1 /******************************************************************************
2 *
3 * Copyright 2001-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * this file contains the main BNEP functions
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bluetooth"
26
27 #include <string.h>
28 #include "bt_target.h"
29
30 #include "bt_common.h"
31 #include "bt_types.h"
32
33 #include "l2c_api.h"
34 #include "l2cdefs.h"
35
36 #include "btm_api.h"
37
38 #include "bnep_api.h"
39 #include "bnep_int.h"
40
41 #include "bta/include/bta_api.h"
42 #include "device/include/controller.h"
43 #include "osi/include/log.h"
44 #include "osi/include/osi.h"
45
46 /******************************************************************************/
47 /* G L O B A L B N E P D A T A */
48 /******************************************************************************/
49 tBNEP_CB bnep_cb;
50
51 const uint16_t bnep_frame_hdr_sizes[] = {14, 1, 2, 8, 8};
52
53 /******************************************************************************/
54 /* L O C A L F U N C T I O N P R O T O T Y P E S */
55 /******************************************************************************/
56 static void bnep_connect_ind(const RawAddress& bd_addr, uint16_t l2cap_cid,
57 uint16_t psm, uint8_t l2cap_id);
58 static void bnep_connect_cfm(uint16_t l2cap_cid, uint16_t result);
59 static void bnep_config_cfm(uint16_t l2cap_cid, uint16_t result,
60 tL2CAP_CFG_INFO* p_cfg);
61 static void bnep_disconnect_ind(uint16_t l2cap_cid, bool ack_needed);
62 static void bnep_data_ind(uint16_t l2cap_cid, BT_HDR* p_msg);
63 static void bnep_congestion_ind(uint16_t lcid, bool is_congested);
64 static void bnep_on_l2cap_error(uint16_t l2cap_cid, uint16_t result);
65 /*******************************************************************************
66 *
67 * Function bnep_register_with_l2cap
68 *
69 * Description This function registers BNEP PSM with L2CAP
70 *
71 * Returns void
72 *
73 ******************************************************************************/
bnep_register_with_l2cap(void)74 tBNEP_RESULT bnep_register_with_l2cap(void) {
75 /* Initialize the L2CAP configuration. We only care about MTU and flush */
76 memset(&bnep_cb.l2cap_my_cfg, 0, sizeof(tL2CAP_CFG_INFO));
77
78 bnep_cb.l2cap_my_cfg.mtu_present = true;
79 bnep_cb.l2cap_my_cfg.mtu = BNEP_MTU_SIZE;
80
81 bnep_cb.reg_info.pL2CA_ConnectInd_Cb = bnep_connect_ind;
82 bnep_cb.reg_info.pL2CA_ConnectCfm_Cb = bnep_connect_cfm;
83 bnep_cb.reg_info.pL2CA_ConfigInd_Cb = nullptr;
84 bnep_cb.reg_info.pL2CA_ConfigCfm_Cb = bnep_config_cfm;
85 bnep_cb.reg_info.pL2CA_DisconnectInd_Cb = bnep_disconnect_ind;
86 bnep_cb.reg_info.pL2CA_DataInd_Cb = bnep_data_ind;
87 bnep_cb.reg_info.pL2CA_CongestionStatus_Cb = bnep_congestion_ind;
88 bnep_cb.reg_info.pL2CA_Error_Cb = bnep_on_l2cap_error;
89
90 /* Now, register with L2CAP */
91 if (!L2CA_Register2(BT_PSM_BNEP, bnep_cb.reg_info, false /* enable_snoop */,
92 nullptr, BNEP_MTU_SIZE, BNEP_MTU_SIZE,
93 BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT)) {
94 BNEP_TRACE_ERROR("BNEP - Registration failed");
95 return BNEP_SECURITY_FAIL;
96 }
97
98 return BNEP_SUCCESS;
99 }
100
101 /*******************************************************************************
102 *
103 * Function bnep_connect_ind
104 *
105 * Description This function handles an inbound connection indication
106 * from L2CAP. This is the case where we are acting as a
107 * server.
108 *
109 * Returns void
110 *
111 ******************************************************************************/
bnep_connect_ind(const RawAddress & bd_addr,uint16_t l2cap_cid,UNUSED_ATTR uint16_t psm,uint8_t l2cap_id)112 static void bnep_connect_ind(const RawAddress& bd_addr, uint16_t l2cap_cid,
113 UNUSED_ATTR uint16_t psm, uint8_t l2cap_id) {
114 tBNEP_CONN* p_bcb = bnepu_find_bcb_by_bd_addr(bd_addr);
115
116 /* If we are not acting as server, or already have a connection, or have */
117 /* no more resources to handle the connection, reject the connection. */
118 if (!(bnep_cb.profile_registered) || (p_bcb) ||
119 ((p_bcb = bnepu_allocate_bcb(bd_addr)) == NULL)) {
120 L2CA_DisconnectReq(l2cap_cid);
121 return;
122 }
123
124 /* Transition to the next appropriate state, waiting for config setup. */
125 p_bcb->con_state = BNEP_STATE_CFG_SETUP;
126
127 /* Save the L2CAP Channel ID. */
128 p_bcb->l2cap_cid = l2cap_cid;
129
130 /* Start timer waiting for config setup */
131 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_CONN_TIMEOUT_MS,
132 bnep_conn_timer_timeout, p_bcb);
133
134 BNEP_TRACE_EVENT("BNEP - Rcvd L2CAP conn ind, CID: 0x%x", p_bcb->l2cap_cid);
135 }
136
bnep_on_l2cap_error(uint16_t l2cap_cid,uint16_t result)137 static void bnep_on_l2cap_error(uint16_t l2cap_cid, uint16_t result) {
138 tBNEP_CONN* p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
139 if (p_bcb == nullptr) return;
140
141 /* Tell the upper layer, if there is a callback */
142 if ((p_bcb->con_flags & BNEP_FLAGS_IS_ORIG) && (bnep_cb.p_conn_state_cb)) {
143 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda, BNEP_CONN_FAILED,
144 false);
145 }
146
147 L2CA_DisconnectReq(p_bcb->l2cap_cid);
148
149 bnepu_release_bcb(p_bcb);
150 }
151
152 /*******************************************************************************
153 *
154 * Function bnep_connect_cfm
155 *
156 * Description This function handles the connect confirm events
157 * from L2CAP. This is the case when we are acting as a
158 * client and have sent a connect request.
159 *
160 * Returns void
161 *
162 ******************************************************************************/
bnep_connect_cfm(uint16_t l2cap_cid,uint16_t result)163 static void bnep_connect_cfm(uint16_t l2cap_cid, uint16_t result) {
164 tBNEP_CONN* p_bcb;
165
166 /* Find CCB based on CID */
167 p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
168 if (p_bcb == NULL) {
169 BNEP_TRACE_WARNING("BNEP - Rcvd conn cnf for unknown CID 0x%x", l2cap_cid);
170 return;
171 }
172
173 /* If the connection response contains success status, then */
174 /* Transition to the next state and startup the timer. */
175 if ((result == L2CAP_CONN_OK) &&
176 (p_bcb->con_state == BNEP_STATE_CONN_START)) {
177 p_bcb->con_state = BNEP_STATE_CFG_SETUP;
178
179 /* Start timer waiting for config results */
180 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_CONN_TIMEOUT_MS,
181 bnep_conn_timer_timeout, p_bcb);
182
183 BNEP_TRACE_EVENT("BNEP - got conn cnf, sent cfg req, CID: 0x%x",
184 p_bcb->l2cap_cid);
185 } else {
186 LOG(ERROR) << __func__ << ": invoked with non OK status";
187 }
188 }
189
190 /*******************************************************************************
191 *
192 * Function bnep_config_cfm
193 *
194 * Description This function processes the L2CAP configuration confirmation
195 * event.
196 *
197 * Returns void
198 *
199 ******************************************************************************/
bnep_config_cfm(uint16_t l2cap_cid,uint16_t initiator,tL2CAP_CFG_INFO * p_cfg)200 static void bnep_config_cfm(uint16_t l2cap_cid, uint16_t initiator,
201 tL2CAP_CFG_INFO* p_cfg) {
202 tBNEP_CONN* p_bcb;
203
204 BNEP_TRACE_EVENT("BNEP - Rcvd cfg cfm, CID: 0x%x", l2cap_cid);
205
206 /* Find CCB based on CID */
207 p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
208 if (p_bcb == NULL) {
209 BNEP_TRACE_WARNING("BNEP - Rcvd L2CAP cfg ind, unknown CID: 0x%x",
210 l2cap_cid);
211 return;
212 }
213
214 /* For now, always accept configuration from the other side */
215 p_bcb->con_state = BNEP_STATE_SEC_CHECKING;
216
217 /* Start timer waiting for setup or response */
218 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_HOST_TIMEOUT_MS,
219 bnep_conn_timer_timeout, p_bcb);
220
221 if (p_bcb->con_flags & BNEP_FLAGS_IS_ORIG) {
222 bnep_sec_check_complete(&p_bcb->rem_bda, BT_TRANSPORT_BR_EDR, p_bcb);
223 }
224 }
225
226 /*******************************************************************************
227 *
228 * Function bnep_disconnect_ind
229 *
230 * Description This function handles a disconnect event from L2CAP. If
231 * requested to, we ack the disconnect before dropping the CCB
232 *
233 * Returns void
234 *
235 ******************************************************************************/
bnep_disconnect_ind(uint16_t l2cap_cid,bool ack_needed)236 static void bnep_disconnect_ind(uint16_t l2cap_cid, bool ack_needed) {
237 tBNEP_CONN* p_bcb;
238
239 /* Find CCB based on CID */
240 p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
241 if (p_bcb == NULL) {
242 BNEP_TRACE_WARNING("BNEP - Rcvd L2CAP disc, unknown CID: 0x%x", l2cap_cid);
243 return;
244 }
245
246 BNEP_TRACE_EVENT("BNEP - Rcvd L2CAP disc, CID: 0x%x", l2cap_cid);
247
248 /* Tell the user if there is a callback */
249 if (p_bcb->con_state == BNEP_STATE_CONNECTED) {
250 if (bnep_cb.p_conn_state_cb)
251 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
252 BNEP_CONN_DISCONNECTED, false);
253 } else {
254 if ((bnep_cb.p_conn_state_cb) &&
255 ((p_bcb->con_flags & BNEP_FLAGS_IS_ORIG) ||
256 (p_bcb->con_flags & BNEP_FLAGS_CONN_COMPLETED)))
257 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
258 BNEP_CONN_FAILED, false);
259 }
260
261 bnepu_release_bcb(p_bcb);
262 }
263
264 /*******************************************************************************
265 *
266 * Function bnep_congestion_ind
267 *
268 * Description This is a callback function called by L2CAP when
269 * congestion status changes
270 *
271 ******************************************************************************/
bnep_congestion_ind(uint16_t l2cap_cid,bool is_congested)272 static void bnep_congestion_ind(uint16_t l2cap_cid, bool is_congested) {
273 tBNEP_CONN* p_bcb;
274
275 /* Find BCB based on CID */
276 p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
277 if (p_bcb == NULL) {
278 BNEP_TRACE_WARNING("BNEP - Rcvd L2CAP cong, unknown CID: 0x%x", l2cap_cid);
279 return;
280 }
281
282 if (is_congested) {
283 p_bcb->con_flags |= BNEP_FLAGS_L2CAP_CONGESTED;
284 if (bnep_cb.p_tx_data_flow_cb) {
285 bnep_cb.p_tx_data_flow_cb(p_bcb->handle, BNEP_TX_FLOW_OFF);
286 }
287 } else {
288 p_bcb->con_flags &= ~BNEP_FLAGS_L2CAP_CONGESTED;
289
290 if (bnep_cb.p_tx_data_flow_cb) {
291 bnep_cb.p_tx_data_flow_cb(p_bcb->handle, BNEP_TX_FLOW_ON);
292 }
293
294 /* While not congested, send as many buffers as we can */
295 while (!(p_bcb->con_flags & BNEP_FLAGS_L2CAP_CONGESTED)) {
296 BT_HDR* p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_bcb->xmit_q);
297
298 if (!p_buf) break;
299
300 L2CA_DataWrite(l2cap_cid, p_buf);
301 }
302 }
303 }
304
305 /*******************************************************************************
306 *
307 * Function bnep_data_ind
308 *
309 * Description This function is called when data is received from L2CAP.
310 * if we are the originator of the connection, we are the SDP
311 * client, and the received message is queued for the client.
312 *
313 * If we are the destination of the connection, we are the SDP
314 * server, so the message is passed to the server processing
315 * function.
316 *
317 * Returns void
318 *
319 ******************************************************************************/
bnep_data_ind(uint16_t l2cap_cid,BT_HDR * p_buf)320 static void bnep_data_ind(uint16_t l2cap_cid, BT_HDR* p_buf) {
321 tBNEP_CONN* p_bcb;
322 uint8_t* p = (uint8_t*)(p_buf + 1) + p_buf->offset;
323 uint16_t rem_len = p_buf->len;
324 if (rem_len == 0) {
325 android_errorWriteLog(0x534e4554, "78286118");
326 osi_free(p_buf);
327 return;
328 }
329 uint8_t type, ctrl_type, ext_type = 0;
330 bool extension_present, fw_ext_present;
331 uint16_t protocol = 0;
332
333 /* Find CCB based on CID */
334 p_bcb = bnepu_find_bcb_by_cid(l2cap_cid);
335 if (p_bcb == NULL) {
336 BNEP_TRACE_WARNING("BNEP - Rcvd L2CAP data, unknown CID: 0x%x", l2cap_cid);
337 osi_free(p_buf);
338 return;
339 }
340
341 /* Get the type and extension bits */
342 type = *p++;
343 extension_present = type >> 7;
344 type &= 0x7f;
345 if (type >= sizeof(bnep_frame_hdr_sizes) / sizeof(bnep_frame_hdr_sizes[0])) {
346 BNEP_TRACE_EVENT("BNEP - rcvd frame, bad type: 0x%02x", type);
347 android_errorWriteLog(0x534e4554, "68818034");
348 osi_free(p_buf);
349 return;
350 }
351 if ((rem_len <= bnep_frame_hdr_sizes[type]) || (rem_len > BNEP_MTU_SIZE)) {
352 BNEP_TRACE_EVENT("BNEP - rcvd frame, bad len: %d type: 0x%02x", p_buf->len,
353 type);
354 osi_free(p_buf);
355 return;
356 }
357
358 rem_len--;
359
360 if ((p_bcb->con_state != BNEP_STATE_CONNECTED) &&
361 (!(p_bcb->con_flags & BNEP_FLAGS_CONN_COMPLETED)) &&
362 (type != BNEP_FRAME_CONTROL)) {
363 BNEP_TRACE_WARNING(
364 "BNEP - Ignored L2CAP data while in state: %d, CID: 0x%x",
365 p_bcb->con_state, l2cap_cid);
366
367 if (extension_present) {
368 /*
369 ** When there is no connection if a data packet is received
370 ** with unknown control extension headers then those should be processed
371 ** according to complain/ignore law
372 */
373 uint8_t ext, length;
374 uint16_t org_len, new_len;
375 /* parse the extension headers and process unknown control headers */
376 org_len = rem_len;
377 do {
378 if (org_len < 2) {
379 android_errorWriteLog(0x534e4554, "67863755");
380 break;
381 }
382 ext = *p++;
383 length = *p++;
384
385 new_len = (length + 2);
386 if (new_len > org_len) {
387 android_errorWriteLog(0x534e4554, "67863755");
388 break;
389 }
390
391 if ((ext & 0x7F) == BNEP_EXTENSION_FILTER_CONTROL) {
392 if (length == 0) {
393 android_errorWriteLog(0x534e4554, "79164722");
394 break;
395 }
396 if (*p > BNEP_FILTER_MULTI_ADDR_RESPONSE_MSG) {
397 bnep_send_command_not_understood(p_bcb, *p);
398 }
399 }
400
401 p += length;
402
403 org_len -= new_len;
404 } while (ext & 0x80);
405 }
406 osi_free(p_buf);
407 return;
408 }
409
410 if (type > BNEP_FRAME_COMPRESSED_ETHERNET_DEST_ONLY) {
411 BNEP_TRACE_EVENT("BNEP - rcvd frame, unknown type: 0x%02x", type);
412 osi_free(p_buf);
413 return;
414 }
415
416 BNEP_TRACE_DEBUG("BNEP - rcv frame, type: %d len: %d Ext: %d", type,
417 p_buf->len, extension_present);
418
419 /* Initialize addresses to 'not supplied' */
420 const RawAddress *p_src_addr, *p_dst_addr;
421 p_src_addr = p_dst_addr = NULL;
422
423 switch (type) {
424 case BNEP_FRAME_GENERAL_ETHERNET:
425 p_dst_addr = (RawAddress*)p;
426 p += BD_ADDR_LEN;
427 p_src_addr = (RawAddress*)p;
428 p += BD_ADDR_LEN;
429 BE_STREAM_TO_UINT16(protocol, p);
430 rem_len -= 14;
431 break;
432
433 case BNEP_FRAME_CONTROL:
434 ctrl_type = *p;
435 p = bnep_process_control_packet(p_bcb, p, &rem_len, false);
436
437 if (ctrl_type == BNEP_SETUP_CONNECTION_REQUEST_MSG &&
438 p_bcb->con_state != BNEP_STATE_CONNECTED && extension_present && p &&
439 rem_len) {
440 osi_free(p_bcb->p_pending_data);
441 p_bcb->p_pending_data = (BT_HDR*)osi_malloc(rem_len + sizeof(BT_HDR));
442 memcpy((uint8_t*)(p_bcb->p_pending_data + 1), p, rem_len);
443 p_bcb->p_pending_data->len = rem_len;
444 p_bcb->p_pending_data->offset = 0;
445 } else {
446 while (extension_present && p && rem_len) {
447 ext_type = *p++;
448 rem_len--;
449 extension_present = ext_type >> 7;
450 ext_type &= 0x7F;
451
452 /* if unknown extension present stop processing */
453 if (ext_type != BNEP_EXTENSION_FILTER_CONTROL) break;
454
455 android_errorWriteLog(0x534e4554, "69271284");
456 p = bnep_process_control_packet(p_bcb, p, &rem_len, true);
457 }
458 }
459 osi_free(p_buf);
460 return;
461
462 case BNEP_FRAME_COMPRESSED_ETHERNET:
463 BE_STREAM_TO_UINT16(protocol, p);
464 rem_len -= 2;
465 break;
466
467 case BNEP_FRAME_COMPRESSED_ETHERNET_SRC_ONLY:
468 p_src_addr = (RawAddress*)p;
469 p += BD_ADDR_LEN;
470 BE_STREAM_TO_UINT16(protocol, p);
471 rem_len -= 8;
472 break;
473
474 case BNEP_FRAME_COMPRESSED_ETHERNET_DEST_ONLY:
475 p_dst_addr = (RawAddress*)p;
476 p += BD_ADDR_LEN;
477 BE_STREAM_TO_UINT16(protocol, p);
478 rem_len -= 8;
479 break;
480 }
481
482 /* Process the header extension if there is one */
483 while (extension_present && p && rem_len) {
484 ext_type = *p;
485 extension_present = ext_type >> 7;
486 ext_type &= 0x7F;
487
488 /* if unknown extension present stop processing */
489 if (ext_type) {
490 BNEP_TRACE_EVENT("Data extension type 0x%x found", ext_type);
491 break;
492 }
493
494 p++;
495 rem_len--;
496 p = bnep_process_control_packet(p_bcb, p, &rem_len, true);
497 }
498
499 p_buf->offset += p_buf->len - rem_len;
500 p_buf->len = rem_len;
501
502 /* Always give the upper layer MAC addresses */
503 if (!p_src_addr) p_src_addr = &p_bcb->rem_bda;
504
505 if (!p_dst_addr) p_dst_addr = controller_get_interface()->get_address();
506
507 /* check whether there are any extensions to be forwarded */
508 if (ext_type)
509 fw_ext_present = true;
510 else
511 fw_ext_present = false;
512
513 if (bnep_cb.p_data_buf_cb) {
514 (*bnep_cb.p_data_buf_cb)(p_bcb->handle, *p_src_addr, *p_dst_addr, protocol,
515 p_buf, fw_ext_present);
516 } else if (bnep_cb.p_data_ind_cb) {
517 (*bnep_cb.p_data_ind_cb)(p_bcb->handle, *p_src_addr, *p_dst_addr, protocol,
518 p, rem_len, fw_ext_present);
519 osi_free(p_buf);
520 }
521 }
522
523 /*******************************************************************************
524 *
525 * Function bnep_conn_timer_timeout
526 *
527 * Description This function processes a timeout. If it is a startup
528 * timeout, we check for reading our BD address. If it
529 * is an L2CAP timeout, we send a disconnect req to L2CAP.
530 *
531 * Returns void
532 *
533 ******************************************************************************/
bnep_conn_timer_timeout(void * data)534 void bnep_conn_timer_timeout(void* data) {
535 tBNEP_CONN* p_bcb = (tBNEP_CONN*)data;
536
537 BNEP_TRACE_EVENT(
538 "BNEP - CCB timeout in state: %d CID: 0x%x flags %x, re_transmit %d",
539 p_bcb->con_state, p_bcb->l2cap_cid, p_bcb->con_flags,
540 p_bcb->re_transmits);
541
542 if (p_bcb->con_state == BNEP_STATE_CONN_SETUP) {
543 BNEP_TRACE_EVENT("BNEP - CCB timeout in state: %d CID: 0x%x",
544 p_bcb->con_state, p_bcb->l2cap_cid);
545
546 if (!(p_bcb->con_flags & BNEP_FLAGS_IS_ORIG)) {
547 L2CA_DisconnectReq(p_bcb->l2cap_cid);
548
549 bnepu_release_bcb(p_bcb);
550 return;
551 }
552
553 if (p_bcb->re_transmits++ != BNEP_MAX_RETRANSMITS) {
554 bnep_send_conn_req(p_bcb);
555 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_CONN_TIMEOUT_MS,
556 bnep_conn_timer_timeout, p_bcb);
557 } else {
558 L2CA_DisconnectReq(p_bcb->l2cap_cid);
559
560 if ((p_bcb->con_flags & BNEP_FLAGS_IS_ORIG) && (bnep_cb.p_conn_state_cb))
561 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
562 BNEP_CONN_FAILED, false);
563
564 bnepu_release_bcb(p_bcb);
565 return;
566 }
567 } else if (p_bcb->con_state != BNEP_STATE_CONNECTED) {
568 BNEP_TRACE_EVENT("BNEP - CCB timeout in state: %d CID: 0x%x",
569 p_bcb->con_state, p_bcb->l2cap_cid);
570
571 L2CA_DisconnectReq(p_bcb->l2cap_cid);
572
573 /* Tell the user if there is a callback */
574 if ((p_bcb->con_flags & BNEP_FLAGS_IS_ORIG) && (bnep_cb.p_conn_state_cb))
575 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
576 BNEP_CONN_FAILED, false);
577
578 bnepu_release_bcb(p_bcb);
579 } else if (p_bcb->con_flags & BNEP_FLAGS_FILTER_RESP_PEND) {
580 if (p_bcb->re_transmits++ != BNEP_MAX_RETRANSMITS) {
581 bnepu_send_peer_our_filters(p_bcb);
582 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_FILTER_SET_TIMEOUT_MS,
583 bnep_conn_timer_timeout, p_bcb);
584 } else {
585 L2CA_DisconnectReq(p_bcb->l2cap_cid);
586
587 /* Tell the user if there is a callback */
588 if (bnep_cb.p_conn_state_cb)
589 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
590 BNEP_SET_FILTER_FAIL, false);
591
592 bnepu_release_bcb(p_bcb);
593 return;
594 }
595 } else if (p_bcb->con_flags & BNEP_FLAGS_MULTI_RESP_PEND) {
596 if (p_bcb->re_transmits++ != BNEP_MAX_RETRANSMITS) {
597 bnepu_send_peer_our_multi_filters(p_bcb);
598 alarm_set_on_mloop(p_bcb->conn_timer, BNEP_FILTER_SET_TIMEOUT_MS,
599 bnep_conn_timer_timeout, p_bcb);
600 } else {
601 L2CA_DisconnectReq(p_bcb->l2cap_cid);
602
603 /* Tell the user if there is a callback */
604 if (bnep_cb.p_conn_state_cb)
605 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda,
606 BNEP_SET_FILTER_FAIL, false);
607
608 bnepu_release_bcb(p_bcb);
609 return;
610 }
611 }
612 }
613
614 /*******************************************************************************
615 *
616 * Function bnep_connected
617 *
618 * Description This function is called when a connection is established
619 * (after config).
620 *
621 * Returns void
622 *
623 ******************************************************************************/
bnep_connected(tBNEP_CONN * p_bcb)624 void bnep_connected(tBNEP_CONN* p_bcb) {
625 bool is_role_change;
626
627 if (p_bcb->con_flags & BNEP_FLAGS_CONN_COMPLETED)
628 is_role_change = true;
629 else
630 is_role_change = false;
631
632 p_bcb->con_state = BNEP_STATE_CONNECTED;
633 p_bcb->con_flags |= BNEP_FLAGS_CONN_COMPLETED;
634 p_bcb->con_flags &= (~BNEP_FLAGS_SETUP_RCVD);
635
636 /* Ensure timer is stopped */
637 alarm_cancel(p_bcb->conn_timer);
638 p_bcb->re_transmits = 0;
639
640 /* Tell the upper layer, if there is a callback */
641 if (bnep_cb.p_conn_state_cb)
642 (*bnep_cb.p_conn_state_cb)(p_bcb->handle, p_bcb->rem_bda, BNEP_SUCCESS,
643 is_role_change);
644 }
645