer(multiplexer); 764 765 // close and remove all channels 766 btstack_linked_item_t *it = (btstack_linked_item_t *) &rfcomm_channels; 767 while (it->next){ 768 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 769 if (channel->multiplexer == multiplexer) { 770 // emit appropriate events 771 switch(channel->state){ 772 case RFCOMM_CHANNEL_OPEN: 773 rfcomm_emit_channel_closed(channel); 774 break; 775 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 776 // remote didn't wait until we send the UA disc 777 break; 778 default: 779 rfcomm_emit_channel_opened(channel, RFCOMM_MULTIPLEXER_STOPPED); 780 break; 781 } 782 // remove from list 783 it->next = it->next->next; 784 // free channel struct 785 btstack_memory_rfcomm_channel_free(channel); 786 } else { 787 it = it->next; 788 } 789 } 790 791 // remove mutliplexer 792 rfcomm_multiplexer_free(multiplexer); 793 } 794 795 static void rfcomm_multiplexer_timer_handler(btstack_timer_source_t *timer){ 796 rfcomm_multiplexer_t * multiplexer = (rfcomm_multiplexer_t*) btstack_run_loop_get_timer_context(timer); 797 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 798 799 log_info("rfcomm_multiplexer_timer_handler timeout: shutting down multiplexer! (no channels)"); 800 uint16_t l2cap_cid = multiplexer->l2cap_cid; 801 rfcomm_multiplexer_finalize(multiplexer); 802 l2cap_disconnect(l2cap_cid, 0x13); 803 } 804 805 static void rfcomm_multiplexer_prepare_idle_timer(rfcomm_multiplexer_t * multiplexer){ 806 if (multiplexer->timer_active) { 807 btstack_run_loop_remove_timer(&multiplexer->timer); 808 multiplexer->timer_active = 0; 809 } 810 if (rfcomm_multiplexer_has_channels(multiplexer)) return; 811 812 // start idle timer for multiplexer timeout check as there are no rfcomm channels yet 813 btstack_run_loop_set_timer(&multiplexer->timer, RFCOMM_MULIPLEXER_TIMEOUT_MS); 814 btstack_run_loop_set_timer_handler(&multiplexer->timer, rfcomm_multiplexer_timer_handler); 815 btstack_run_loop_set_timer_context(&multiplexer->timer, multiplexer); 816 btstack_run_loop_add_timer(&multiplexer->timer); 817 multiplexer->timer_active = 1; 818 } 819 820 static void rfcomm_multiplexer_opened(rfcomm_multiplexer_t *multiplexer){ 821 log_info("Multiplexer up and running"); 822 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 823 824 rfcomm_channel_event_t event = { CH_EVT_MULTIPLEXER_READY }; 825 826 // transition of channels that wait for multiplexer 827 btstack_linked_item_t *it; 828 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = it->next){ 829 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 830 if (channel->multiplexer != multiplexer) continue; 831 rfcomm_channel_state_machine(channel, &event); 832 } 833 834 rfcomm_run(); 835 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 836 } 837 838 839 /** 840 * @return handled packet 841 */ 842 static int rfcomm_multiplexer_hci_event_handler(uint8_t *packet, uint16_t size){ 843 bd_addr_t event_addr; 844 uint16_t psm; 845 uint16_t l2cap_cid; 846 hci_con_handle_t con_handle; 847 rfcomm_multiplexer_t *multiplexer = NULL; 848 uint8_t status; 849 850 switch (hci_event_packet_get_type(packet)) { 851 852 // accept incoming PSM_RFCOMM connection if no multiplexer exists yet 853 case L2CAP_EVENT_INCOMING_CONNECTION: 854 // data: event(8), len(8), address(48), handle (16), psm (16), source cid(16) dest cid(16) 855 reverse_bd_addr(&packet[2], event_addr); 856 con_handle = little_endian_read_16(packet, 8); 857 psm = little_endian_read_16(packet, 10); 858 l2cap_cid = little_endian_read_16(packet, 12); 859 860 if (psm != PSM_RFCOMM) break; 861 862 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 863 864 if (multiplexer) { 865 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - multiplexer already exists", l2cap_cid); 866 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 867 return 1; 868 } 869 870 // create and inititialize new multiplexer instance (incoming) 871 multiplexer = rfcomm_multiplexer_create_for_addr(event_addr); 872 if (!multiplexer){ 873 log_info("INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => decline - no memory left", l2cap_cid); 874 l2cap_decline_connection(l2cap_cid, 0x04); // no resources available 875 return 1; 876 } 877 878 multiplexer->con_handle = con_handle; 879 multiplexer->l2cap_cid = l2cap_cid; 880 multiplexer->state = RFCOMM_MULTIPLEXER_W4_SABM_0; 881 882 log_info("L2CAP_EVENT_INCOMING_CONNECTION (l2cap_cid 0x%02x) for PSM_RFCOMM => accept", l2cap_cid); 883 l2cap_accept_connection(l2cap_cid); 884 return 1; 885 886 // l2cap connection opened -> store l2cap_cid, remote_addr 887 case L2CAP_EVENT_CHANNEL_OPENED: 888 889 if (little_endian_read_16(packet, 11) != PSM_RFCOMM) break; 890 891 status = packet[2]; 892 log_info("L2CAP_EVENT_CHANNEL_OPENED for PSM_RFCOMM, status %u", status); 893 894 // get multiplexer for remote addr 895 con_handle = little_endian_read_16(packet, 9); 896 l2cap_cid = little_endian_read_16(packet, 13); 897 reverse_bd_addr(&packet[3], event_addr); 898 multiplexer = rfcomm_multiplexer_for_addr(event_addr); 899 if (!multiplexer) { 900 log_error("L2CAP_EVENT_CHANNEL_OPENED but no multiplexer prepared"); 901 return 1; 902 } 903 904 // on l2cap open error discard everything 905 if (status){ 906 907 // remove (potential) timer 908 rfcomm_multiplexer_stop_timer(multiplexer); 909 910 // emit rfcomm_channel_opened with status and free channel 911 btstack_linked_item_t * it = (btstack_linked_item_t *) &rfcomm_channels; 912 while (it->next) { 913 rfcomm_channel_t * channel = (rfcomm_channel_t *) it->next; 914 if (channel->multiplexer == multiplexer){ 915 rfcomm_emit_channel_opened(channel, status); 916 it->next = it->next->next; 917 btstack_memory_rfcomm_channel_free(channel); 918 } else { 919 it = it->next; 920 } 921 } 922 923 // free multiplexer 924 rfcomm_multiplexer_free(multiplexer); 925 return 1; 926 } 927 928 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_CONNECT) { 929 log_info("L2CAP_EVENT_CHANNEL_OPENED: outgoing connection"); 930 // wrong remote addr 931 if (bd_addr_cmp(event_addr, multiplexer->remote_addr)) break; 932 multiplexer->l2cap_cid = l2cap_cid; 933 multiplexer->con_handle = con_handle; 934 // send SABM #0 935 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_SABM_0; 936 } else { // multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0 937 938 // set max frame size based on l2cap MTU 939 multiplexer->max_frame_size = rfcomm_max_frame_size_for_l2cap_mtu(little_endian_read_16(packet, 17)); 940 } 941 return 1; 942 943 // l2cap disconnect -> state = RFCOMM_MULTIPLEXER_CLOSED; 944 945 // Notify channel packet handler if they can send now 946 case L2CAP_EVENT_CAN_SEND_NOW: 947 rfcomm_run(); // rfcomm signaling packets first 948 rfcomm_notify_channel_can_send(); 949 break; 950 951 case L2CAP_EVENT_CHANNEL_CLOSED: 952 // data: event (8), len(8), channel (16) 953 l2cap_cid = little_endian_read_16(packet, 2); 954 multiplexer = rfcomm_multiplexer_for_l2cap_cid(l2cap_cid); 955 log_info("L2CAP_EVENT_CHANNEL_CLOSED cid 0x%0x, mult %p", l2cap_cid, multiplexer); 956 if (!multiplexer) break; 957 log_info("L2CAP_EVENT_CHANNEL_CLOSED state %u", multiplexer->state); 958 switch (multiplexer->state) { 959 case RFCOMM_MULTIPLEXER_W4_CONNECT: 960 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 961 case RFCOMM_MULTIPLEXER_W4_SABM_0: 962 case RFCOMM_MULTIPLEXER_SEND_UA_0: 963 case RFCOMM_MULTIPLEXER_W4_UA_0: 964 case RFCOMM_MULTIPLEXER_OPEN: 965 // don't call l2cap_disconnect as it's alreay closed 966 rfcomm_multiplexer_finalize(multiplexer); 967 return 1; 968 default: 969 break; 970 } 971 break; 972 default: 973 break; 974 } 975 return 0; 976 } 977 978 static int rfcomm_multiplexer_l2cap_packet_handler(uint16_t channel, uint8_t *packet, uint16_t size){ 979 980 // get or create a multiplexer for a certain device 981 rfcomm_multiplexer_t *multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 982 if (!multiplexer) return 0; 983 984 uint16_t l2cap_cid = multiplexer->l2cap_cid; 985 986 // but only care for multiplexer control channel 987 uint8_t frame_dlci = packet[0] >> 2; 988 if (frame_dlci) return 0; 989 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 990 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 991 const uint8_t payload_offset = 3 + length_offset + credit_offset; 992 switch (packet[1]){ 993 994 case BT_RFCOMM_SABM: 995 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_SABM_0){ 996 log_info("Received SABM #0"); 997 multiplexer->outgoing = 0; 998 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0; 999 return 1; 1000 } 1001 break; 1002 1003 case BT_RFCOMM_UA: 1004 if (multiplexer->state == RFCOMM_MULTIPLEXER_W4_UA_0) { 1005 // UA #0 -> send UA #0, state = RFCOMM_MULTIPLEXER_OPEN 1006 log_info("Received UA #0 "); 1007 rfcomm_multiplexer_opened(multiplexer); 1008 return 1; 1009 } 1010 break; 1011 1012 case BT_RFCOMM_DISC: 1013 // DISC #0 -> send UA #0, close multiplexer 1014 log_info("Received DISC #0, (ougoing = %u)", multiplexer->outgoing); 1015 multiplexer->state = RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC; 1016 return 1; 1017 1018 case BT_RFCOMM_DM: 1019 // DM #0 - we shouldn't get this, just give up 1020 log_info("Received DM #0"); 1021 log_info("-> Closing down multiplexer"); 1022 rfcomm_multiplexer_finalize(multiplexer); 1023 l2cap_disconnect(l2cap_cid, 0x13); 1024 return 1; 1025 1026 case BT_RFCOMM_UIH: 1027 if (packet[payload_offset] == BT_RFCOMM_CLD_CMD){ 1028 // Multiplexer close down (CLD) -> close mutliplexer 1029 log_info("Received Multiplexer close down command"); 1030 log_info("-> Closing down multiplexer"); 1031 rfcomm_multiplexer_finalize(multiplexer); 1032 l2cap_disconnect(l2cap_cid, 0x13); 1033 return 1; 1034 } 1035 switch (packet[payload_offset]){ 1036 case BT_RFCOMM_CLD_CMD: 1037 // Multiplexer close down (CLD) -> close mutliplexer 1038 log_info("Received Multiplexer close down command"); 1039 log_info("-> Closing down multiplexer"); 1040 rfcomm_multiplexer_finalize(multiplexer); 1041 l2cap_disconnect(l2cap_cid, 0x13); 1042 return 1; 1043 1044 case BT_RFCOMM_FCON_CMD: 1045 multiplexer->fcon = 0x81; 1046 break; 1047 1048 case BT_RFCOMM_FCOFF_CMD: 1049 multiplexer->fcon = 0x80; 1050 break; 1051 1052 case BT_RFCOMM_TEST_CMD: { 1053 log_info("Received test command"); 1054 int len = packet[payload_offset+1] >> 1; // length < 125 1055 if (len > RFCOMM_TEST_DATA_MAX_LEN){ 1056 len = RFCOMM_TEST_DATA_MAX_LEN; 1057 } 1058 multiplexer->test_data_len = len; 1059 memcpy(multiplexer->test_data, &packet[payload_offset + 2], len); 1060 return 1; 1061 } 1062 default: 1063 break; 1064 } 1065 break; 1066 1067 default: 1068 break; 1069 1070 } 1071 return 0; 1072 } 1073 1074 static void rfcomm_multiplexer_state_machine(rfcomm_multiplexer_t * multiplexer, RFCOMM_MULTIPLEXER_EVENT event){ 1075 1076 uint16_t l2cap_cid = multiplexer->l2cap_cid; 1077 1078 // process stored DM responses 1079 if (multiplexer->send_dm_for_dlci){ 1080 uint8_t dlci = multiplexer->send_dm_for_dlci; 1081 multiplexer->send_dm_for_dlci = 0; 1082 rfcomm_send_dm_pf(multiplexer, dlci); 1083 return; 1084 } 1085 1086 if (multiplexer->nsc_command){ 1087 uint8_t command = multiplexer->nsc_command; 1088 multiplexer->nsc_command = 0; 1089 rfcomm_send_uih_nsc_rsp(multiplexer, command); 1090 return; 1091 } 1092 1093 if (multiplexer->fcon & 0x80){ 1094 multiplexer->fcon &= 0x01; 1095 rfcomm_send_uih_fc_rsp(multiplexer, multiplexer->fcon); 1096 if (multiplexer->fcon == 0) return; 1097 // trigger client to send again after sending FCon Response 1098 rfcomm_notify_channel_can_send(); 1099 return; 1100 } 1101 1102 switch (multiplexer->state) { 1103 case RFCOMM_MULTIPLEXER_SEND_SABM_0: 1104 switch (event) { 1105 case MULT_EV_READY_TO_SEND: 1106 log_info("Sending SABM #0 - (multi 0x%p)", multiplexer); 1107 multiplexer->state = RFCOMM_MULTIPLEXER_W4_UA_0; 1108 rfcomm_send_sabm(multiplexer, 0); 1109 break; 1110 default: 1111 break; 1112 } 1113 break; 1114 case RFCOMM_MULTIPLEXER_SEND_UA_0: 1115 switch (event) { 1116 case MULT_EV_READY_TO_SEND: 1117 log_info("Sending UA #0"); 1118 multiplexer->state = RFCOMM_MULTIPLEXER_OPEN; 1119 rfcomm_send_ua(multiplexer, 0); 1120 rfcomm_multiplexer_opened(multiplexer); 1121 break; 1122 default: 1123 break; 1124 } 1125 break; 1126 case RFCOMM_MULTIPLEXER_SEND_UA_0_AND_DISC: 1127 switch (event) { 1128 case MULT_EV_READY_TO_SEND: 1129 // try to detect authentication errors: drop link key if multiplexer closed before first channel got opened 1130 if (!multiplexer->at_least_one_connection){ 1131 log_info("TODO: no connections established - delete link key prophylactically"); 1132 // hci_send_cmd(&hci_delete_stored_link_key, multiplexer->remote_addr); 1133 } 1134 log_info("Sending UA #0"); 1135 log_info("Closing down multiplexer"); 1136 multiplexer->state = RFCOMM_MULTIPLEXER_CLOSED; 1137 rfcomm_send_ua(multiplexer, 0); 1138 rfcomm_multiplexer_finalize(multiplexer); 1139 l2cap_disconnect(l2cap_cid, 0x13); 1140 default: 1141 break; 1142 } 1143 break; 1144 case RFCOMM_MULTIPLEXER_OPEN: 1145 switch (event) { 1146 case MULT_EV_READY_TO_SEND: 1147 // respond to test command 1148 if (multiplexer->test_data_len){ 1149 int len = multiplexer->test_data_len; 1150 log_info("Sending TEST Response with %u bytes", len); 1151 multiplexer->test_data_len = 0; 1152 rfcomm_send_uih_test_rsp(multiplexer, multiplexer->test_data, len); 1153 return; 1154 } 1155 break; 1156 default: 1157 break; 1158 } 1159 break; 1160 default: 1161 break; 1162 } 1163 } 1164 1165 // MARK: RFCOMM CHANNEL 1166 1167 static void rfcomm_channel_send_credits(rfcomm_channel_t *channel, uint8_t credits){ 1168 rfcomm_send_uih_credits(channel->multiplexer, channel->dlci, credits); 1169 channel->credits_incoming += credits; 1170 } 1171 1172 static int rfcomm_channel_can_send(rfcomm_channel_t * channel){ 1173 if (!channel->credits_outgoing) return 0; 1174 if ((channel->multiplexer->fcon & 1) == 0) return 0; 1175 return l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid); 1176 } 1177 1178 static void rfcomm_channel_opened(rfcomm_channel_t *rfChannel){ 1179 1180 log_info("rfcomm_channel_opened!"); 1181 1182 rfChannel->state = RFCOMM_CHANNEL_OPEN; 1183 rfcomm_emit_channel_opened(rfChannel, 0); 1184 rfcomm_emit_port_configuration(rfChannel); 1185 1186 // remove (potential) timer 1187 rfcomm_multiplexer_t *multiplexer = rfChannel->multiplexer; 1188 if (multiplexer->timer_active) { 1189 btstack_run_loop_remove_timer(&multiplexer->timer); 1190 multiplexer->timer_active = 0; 1191 } 1192 // hack for problem detecting authentication failure 1193 multiplexer->at_least_one_connection = 1; 1194 1195 // start next connection request if pending 1196 rfcomm_run(); 1197 } 1198 1199 static void rfcomm_channel_packet_handler_uih(rfcomm_multiplexer_t *multiplexer, uint8_t * packet, uint16_t size){ 1200 const uint8_t frame_dlci = packet[0] >> 2; 1201 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1202 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1203 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1204 1205 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, frame_dlci); 1206 if (!channel) return; 1207 1208 // handle new outgoing credits 1209 if (packet[1] == BT_RFCOMM_UIH_PF) { 1210 1211 // add them 1212 uint16_t new_credits = packet[3+length_offset]; 1213 channel->credits_outgoing += new_credits; 1214 log_info( "RFCOMM data UIH_PF, new credits: %u, now %u", new_credits, channel->credits_outgoing); 1215 1216 // notify channel statemachine 1217 rfcomm_channel_event_t channel_event = { CH_EVT_RCVD_CREDITS }; 1218 rfcomm_channel_state_machine(channel, &channel_event); 1219 } 1220 1221 // contains payload? 1222 if (size - 1 > payload_offset){ 1223 1224 // log_info( "RFCOMM data UIH_PF, size %u, channel %p", size-payload_offset-1, rfChannel->connection); 1225 1226 // decrease incoming credit counter 1227 if (channel->credits_incoming > 0){ 1228 channel->credits_incoming--; 1229 } 1230 1231 // deliver payload 1232 (channel->packet_handler)(RFCOMM_DATA_PACKET, channel->rfcomm_cid, 1233 &packet[payload_offset], size-payload_offset-1); 1234 } 1235 1236 // automatically provide new credits to remote device, if no incoming flow control 1237 if (!channel->incoming_flow_control && channel->credits_incoming < 5){ 1238 channel->new_credits_incoming =RFCOMM_CREDITS; 1239 } 1240 } 1241 1242 static void rfcomm_channel_accept_pn(rfcomm_channel_t *channel, rfcomm_channel_event_pn_t *event){ 1243 // priority of client request 1244 channel->pn_priority = event->priority; 1245 1246 // new credits 1247 channel->credits_outgoing = event->credits_outgoing; 1248 1249 // negotiate max frame size 1250 if (channel->max_frame_size > channel->multiplexer->max_frame_size) { 1251 channel->max_frame_size = channel->multiplexer->max_frame_size; 1252 } 1253 if (channel->max_frame_size > event->max_frame_size) { 1254 channel->max_frame_size = event->max_frame_size; 1255 } 1256 1257 } 1258 1259 static void rfcomm_channel_finalize(rfcomm_channel_t *channel){ 1260 1261 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1262 1263 // remove from list 1264 btstack_linked_list_remove( &rfcomm_channels, (btstack_linked_item_t *) channel); 1265 1266 // free channel 1267 btstack_memory_rfcomm_channel_free(channel); 1268 1269 // update multiplexer timeout after channel was removed from list 1270 rfcomm_multiplexer_prepare_idle_timer(multiplexer); 1271 } 1272 1273 static void rfcomm_channel_state_machine_2(rfcomm_multiplexer_t * multiplexer, uint8_t dlci, rfcomm_channel_event_t *event){ 1274 1275 // TODO: if client max frame size is smaller than RFCOMM_DEFAULT_SIZE, send PN 1276 1277 1278 // lookup existing channel 1279 rfcomm_channel_t * channel = rfcomm_channel_for_multiplexer_and_dlci(multiplexer, dlci); 1280 1281 // log_info("rfcomm_channel_state_machine_2 lookup dlci #%u = 0x%08x - event %u", dlci, (int) channel, event->type); 1282 1283 if (channel) { 1284 rfcomm_channel_state_machine(channel, event); 1285 return; 1286 } 1287 1288 // service registered? 1289 rfcomm_service_t * service = rfcomm_service_for_channel(dlci >> 1); 1290 // log_info("rfcomm_channel_state_machine_2 service dlci #%u = 0x%08x", dlci, (int) service); 1291 if (!service) { 1292 // discard request by sending disconnected mode 1293 multiplexer->send_dm_for_dlci = dlci; 1294 return; 1295 } 1296 1297 // create channel for some events 1298 switch (event->type) { 1299 case CH_EVT_RCVD_SABM: 1300 case CH_EVT_RCVD_PN: 1301 case CH_EVT_RCVD_RPN_REQ: 1302 case CH_EVT_RCVD_RPN_CMD: 1303 // setup incoming channel 1304 channel = rfcomm_channel_create(multiplexer, service, dlci >> 1); 1305 if (!channel){ 1306 // discard request by sending disconnected mode 1307 multiplexer->send_dm_for_dlci = dlci; 1308 } 1309 break; 1310 default: 1311 break; 1312 } 1313 1314 if (!channel) { 1315 // discard request by sending disconnected mode 1316 multiplexer->send_dm_for_dlci = dlci; 1317 return; 1318 } 1319 rfcomm_channel_state_machine(channel, event); 1320 } 1321 1322 static void rfcomm_channel_packet_handler(rfcomm_multiplexer_t * multiplexer, uint8_t *packet, uint16_t size){ 1323 1324 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1325 const uint8_t frame_dlci = packet[0] >> 2; 1326 uint8_t message_dlci; // used by commands in UIH(_PF) packets 1327 uint8_t message_len; // " 1328 1329 // rfcomm: (1) command/control 1330 // -- credits_offset = 1 if command == BT_RFCOMM_UIH_PF 1331 const uint8_t credit_offset = ((packet[1] & BT_RFCOMM_UIH_PF) == BT_RFCOMM_UIH_PF) ? 1 : 0; // credits for uih_pf frames 1332 // rfcomm: (2) length. if bit 0 is cleared, 2 byte length is used. (little endian) 1333 const uint8_t length_offset = (packet[2] & 1) ^ 1; // to be used for pos >= 3 1334 // rfcomm: (3+length_offset) credits if credits_offset == 1 1335 // rfcomm: (3+length_offest+credits_offset) 1336 const uint8_t payload_offset = 3 + length_offset + credit_offset; 1337 1338 rfcomm_channel_event_t event; 1339 rfcomm_channel_event_pn_t event_pn; 1340 rfcomm_channel_event_rpn_t event_rpn; 1341 rfcomm_channel_event_msc_t event_msc; 1342 1343 // switch by rfcomm message type 1344 switch(packet[1]) { 1345 1346 case BT_RFCOMM_SABM: 1347 event.type = CH_EVT_RCVD_SABM; 1348 log_info("Received SABM #%u", frame_dlci); 1349 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1350 break; 1351 1352 case BT_RFCOMM_UA: 1353 event.type = CH_EVT_RCVD_UA; 1354 log_info("Received UA #%u",frame_dlci); 1355 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1356 break; 1357 1358 case BT_RFCOMM_DISC: 1359 event.type = CH_EVT_RCVD_DISC; 1360 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1361 break; 1362 1363 case BT_RFCOMM_DM: 1364 case BT_RFCOMM_DM_PF: 1365 event.type = CH_EVT_RCVD_DM; 1366 rfcomm_channel_state_machine_2(multiplexer, frame_dlci, &event); 1367 break; 1368 1369 case BT_RFCOMM_UIH_PF: 1370 case BT_RFCOMM_UIH: 1371 1372 message_len = packet[payload_offset+1] >> 1; 1373 1374 switch (packet[payload_offset]) { 1375 case BT_RFCOMM_PN_CMD: 1376 message_dlci = packet[payload_offset+2]; 1377 event_pn.super.type = CH_EVT_RCVD_PN; 1378 event_pn.priority = packet[payload_offset+4]; 1379 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1380 event_pn.credits_outgoing = packet[payload_offset+9]; 1381 log_info("Received UIH Parameter Negotiation Command for #%u, credits %u", 1382 message_dlci, event_pn.credits_outgoing); 1383 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1384 break; 1385 1386 case BT_RFCOMM_PN_RSP: 1387 message_dlci = packet[payload_offset+2]; 1388 event_pn.super.type = CH_EVT_RCVD_PN_RSP; 1389 event_pn.priority = packet[payload_offset+4]; 1390 event_pn.max_frame_size = little_endian_read_16(packet, payload_offset+6); 1391 event_pn.credits_outgoing = packet[payload_offset+9]; 1392 log_info("Received UIH Parameter Negotiation Response max frame %u, credits %u", 1393 event_pn.max_frame_size, event_pn.credits_outgoing); 1394 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_pn); 1395 break; 1396 1397 case BT_RFCOMM_MSC_CMD: 1398 message_dlci = packet[payload_offset+2] >> 2; 1399 event_msc.super.type = CH_EVT_RCVD_MSC_CMD; 1400 event_msc.modem_status = packet[payload_offset+3]; 1401 log_info("Received MSC CMD for #%u, ", message_dlci); 1402 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_msc); 1403 break; 1404 1405 case BT_RFCOMM_MSC_RSP: 1406 message_dlci = packet[payload_offset+2] >> 2; 1407 event.type = CH_EVT_RCVD_MSC_RSP; 1408 log_info("Received MSC RSP for #%u", message_dlci); 1409 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1410 break; 1411 1412 case BT_RFCOMM_RPN_CMD: 1413 message_dlci = packet[payload_offset+2] >> 2; 1414 switch (message_len){ 1415 case 1: 1416 log_info("Received Remote Port Negotiation Request for #%u", message_dlci); 1417 event.type = CH_EVT_RCVD_RPN_REQ; 1418 rfcomm_channel_state_machine_2(multiplexer, message_dlci, &event); 1419 break; 1420 case 8: 1421 log_info("Received Remote Port Negotiation Update for #%u", message_dlci); 1422 event_rpn.super.type = CH_EVT_RCVD_RPN_CMD; 1423 event_rpn.data = *(rfcomm_rpn_data_t*) &packet[payload_offset+3]; 1424 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rpn); 1425 break; 1426 default: 1427 break; 1428 } 1429 break; 1430 1431 case BT_RFCOMM_RPN_RSP: 1432 log_info("Received RPN response"); 1433 break; 1434 1435 case BT_RFCOMM_RLS_CMD: { 1436 log_info("Received RLS command"); 1437 message_dlci = packet[payload_offset+2] >> 2; 1438 rfcomm_channel_event_rls_t event_rls; 1439 event_rls.super.type = CH_EVT_RCVD_RLS_CMD; 1440 event_rls.line_status = packet[payload_offset+3]; 1441 rfcomm_channel_state_machine_2(multiplexer, message_dlci, (rfcomm_channel_event_t*) &event_rls); 1442 break; 1443 } 1444 1445 case BT_RFCOMM_RLS_RSP: 1446 log_info("Received RLS response"); 1447 break; 1448 1449 // Following commands are handled by rfcomm_multiplexer_l2cap_packet_handler 1450 // case BT_RFCOMM_TEST_CMD: 1451 // case BT_RFCOMM_FCOFF_CMD: 1452 // case BT_RFCOMM_FCON_CMD: 1453 // everything else is an not supported command 1454 default: { 1455 log_error("Received unknown UIH command packet - 0x%02x", packet[payload_offset]); 1456 multiplexer->nsc_command = packet[payload_offset]; 1457 break; 1458 } 1459 } 1460 break; 1461 1462 default: 1463 log_error("Received unknown RFCOMM message type %x", packet[1]); 1464 break; 1465 } 1466 1467 // trigger next action - example W4_PN_RSP: transition to SEND_SABM which only depends on "can send" 1468 rfcomm_run(); 1469 } 1470 1471 static void rfcomm_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1472 1473 // multiplexer handler 1474 int handled = 0; 1475 switch (packet_type) { 1476 case HCI_EVENT_PACKET: 1477 handled = rfcomm_multiplexer_hci_event_handler(packet, size); 1478 break; 1479 case L2CAP_DATA_PACKET: 1480 handled = rfcomm_multiplexer_l2cap_packet_handler(channel, packet, size); 1481 break; 1482 default: 1483 break; 1484 } 1485 1486 if (handled) { 1487 rfcomm_run(); 1488 return; 1489 } 1490 1491 // we only handle l2cap packets 1492 if (packet_type != L2CAP_DATA_PACKET) return; 1493 1494 // ... over open multiplexer channel now 1495 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_l2cap_cid(channel); 1496 if (!multiplexer || multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) return; 1497 1498 // channel data ? 1499 // rfcomm: (0) addr [76543 server channel] [2 direction: initiator uses 1] [1 C/R: CMD by initiator = 1] [0 EA=1] 1500 const uint8_t frame_dlci = packet[0] >> 2; 1501 1502 if (frame_dlci && (packet[1] == BT_RFCOMM_UIH || packet[1] == BT_RFCOMM_UIH_PF)) { 1503 rfcomm_channel_packet_handler_uih(multiplexer, packet, size); 1504 rfcomm_run(); 1505 return; 1506 } 1507 1508 rfcomm_channel_packet_handler(multiplexer, packet, size); 1509 } 1510 1511 static int rfcomm_channel_ready_for_open(rfcomm_channel_t *channel){ 1512 // note: exchanging MSC isn't neccessary to consider channel open 1513 // note: having outgoing credits is also not necessary to consider channel open 1514 // log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u, l2cap credits %u ", channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP|RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS, channel->state_var, channel->credits_outgoing, channel->multiplexer->l2cap_credits); 1515 // if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP) == 0) return 0; 1516 // if (channel->credits_outgoing == 0) return 0; 1517 log_info("rfcomm_channel_ready_for_open state %u, flags needed %04x, current %04x, rf credits %u", 1518 channel->state, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP, channel->state_var, channel->credits_outgoing); 1519 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP) == 0) return 0; 1520 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS) == 0) return 0; 1521 1522 return 1; 1523 } 1524 1525 static int rfcomm_channel_ready_for_incoming_dlc_setup(rfcomm_channel_t * channel){ 1526 log_info("rfcomm_channel_ready_for_incoming_dlc_setup state var %04x", channel->state_var); 1527 // Client accept and SABM/UA is required, PN RSP is needed if PN was received 1528 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) == 0) return 0; 1529 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM ) == 0) return 0; 1530 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA ) != 0) return 0; 1531 if ((channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP ) != 0) return 0; 1532 return 1; 1533 } 1534 1535 inline static void rfcomm_channel_state_add(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1536 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var | event); 1537 } 1538 inline static void rfcomm_channel_state_remove(rfcomm_channel_t *channel, RFCOMM_CHANNEL_STATE_VAR event){ 1539 channel->state_var = (RFCOMM_CHANNEL_STATE_VAR) (channel->state_var & ~event); 1540 } 1541 1542 static void rfcomm_channel_state_machine(rfcomm_channel_t *channel, rfcomm_channel_event_t *event){ 1543 1544 // log_info("rfcomm_channel_state_machine: state %u, state_var %04x, event %u", channel->state, channel->state_var ,event->type); 1545 1546 rfcomm_multiplexer_t *multiplexer = channel->multiplexer; 1547 1548 // TODO: integrate in common switch 1549 if (event->type == CH_EVT_RCVD_DISC){ 1550 rfcomm_emit_channel_closed(channel); 1551 channel->state = RFCOMM_CHANNEL_SEND_UA_AFTER_DISC; 1552 return; 1553 } 1554 1555 // TODO: integrate in common switch 1556 if (event->type == CH_EVT_RCVD_DM){ 1557 log_info("Received DM message for #%u", channel->dlci); 1558 log_info("-> Closing channel locally for #%u", channel->dlci); 1559 rfcomm_emit_channel_closed(channel); 1560 rfcomm_channel_finalize(channel); 1561 return; 1562 } 1563 1564 // remote port negotiation command - just accept everything for now 1565 // 1566 // "The RPN command can be used before a new DLC is opened and should be used whenever the port settings change." 1567 // "The RPN command is specified as optional in TS 07.10, but it is mandatory to recognize and respond to it in RFCOMM. 1568 // (Although the handling of individual settings are implementation-dependent.)" 1569 // 1570 1571 // TODO: integrate in common switch 1572 if (event->type == CH_EVT_RCVD_RPN_CMD){ 1573 // control port parameters 1574 rfcomm_channel_event_rpn_t *event_rpn = (rfcomm_channel_event_rpn_t*) event; 1575 rfcomm_rpn_data_update(&channel->rpn_data, &event_rpn->data); 1576 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1577 // notify client about new settings 1578 rfcomm_emit_port_configuration(channel); 1579 return; 1580 } 1581 1582 // TODO: integrate in common switch 1583 if (event->type == CH_EVT_RCVD_RPN_REQ){ 1584 // no values got accepted (no values have beens sent) 1585 channel->rpn_data.parameter_mask_0 = 0x00; 1586 channel->rpn_data.parameter_mask_1 = 0x00; 1587 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1588 return; 1589 } 1590 1591 if (event->type == CH_EVT_RCVD_RLS_CMD){ 1592 rfcomm_channel_event_rls_t * event_rls = (rfcomm_channel_event_rls_t*) event; 1593 channel->rls_line_status = event_rls->line_status & 0x0f; 1594 log_info("CH_EVT_RCVD_RLS_CMD setting line status to 0x%0x", channel->rls_line_status); 1595 rfcomm_emit_remote_line_status(channel, event_rls->line_status); 1596 return; 1597 } 1598 1599 // TODO: integrate in common swich 1600 if (event->type == CH_EVT_READY_TO_SEND){ 1601 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP){ 1602 log_info("Sending Remote Port Negotiation RSP for #%u", channel->dlci); 1603 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_RPN_RSP); 1604 rfcomm_send_uih_rpn_rsp(multiplexer, channel->dlci, &channel->rpn_data); 1605 return; 1606 } 1607 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP){ 1608 log_info("Sending MSC RSP for #%u", channel->dlci); 1609 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1610 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_RSP); 1611 rfcomm_send_uih_msc_rsp(multiplexer, channel->dlci, 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1612 return; 1613 } 1614 if (channel->rls_line_status != RFCOMM_RLS_STATUS_INVALID){ 1615 log_info("Sending RLS RSP 0x%0x", channel->rls_line_status); 1616 uint8_t line_status = channel->rls_line_status; 1617 channel->rls_line_status = RFCOMM_RLS_STATUS_INVALID; 1618 rfcomm_send_uih_rls_rsp(multiplexer, channel->dlci, line_status); 1619 return; 1620 } 1621 } 1622 1623 // emit MSC status to app 1624 if (event->type == CH_EVT_RCVD_MSC_CMD){ 1625 // notify client about new settings 1626 rfcomm_channel_event_msc_t *event_msc = (rfcomm_channel_event_msc_t*) event; 1627 uint8_t modem_status_event[2+1]; 1628 modem_status_event[0] = RFCOMM_EVENT_REMOTE_MODEM_STATUS; 1629 modem_status_event[1] = 1; 1630 modem_status_event[2] = event_msc->modem_status; 1631 (channel->packet_handler)(HCI_EVENT_PACKET, channel->rfcomm_cid, (uint8_t*)&modem_status_event, sizeof(modem_status_event)); 1632 // no return, MSC_CMD will be handled by state machine below 1633 } 1634 1635 rfcomm_channel_event_pn_t * event_pn = (rfcomm_channel_event_pn_t*) event; 1636 1637 switch (channel->state) { 1638 case RFCOMM_CHANNEL_CLOSED: 1639 switch (event->type){ 1640 case CH_EVT_RCVD_SABM: 1641 log_info("-> Inform app"); 1642 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1643 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1644 rfcomm_emit_connection_request(channel); 1645 break; 1646 case CH_EVT_RCVD_PN: 1647 rfcomm_channel_accept_pn(channel, event_pn); 1648 log_info("-> Inform app"); 1649 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1650 channel->state = RFCOMM_CHANNEL_INCOMING_SETUP; 1651 rfcomm_emit_connection_request(channel); 1652 break; 1653 default: 1654 break; 1655 } 1656 break; 1657 1658 case RFCOMM_CHANNEL_INCOMING_SETUP: 1659 switch (event->type){ 1660 case CH_EVT_RCVD_SABM: 1661 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM); 1662 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1663 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1664 } 1665 break; 1666 case CH_EVT_RCVD_PN: 1667 rfcomm_channel_accept_pn(channel, event_pn); 1668 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_PN); 1669 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED) { 1670 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1671 } 1672 break; 1673 case CH_EVT_READY_TO_SEND: 1674 // if / else if is used to check for state transition after sending 1675 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP){ 1676 log_info("Sending UIH Parameter Negotiation Respond for #%u", channel->dlci); 1677 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 1678 rfcomm_send_uih_pn_response(multiplexer, channel->dlci, channel->pn_priority, channel->max_frame_size); 1679 } else if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_UA){ 1680 log_info("Sending UA #%u", channel->dlci); 1681 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 1682 rfcomm_send_ua(multiplexer, channel->dlci); 1683 } 1684 if (rfcomm_channel_ready_for_incoming_dlc_setup(channel)){ 1685 log_info("Incomping setup done, requesting send MSC CMD and send Credits"); 1686 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1687 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1688 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1689 } 1690 break; 1691 default: 1692 break; 1693 } 1694 break; 1695 1696 case RFCOMM_CHANNEL_W4_MULTIPLEXER: 1697 switch (event->type) { 1698 case CH_EVT_MULTIPLEXER_READY: 1699 log_info("Muliplexer opened, sending UIH PN next"); 1700 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 1701 break; 1702 default: 1703 break; 1704 } 1705 break; 1706 1707 case RFCOMM_CHANNEL_SEND_UIH_PN: 1708 switch (event->type) { 1709 case CH_EVT_READY_TO_SEND: 1710 log_info("Sending UIH Parameter Negotiation Command for #%u (channel 0x%p)", channel->dlci, channel ); 1711 channel->state = RFCOMM_CHANNEL_W4_PN_RSP; 1712 rfcomm_send_uih_pn_command(multiplexer, channel->dlci, channel->max_frame_size); 1713 break; 1714 default: 1715 break; 1716 } 1717 break; 1718 1719 case RFCOMM_CHANNEL_W4_PN_RSP: 1720 switch (event->type){ 1721 case CH_EVT_RCVD_PN_RSP: 1722 // update max frame size 1723 if (channel->max_frame_size > event_pn->max_frame_size) { 1724 channel->max_frame_size = event_pn->max_frame_size; 1725 } 1726 // new credits 1727 channel->credits_outgoing = event_pn->credits_outgoing; 1728 channel->state = RFCOMM_CHANNEL_SEND_SABM_W4_UA; 1729 break; 1730 default: 1731 break; 1732 } 1733 break; 1734 1735 case RFCOMM_CHANNEL_SEND_SABM_W4_UA: 1736 switch (event->type) { 1737 case CH_EVT_READY_TO_SEND: 1738 log_info("Sending SABM #%u", channel->dlci); 1739 channel->state = RFCOMM_CHANNEL_W4_UA; 1740 rfcomm_send_sabm(multiplexer, channel->dlci); 1741 break; 1742 default: 1743 break; 1744 } 1745 break; 1746 1747 case RFCOMM_CHANNEL_W4_UA: 1748 switch (event->type){ 1749 case CH_EVT_RCVD_UA: 1750 channel->state = RFCOMM_CHANNEL_DLC_SETUP; 1751 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1752 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1753 break; 1754 default: 1755 break; 1756 } 1757 break; 1758 1759 case RFCOMM_CHANNEL_DLC_SETUP: 1760 switch (event->type){ 1761 case CH_EVT_RCVD_MSC_CMD: 1762 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_CMD); 1763 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1764 break; 1765 case CH_EVT_RCVD_MSC_RSP: 1766 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_RCVD_MSC_RSP); 1767 break; 1768 1769 case CH_EVT_READY_TO_SEND: 1770 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD){ 1771 log_info("Sending MSC CMD for #%u", channel->dlci); 1772 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_CMD); 1773 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_MSC_CMD); 1774 rfcomm_send_uih_msc_cmd(multiplexer, channel->dlci , 0x8d); // ea=1,fc=0,rtc=1,rtr=1,ic=0,dv=1 1775 break; 1776 } 1777 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS){ 1778 log_info("Providing credits for #%u", channel->dlci); 1779 rfcomm_channel_state_remove(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_CREDITS); 1780 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SENT_CREDITS); 1781 1782 if (channel->new_credits_incoming) { 1783 uint8_t new_credits = channel->new_credits_incoming; 1784 channel->new_credits_incoming = 0; 1785 rfcomm_channel_send_credits(channel, new_credits); 1786 } 1787 break; 1788 1789 } 1790 break; 1791 default: 1792 break; 1793 } 1794 // finally done? 1795 if (rfcomm_channel_ready_for_open(channel)){ 1796 channel->state = RFCOMM_CHANNEL_OPEN; 1797 rfcomm_channel_opened(channel); 1798 } 1799 break; 1800 1801 case RFCOMM_CHANNEL_OPEN: 1802 switch (event->type){ 1803 case CH_EVT_RCVD_MSC_CMD: 1804 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_MSC_RSP); 1805 break; 1806 case CH_EVT_READY_TO_SEND: 1807 if (channel->new_credits_incoming) { 1808 uint8_t new_credits = channel->new_credits_incoming; 1809 channel->new_credits_incoming = 0; 1810 rfcomm_channel_send_credits(channel, new_credits); 1811 break; 1812 } 1813 break; 1814 case CH_EVT_RCVD_CREDITS: 1815 rfcomm_notify_channel_can_send(); 1816 break; 1817 default: 1818 break; 1819 } 1820 break; 1821 1822 case RFCOMM_CHANNEL_SEND_DM: 1823 switch (event->type) { 1824 case CH_EVT_READY_TO_SEND: 1825 log_info("Sending DM_PF for #%u", channel->dlci); 1826 // don't emit channel closed - channel was never open 1827 channel->state = RFCOMM_CHANNEL_CLOSED; 1828 rfcomm_send_dm_pf(multiplexer, channel->dlci); 1829 rfcomm_channel_finalize(channel); 1830 break; 1831 default: 1832 break; 1833 } 1834 break; 1835 1836 case RFCOMM_CHANNEL_SEND_DISC: 1837 switch (event->type) { 1838 case CH_EVT_READY_TO_SEND: 1839 channel->state = RFCOMM_CHANNEL_W4_UA_AFTER_UA; 1840 rfcomm_send_disc(multiplexer, channel->dlci); 1841 break; 1842 default: 1843 break; 1844 } 1845 break; 1846 1847 case RFCOMM_CHANNEL_W4_UA_AFTER_UA: 1848 switch (event->type){ 1849 case CH_EVT_RCVD_UA: 1850 channel->state = RFCOMM_CHANNEL_CLOSED; 1851 rfcomm_emit_channel_closed(channel); 1852 rfcomm_channel_finalize(channel); 1853 break; 1854 default: 1855 break; 1856 } 1857 break; 1858 1859 case RFCOMM_CHANNEL_SEND_UA_AFTER_DISC: 1860 switch (event->type) { 1861 case CH_EVT_READY_TO_SEND: 1862 log_info("Sending UA after DISC for #%u", channel->dlci); 1863 channel->state = RFCOMM_CHANNEL_CLOSED; 1864 rfcomm_send_ua(multiplexer, channel->dlci); 1865 rfcomm_channel_finalize(channel); 1866 break; 1867 default: 1868 break; 1869 } 1870 break; 1871 1872 default: 1873 break; 1874 } 1875 } 1876 1877 1878 // MARK: RFCOMM RUN 1879 // process outstanding signaling tasks 1880 static void rfcomm_run(void){ 1881 1882 btstack_linked_item_t *it; 1883 btstack_linked_item_t *next; 1884 1885 for (it = (btstack_linked_item_t *) rfcomm_multiplexers; it ; it = next){ 1886 1887 next = it->next; // be prepared for removal of channel in state machine 1888 1889 rfcomm_multiplexer_t * multiplexer = ((rfcomm_multiplexer_t *) it); 1890 1891 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1892 // log_info("rfcomm_run A cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1893 continue; 1894 } 1895 // log_info("rfcomm_run: multi 0x%08x, state %u", (int) multiplexer, multiplexer->state); 1896 1897 rfcomm_multiplexer_state_machine(multiplexer, MULT_EV_READY_TO_SEND); 1898 } 1899 1900 for (it = (btstack_linked_item_t *) rfcomm_channels; it ; it = next){ 1901 1902 next = it->next; // be prepared for removal of channel in state machine 1903 1904 rfcomm_channel_t * channel = ((rfcomm_channel_t *) it); 1905 rfcomm_multiplexer_t * multiplexer = channel->multiplexer; 1906 1907 if (!l2cap_can_send_packet_now(multiplexer->l2cap_cid)) { 1908 // log_info("rfcomm_run B cannot send l2cap packet for #%u, credits %u", multiplexer->l2cap_cid, multiplexer->l2cap_credits); 1909 continue; 1910 } 1911 1912 rfcomm_channel_event_t event = { CH_EVT_READY_TO_SEND }; 1913 rfcomm_channel_state_machine(channel, &event); 1914 } 1915 } 1916 1917 // MARK: RFCOMM BTstack API 1918 1919 void rfcomm_init(void){ 1920 rfcomm_client_cid_generator = 0; 1921 rfcomm_multiplexers = NULL; 1922 rfcomm_services = NULL; 1923 rfcomm_channels = NULL; 1924 rfcomm_security_level = LEVEL_2; 1925 } 1926 1927 void rfcomm_set_required_security_level(gap_security_level_t security_level){ 1928 rfcomm_security_level = security_level; 1929 } 1930 1931 int rfcomm_can_send_packet_now(uint16_t rfcomm_cid){ 1932 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1933 if (!channel){ 1934 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1935 return 0; 1936 } 1937 int res = rfcomm_channel_can_send(channel); 1938 if (!res){ 1939 channel->waiting_for_can_send_now = 1; 1940 } 1941 return res; 1942 } 1943 1944 void rfcomm_request_can_send_now_event(uint16_t rfcomm_cid){ 1945 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1946 if (!channel){ 1947 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 1948 return; 1949 } 1950 channel->waiting_for_can_send_now = 1; 1951 rfcomm_notify_channel_can_send(); 1952 } 1953 1954 static int rfcomm_assert_send_valid(rfcomm_channel_t * channel , uint16_t len){ 1955 if (len > channel->max_frame_size){ 1956 log_error("rfcomm_send cid 0x%02x, rfcomm data lenght exceeds MTU!", channel->rfcomm_cid); 1957 return RFCOMM_DATA_LEN_EXCEEDS_MTU; 1958 } 1959 1960 if (!channel->credits_outgoing){ 1961 log_info("rfcomm_send cid 0x%02x, no rfcomm outgoing credits!", channel->rfcomm_cid); 1962 return RFCOMM_NO_OUTGOING_CREDITS; 1963 } 1964 1965 if ((channel->multiplexer->fcon & 1) == 0){ 1966 log_info("rfcomm_send cid 0x%02x, aggregate flow off!", channel->rfcomm_cid); 1967 return RFCOMM_AGGREGATE_FLOW_OFF; 1968 } 1969 return 0; 1970 } 1971 1972 // pre: rfcomm_can_send_packet_now(rfcomm_cid) == true 1973 int rfcomm_reserve_packet_buffer(void){ 1974 return l2cap_reserve_packet_buffer(); 1975 } 1976 1977 void rfcomm_release_packet_buffer(void){ 1978 l2cap_release_packet_buffer(); 1979 } 1980 1981 uint8_t * rfcomm_get_outgoing_buffer(void){ 1982 uint8_t * rfcomm_out_buffer = l2cap_get_outgoing_buffer(); 1983 // address + control + length (16) + no credit field 1984 return &rfcomm_out_buffer[4]; 1985 } 1986 1987 uint16_t rfcomm_get_max_frame_size(uint16_t rfcomm_cid){ 1988 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1989 if (!channel){ 1990 log_error("rfcomm_get_max_frame_size cid 0x%02x doesn't exist!", rfcomm_cid); 1991 return 0; 1992 } 1993 return channel->max_frame_size; 1994 } 1995 int rfcomm_send_prepared(uint16_t rfcomm_cid, uint16_t len){ 1996 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 1997 if (!channel){ 1998 log_error("rfcomm_send_prepared cid 0x%02x doesn't exist!", rfcomm_cid); 1999 return 0; 2000 } 2001 2002 int err = rfcomm_assert_send_valid(channel, len); 2003 if (err) return err; 2004 if (!l2cap_can_send_prepared_packet_now(channel->multiplexer->l2cap_cid)){ 2005 log_error("rfcomm_send_prepared: l2cap cannot send now"); 2006 return BTSTACK_ACL_BUFFERS_FULL; 2007 } 2008 2009 // send might cause l2cap to emit new credits, update counters first 2010 channel->credits_outgoing--; 2011 2012 int result = rfcomm_send_uih_prepared(channel->multiplexer, channel->dlci, len); 2013 2014 if (result != 0) { 2015 channel->credits_outgoing++; 2016 log_error("rfcomm_send_prepared: error %d", result); 2017 return result; 2018 } 2019 2020 return result; 2021 } 2022 2023 int rfcomm_send(uint16_t rfcomm_cid, uint8_t *data, uint16_t len){ 2024 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2025 if (!channel){ 2026 log_error("rfcomm_send cid 0x%02x doesn't exist!", rfcomm_cid); 2027 return 1; 2028 } 2029 2030 int err = rfcomm_assert_send_valid(channel, len); 2031 if (err) return err; 2032 if (!l2cap_can_send_packet_now(channel->multiplexer->l2cap_cid)){ 2033 log_error("rfcomm_send_internal: l2cap cannot send now"); 2034 return BTSTACK_ACL_BUFFERS_FULL; 2035 } 2036 2037 rfcomm_reserve_packet_buffer(); 2038 uint8_t * rfcomm_payload = rfcomm_get_outgoing_buffer(); 2039 memcpy(rfcomm_payload, data, len); 2040 err = rfcomm_send_prepared(rfcomm_cid, len); 2041 if (err){ 2042 rfcomm_release_packet_buffer(); 2043 } 2044 return err; 2045 } 2046 2047 // Sends Local Lnie Status, see LINE_STATUS_.. 2048 int rfcomm_send_local_line_status(uint16_t rfcomm_cid, uint8_t line_status){ 2049 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2050 if (!channel){ 2051 log_error("rfcomm_send_local_line_status cid 0x%02x doesn't exist!", rfcomm_cid); 2052 return 0; 2053 } 2054 return rfcomm_send_uih_rls_cmd(channel->multiplexer, channel->dlci, line_status); 2055 } 2056 2057 // Sned local modem status. see MODEM_STAUS_.. 2058 int rfcomm_send_modem_status(uint16_t rfcomm_cid, uint8_t modem_status){ 2059 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2060 if (!channel){ 2061 log_error("rfcomm_send_modem_status cid 0x%02x doesn't exist!", rfcomm_cid); 2062 return 0; 2063 } 2064 return rfcomm_send_uih_msc_cmd(channel->multiplexer, channel->dlci, modem_status); 2065 } 2066 2067 // Configure remote port 2068 int rfcomm_send_port_configuration(uint16_t rfcomm_cid, rpn_baud_t baud_rate, rpn_data_bits_t data_bits, rpn_stop_bits_t stop_bits, rpn_parity_t parity, rpn_flow_control_t flow_control){ 2069 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2070 if (!channel){ 2071 log_error("rfcomm_send_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2072 return 0; 2073 } 2074 rfcomm_rpn_data_t rpn_data; 2075 rpn_data.baud_rate = baud_rate; 2076 rpn_data.flags = data_bits | (stop_bits << 2) | (parity << 3); 2077 rpn_data.flow_control = flow_control; 2078 rpn_data.xon = 0; 2079 rpn_data.xoff = 0; 2080 rpn_data.parameter_mask_0 = 0x1f; // all but xon/xoff 2081 rpn_data.parameter_mask_1 = 0x3f; // all flow control options 2082 return rfcomm_send_uih_rpn_cmd(channel->multiplexer, channel->dlci, &rpn_data); 2083 } 2084 2085 // Query remote port 2086 int rfcomm_query_port_configuration(uint16_t rfcomm_cid){ 2087 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2088 if (!channel){ 2089 log_error("rfcomm_query_port_configuration cid 0x%02x doesn't exist!", rfcomm_cid); 2090 return 0; 2091 } 2092 return rfcomm_send_uih_rpn_req(channel->multiplexer, channel->dlci); 2093 } 2094 2095 2096 static uint8_t rfcomm_channel_create_internal(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t incoming_flow_control, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2097 log_info("RFCOMM_CREATE_CHANNEL addr %s channel #%u init credits %u", bd_addr_to_str(addr), server_channel, initial_credits); 2098 2099 // create new multiplexer if necessary 2100 uint8_t status = 0; 2101 int new_multiplexer = 0; 2102 rfcomm_channel_t * channel = NULL; 2103 rfcomm_multiplexer_t * multiplexer = rfcomm_multiplexer_for_addr(addr); 2104 if (!multiplexer) { 2105 multiplexer = rfcomm_multiplexer_create_for_addr(addr); 2106 if (!multiplexer){ 2107 status = BTSTACK_MEMORY_ALLOC_FAILED; 2108 goto fail; 2109 } 2110 multiplexer->outgoing = 1; 2111 multiplexer->state = RFCOMM_MULTIPLEXER_W4_CONNECT; 2112 new_multiplexer = 1; 2113 } 2114 2115 // prepare channel 2116 channel = rfcomm_channel_create(multiplexer, NULL, server_channel); 2117 if (!channel){ 2118 status = BTSTACK_MEMORY_ALLOC_FAILED; 2119 goto fail; 2120 } 2121 2122 // rfcomm_cid is already assigned by rfcomm_channel_create 2123 channel->incoming_flow_control = incoming_flow_control; 2124 channel->new_credits_incoming = initial_credits; 2125 channel->packet_handler = packet_handler; 2126 2127 // return rfcomm_cid 2128 if (out_rfcomm_cid){ 2129 *out_rfcomm_cid = channel->rfcomm_cid; 2130 } 2131 2132 // start multiplexer setup 2133 if (multiplexer->state != RFCOMM_MULTIPLEXER_OPEN) { 2134 channel->state = RFCOMM_CHANNEL_W4_MULTIPLEXER; 2135 uint16_t l2cap_cid = 0; 2136 status = l2cap_create_channel(rfcomm_packet_handler, addr, PSM_RFCOMM, l2cap_max_mtu(), &l2cap_cid); 2137 if (status) goto fail; 2138 multiplexer->l2cap_cid = l2cap_cid; 2139 return 0; 2140 } 2141 2142 channel->state = RFCOMM_CHANNEL_SEND_UIH_PN; 2143 2144 // start connecting, if multiplexer is already up and running 2145 rfcomm_run(); 2146 return 0; 2147 2148 fail: 2149 if (new_multiplexer) btstack_memory_rfcomm_multiplexer_free(multiplexer); 2150 if (channel) btstack_memory_rfcomm_channel_free(channel); 2151 return status; 2152 } 2153 2154 uint8_t rfcomm_create_channel_with_initial_credits(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint8_t initial_credits, uint16_t * out_rfcomm_cid){ 2155 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 1, initial_credits, out_rfcomm_cid); 2156 } 2157 2158 uint8_t rfcomm_create_channel(btstack_packet_handler_t packet_handler, bd_addr_t addr, uint8_t server_channel, uint16_t * out_rfcomm_cid){ 2159 return rfcomm_channel_create_internal(packet_handler, addr, server_channel, 0, RFCOMM_CREDITS, out_rfcomm_cid); 2160 } 2161 2162 void rfcomm_disconnect(uint16_t rfcomm_cid){ 2163 log_info("RFCOMM_DISCONNECT cid 0x%02x", rfcomm_cid); 2164 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2165 if (channel) { 2166 channel->state = RFCOMM_CHANNEL_SEND_DISC; 2167 } 2168 2169 // process 2170 rfcomm_run(); 2171 } 2172 2173 static uint8_t rfcomm_register_service_internal(btstack_packet_handler_t packet_handler, 2174 uint8_t channel, uint16_t max_frame_size, uint8_t incoming_flow_control, uint8_t initial_credits){ 2175 2176 log_info("RFCOMM_REGISTER_SERVICE channel #%u mtu %u flow_control %u credits %u", 2177 channel, max_frame_size, incoming_flow_control, initial_credits); 2178 2179 // check if already registered 2180 rfcomm_service_t * service = rfcomm_service_for_channel(channel); 2181 if (service){ 2182 return RFCOMM_CHANNEL_ALREADY_REGISTERED; 2183 } 2184 2185 // alloc structure 2186 service = btstack_memory_rfcomm_service_get(); 2187 if (!service) { 2188 return BTSTACK_MEMORY_ALLOC_FAILED; 2189 } 2190 2191 // register with l2cap if not registered before, max MTU 2192 if (btstack_linked_list_empty(&rfcomm_services)){ 2193 l2cap_register_service(rfcomm_packet_handler, PSM_RFCOMM, 0xffff, rfcomm_security_level); 2194 } 2195 2196 // fill in 2197 service->packet_handler = packet_handler; 2198 service->server_channel = channel; 2199 service->max_frame_size = max_frame_size; 2200 service->incoming_flow_control = incoming_flow_control; 2201 service->incoming_initial_credits = initial_credits; 2202 2203 // add to services list 2204 btstack_linked_list_add(&rfcomm_services, (btstack_linked_item_t *) service); 2205 2206 return 0; 2207 } 2208 2209 uint8_t rfcomm_register_service_with_initial_credits(btstack_packet_handler_t packet_handler, 2210 uint8_t channel, uint16_t max_frame_size, uint8_t initial_credits){ 2211 2212 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 1, initial_credits); 2213 } 2214 2215 uint8_t rfcomm_register_service(btstack_packet_handler_t packet_handler, uint8_t channel, 2216 uint16_t max_frame_size){ 2217 2218 return rfcomm_register_service_internal(packet_handler, channel, max_frame_size, 0,RFCOMM_CREDITS); 2219 } 2220 2221 void rfcomm_unregister_service(uint8_t service_channel){ 2222 log_info("RFCOMM_UNREGISTER_SERVICE #%u", service_channel); 2223 rfcomm_service_t *service = rfcomm_service_for_channel(service_channel); 2224 if (!service) return; 2225 btstack_linked_list_remove(&rfcomm_services, (btstack_linked_item_t *) service); 2226 btstack_memory_rfcomm_service_free(service); 2227 2228 // unregister if no services active 2229 if (btstack_linked_list_empty(&rfcomm_services)){ 2230 // bt_send_cmd(&l2cap_unregister_service, PSM_RFCOMM); 2231 l2cap_unregister_service(PSM_RFCOMM); 2232 } 2233 } 2234 2235 void rfcomm_accept_connection(uint16_t rfcomm_cid){ 2236 log_info("RFCOMM_ACCEPT_CONNECTION cid 0x%02x", rfcomm_cid); 2237 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2238 if (!channel) return; 2239 switch (channel->state) { 2240 case RFCOMM_CHANNEL_INCOMING_SETUP: 2241 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_CLIENT_ACCEPTED); 2242 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_PN){ 2243 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_PN_RSP); 2244 } 2245 if (channel->state_var & RFCOMM_CHANNEL_STATE_VAR_RCVD_SABM){ 2246 rfcomm_channel_state_add(channel, RFCOMM_CHANNEL_STATE_VAR_SEND_UA); 2247 } 2248 // at least one of { PN RSP, UA } needs to be sent 2249 // state transistion incoming setup -> dlc setup happens in rfcomm_run after these have been sent 2250 break; 2251 default: 2252 break; 2253 } 2254 2255 // process 2256 rfcomm_run(); 2257 } 2258 2259 void rfcomm_decline_connection(uint16_t rfcomm_cid){ 2260 log_info("RFCOMM_DECLINE_CONNECTION cid 0x%02x", rfcomm_cid); 2261 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2262 if (!channel) return; 2263 switch (channel->state) { 2264 case RFCOMM_CHANNEL_INCOMING_SETUP: 2265 channel->state = RFCOMM_CHANNEL_SEND_DM; 2266 break; 2267 default: 2268 break; 2269 } 2270 2271 // process 2272 rfcomm_run(); 2273 } 2274 2275 void rfcomm_grant_credits(uint16_t rfcomm_cid, uint8_t credits){ 2276 log_info("RFCOMM_GRANT_CREDITS cid 0x%02x credits %u", rfcomm_cid, credits); 2277 rfcomm_channel_t * channel = rfcomm_channel_for_rfcomm_cid(rfcomm_cid); 2278 if (!channel) return; 2279 if (!channel->incoming_flow_control) return; 2280 channel->new_credits_incoming += credits; 2281 2282 // process 2283 rfcomm_run(); 2284 } 2285 2286 2287 /* 2288 * CRC (reversed crc) lookup table as calculated by the table generator in ETSI TS 101 369 V6.3.0. 2289 */ 2290 static const uint8_t crc8table[256] = { /* reversed, 8-bit, poly=0x07 */ 2291 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 2292 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 2293 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 2294 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 2295 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 2296 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 2297 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 2298 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 2299 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 2300 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 2301 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 2302 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 2303 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 2304 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 2305 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 2306 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 2307 }; 2308 2309 #define CRC8_INIT 0xFF // Initial FCS value 2310 #define CRC8_OK 0xCF // Good final FCS value 2311 /*-----------------------------------------------------------------------------------*/ 2312 static uint8_t crc8(uint8_t *data, uint16_t len) 2313 { 2314 uint16_t count; 2315 uint8_t crc = CRC8_INIT; 2316 for (count = 0; count < len; count++) 2317 crc = crc8table[crc ^ data[count]]; 2318 return crc; 2319 } 2320 2321 /*-----------------------------------------------------------------------------------*/ 2322 uint8_t crc8_check(uint8_t *data, uint16_t len, uint8_t check_sum) 2323 { 2324 uint8_t crc; 2325 2326 crc = crc8(data, len); 2327 2328 crc = crc8table[crc ^ check_sum]; 2329 if (crc == CRC8_OK) 2330 return 0; /* Valid */ 2331 else 2332 return 1; /* Failed */ 2333 2334 } 2335 2336 /*-----------------------------------------------------------------------------------*/ 2337 uint8_t crc8_calc(uint8_t *data, uint16_t len) 2338 { 2339 /* Ones complement */ 2340 return 0xFF - crc8(data, len); 2341 } 2342 2343 2344 2345 2346