1 /*
2 *
3 * BlueZ - Bluetooth protocol stack for Linux
4 *
5 * Copyright (C) 2006-2007 Nokia Corporation
6 * Copyright (C) 2004-2009 Marcel Holtmann <marcel@holtmann.org>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
22 *
23 */
24
25 #ifdef HAVE_CONFIG_H
26 #include <config.h>
27 #endif
28
29 #include <stdio.h>
30 #include <stdint.h>
31 #include <errno.h>
32 #include <unistd.h>
33 #include <assert.h>
34 #include <signal.h>
35 #include <netinet/in.h>
36
37 #include <bluetooth/bluetooth.h>
38 #include <bluetooth/sdp.h>
39
40 #include <glib.h>
41 #include <dbus/dbus.h>
42
43 #include "logging.h"
44
45 #include "../src/adapter.h"
46 #include "../src/device.h"
47
48 #include "device.h"
49 #include "manager.h"
50 #include "control.h"
51 #include "avdtp.h"
52 #include "glib-helper.h"
53 #include "btio.h"
54 #include "sink.h"
55 #include "source.h"
56
57 #include <bluetooth/l2cap.h>
58
59 #define AVDTP_PSM 25
60
61 #define MAX_SEID 0x3E
62
63 #define AVDTP_DISCOVER 0x01
64 #define AVDTP_GET_CAPABILITIES 0x02
65 #define AVDTP_SET_CONFIGURATION 0x03
66 #define AVDTP_GET_CONFIGURATION 0x04
67 #define AVDTP_RECONFIGURE 0x05
68 #define AVDTP_OPEN 0x06
69 #define AVDTP_START 0x07
70 #define AVDTP_CLOSE 0x08
71 #define AVDTP_SUSPEND 0x09
72 #define AVDTP_ABORT 0x0A
73 #define AVDTP_SECURITY_CONTROL 0x0B
74
75 #define AVDTP_PKT_TYPE_SINGLE 0x00
76 #define AVDTP_PKT_TYPE_START 0x01
77 #define AVDTP_PKT_TYPE_CONTINUE 0x02
78 #define AVDTP_PKT_TYPE_END 0x03
79
80 #define AVDTP_MSG_TYPE_COMMAND 0x00
81 #define AVDTP_MSG_TYPE_ACCEPT 0x02
82 #define AVDTP_MSG_TYPE_REJECT 0x03
83
84 #define REQ_TIMEOUT 4
85 #define DISCONNECT_TIMEOUT 1
86 #define STREAM_TIMEOUT 20
87
88 #if __BYTE_ORDER == __LITTLE_ENDIAN
89
90 struct avdtp_common_header {
91 uint8_t message_type:2;
92 uint8_t packet_type:2;
93 uint8_t transaction:4;
94 } __attribute__ ((packed));
95
96 struct avdtp_single_header {
97 uint8_t message_type:2;
98 uint8_t packet_type:2;
99 uint8_t transaction:4;
100 uint8_t signal_id:6;
101 uint8_t rfa0:2;
102 } __attribute__ ((packed));
103
104 struct avdtp_start_header {
105 uint8_t message_type:2;
106 uint8_t packet_type:2;
107 uint8_t transaction:4;
108 uint8_t no_of_packets;
109 uint8_t signal_id:6;
110 uint8_t rfa0:2;
111 } __attribute__ ((packed));
112
113 struct avdtp_continue_header {
114 uint8_t message_type:2;
115 uint8_t packet_type:2;
116 uint8_t transaction:4;
117 } __attribute__ ((packed));
118
119 struct seid_info {
120 uint8_t rfa0:1;
121 uint8_t inuse:1;
122 uint8_t seid:6;
123 uint8_t rfa2:3;
124 uint8_t type:1;
125 uint8_t media_type:4;
126 } __attribute__ ((packed));
127
128 struct seid {
129 uint8_t rfa0:2;
130 uint8_t seid:6;
131 } __attribute__ ((packed));
132
133 #elif __BYTE_ORDER == __BIG_ENDIAN
134
135 struct avdtp_common_header {
136 uint8_t transaction:4;
137 uint8_t packet_type:2;
138 uint8_t message_type:2;
139 } __attribute__ ((packed));
140
141 struct avdtp_single_header {
142 uint8_t transaction:4;
143 uint8_t packet_type:2;
144 uint8_t message_type:2;
145 uint8_t rfa0:2;
146 uint8_t signal_id:6;
147 } __attribute__ ((packed));
148
149 struct avdtp_start_header {
150 uint8_t transaction:4;
151 uint8_t packet_type:2;
152 uint8_t message_type:2;
153 uint8_t no_of_packets;
154 uint8_t rfa0:2;
155 uint8_t signal_id:6;
156 } __attribute__ ((packed));
157
158 struct avdtp_continue_header {
159 uint8_t transaction:4;
160 uint8_t packet_type:2;
161 uint8_t message_type:2;
162 } __attribute__ ((packed));
163
164 struct seid_info {
165 uint8_t seid:6;
166 uint8_t inuse:1;
167 uint8_t rfa0:1;
168 uint8_t media_type:4;
169 uint8_t type:1;
170 uint8_t rfa2:3;
171 } __attribute__ ((packed));
172
173 struct seid {
174 uint8_t seid:6;
175 uint8_t rfa0:2;
176 } __attribute__ ((packed));
177
178 #else
179 #error "Unknown byte order"
180 #endif
181
182 /* packets */
183
184 struct discover_resp {
185 struct seid_info seps[0];
186 } __attribute__ ((packed));
187
188 struct getcap_resp {
189 uint8_t caps[0];
190 } __attribute__ ((packed));
191
192 struct start_req {
193 struct seid first_seid;
194 struct seid other_seids[0];
195 } __attribute__ ((packed));
196
197 struct suspend_req {
198 struct seid first_seid;
199 struct seid other_seids[0];
200 } __attribute__ ((packed));
201
202 struct seid_rej {
203 uint8_t error;
204 } __attribute__ ((packed));
205
206 struct conf_rej {
207 uint8_t category;
208 uint8_t error;
209 } __attribute__ ((packed));
210
211 #if __BYTE_ORDER == __LITTLE_ENDIAN
212
213 struct seid_req {
214 uint8_t rfa0:2;
215 uint8_t acp_seid:6;
216 } __attribute__ ((packed));
217
218 struct setconf_req {
219 uint8_t rfa0:2;
220 uint8_t acp_seid:6;
221 uint8_t rfa1:2;
222 uint8_t int_seid:6;
223
224 uint8_t caps[0];
225 } __attribute__ ((packed));
226
227 struct stream_rej {
228 uint8_t rfa0:2;
229 uint8_t acp_seid:6;
230 uint8_t error;
231 } __attribute__ ((packed));
232
233 struct reconf_req {
234 uint8_t rfa0:2;
235 uint8_t acp_seid:6;
236
237 uint8_t serv_cap;
238 uint8_t serv_cap_len;
239
240 uint8_t caps[0];
241 } __attribute__ ((packed));
242
243 #elif __BYTE_ORDER == __BIG_ENDIAN
244
245 struct seid_req {
246 uint8_t acp_seid:6;
247 uint8_t rfa0:2;
248 } __attribute__ ((packed));
249
250 struct setconf_req {
251 uint8_t acp_seid:6;
252 uint8_t rfa0:2;
253 uint8_t int_seid:6;
254 uint8_t rfa1:2;
255
256 uint8_t caps[0];
257 } __attribute__ ((packed));
258
259 struct stream_rej {
260 uint8_t acp_seid:6;
261 uint8_t rfa0:2;
262 uint8_t error;
263 } __attribute__ ((packed));
264
265 struct reconf_req {
266 uint8_t acp_seid:6;
267 uint8_t rfa0:2;
268
269 uint8_t serv_cap;
270 uint8_t serv_cap_len;
271
272 uint8_t caps[0];
273 } __attribute__ ((packed));
274
275 #else
276 #error "Unknown byte order"
277 #endif
278
279 struct in_buf {
280 gboolean active;
281 int no_of_packets;
282 uint8_t transaction;
283 uint8_t message_type;
284 uint8_t signal_id;
285 uint8_t buf[1024];
286 uint8_t data_size;
287 };
288
289 struct pending_req {
290 uint8_t transaction;
291 uint8_t signal_id;
292 void *data;
293 size_t data_size;
294 struct avdtp_stream *stream; /* Set if the request targeted a stream */
295 guint timeout;
296 };
297
298 struct avdtp_remote_sep {
299 uint8_t seid;
300 uint8_t type;
301 uint8_t media_type;
302 struct avdtp_service_capability *codec;
303 GSList *caps; /* of type struct avdtp_service_capability */
304 struct avdtp_stream *stream;
305 };
306
307 struct avdtp_server {
308 bdaddr_t src;
309 GIOChannel *io;
310 GSList *seps;
311 GSList *sessions;
312 };
313
314 struct avdtp_local_sep {
315 avdtp_state_t state;
316 struct avdtp_stream *stream;
317 struct seid_info info;
318 uint8_t codec;
319 GSList *caps;
320 struct avdtp_sep_ind *ind;
321 struct avdtp_sep_cfm *cfm;
322 void *user_data;
323 struct avdtp_server *server;
324 };
325
326 struct stream_callback {
327 avdtp_stream_state_cb cb;
328 void *user_data;
329 unsigned int id;
330 };
331
332 struct avdtp_state_callback {
333 avdtp_session_state_cb cb;
334 void *user_data;
335 unsigned int id;
336 };
337
338 struct avdtp_stream {
339 GIOChannel *io;
340 uint16_t imtu;
341 uint16_t omtu;
342 struct avdtp *session;
343 struct avdtp_local_sep *lsep;
344 uint8_t rseid;
345 GSList *caps;
346 GSList *callbacks;
347 struct avdtp_service_capability *codec;
348 guint io_id; /* Transport GSource ID */
349 guint timer; /* Waiting for other side to close or open
350 * the transport channel */
351 gboolean open_acp; /* If we are in ACT role for Open */
352 gboolean close_int; /* If we are in INT role for Close */
353 gboolean abort_int; /* If we are in INT role for Abort */
354 guint idle_timer;
355 };
356
357 /* Structure describing an AVDTP connection between two devices */
358
359 struct avdtp {
360 int ref;
361 int free_lock;
362
363 struct avdtp_server *server;
364 bdaddr_t dst;
365
366 avdtp_session_state_t state;
367
368 /* True if the session should be automatically disconnected */
369 gboolean auto_dc;
370
371 GIOChannel *io;
372 guint io_id;
373
374 GSList *seps; /* Elements of type struct avdtp_remote_sep * */
375
376 GSList *streams; /* Elements of type struct avdtp_stream * */
377
378 GSList *req_queue; /* Elements of type struct pending_req * */
379 GSList *prio_queue; /* Same as req_queue but is processed before it */
380
381 struct avdtp_stream *pending_open;
382
383 uint16_t imtu;
384 uint16_t omtu;
385
386 struct in_buf in;
387
388 char *buf;
389
390 avdtp_discover_cb_t discov_cb;
391 void *user_data;
392
393 struct pending_req *req;
394
395 guint dc_timer;
396
397 /* Attempt stream setup instead of disconnecting */
398 gboolean stream_setup;
399
400 DBusPendingCall *pending_auth;
401 };
402
403 static GSList *servers = NULL;
404
405 static GSList *avdtp_callbacks = NULL;
406
407 static gboolean auto_connect = TRUE;
408
409 static int send_request(struct avdtp *session, gboolean priority,
410 struct avdtp_stream *stream, uint8_t signal_id,
411 void *buffer, size_t size);
412 static gboolean avdtp_parse_resp(struct avdtp *session,
413 struct avdtp_stream *stream,
414 uint8_t transaction, uint8_t signal_id,
415 void *buf, int size);
416 static gboolean avdtp_parse_rej(struct avdtp *session,
417 struct avdtp_stream *stream,
418 uint8_t transaction, uint8_t signal_id,
419 void *buf, int size);
420 static int process_queue(struct avdtp *session);
421 static void connection_lost(struct avdtp *session, int err);
422 static void avdtp_sep_set_state(struct avdtp *session,
423 struct avdtp_local_sep *sep,
424 avdtp_state_t state);
425
find_server(GSList * list,const bdaddr_t * src)426 static struct avdtp_server *find_server(GSList *list, const bdaddr_t *src)
427 {
428 GSList *l;
429
430 for (l = list; l; l = l->next) {
431 struct avdtp_server *server = l->data;
432
433 if (bacmp(&server->src, src) == 0)
434 return server;
435 }
436
437 return NULL;
438 }
439
avdtp_statestr(avdtp_state_t state)440 static const char *avdtp_statestr(avdtp_state_t state)
441 {
442 switch (state) {
443 case AVDTP_STATE_IDLE:
444 return "IDLE";
445 case AVDTP_STATE_CONFIGURED:
446 return "CONFIGURED";
447 case AVDTP_STATE_OPEN:
448 return "OPEN";
449 case AVDTP_STATE_STREAMING:
450 return "STREAMING";
451 case AVDTP_STATE_CLOSING:
452 return "CLOSING";
453 case AVDTP_STATE_ABORTING:
454 return "ABORTING";
455 default:
456 return "<unknown state>";
457 }
458 }
459
try_send(int sk,void * data,size_t len)460 static gboolean try_send(int sk, void *data, size_t len)
461 {
462 int err;
463
464 do {
465 err = send(sk, data, len, 0);
466 } while (err < 0 && errno == EINTR);
467
468 if (err < 0) {
469 error("send: %s (%d)", strerror(errno), errno);
470 return FALSE;
471 } else if ((size_t) err != len) {
472 error("try_send: complete buffer not sent (%d/%zu bytes)",
473 err, len);
474 return FALSE;
475 }
476
477 return TRUE;
478 }
479
avdtp_send(struct avdtp * session,uint8_t transaction,uint8_t message_type,uint8_t signal_id,void * data,size_t len)480 static gboolean avdtp_send(struct avdtp *session, uint8_t transaction,
481 uint8_t message_type, uint8_t signal_id,
482 void *data, size_t len)
483 {
484 unsigned int cont_fragments, sent;
485 struct avdtp_start_header start;
486 struct avdtp_continue_header cont;
487 int sock;
488
489 if (session->io == NULL) {
490 error("avdtp_send: session is closed");
491 return FALSE;
492 }
493
494 sock = g_io_channel_unix_get_fd(session->io);
495
496 /* Single packet - no fragmentation */
497 if (sizeof(struct avdtp_single_header) + len <= session->omtu) {
498 struct avdtp_single_header single;
499
500 memset(&single, 0, sizeof(single));
501
502 single.transaction = transaction;
503 single.packet_type = AVDTP_PKT_TYPE_SINGLE;
504 single.message_type = message_type;
505 single.signal_id = signal_id;
506
507 memcpy(session->buf, &single, sizeof(single));
508 memcpy(session->buf + sizeof(single), data, len);
509
510 return try_send(sock, session->buf, sizeof(single) + len);
511 }
512
513 /* Count the number of needed fragments */
514 cont_fragments = (len - (session->omtu - sizeof(start))) /
515 (session->omtu - sizeof(cont)) + 1;
516
517 debug("avdtp_send: %zu bytes split into %d fragments", len,
518 cont_fragments + 1);
519
520 /* Send the start packet */
521 memset(&start, 0, sizeof(start));
522 start.transaction = transaction;
523 start.packet_type = AVDTP_PKT_TYPE_START;
524 start.message_type = message_type;
525 start.no_of_packets = cont_fragments + 1;
526 start.signal_id = signal_id;
527
528 memcpy(session->buf, &start, sizeof(start));
529 memcpy(session->buf + sizeof(start), data,
530 session->omtu - sizeof(start));
531
532 if (!try_send(sock, session->buf, session->omtu))
533 return FALSE;
534
535 debug("avdtp_send: first packet with %zu bytes sent",
536 session->omtu - sizeof(start));
537
538 sent = session->omtu - sizeof(start);
539
540 /* Send the continue fragments and the end packet */
541 while (sent < len) {
542 int left, to_copy;
543
544 left = len - sent;
545 if (left + sizeof(cont) > session->omtu) {
546 cont.packet_type = AVDTP_PKT_TYPE_CONTINUE;
547 to_copy = session->omtu - sizeof(cont);
548 debug("avdtp_send: sending continue with %d bytes",
549 to_copy);
550 } else {
551 cont.packet_type = AVDTP_PKT_TYPE_END;
552 to_copy = left;
553 debug("avdtp_send: sending end with %d bytes",
554 to_copy);
555 }
556
557 cont.transaction = transaction;
558 cont.message_type = message_type;
559
560 memcpy(session->buf, &cont, sizeof(cont));
561 memcpy(session->buf + sizeof(cont), data + sent, to_copy);
562
563 if (!try_send(sock, session->buf, to_copy + sizeof(cont)))
564 return FALSE;
565
566 sent += to_copy;
567 }
568
569 return TRUE;
570 }
571
pending_req_free(struct pending_req * req)572 static void pending_req_free(struct pending_req *req)
573 {
574 if (req->timeout)
575 g_source_remove(req->timeout);
576 g_free(req->data);
577 g_free(req);
578 }
579
close_stream(struct avdtp_stream * stream)580 static void close_stream(struct avdtp_stream *stream)
581 {
582 int sock;
583
584 if (stream->io == NULL)
585 return;
586
587 sock = g_io_channel_unix_get_fd(stream->io);
588
589 shutdown(sock, SHUT_RDWR);
590
591 g_io_channel_shutdown(stream->io, FALSE, NULL);
592
593 g_io_channel_unref(stream->io);
594 stream->io = NULL;
595 }
596
stream_close_timeout(gpointer user_data)597 static gboolean stream_close_timeout(gpointer user_data)
598 {
599 struct avdtp_stream *stream = user_data;
600
601 debug("Timed out waiting for peer to close the transport channel");
602
603 stream->timer = 0;
604
605 close_stream(stream);
606
607 return FALSE;
608 }
609
stream_open_timeout(gpointer user_data)610 static gboolean stream_open_timeout(gpointer user_data)
611 {
612 struct avdtp_stream *stream = user_data;
613
614 debug("Timed out waiting for peer to open the transport channel");
615
616 stream->timer = 0;
617
618 stream->session->pending_open = NULL;
619
620 avdtp_abort(stream->session, stream);
621
622 return FALSE;
623 }
624
disconnect_timeout(gpointer user_data)625 static gboolean disconnect_timeout(gpointer user_data)
626 {
627 struct avdtp *session = user_data;
628 struct audio_device *dev;
629 gboolean stream_setup;
630
631 session->dc_timer = 0;
632 stream_setup = session->stream_setup;
633 session->stream_setup = FALSE;
634
635 dev = manager_get_device(&session->server->src, &session->dst, FALSE);
636
637 if (dev && dev->sink && stream_setup)
638 sink_setup_stream(dev->sink, session);
639 else if (dev && dev->source && stream_setup)
640 source_setup_stream(dev->source, session);
641 else
642 connection_lost(session, ETIMEDOUT);
643
644 return FALSE;
645 }
646
remove_disconnect_timer(struct avdtp * session)647 static void remove_disconnect_timer(struct avdtp *session)
648 {
649 g_source_remove(session->dc_timer);
650 session->dc_timer = 0;
651 session->stream_setup = FALSE;
652 }
653
set_disconnect_timer(struct avdtp * session)654 static void set_disconnect_timer(struct avdtp *session)
655 {
656 if (session->dc_timer)
657 remove_disconnect_timer(session);
658
659 session->dc_timer = g_timeout_add_seconds(DISCONNECT_TIMEOUT,
660 disconnect_timeout,
661 session);
662 }
663
avdtp_error_init(struct avdtp_error * err,uint8_t type,int id)664 void avdtp_error_init(struct avdtp_error *err, uint8_t type, int id)
665 {
666 err->type = type;
667 switch (type) {
668 case AVDTP_ERROR_ERRNO:
669 err->err.posix_errno = id;
670 break;
671 case AVDTP_ERROR_ERROR_CODE:
672 err->err.error_code = id;
673 break;
674 }
675 }
676
avdtp_error_type(struct avdtp_error * err)677 avdtp_error_type_t avdtp_error_type(struct avdtp_error *err)
678 {
679 return err->type;
680 }
681
avdtp_error_error_code(struct avdtp_error * err)682 int avdtp_error_error_code(struct avdtp_error *err)
683 {
684 assert(err->type == AVDTP_ERROR_ERROR_CODE);
685 return err->err.error_code;
686 }
687
avdtp_error_posix_errno(struct avdtp_error * err)688 int avdtp_error_posix_errno(struct avdtp_error *err)
689 {
690 assert(err->type == AVDTP_ERROR_ERRNO);
691 return err->err.posix_errno;
692 }
693
find_stream_by_rseid(struct avdtp * session,uint8_t rseid)694 static struct avdtp_stream *find_stream_by_rseid(struct avdtp *session,
695 uint8_t rseid)
696 {
697 GSList *l;
698
699 for (l = session->streams; l != NULL; l = g_slist_next(l)) {
700 struct avdtp_stream *stream = l->data;
701
702 if (stream->rseid == rseid)
703 return stream;
704 }
705
706 return NULL;
707 }
708
find_remote_sep(GSList * seps,uint8_t seid)709 static struct avdtp_remote_sep *find_remote_sep(GSList *seps, uint8_t seid)
710 {
711 GSList *l;
712
713 for (l = seps; l != NULL; l = g_slist_next(l)) {
714 struct avdtp_remote_sep *sep = l->data;
715
716 if (sep->seid == seid)
717 return sep;
718 }
719
720 return NULL;
721 }
722
avdtp_set_state(struct avdtp * session,avdtp_session_state_t new_state)723 static void avdtp_set_state(struct avdtp *session,
724 avdtp_session_state_t new_state)
725 {
726 GSList *l;
727 struct audio_device *dev;
728 bdaddr_t src, dst;
729 avdtp_session_state_t old_state = session->state;
730
731 session->state = new_state;
732
733 avdtp_get_peers(session, &src, &dst);
734 dev = manager_get_device(&src, &dst, FALSE);
735 if (dev == NULL) {
736 error("avdtp_set_state(): no matching audio device");
737 return;
738 }
739
740 for (l = avdtp_callbacks; l != NULL; l = l->next) {
741 struct avdtp_state_callback *cb = l->data;
742 cb->cb(dev, session, old_state, new_state, cb->user_data);
743 }
744 }
745
stream_free(struct avdtp_stream * stream)746 static void stream_free(struct avdtp_stream *stream)
747 {
748 struct avdtp_remote_sep *rsep;
749
750 stream->lsep->info.inuse = 0;
751 stream->lsep->stream = NULL;
752
753 rsep = find_remote_sep(stream->session->seps, stream->rseid);
754 if (rsep)
755 rsep->stream = NULL;
756
757 if (stream->timer)
758 g_source_remove(stream->timer);
759
760 if (stream->io)
761 g_io_channel_unref(stream->io);
762
763 if (stream->io_id)
764 g_source_remove(stream->io_id);
765
766 g_slist_foreach(stream->callbacks, (GFunc) g_free, NULL);
767 g_slist_free(stream->callbacks);
768
769 g_slist_foreach(stream->caps, (GFunc) g_free, NULL);
770 g_slist_free(stream->caps);
771
772 g_free(stream);
773 }
774
stream_timeout(gpointer user_data)775 static gboolean stream_timeout(gpointer user_data)
776 {
777 struct avdtp_stream *stream = user_data;
778 struct avdtp *session = stream->session;
779
780 avdtp_close(session, stream);
781
782 stream->idle_timer = 0;
783
784 return FALSE;
785 }
786
transport_cb(GIOChannel * chan,GIOCondition cond,gpointer data)787 static gboolean transport_cb(GIOChannel *chan, GIOCondition cond,
788 gpointer data)
789 {
790 struct avdtp_stream *stream = data;
791 struct avdtp_local_sep *sep = stream->lsep;
792
793 if (stream->close_int && sep->cfm && sep->cfm->close)
794 sep->cfm->close(stream->session, sep, stream, NULL,
795 sep->user_data);
796
797 if (!(cond & G_IO_NVAL))
798 close_stream(stream);
799
800 stream->io_id = 0;
801
802 if (!stream->abort_int)
803 avdtp_sep_set_state(stream->session, sep, AVDTP_STATE_IDLE);
804
805 return FALSE;
806 }
807
handle_transport_connect(struct avdtp * session,GIOChannel * io,uint16_t imtu,uint16_t omtu)808 static void handle_transport_connect(struct avdtp *session, GIOChannel *io,
809 uint16_t imtu, uint16_t omtu)
810 {
811 struct avdtp_stream *stream = session->pending_open;
812 struct avdtp_local_sep *sep = stream->lsep;
813
814 session->pending_open = NULL;
815
816 if (stream->timer) {
817 g_source_remove(stream->timer);
818 stream->timer = 0;
819 }
820
821 if (io == NULL) {
822 if (!stream->open_acp && sep->cfm && sep->cfm->open) {
823 struct avdtp_error err;
824 avdtp_error_init(&err, AVDTP_ERROR_ERRNO, EIO);
825 sep->cfm->open(session, sep, NULL, &err,
826 sep->user_data);
827 }
828 return;
829 }
830
831 stream->io = g_io_channel_ref(io);
832 stream->omtu = omtu;
833 stream->imtu = imtu;
834
835 if (!stream->open_acp && sep->cfm && sep->cfm->open)
836 sep->cfm->open(session, sep, stream, NULL, sep->user_data);
837
838 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
839
840 stream->io_id = g_io_add_watch(io, G_IO_ERR | G_IO_HUP | G_IO_NVAL,
841 (GIOFunc) transport_cb, stream);
842 }
843
pending_req_cmp(gconstpointer a,gconstpointer b)844 static int pending_req_cmp(gconstpointer a, gconstpointer b)
845 {
846 const struct pending_req *req = a;
847 const struct avdtp_stream *stream = b;
848
849 if (req->stream == stream)
850 return 0;
851
852 return -1;
853 }
854
cleanup_queue(struct avdtp * session,struct avdtp_stream * stream)855 static void cleanup_queue(struct avdtp *session, struct avdtp_stream *stream)
856 {
857 GSList *l;
858 struct pending_req *req;
859
860 while ((l = g_slist_find_custom(session->prio_queue, stream,
861 pending_req_cmp))) {
862 req = l->data;
863 pending_req_free(req);
864 session->prio_queue = g_slist_remove(session->prio_queue, req);
865 }
866
867 while ((l = g_slist_find_custom(session->req_queue, stream,
868 pending_req_cmp))) {
869 req = l->data;
870 pending_req_free(req);
871 session->req_queue = g_slist_remove(session->req_queue, req);
872 }
873 }
874
avdtp_sep_set_state(struct avdtp * session,struct avdtp_local_sep * sep,avdtp_state_t state)875 static void avdtp_sep_set_state(struct avdtp *session,
876 struct avdtp_local_sep *sep,
877 avdtp_state_t state)
878 {
879 struct avdtp_stream *stream = sep->stream;
880 avdtp_state_t old_state;
881 struct avdtp_error err, *err_ptr = NULL;
882 GSList *l;
883
884 if (!stream) {
885 error("Error changing sep state: stream not available");
886 return;
887 }
888
889 if (sep->state == state) {
890 avdtp_error_init(&err, AVDTP_ERROR_ERRNO, EIO);
891 debug("stream state change failed: %s", avdtp_strerror(&err));
892 err_ptr = &err;
893 } else {
894 err_ptr = NULL;
895 debug("stream state changed: %s -> %s",
896 avdtp_statestr(sep->state),
897 avdtp_statestr(state));
898 }
899
900 old_state = sep->state;
901 sep->state = state;
902
903 for (l = stream->callbacks; l != NULL; l = g_slist_next(l)) {
904 struct stream_callback *cb = l->data;
905 cb->cb(stream, old_state, state, err_ptr, cb->user_data);
906 }
907
908 switch (state) {
909 case AVDTP_STATE_OPEN:
910 if (old_state > AVDTP_STATE_OPEN && session->auto_dc)
911 stream->idle_timer = g_timeout_add_seconds(STREAM_TIMEOUT,
912 stream_timeout,
913 stream);
914 break;
915 case AVDTP_STATE_STREAMING:
916 case AVDTP_STATE_CLOSING:
917 case AVDTP_STATE_ABORTING:
918 if (stream->idle_timer) {
919 g_source_remove(stream->idle_timer);
920 stream->idle_timer = 0;
921 }
922 break;
923 case AVDTP_STATE_IDLE:
924 if (stream->idle_timer) {
925 g_source_remove(stream->idle_timer);
926 stream->idle_timer = 0;
927 }
928 session->streams = g_slist_remove(session->streams, stream);
929 if (session->pending_open == stream)
930 handle_transport_connect(session, NULL, 0, 0);
931 if (session->req && session->req->stream == stream)
932 session->req->stream = NULL;
933 /* Remove pending commands for this stream from the queue */
934 cleanup_queue(session, stream);
935 stream_free(stream);
936 if (session->ref == 1 && !session->streams)
937 set_disconnect_timer(session);
938 break;
939 default:
940 break;
941 }
942 }
943
finalize_discovery(struct avdtp * session,int err)944 static void finalize_discovery(struct avdtp *session, int err)
945 {
946 struct avdtp_error avdtp_err;
947
948 avdtp_error_init(&avdtp_err, AVDTP_ERROR_ERRNO, err);
949
950 if (!session->discov_cb)
951 return;
952
953 session->discov_cb(session, session->seps,
954 err ? &avdtp_err : NULL,
955 session->user_data);
956
957 session->discov_cb = NULL;
958 session->user_data = NULL;
959 }
960
release_stream(struct avdtp_stream * stream,struct avdtp * session)961 static void release_stream(struct avdtp_stream *stream, struct avdtp *session)
962 {
963 struct avdtp_local_sep *sep = stream->lsep;
964
965 if (sep->cfm && sep->cfm->abort &&
966 (sep->state != AVDTP_STATE_ABORTING ||
967 stream->abort_int))
968 sep->cfm->abort(session, sep, stream, NULL, sep->user_data);
969
970 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
971 }
972
connection_lost(struct avdtp * session,int err)973 static void connection_lost(struct avdtp *session, int err)
974 {
975 char address[18];
976
977 ba2str(&session->dst, address);
978 debug("Disconnected from %s", address);
979
980 if (session->state == AVDTP_SESSION_STATE_CONNECTING && err != EACCES)
981 btd_cancel_authorization(&session->server->src, &session->dst);
982
983 session->free_lock = 1;
984
985 finalize_discovery(session, err);
986
987 g_slist_foreach(session->streams, (GFunc) release_stream, session);
988 session->streams = NULL;
989
990 session->free_lock = 0;
991
992 if (session->io) {
993 g_io_channel_shutdown(session->io, FALSE, NULL);
994 g_io_channel_unref(session->io);
995 session->io = NULL;
996 }
997
998 avdtp_set_state(session, AVDTP_SESSION_STATE_DISCONNECTED);
999
1000 if (session->io_id) {
1001 g_source_remove(session->io_id);
1002 session->io_id = 0;
1003 }
1004
1005 if (session->dc_timer)
1006 remove_disconnect_timer(session);
1007
1008 session->auto_dc = TRUE;
1009
1010 if (session->ref != 1)
1011 error("connection_lost: ref count not 1 after all callbacks");
1012 else
1013 avdtp_unref(session);
1014 }
1015
avdtp_unref(struct avdtp * session)1016 void avdtp_unref(struct avdtp *session)
1017 {
1018 struct avdtp_server *server;
1019
1020 if (!session)
1021 return;
1022
1023 session->ref--;
1024
1025 debug("avdtp_unref(%p): ref=%d", session, session->ref);
1026
1027 if (session->ref == 1) {
1028 if (session->state == AVDTP_SESSION_STATE_CONNECTING &&
1029 session->io) {
1030 btd_cancel_authorization(&session->server->src,
1031 &session->dst);
1032 g_io_channel_shutdown(session->io, TRUE, NULL);
1033 g_io_channel_unref(session->io);
1034 session->io = NULL;
1035 }
1036
1037 if (session->io)
1038 set_disconnect_timer(session);
1039 else if (!session->free_lock) /* Drop the local ref if we
1040 aren't connected */
1041 session->ref--;
1042 }
1043
1044 if (session->ref > 0)
1045 return;
1046
1047 server = session->server;
1048
1049 debug("avdtp_unref(%p): freeing session and removing from list",
1050 session);
1051
1052 if (session->dc_timer)
1053 remove_disconnect_timer(session);
1054
1055 server->sessions = g_slist_remove(server->sessions, session);
1056
1057 if (session->req)
1058 pending_req_free(session->req);
1059
1060 g_slist_foreach(session->seps, (GFunc) g_free, NULL);
1061 g_slist_free(session->seps);
1062
1063 g_free(session->buf);
1064
1065 g_free(session);
1066 }
1067
avdtp_ref(struct avdtp * session)1068 struct avdtp *avdtp_ref(struct avdtp *session)
1069 {
1070 session->ref++;
1071 debug("avdtp_ref(%p): ref=%d", session, session->ref);
1072 if (session->dc_timer)
1073 remove_disconnect_timer(session);
1074 return session;
1075 }
1076
find_local_sep_by_seid(struct avdtp_server * server,uint8_t seid)1077 static struct avdtp_local_sep *find_local_sep_by_seid(struct avdtp_server *server,
1078 uint8_t seid)
1079 {
1080 GSList *l;
1081
1082 for (l = server->seps; l != NULL; l = g_slist_next(l)) {
1083 struct avdtp_local_sep *sep = l->data;
1084
1085 if (sep->info.seid == seid)
1086 return sep;
1087 }
1088
1089 return NULL;
1090 }
1091
find_local_sep(struct avdtp_server * server,uint8_t type,uint8_t media_type,uint8_t codec)1092 static struct avdtp_local_sep *find_local_sep(struct avdtp_server *server,
1093 uint8_t type,
1094 uint8_t media_type,
1095 uint8_t codec)
1096 {
1097 GSList *l;
1098
1099 for (l = server->seps; l != NULL; l = g_slist_next(l)) {
1100 struct avdtp_local_sep *sep = l->data;
1101
1102 if (sep->info.inuse)
1103 continue;
1104
1105 if (sep->info.type == type &&
1106 sep->info.media_type == media_type &&
1107 sep->codec == codec)
1108 return sep;
1109 }
1110
1111 return NULL;
1112 }
1113
caps_to_list(uint8_t * data,int size,struct avdtp_service_capability ** codec)1114 static GSList *caps_to_list(uint8_t *data, int size,
1115 struct avdtp_service_capability **codec)
1116 {
1117 GSList *caps;
1118 int processed;
1119
1120 for (processed = 0, caps = NULL; processed + 2 < size;) {
1121 struct avdtp_service_capability *cap;
1122 uint8_t length, category;
1123
1124 category = data[0];
1125 length = data[1];
1126
1127 if (processed + 2 + length > size) {
1128 error("Invalid capability data in getcap resp");
1129 break;
1130 }
1131
1132 cap = g_malloc(sizeof(struct avdtp_service_capability) +
1133 length);
1134 memcpy(cap, data, 2 + length);
1135
1136 processed += 2 + length;
1137 data += 2 + length;
1138
1139 caps = g_slist_append(caps, cap);
1140
1141 if (category == AVDTP_MEDIA_CODEC &&
1142 length >=
1143 sizeof(struct avdtp_media_codec_capability))
1144 *codec = cap;
1145 }
1146
1147 return caps;
1148 }
1149
avdtp_unknown_cmd(struct avdtp * session,uint8_t transaction,void * buf,int size)1150 static gboolean avdtp_unknown_cmd(struct avdtp *session, uint8_t transaction,
1151 void *buf, int size)
1152 {
1153 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1154 0, NULL, 0);
1155 }
1156
avdtp_discover_cmd(struct avdtp * session,uint8_t transaction,void * buf,int size)1157 static gboolean avdtp_discover_cmd(struct avdtp *session, uint8_t transaction,
1158 void *buf, int size)
1159 {
1160 GSList *l;
1161 unsigned int rsp_size, sep_count, i;
1162 struct seid_info *seps;
1163 gboolean ret;
1164
1165 sep_count = g_slist_length(session->server->seps);
1166
1167 if (sep_count == 0) {
1168 uint8_t err = AVDTP_NOT_SUPPORTED_COMMAND;
1169 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1170 AVDTP_DISCOVER, &err, sizeof(err));
1171 }
1172
1173 rsp_size = sep_count * sizeof(struct seid_info);
1174
1175 seps = g_new0(struct seid_info, sep_count);
1176
1177 for (l = session->server->seps, i = 0; l != NULL; l = l->next, i++) {
1178 struct avdtp_local_sep *sep = l->data;
1179
1180 memcpy(&seps[i], &sep->info, sizeof(struct seid_info));
1181 }
1182
1183 ret = avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1184 AVDTP_DISCOVER, seps, rsp_size);
1185 g_free(seps);
1186
1187 return ret;
1188 }
1189
avdtp_getcap_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1190 static gboolean avdtp_getcap_cmd(struct avdtp *session, uint8_t transaction,
1191 struct seid_req *req, unsigned int size)
1192 {
1193 GSList *l, *caps;
1194 struct avdtp_local_sep *sep = NULL;
1195 unsigned int rsp_size;
1196 uint8_t err, buf[1024], *ptr = buf;
1197
1198 if (size < sizeof(struct seid_req)) {
1199 err = AVDTP_BAD_LENGTH;
1200 goto failed;
1201 }
1202
1203 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1204 if (!sep) {
1205 err = AVDTP_BAD_ACP_SEID;
1206 goto failed;
1207 }
1208
1209 if (!sep->ind->get_capability(session, sep, &caps, &err,
1210 sep->user_data))
1211 goto failed;
1212
1213 for (l = caps, rsp_size = 0; l != NULL; l = g_slist_next(l)) {
1214 struct avdtp_service_capability *cap = l->data;
1215
1216 if (rsp_size + cap->length + 2 > sizeof(buf))
1217 break;
1218
1219 memcpy(ptr, cap, cap->length + 2);
1220 rsp_size += cap->length + 2;
1221 ptr += cap->length + 2;
1222
1223 g_free(cap);
1224 }
1225
1226 g_slist_free(caps);
1227
1228 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1229 AVDTP_GET_CAPABILITIES, buf, rsp_size);
1230
1231 failed:
1232 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1233 AVDTP_GET_CAPABILITIES, &err, sizeof(err));
1234 }
1235
avdtp_setconf_cmd(struct avdtp * session,uint8_t transaction,struct setconf_req * req,unsigned int size)1236 static gboolean avdtp_setconf_cmd(struct avdtp *session, uint8_t transaction,
1237 struct setconf_req *req, unsigned int size)
1238 {
1239 struct conf_rej rej;
1240 struct avdtp_local_sep *sep;
1241 struct avdtp_stream *stream;
1242 uint8_t err, category = 0x00;
1243 struct audio_device *dev;
1244 bdaddr_t src, dst;
1245 GSList *l;
1246
1247 if (size < sizeof(struct setconf_req)) {
1248 error("Too short getcap request");
1249 return FALSE;
1250 }
1251
1252 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1253 if (!sep) {
1254 err = AVDTP_BAD_ACP_SEID;
1255 goto failed;
1256 }
1257
1258 if (sep->stream) {
1259 err = AVDTP_SEP_IN_USE;
1260 goto failed;
1261 }
1262
1263 avdtp_get_peers(session, &src, &dst);
1264 dev = manager_get_device(&src, &dst, FALSE);
1265 if (!dev) {
1266 error("Unable to get a audio device object");
1267 goto failed;
1268 }
1269
1270 switch (sep->info.type) {
1271 case AVDTP_SEP_TYPE_SOURCE:
1272 if (!dev->sink) {
1273 btd_device_add_uuid(dev->btd_dev, A2DP_SINK_UUID);
1274 if (!dev->sink) {
1275 error("Unable to get a audio sink object");
1276 goto failed;
1277 }
1278 }
1279 break;
1280 case AVDTP_SEP_TYPE_SINK:
1281 /* Do source_init() here when it's implemented */
1282 break;
1283 }
1284
1285 stream = g_new0(struct avdtp_stream, 1);
1286 stream->session = session;
1287 stream->lsep = sep;
1288 stream->rseid = req->int_seid;
1289 stream->caps = caps_to_list(req->caps,
1290 size - sizeof(struct setconf_req),
1291 &stream->codec);
1292
1293 /* Verify that the Media Transport capability's length = 0. Reject otherwise */
1294 for (l = stream->caps; l != NULL; l = g_slist_next(l)) {
1295 struct avdtp_service_capability *cap = l->data;
1296
1297 if (cap->category == AVDTP_MEDIA_TRANSPORT && cap->length != 0) {
1298 err = AVDTP_BAD_MEDIA_TRANSPORT_FORMAT;
1299 goto failed_stream;
1300 }
1301 }
1302
1303 if (sep->ind && sep->ind->set_configuration) {
1304 if (!sep->ind->set_configuration(session, sep, stream,
1305 stream->caps, &err,
1306 &category,
1307 sep->user_data))
1308 goto failed_stream;
1309 }
1310
1311 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1312 AVDTP_SET_CONFIGURATION, NULL, 0)) {
1313 stream_free(stream);
1314 return FALSE;
1315 }
1316
1317 sep->stream = stream;
1318 session->streams = g_slist_append(session->streams, stream);
1319
1320 avdtp_sep_set_state(session, sep, AVDTP_STATE_CONFIGURED);
1321
1322 return TRUE;
1323
1324 failed_stream:
1325 stream_free(stream);
1326 failed:
1327 rej.error = err;
1328 rej.category = category;
1329 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1330 AVDTP_SET_CONFIGURATION, &rej, sizeof(rej));
1331 }
1332
avdtp_getconf_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1333 static gboolean avdtp_getconf_cmd(struct avdtp *session, uint8_t transaction,
1334 struct seid_req *req, int size)
1335 {
1336 GSList *l;
1337 struct avdtp_local_sep *sep = NULL;
1338 int rsp_size;
1339 uint8_t err;
1340 uint8_t buf[1024];
1341 uint8_t *ptr = buf;
1342
1343 if (size < (int) sizeof(struct seid_req)) {
1344 error("Too short getconf request");
1345 return FALSE;
1346 }
1347
1348 memset(buf, 0, sizeof(buf));
1349
1350 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1351 if (!sep) {
1352 err = AVDTP_BAD_ACP_SEID;
1353 goto failed;
1354 }
1355 if (!sep->stream || !sep->stream->caps) {
1356 err = AVDTP_UNSUPPORTED_CONFIGURATION;
1357 goto failed;
1358 }
1359
1360 for (l = sep->stream->caps, rsp_size = 0; l != NULL; l = g_slist_next(l)) {
1361 struct avdtp_service_capability *cap = l->data;
1362
1363 if (rsp_size + cap->length + 2 > (int) sizeof(buf))
1364 break;
1365
1366 memcpy(ptr, cap, cap->length + 2);
1367 rsp_size += cap->length + 2;
1368 ptr += cap->length + 2;
1369 }
1370
1371 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1372 AVDTP_GET_CONFIGURATION, buf, rsp_size);
1373
1374 failed:
1375 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1376 AVDTP_GET_CONFIGURATION, &err, sizeof(err));
1377 }
1378
avdtp_reconf_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1379 static gboolean avdtp_reconf_cmd(struct avdtp *session, uint8_t transaction,
1380 struct seid_req *req, int size)
1381 {
1382 return avdtp_unknown_cmd(session, transaction, (void *) req, size);
1383 }
1384
avdtp_open_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1385 static gboolean avdtp_open_cmd(struct avdtp *session, uint8_t transaction,
1386 struct seid_req *req, unsigned int size)
1387 {
1388 struct avdtp_local_sep *sep;
1389 struct avdtp_stream *stream;
1390 uint8_t err;
1391
1392 if (size < sizeof(struct seid_req)) {
1393 error("Too short abort request");
1394 return FALSE;
1395 }
1396
1397 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1398 if (!sep) {
1399 err = AVDTP_BAD_ACP_SEID;
1400 goto failed;
1401 }
1402
1403 if (sep->state != AVDTP_STATE_CONFIGURED) {
1404 err = AVDTP_BAD_STATE;
1405 goto failed;
1406 }
1407
1408 stream = sep->stream;
1409
1410 if (sep->ind && sep->ind->open) {
1411 if (!sep->ind->open(session, sep, stream, &err,
1412 sep->user_data))
1413 goto failed;
1414 }
1415
1416 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1417 AVDTP_OPEN, NULL, 0))
1418 return FALSE;
1419
1420 stream->open_acp = TRUE;
1421 session->pending_open = stream;
1422 stream->timer = g_timeout_add_seconds(REQ_TIMEOUT,
1423 stream_open_timeout,
1424 stream);
1425
1426 return TRUE;
1427
1428 failed:
1429 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1430 AVDTP_OPEN, &err, sizeof(err));
1431 }
1432
avdtp_start_cmd(struct avdtp * session,uint8_t transaction,struct start_req * req,unsigned int size)1433 static gboolean avdtp_start_cmd(struct avdtp *session, uint8_t transaction,
1434 struct start_req *req, unsigned int size)
1435 {
1436 struct avdtp_local_sep *sep;
1437 struct avdtp_stream *stream;
1438 struct stream_rej rej;
1439 struct seid *seid;
1440 uint8_t err, failed_seid;
1441 int seid_count, i;
1442
1443 if (size < sizeof(struct start_req)) {
1444 error("Too short start request");
1445 return FALSE;
1446 }
1447
1448 seid_count = 1 + size - sizeof(struct start_req);
1449
1450 seid = &req->first_seid;
1451
1452 for (i = 0; i < seid_count; i++, seid++) {
1453 failed_seid = seid->seid;
1454
1455 sep = find_local_sep_by_seid(session->server,
1456 req->first_seid.seid);
1457 if (!sep || !sep->stream) {
1458 err = AVDTP_BAD_ACP_SEID;
1459 goto failed;
1460 }
1461
1462 stream = sep->stream;
1463
1464 if (sep->state != AVDTP_STATE_OPEN) {
1465 err = AVDTP_BAD_STATE;
1466 goto failed;
1467 }
1468
1469 if (sep->ind && sep->ind->start) {
1470 if (!sep->ind->start(session, sep, stream, &err,
1471 sep->user_data))
1472 goto failed;
1473 }
1474
1475 avdtp_sep_set_state(session, sep, AVDTP_STATE_STREAMING);
1476 }
1477
1478 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1479 AVDTP_START, NULL, 0);
1480
1481 failed:
1482 memset(&rej, 0, sizeof(rej));
1483 rej.acp_seid = failed_seid;
1484 rej.error = err;
1485 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1486 AVDTP_START, &rej, sizeof(rej));
1487 }
1488
avdtp_close_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1489 static gboolean avdtp_close_cmd(struct avdtp *session, uint8_t transaction,
1490 struct seid_req *req, unsigned int size)
1491 {
1492 struct avdtp_local_sep *sep;
1493 struct avdtp_stream *stream;
1494 uint8_t err;
1495
1496 if (size < sizeof(struct seid_req)) {
1497 error("Too short close request");
1498 return FALSE;
1499 }
1500
1501 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1502 if (!sep || !sep->stream) {
1503 err = AVDTP_BAD_ACP_SEID;
1504 goto failed;
1505 }
1506
1507 if (sep->state != AVDTP_STATE_OPEN &&
1508 sep->state != AVDTP_STATE_STREAMING) {
1509 err = AVDTP_BAD_STATE;
1510 goto failed;
1511 }
1512
1513 stream = sep->stream;
1514
1515 if (sep->ind && sep->ind->close) {
1516 if (!sep->ind->close(session, sep, stream, &err,
1517 sep->user_data))
1518 goto failed;
1519 }
1520
1521 avdtp_sep_set_state(session, sep, AVDTP_STATE_CLOSING);
1522
1523 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1524 AVDTP_CLOSE, NULL, 0))
1525 return FALSE;
1526
1527 stream->timer = g_timeout_add_seconds(REQ_TIMEOUT,
1528 stream_close_timeout,
1529 stream);
1530
1531 return TRUE;
1532
1533 failed:
1534 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1535 AVDTP_CLOSE, &err, sizeof(err));
1536 }
1537
avdtp_suspend_cmd(struct avdtp * session,uint8_t transaction,struct suspend_req * req,unsigned int size)1538 static gboolean avdtp_suspend_cmd(struct avdtp *session, uint8_t transaction,
1539 struct suspend_req *req, unsigned int size)
1540 {
1541 struct avdtp_local_sep *sep;
1542 struct avdtp_stream *stream;
1543 struct stream_rej rej;
1544 struct seid *seid;
1545 uint8_t err, failed_seid;
1546 int seid_count, i;
1547
1548 if (size < sizeof(struct suspend_req)) {
1549 error("Too short suspend request");
1550 return FALSE;
1551 }
1552
1553 seid_count = 1 + size - sizeof(struct suspend_req);
1554
1555 seid = &req->first_seid;
1556
1557 for (i = 0; i < seid_count; i++, seid++) {
1558 failed_seid = seid->seid;
1559
1560 sep = find_local_sep_by_seid(session->server,
1561 req->first_seid.seid);
1562 if (!sep || !sep->stream) {
1563 err = AVDTP_BAD_ACP_SEID;
1564 goto failed;
1565 }
1566
1567 stream = sep->stream;
1568
1569 if (sep->state != AVDTP_STATE_STREAMING) {
1570 err = AVDTP_BAD_STATE;
1571 goto failed;
1572 }
1573
1574 if (sep->ind && sep->ind->suspend) {
1575 if (!sep->ind->suspend(session, sep, stream, &err,
1576 sep->user_data))
1577 goto failed;
1578 }
1579
1580 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
1581 }
1582
1583 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1584 AVDTP_SUSPEND, NULL, 0);
1585
1586 failed:
1587 memset(&rej, 0, sizeof(rej));
1588 rej.acp_seid = failed_seid;
1589 rej.error = err;
1590 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1591 AVDTP_SUSPEND, &rej, sizeof(rej));
1592 }
1593
avdtp_abort_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1594 static gboolean avdtp_abort_cmd(struct avdtp *session, uint8_t transaction,
1595 struct seid_req *req, unsigned int size)
1596 {
1597 struct avdtp_local_sep *sep;
1598 uint8_t err;
1599 gboolean ret;
1600
1601 if (size < sizeof(struct seid_req)) {
1602 error("Too short abort request");
1603 return FALSE;
1604 }
1605
1606 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1607 if (!sep || !sep->stream) {
1608 err = AVDTP_BAD_ACP_SEID;
1609 goto failed;
1610 }
1611
1612 if (sep->ind && sep->ind->abort) {
1613 if (!sep->ind->abort(session, sep, sep->stream, &err,
1614 sep->user_data))
1615 goto failed;
1616 }
1617
1618 ret = avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1619 AVDTP_ABORT, NULL, 0);
1620 if (ret)
1621 avdtp_sep_set_state(session, sep, AVDTP_STATE_ABORTING);
1622
1623 return ret;
1624
1625 failed:
1626 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1627 AVDTP_ABORT, &err, sizeof(err));
1628 }
1629
avdtp_secctl_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1630 static gboolean avdtp_secctl_cmd(struct avdtp *session, uint8_t transaction,
1631 struct seid_req *req, int size)
1632 {
1633 return avdtp_unknown_cmd(session, transaction, (void *) req, size);
1634 }
1635
avdtp_parse_cmd(struct avdtp * session,uint8_t transaction,uint8_t signal_id,void * buf,int size)1636 static gboolean avdtp_parse_cmd(struct avdtp *session, uint8_t transaction,
1637 uint8_t signal_id, void *buf, int size)
1638 {
1639 switch (signal_id) {
1640 case AVDTP_DISCOVER:
1641 debug("Received DISCOVER_CMD");
1642 return avdtp_discover_cmd(session, transaction, buf, size);
1643 case AVDTP_GET_CAPABILITIES:
1644 debug("Received GET_CAPABILITIES_CMD");
1645 return avdtp_getcap_cmd(session, transaction, buf, size);
1646 case AVDTP_SET_CONFIGURATION:
1647 debug("Received SET_CONFIGURATION_CMD");
1648 return avdtp_setconf_cmd(session, transaction, buf, size);
1649 case AVDTP_GET_CONFIGURATION:
1650 debug("Received GET_CONFIGURATION_CMD");
1651 return avdtp_getconf_cmd(session, transaction, buf, size);
1652 case AVDTP_RECONFIGURE:
1653 debug("Received RECONFIGURE_CMD");
1654 return avdtp_reconf_cmd(session, transaction, buf, size);
1655 case AVDTP_OPEN:
1656 debug("Received OPEN_CMD");
1657 return avdtp_open_cmd(session, transaction, buf, size);
1658 case AVDTP_START:
1659 debug("Received START_CMD");
1660 return avdtp_start_cmd(session, transaction, buf, size);
1661 case AVDTP_CLOSE:
1662 debug("Received CLOSE_CMD");
1663 return avdtp_close_cmd(session, transaction, buf, size);
1664 case AVDTP_SUSPEND:
1665 debug("Received SUSPEND_CMD");
1666 return avdtp_suspend_cmd(session, transaction, buf, size);
1667 case AVDTP_ABORT:
1668 debug("Received ABORT_CMD");
1669 return avdtp_abort_cmd(session, transaction, buf, size);
1670 case AVDTP_SECURITY_CONTROL:
1671 debug("Received SECURITY_CONTROL_CMD");
1672 return avdtp_secctl_cmd(session, transaction, buf, size);
1673 default:
1674 debug("Received unknown request id %u", signal_id);
1675 return avdtp_unknown_cmd(session, transaction, buf, size);
1676 }
1677 }
1678
1679 enum avdtp_parse_result { PARSE_ERROR, PARSE_FRAGMENT, PARSE_SUCCESS };
1680
avdtp_parse_data(struct avdtp * session,void * buf,size_t size)1681 static enum avdtp_parse_result avdtp_parse_data(struct avdtp *session,
1682 void *buf, size_t size)
1683 {
1684 struct avdtp_common_header *header = buf;
1685 struct avdtp_single_header *single = (void *) session->buf;
1686 struct avdtp_start_header *start = (void *) session->buf;
1687 void *payload;
1688 gsize payload_size;
1689
1690 switch (header->packet_type) {
1691 case AVDTP_PKT_TYPE_SINGLE:
1692 if (size < sizeof(*single)) {
1693 error("Received too small single packet (%zu bytes)", size);
1694 return PARSE_ERROR;
1695 }
1696 if (session->in.active) {
1697 error("SINGLE: Invalid AVDTP packet fragmentation");
1698 return PARSE_ERROR;
1699 }
1700
1701 payload = session->buf + sizeof(*single);
1702 payload_size = size - sizeof(*single);
1703
1704 session->in.active = TRUE;
1705 session->in.data_size = 0;
1706 session->in.no_of_packets = 1;
1707 session->in.transaction = header->transaction;
1708 session->in.message_type = header->message_type;
1709 session->in.signal_id = single->signal_id;
1710
1711 break;
1712 case AVDTP_PKT_TYPE_START:
1713 if (size < sizeof(*start)) {
1714 error("Received too small start packet (%zu bytes)", size);
1715 return PARSE_ERROR;
1716 }
1717 if (session->in.active) {
1718 error("START: Invalid AVDTP packet fragmentation");
1719 return PARSE_ERROR;
1720 }
1721
1722 session->in.active = TRUE;
1723 session->in.data_size = 0;
1724 session->in.transaction = header->transaction;
1725 session->in.message_type = header->message_type;
1726 session->in.no_of_packets = start->no_of_packets;
1727 session->in.signal_id = start->signal_id;
1728
1729 payload = session->buf + sizeof(*start);
1730 payload_size = size - sizeof(*start);
1731
1732 break;
1733 case AVDTP_PKT_TYPE_CONTINUE:
1734 if (size < sizeof(struct avdtp_continue_header)) {
1735 error("Received too small continue packet (%zu bytes)",
1736 size);
1737 return PARSE_ERROR;
1738 }
1739 if (!session->in.active) {
1740 error("CONTINUE: Invalid AVDTP packet fragmentation");
1741 return PARSE_ERROR;
1742 }
1743 if (session->in.transaction != header->transaction) {
1744 error("Continue transaction id doesn't match");
1745 return PARSE_ERROR;
1746 }
1747 if (session->in.no_of_packets <= 1) {
1748 error("Too few continue packets");
1749 return PARSE_ERROR;
1750 }
1751
1752 payload = session->buf + sizeof(struct avdtp_continue_header);
1753 payload_size = size - sizeof(struct avdtp_continue_header);
1754
1755 break;
1756 case AVDTP_PKT_TYPE_END:
1757 if (size < sizeof(struct avdtp_continue_header)) {
1758 error("Received too small end packet (%zu bytes)", size);
1759 return PARSE_ERROR;
1760 }
1761 if (!session->in.active) {
1762 error("END: Invalid AVDTP packet fragmentation");
1763 return PARSE_ERROR;
1764 }
1765 if (session->in.transaction != header->transaction) {
1766 error("End transaction id doesn't match");
1767 return PARSE_ERROR;
1768 }
1769 if (session->in.no_of_packets > 1) {
1770 error("Got an end packet too early");
1771 return PARSE_ERROR;
1772 }
1773
1774 payload = session->buf + sizeof(struct avdtp_continue_header);
1775 payload_size = size - sizeof(struct avdtp_continue_header);
1776
1777 break;
1778 default:
1779 error("Invalid AVDTP packet type 0x%02X", header->packet_type);
1780 return PARSE_ERROR;
1781 }
1782
1783 if (session->in.data_size + payload_size >
1784 sizeof(session->in.buf)) {
1785 error("Not enough incoming buffer space!");
1786 return PARSE_ERROR;
1787 }
1788
1789 memcpy(session->in.buf + session->in.data_size, payload, payload_size);
1790 session->in.data_size += payload_size;
1791
1792 if (session->in.no_of_packets > 1) {
1793 session->in.no_of_packets--;
1794 debug("Received AVDTP fragment. %d to go",
1795 session->in.no_of_packets);
1796 return PARSE_FRAGMENT;
1797 }
1798
1799 session->in.active = FALSE;
1800
1801 return PARSE_SUCCESS;
1802 }
1803
session_cb(GIOChannel * chan,GIOCondition cond,gpointer data)1804 static gboolean session_cb(GIOChannel *chan, GIOCondition cond,
1805 gpointer data)
1806 {
1807 struct avdtp *session = data;
1808 struct avdtp_common_header *header;
1809 gsize size;
1810
1811 debug("session_cb");
1812
1813 if (cond & G_IO_NVAL)
1814 return FALSE;
1815
1816 header = (void *) session->buf;
1817
1818 if (cond & (G_IO_HUP | G_IO_ERR))
1819 goto failed;
1820
1821 if (g_io_channel_read(chan, session->buf, session->imtu, &size)
1822 != G_IO_ERROR_NONE) {
1823 error("IO Channel read error");
1824 goto failed;
1825 }
1826
1827 if (size < sizeof(struct avdtp_common_header)) {
1828 error("Received too small packet (%zu bytes)", size);
1829 goto failed;
1830 }
1831
1832 switch (avdtp_parse_data(session, session->buf, size)) {
1833 case PARSE_ERROR:
1834 goto failed;
1835 case PARSE_FRAGMENT:
1836 return TRUE;
1837 case PARSE_SUCCESS:
1838 break;
1839 }
1840
1841 if (session->in.message_type == AVDTP_MSG_TYPE_COMMAND) {
1842 if (!avdtp_parse_cmd(session, session->in.transaction,
1843 session->in.signal_id,
1844 session->in.buf,
1845 session->in.data_size)) {
1846 error("Unable to handle command. Disconnecting");
1847 goto failed;
1848 }
1849
1850 if (session->ref == 1 && !session->streams && !session->req)
1851 set_disconnect_timer(session);
1852
1853 if (session->streams && session->dc_timer)
1854 remove_disconnect_timer(session);
1855
1856 return TRUE;
1857 }
1858
1859 if (session->req == NULL) {
1860 error("No pending request, ignoring message");
1861 return TRUE;
1862 }
1863
1864 if (header->transaction != session->req->transaction) {
1865 error("Transaction label doesn't match");
1866 return TRUE;
1867 }
1868
1869 if (session->in.signal_id != session->req->signal_id) {
1870 error("Reponse signal doesn't match");
1871 return TRUE;
1872 }
1873
1874 g_source_remove(session->req->timeout);
1875 session->req->timeout = 0;
1876
1877 switch (header->message_type) {
1878 case AVDTP_MSG_TYPE_ACCEPT:
1879 if (!avdtp_parse_resp(session, session->req->stream,
1880 session->in.transaction,
1881 session->in.signal_id,
1882 session->in.buf,
1883 session->in.data_size)) {
1884 error("Unable to parse accept response");
1885 goto failed;
1886 }
1887 break;
1888 case AVDTP_MSG_TYPE_REJECT:
1889 if (!avdtp_parse_rej(session, session->req->stream,
1890 session->in.transaction,
1891 session->in.signal_id,
1892 session->in.buf,
1893 session->in.data_size)) {
1894 error("Unable to parse reject response");
1895 goto failed;
1896 }
1897 break;
1898 default:
1899 error("Unknown message type 0x%02X", header->message_type);
1900 break;
1901 }
1902
1903 pending_req_free(session->req);
1904 session->req = NULL;
1905
1906 process_queue(session);
1907
1908 return TRUE;
1909
1910 failed:
1911 connection_lost(session, EIO);
1912
1913 return FALSE;
1914 }
1915
find_session(GSList * list,const bdaddr_t * dst)1916 static struct avdtp *find_session(GSList *list, const bdaddr_t *dst)
1917 {
1918 GSList *l;
1919
1920 for (l = list; l != NULL; l = g_slist_next(l)) {
1921 struct avdtp *s = l->data;
1922
1923 if (bacmp(dst, &s->dst))
1924 continue;
1925
1926 return s;
1927 }
1928
1929 return NULL;
1930 }
1931
avdtp_get_internal(const bdaddr_t * src,const bdaddr_t * dst)1932 static struct avdtp *avdtp_get_internal(const bdaddr_t *src, const bdaddr_t *dst)
1933 {
1934 struct avdtp_server *server;
1935 struct avdtp *session;
1936
1937 assert(src != NULL);
1938 assert(dst != NULL);
1939
1940 server = find_server(servers, src);
1941 if (server == NULL)
1942 return NULL;
1943
1944 session = find_session(server->sessions, dst);
1945 if (session) {
1946 if (session->pending_auth)
1947 return NULL;
1948 else
1949 return session;
1950 }
1951
1952 session = g_new0(struct avdtp, 1);
1953
1954 session->server = server;
1955 bacpy(&session->dst, dst);
1956 session->ref = 1;
1957 /* We don't use avdtp_set_state() here since this isn't a state change
1958 * but just setting of the initial state */
1959 session->state = AVDTP_SESSION_STATE_DISCONNECTED;
1960 session->auto_dc = TRUE;
1961
1962 server->sessions = g_slist_append(server->sessions, session);
1963
1964 return session;
1965 }
1966
avdtp_get(bdaddr_t * src,bdaddr_t * dst)1967 struct avdtp *avdtp_get(bdaddr_t *src, bdaddr_t *dst)
1968 {
1969 struct avdtp *session;
1970
1971 session = avdtp_get_internal(src, dst);
1972
1973 if (!session)
1974 return NULL;
1975
1976 return avdtp_ref(session);
1977 }
1978
avdtp_connect_cb(GIOChannel * chan,GError * err,gpointer user_data)1979 static void avdtp_connect_cb(GIOChannel *chan, GError *err, gpointer user_data)
1980 {
1981 struct avdtp *session = user_data;
1982 char address[18];
1983 GError *gerr = NULL;
1984
1985 if (err) {
1986 error("%s", err->message);
1987 goto failed;
1988 }
1989
1990 if (!session->io)
1991 session->io = g_io_channel_ref(chan);
1992
1993 bt_io_get(chan, BT_IO_L2CAP, &gerr,
1994 BT_IO_OPT_OMTU, &session->omtu,
1995 BT_IO_OPT_IMTU, &session->imtu,
1996 BT_IO_OPT_INVALID);
1997 if (gerr) {
1998 error("%s", gerr->message);
1999 g_error_free(gerr);
2000 goto failed;
2001 }
2002
2003 ba2str(&session->dst, address);
2004 debug("AVDTP: connected %s channel to %s",
2005 session->pending_open ? "transport" : "signaling",
2006 address);
2007
2008 if (session->state == AVDTP_SESSION_STATE_CONNECTING) {
2009 debug("AVDTP imtu=%u, omtu=%u", session->imtu, session->omtu);
2010
2011 session->buf = g_malloc0(session->imtu);
2012 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTED);
2013
2014 if (session->io_id)
2015 g_source_remove(session->io_id);
2016
2017 /* This watch should be low priority since otherwise the
2018 * connect callback might be dispatched before the session
2019 * callback if the kernel wakes us up at the same time for
2020 * them. This could happen if a headset is very quick in
2021 * sending the Start command after connecting the stream
2022 * transport channel.
2023 */
2024 session->io_id = g_io_add_watch_full(chan,
2025 G_PRIORITY_LOW,
2026 G_IO_IN | G_IO_ERR | G_IO_HUP
2027 | G_IO_NVAL,
2028 (GIOFunc) session_cb, session,
2029 NULL);
2030
2031 if (session->stream_setup) {
2032 set_disconnect_timer(session);
2033 avdtp_set_auto_disconnect(session, FALSE);
2034 }
2035 } else if (session->pending_open)
2036 handle_transport_connect(session, chan, session->imtu,
2037 session->omtu);
2038 else
2039 goto failed;
2040
2041 process_queue(session);
2042
2043 return;
2044
2045 failed:
2046 if (session->pending_open) {
2047 struct avdtp_stream *stream = session->pending_open;
2048
2049 handle_transport_connect(session, NULL, 0, 0);
2050
2051 if (avdtp_abort(session, stream) < 0)
2052 avdtp_sep_set_state(session, stream->lsep,
2053 AVDTP_STATE_IDLE);
2054 } else
2055 connection_lost(session, EIO);
2056
2057 return;
2058 }
2059
auth_cb(DBusError * derr,void * user_data)2060 static void auth_cb(DBusError *derr, void *user_data)
2061 {
2062 struct avdtp *session = user_data;
2063 GError *err = NULL;
2064
2065 if (derr && dbus_error_is_set(derr)) {
2066 error("Access denied: %s", derr->message);
2067 connection_lost(session, EACCES);
2068 return;
2069 }
2070
2071 if (!bt_io_accept(session->io, avdtp_connect_cb, session, NULL,
2072 &err)) {
2073 error("bt_io_accept: %s", err->message);
2074 connection_lost(session, EACCES);
2075 g_error_free(err);
2076 return;
2077 }
2078
2079 /* This is so that avdtp_connect_cb will know to do the right thing
2080 * with respect to the disconnect timer */
2081 session->stream_setup = TRUE;
2082 }
2083
avdtp_confirm_cb(GIOChannel * chan,gpointer data)2084 static void avdtp_confirm_cb(GIOChannel *chan, gpointer data)
2085 {
2086 struct avdtp *session;
2087 struct audio_device *dev;
2088 char address[18];
2089 bdaddr_t src, dst;
2090 int perr;
2091 GError *err = NULL;
2092
2093 bt_io_get(chan, BT_IO_L2CAP, &err,
2094 BT_IO_OPT_SOURCE_BDADDR, &src,
2095 BT_IO_OPT_DEST_BDADDR, &dst,
2096 BT_IO_OPT_DEST, address,
2097 BT_IO_OPT_INVALID);
2098 if (err) {
2099 error("%s", err->message);
2100 g_error_free(err);
2101 goto drop;
2102 }
2103
2104 debug("AVDTP: incoming connect from %s", address);
2105
2106 session = avdtp_get_internal(&src, &dst);
2107 if (!session)
2108 goto drop;
2109
2110 /* This state (ie, session is already *connecting*) happens when the
2111 * device initiates a connect (really a config'd L2CAP channel) even
2112 * though there is a connect we initiated in progress. In sink.c &
2113 * source.c, this state is referred to as XCASE connect:connect.
2114 * Abort the device's channel in favor of our own.
2115 */
2116 if (session->state == AVDTP_SESSION_STATE_CONNECTING) {
2117 debug("avdtp_confirm_cb: connect already in progress"
2118 " (XCASE connect:connect)");
2119 goto drop;
2120 }
2121
2122 if (session->pending_open && session->pending_open->open_acp) {
2123 if (!bt_io_accept(chan, avdtp_connect_cb, session, NULL, NULL))
2124 goto drop;
2125 return;
2126 }
2127
2128 if (session->io) {
2129 error("Refusing unexpected connect from %s", address);
2130 goto drop;
2131 }
2132
2133 dev = manager_get_device(&src, &dst, FALSE);
2134 if (!dev) {
2135 dev = manager_get_device(&src, &dst, TRUE);
2136 if (!dev) {
2137 error("Unable to get audio device object for %s",
2138 address);
2139 goto drop;
2140 }
2141 btd_device_add_uuid(dev->btd_dev, ADVANCED_AUDIO_UUID);
2142 }
2143
2144 session->io = g_io_channel_ref(chan);
2145 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTING);
2146
2147 session->io_id = g_io_add_watch(chan, G_IO_ERR | G_IO_HUP | G_IO_NVAL,
2148 (GIOFunc) session_cb, session);
2149
2150 perr = audio_device_request_authorization(dev, ADVANCED_AUDIO_UUID,
2151 auth_cb, session);
2152 if (perr < 0) {
2153 avdtp_unref(session);
2154 goto drop;
2155 }
2156
2157 dev->auto_connect = auto_connect;
2158
2159 return;
2160
2161 drop:
2162 g_io_channel_shutdown(chan, TRUE, NULL);
2163 }
2164
l2cap_connect(struct avdtp * session)2165 static int l2cap_connect(struct avdtp *session)
2166 {
2167 GError *err = NULL;
2168 GIOChannel *io;
2169
2170 io = bt_io_connect(BT_IO_L2CAP, avdtp_connect_cb, session,
2171 NULL, &err,
2172 BT_IO_OPT_SOURCE_BDADDR, &session->server->src,
2173 BT_IO_OPT_DEST_BDADDR, &session->dst,
2174 BT_IO_OPT_PSM, AVDTP_PSM,
2175 BT_IO_OPT_INVALID);
2176 if (!io) {
2177 error("%s", err->message);
2178 g_error_free(err);
2179 return -EIO;
2180 }
2181
2182 g_io_channel_unref(io);
2183
2184 return 0;
2185 }
2186
queue_request(struct avdtp * session,struct pending_req * req,gboolean priority)2187 static void queue_request(struct avdtp *session, struct pending_req *req,
2188 gboolean priority)
2189 {
2190 if (priority)
2191 session->prio_queue = g_slist_append(session->prio_queue, req);
2192 else
2193 session->req_queue = g_slist_append(session->req_queue, req);
2194 }
2195
req_get_seid(struct pending_req * req)2196 static uint8_t req_get_seid(struct pending_req *req)
2197 {
2198 if (req->signal_id == AVDTP_DISCOVER)
2199 return 0;
2200
2201 return ((struct seid_req *) (req->data))->acp_seid;
2202 }
2203
request_timeout(gpointer user_data)2204 static gboolean request_timeout(gpointer user_data)
2205 {
2206 struct avdtp *session = user_data;
2207 struct pending_req *req;
2208 struct seid_req sreq;
2209 struct avdtp_local_sep *lsep;
2210 struct avdtp_stream *stream;
2211 uint8_t seid;
2212 struct avdtp_error err;
2213
2214 req = session->req;
2215 session->req = NULL;
2216
2217 avdtp_error_init(&err, AVDTP_ERROR_ERRNO, ETIMEDOUT);
2218
2219 seid = req_get_seid(req);
2220 if (seid)
2221 stream = find_stream_by_rseid(session, seid);
2222 else
2223 stream = NULL;
2224
2225 if (stream)
2226 lsep = stream->lsep;
2227 else
2228 lsep = NULL;
2229
2230 switch (req->signal_id) {
2231 case AVDTP_RECONFIGURE:
2232 error("Reconfigure request timed out");
2233 if (lsep && lsep->cfm && lsep->cfm->reconfigure)
2234 lsep->cfm->reconfigure(session, lsep, stream, &err,
2235 lsep->user_data);
2236 break;
2237 case AVDTP_OPEN:
2238 error("Open request timed out");
2239 if (lsep && lsep->cfm && lsep->cfm->open)
2240 lsep->cfm->open(session, lsep, stream, &err,
2241 lsep->user_data);
2242 break;
2243 case AVDTP_START:
2244 error("Start request timed out");
2245 if (lsep && lsep->cfm && lsep->cfm->start)
2246 lsep->cfm->start(session, lsep, stream, &err,
2247 lsep->user_data);
2248 break;
2249 case AVDTP_SUSPEND:
2250 error("Suspend request timed out");
2251 if (lsep && lsep->cfm && lsep->cfm->suspend)
2252 lsep->cfm->suspend(session, lsep, stream, &err,
2253 lsep->user_data);
2254 break;
2255 case AVDTP_CLOSE:
2256 error("Close request timed out");
2257 if (lsep && lsep->cfm && lsep->cfm->close) {
2258 lsep->cfm->close(session, lsep, stream, &err,
2259 lsep->user_data);
2260 if (stream)
2261 stream->close_int = FALSE;
2262 }
2263 break;
2264 case AVDTP_SET_CONFIGURATION:
2265 error("SetConfiguration request timed out");
2266 if (lsep && lsep->cfm && lsep->cfm->set_configuration)
2267 lsep->cfm->set_configuration(session, lsep, stream,
2268 &err, lsep->user_data);
2269 goto failed;
2270 case AVDTP_DISCOVER:
2271 error("Discover request timed out");
2272 goto failed;
2273 case AVDTP_GET_CAPABILITIES:
2274 error("GetCapabilities request timed out");
2275 goto failed;
2276 case AVDTP_ABORT:
2277 error("Abort request timed out");
2278 goto failed;
2279 }
2280
2281 if (!stream)
2282 goto failed;
2283
2284 memset(&sreq, 0, sizeof(sreq));
2285 sreq.acp_seid = seid;
2286
2287 if (send_request(session, TRUE, stream, AVDTP_ABORT,
2288 &sreq, sizeof(sreq)) < 0) {
2289 error("Unable to send abort request");
2290 goto failed;
2291 }
2292
2293 stream->abort_int = TRUE;
2294
2295 goto done;
2296
2297 failed:
2298 connection_lost(session, ETIMEDOUT);
2299 done:
2300 pending_req_free(req);
2301 return FALSE;
2302 }
2303
send_req(struct avdtp * session,gboolean priority,struct pending_req * req)2304 static int send_req(struct avdtp *session, gboolean priority,
2305 struct pending_req *req)
2306 {
2307 static int transaction = 0;
2308 int err;
2309
2310 if (session->state == AVDTP_SESSION_STATE_DISCONNECTED) {
2311 err = l2cap_connect(session);
2312 if (err < 0)
2313 goto failed;
2314 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTING);
2315 }
2316
2317 if (session->state < AVDTP_SESSION_STATE_CONNECTED ||
2318 session->req != NULL) {
2319 queue_request(session, req, priority);
2320 return 0;
2321 }
2322
2323 req->transaction = transaction++;
2324 transaction %= 16;
2325
2326 /* FIXME: Should we retry to send if the buffer
2327 was not totally sent or in case of EINTR? */
2328 if (!avdtp_send(session, req->transaction, AVDTP_MSG_TYPE_COMMAND,
2329 req->signal_id, req->data, req->data_size)) {
2330 err = -EIO;
2331 goto failed;
2332 }
2333
2334
2335 session->req = req;
2336
2337 req->timeout = g_timeout_add_seconds(REQ_TIMEOUT,
2338 request_timeout,
2339 session);
2340 return 0;
2341
2342 failed:
2343 g_free(req->data);
2344 g_free(req);
2345 return err;
2346 }
2347
send_request(struct avdtp * session,gboolean priority,struct avdtp_stream * stream,uint8_t signal_id,void * buffer,size_t size)2348 static int send_request(struct avdtp *session, gboolean priority,
2349 struct avdtp_stream *stream, uint8_t signal_id,
2350 void *buffer, size_t size)
2351 {
2352 struct pending_req *req;
2353
2354 req = g_new0(struct pending_req, 1);
2355 req->signal_id = signal_id;
2356 req->data = g_malloc(size);
2357 memcpy(req->data, buffer, size);
2358 req->data_size = size;
2359 req->stream = stream;
2360
2361 return send_req(session, priority, req);
2362 }
2363
avdtp_discover_resp(struct avdtp * session,struct discover_resp * resp,int size)2364 static gboolean avdtp_discover_resp(struct avdtp *session,
2365 struct discover_resp *resp, int size)
2366 {
2367 int sep_count, i;
2368
2369 sep_count = size / sizeof(struct seid_info);
2370
2371 for (i = 0; i < sep_count; i++) {
2372 struct avdtp_remote_sep *sep;
2373 struct avdtp_stream *stream;
2374 struct seid_req req;
2375 int ret;
2376
2377 debug("seid %d type %d media %d in use %d",
2378 resp->seps[i].seid, resp->seps[i].type,
2379 resp->seps[i].media_type, resp->seps[i].inuse);
2380
2381 stream = find_stream_by_rseid(session, resp->seps[i].seid);
2382
2383 sep = find_remote_sep(session->seps, resp->seps[i].seid);
2384 if (!sep) {
2385 if (resp->seps[i].inuse && !stream)
2386 continue;
2387 sep = g_new0(struct avdtp_remote_sep, 1);
2388 session->seps = g_slist_append(session->seps, sep);
2389 }
2390
2391 sep->stream = stream;
2392 sep->seid = resp->seps[i].seid;
2393 sep->type = resp->seps[i].type;
2394 sep->media_type = resp->seps[i].media_type;
2395
2396 memset(&req, 0, sizeof(req));
2397 req.acp_seid = sep->seid;
2398
2399 ret = send_request(session, TRUE, NULL,
2400 AVDTP_GET_CAPABILITIES,
2401 &req, sizeof(req));
2402 if (ret < 0) {
2403 finalize_discovery(session, -ret);
2404 break;
2405 }
2406 }
2407
2408 return TRUE;
2409 }
2410
avdtp_get_capabilities_resp(struct avdtp * session,struct getcap_resp * resp,unsigned int size)2411 static gboolean avdtp_get_capabilities_resp(struct avdtp *session,
2412 struct getcap_resp *resp,
2413 unsigned int size)
2414 {
2415 struct avdtp_remote_sep *sep;
2416 uint8_t seid;
2417
2418 /* Check for minimum required packet size includes:
2419 * 1. getcap resp header
2420 * 2. media transport capability (2 bytes)
2421 * 3. media codec capability type + length (2 bytes)
2422 * 4. the actual media codec elements
2423 * */
2424 if (size < (sizeof(struct getcap_resp) + 4 +
2425 sizeof(struct avdtp_media_codec_capability))) {
2426 error("Too short getcap resp packet");
2427 return FALSE;
2428 }
2429
2430 seid = ((struct seid_req *) session->req->data)->acp_seid;
2431
2432 sep = find_remote_sep(session->seps, seid);
2433
2434 debug("seid %d type %d media %d", sep->seid,
2435 sep->type, sep->media_type);
2436
2437 if (sep->caps) {
2438 g_slist_foreach(sep->caps, (GFunc) g_free, NULL);
2439 g_slist_free(sep->caps);
2440 sep->caps = NULL;
2441 sep->codec = NULL;
2442 }
2443
2444 sep->caps = caps_to_list(resp->caps, size - sizeof(struct getcap_resp),
2445 &sep->codec);
2446
2447 return TRUE;
2448 }
2449
avdtp_set_configuration_resp(struct avdtp * session,struct avdtp_stream * stream,struct avdtp_single_header * resp,int size)2450 static gboolean avdtp_set_configuration_resp(struct avdtp *session,
2451 struct avdtp_stream *stream,
2452 struct avdtp_single_header *resp,
2453 int size)
2454 {
2455 struct avdtp_local_sep *sep = stream->lsep;
2456
2457 if (sep->cfm && sep->cfm->set_configuration)
2458 sep->cfm->set_configuration(session, sep, stream, NULL,
2459 sep->user_data);
2460
2461 avdtp_sep_set_state(session, sep, AVDTP_STATE_CONFIGURED);
2462
2463 return TRUE;
2464 }
2465
avdtp_reconfigure_resp(struct avdtp * session,struct avdtp_stream * stream,struct avdtp_single_header * resp,int size)2466 static gboolean avdtp_reconfigure_resp(struct avdtp *session,
2467 struct avdtp_stream *stream,
2468 struct avdtp_single_header *resp, int size)
2469 {
2470 return TRUE;
2471 }
2472
avdtp_open_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2473 static gboolean avdtp_open_resp(struct avdtp *session, struct avdtp_stream *stream,
2474 struct seid_rej *resp, int size)
2475 {
2476 struct avdtp_local_sep *sep = stream->lsep;
2477
2478 if (l2cap_connect(session) < 0) {
2479 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
2480 return FALSE;
2481 }
2482
2483 session->pending_open = stream;
2484
2485 return TRUE;
2486 }
2487
avdtp_start_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2488 static gboolean avdtp_start_resp(struct avdtp *session,
2489 struct avdtp_stream *stream,
2490 struct seid_rej *resp, int size)
2491 {
2492 struct avdtp_local_sep *sep = stream->lsep;
2493
2494 if (sep->cfm && sep->cfm->start)
2495 sep->cfm->start(session, sep, stream, NULL, sep->user_data);
2496
2497 /* We might be in STREAMING already if both sides send START_CMD at the
2498 * same time and the one in SNK role doesn't reject it as it should */
2499 if (sep->state != AVDTP_STATE_STREAMING)
2500 avdtp_sep_set_state(session, sep, AVDTP_STATE_STREAMING);
2501
2502 return TRUE;
2503 }
2504
avdtp_close_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2505 static gboolean avdtp_close_resp(struct avdtp *session,
2506 struct avdtp_stream *stream,
2507 struct seid_rej *resp, int size)
2508 {
2509 struct avdtp_local_sep *sep = stream->lsep;
2510
2511 avdtp_sep_set_state(session, sep, AVDTP_STATE_CLOSING);
2512
2513 close_stream(stream);
2514
2515 return TRUE;
2516 }
2517
avdtp_suspend_resp(struct avdtp * session,struct avdtp_stream * stream,void * data,int size)2518 static gboolean avdtp_suspend_resp(struct avdtp *session,
2519 struct avdtp_stream *stream,
2520 void *data, int size)
2521 {
2522 struct avdtp_local_sep *sep = stream->lsep;
2523
2524 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
2525
2526 if (sep->cfm && sep->cfm->suspend)
2527 sep->cfm->suspend(session, sep, stream, NULL, sep->user_data);
2528
2529 return TRUE;
2530 }
2531
avdtp_abort_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2532 static gboolean avdtp_abort_resp(struct avdtp *session,
2533 struct avdtp_stream *stream,
2534 struct seid_rej *resp, int size)
2535 {
2536 struct avdtp_local_sep *sep = stream->lsep;
2537
2538 avdtp_sep_set_state(session, sep, AVDTP_STATE_ABORTING);
2539
2540 if (sep->cfm && sep->cfm->abort)
2541 sep->cfm->abort(session, sep, stream, NULL, sep->user_data);
2542
2543 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
2544
2545 return TRUE;
2546 }
2547
avdtp_parse_resp(struct avdtp * session,struct avdtp_stream * stream,uint8_t transaction,uint8_t signal_id,void * buf,int size)2548 static gboolean avdtp_parse_resp(struct avdtp *session,
2549 struct avdtp_stream *stream,
2550 uint8_t transaction, uint8_t signal_id,
2551 void *buf, int size)
2552 {
2553 struct pending_req *next;
2554
2555 if (session->prio_queue)
2556 next = session->prio_queue->data;
2557 else if (session->req_queue)
2558 next = session->req_queue->data;
2559 else
2560 next = NULL;
2561
2562 switch (signal_id) {
2563 case AVDTP_DISCOVER:
2564 debug("DISCOVER request succeeded");
2565 return avdtp_discover_resp(session, buf, size);
2566 case AVDTP_GET_CAPABILITIES:
2567 debug("GET_CAPABILITIES request succeeded");
2568 if (!avdtp_get_capabilities_resp(session, buf, size))
2569 return FALSE;
2570 if (!(next && next->signal_id == AVDTP_GET_CAPABILITIES))
2571 finalize_discovery(session, 0);
2572 return TRUE;
2573 }
2574
2575 /* The remaining commands require an existing stream so bail out
2576 * here if the stream got unexpectedly disconnected */
2577 if (!stream) {
2578 debug("AVDTP: stream was closed while waiting for reply");
2579 return TRUE;
2580 }
2581
2582 switch (signal_id) {
2583 case AVDTP_SET_CONFIGURATION:
2584 debug("SET_CONFIGURATION request succeeded");
2585 return avdtp_set_configuration_resp(session, stream,
2586 buf, size);
2587 case AVDTP_RECONFIGURE:
2588 debug("RECONFIGURE request succeeded");
2589 return avdtp_reconfigure_resp(session, stream, buf, size);
2590 case AVDTP_OPEN:
2591 debug("OPEN request succeeded");
2592 return avdtp_open_resp(session, stream, buf, size);
2593 case AVDTP_SUSPEND:
2594 debug("SUSPEND request succeeded");
2595 return avdtp_suspend_resp(session, stream, buf, size);
2596 case AVDTP_START:
2597 debug("START request succeeded");
2598 return avdtp_start_resp(session, stream, buf, size);
2599 case AVDTP_CLOSE:
2600 debug("CLOSE request succeeded");
2601 return avdtp_close_resp(session, stream, buf, size);
2602 case AVDTP_ABORT:
2603 debug("ABORT request succeeded");
2604 return avdtp_abort_resp(session, stream, buf, size);
2605 }
2606
2607 error("Unknown signal id in accept response: %u", signal_id);
2608 return TRUE;
2609 }
2610
seid_rej_to_err(struct seid_rej * rej,unsigned int size,struct avdtp_error * err)2611 static gboolean seid_rej_to_err(struct seid_rej *rej, unsigned int size,
2612 struct avdtp_error *err)
2613 {
2614 if (size < sizeof(struct seid_rej)) {
2615 error("Too small packet for seid_rej");
2616 return FALSE;
2617 }
2618
2619 avdtp_error_init(err, AVDTP_ERROR_ERROR_CODE, rej->error);
2620
2621 return TRUE;
2622 }
2623
conf_rej_to_err(struct conf_rej * rej,unsigned int size,struct avdtp_error * err,uint8_t * category)2624 static gboolean conf_rej_to_err(struct conf_rej *rej, unsigned int size,
2625 struct avdtp_error *err, uint8_t *category)
2626 {
2627 if (size < sizeof(struct conf_rej)) {
2628 error("Too small packet for conf_rej");
2629 return FALSE;
2630 }
2631
2632 avdtp_error_init(err, AVDTP_ERROR_ERROR_CODE, rej->error);
2633
2634 if (category)
2635 *category = rej->category;
2636
2637 return TRUE;
2638 }
2639
stream_rej_to_err(struct stream_rej * rej,unsigned int size,struct avdtp_error * err,uint8_t * acp_seid)2640 static gboolean stream_rej_to_err(struct stream_rej *rej, unsigned int size,
2641 struct avdtp_error *err,
2642 uint8_t *acp_seid)
2643 {
2644 if (size < sizeof(struct stream_rej)) {
2645 error("Too small packet for stream_rej");
2646 return FALSE;
2647 }
2648
2649 avdtp_error_init(err, AVDTP_ERROR_ERROR_CODE, rej->error);
2650
2651 if (acp_seid)
2652 *acp_seid = rej->acp_seid;
2653
2654 return TRUE;
2655 }
2656
avdtp_parse_rej(struct avdtp * session,struct avdtp_stream * stream,uint8_t transaction,uint8_t signal_id,void * buf,int size)2657 static gboolean avdtp_parse_rej(struct avdtp *session,
2658 struct avdtp_stream *stream,
2659 uint8_t transaction, uint8_t signal_id,
2660 void *buf, int size)
2661 {
2662 struct avdtp_error err;
2663 uint8_t acp_seid, category;
2664 struct avdtp_local_sep *sep = stream ? stream->lsep : NULL;
2665
2666 switch (signal_id) {
2667 case AVDTP_DISCOVER:
2668 if (!seid_rej_to_err(buf, size, &err))
2669 return FALSE;
2670 error("DISCOVER request rejected: %s (%d)",
2671 avdtp_strerror(&err), err.err.error_code);
2672 return TRUE;
2673 case AVDTP_GET_CAPABILITIES:
2674 if (!seid_rej_to_err(buf, size, &err))
2675 return FALSE;
2676 error("GET_CAPABILITIES request rejected: %s (%d)",
2677 avdtp_strerror(&err), err.err.error_code);
2678 return TRUE;
2679 case AVDTP_OPEN:
2680 if (!seid_rej_to_err(buf, size, &err))
2681 return FALSE;
2682 error("OPEN request rejected: %s (%d)",
2683 avdtp_strerror(&err), err.err.error_code);
2684 if (sep && sep->cfm && sep->cfm->open)
2685 sep->cfm->open(session, sep, stream, &err,
2686 sep->user_data);
2687 return TRUE;
2688 case AVDTP_SET_CONFIGURATION:
2689 if (!conf_rej_to_err(buf, size, &err, &category))
2690 return FALSE;
2691 error("SET_CONFIGURATION request rejected: %s (%d)",
2692 avdtp_strerror(&err), err.err.error_code);
2693 if (sep && sep->cfm && sep->cfm->set_configuration)
2694 sep->cfm->set_configuration(session, sep, stream,
2695 &err, sep->user_data);
2696 return TRUE;
2697 case AVDTP_RECONFIGURE:
2698 if (!conf_rej_to_err(buf, size, &err, &category))
2699 return FALSE;
2700 error("RECONFIGURE request rejected: %s (%d)",
2701 avdtp_strerror(&err), err.err.error_code);
2702 if (sep && sep->cfm && sep->cfm->reconfigure)
2703 sep->cfm->reconfigure(session, sep, stream, &err,
2704 sep->user_data);
2705 return TRUE;
2706 case AVDTP_START:
2707 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
2708 return FALSE;
2709 error("START request rejected: %s (%d)",
2710 avdtp_strerror(&err), err.err.error_code);
2711 if (sep && sep->cfm && sep->cfm->start)
2712 sep->cfm->start(session, sep, stream, &err,
2713 sep->user_data);
2714 return TRUE;
2715 case AVDTP_SUSPEND:
2716 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
2717 return FALSE;
2718 error("SUSPEND request rejected: %s (%d)",
2719 avdtp_strerror(&err), err.err.error_code);
2720 if (sep && sep->cfm && sep->cfm->suspend)
2721 sep->cfm->suspend(session, sep, stream, &err,
2722 sep->user_data);
2723 return TRUE;
2724 case AVDTP_CLOSE:
2725 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
2726 return FALSE;
2727 error("CLOSE request rejected: %s (%d)",
2728 avdtp_strerror(&err), err.err.error_code);
2729 if (sep && sep->cfm && sep->cfm->close) {
2730 sep->cfm->close(session, sep, stream, &err,
2731 sep->user_data);
2732 stream->close_int = FALSE;
2733 }
2734 return TRUE;
2735 case AVDTP_ABORT:
2736 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
2737 return FALSE;
2738 error("ABORT request rejected: %s (%d)",
2739 avdtp_strerror(&err), err.err.error_code);
2740 if (sep && sep->cfm && sep->cfm->abort)
2741 sep->cfm->abort(session, sep, stream, &err,
2742 sep->user_data);
2743 return TRUE;
2744 default:
2745 error("Unknown reject response signal id: %u", signal_id);
2746 return TRUE;
2747 }
2748 }
2749
avdtp_is_connected(const bdaddr_t * src,const bdaddr_t * dst)2750 gboolean avdtp_is_connected(const bdaddr_t *src, const bdaddr_t *dst)
2751 {
2752 struct avdtp_server *server;
2753 struct avdtp *session;
2754
2755 server = find_server(servers, src);
2756 if (!server)
2757 return FALSE;
2758
2759 session = find_session(server->sessions, dst);
2760 if (!session)
2761 return FALSE;
2762
2763 if (session->state != AVDTP_SESSION_STATE_DISCONNECTED)
2764 return TRUE;
2765
2766 return FALSE;
2767 }
2768
avdtp_stream_get_codec(struct avdtp_stream * stream)2769 struct avdtp_service_capability *avdtp_stream_get_codec(
2770 struct avdtp_stream *stream)
2771 {
2772 GSList *l;
2773
2774 for (l = stream->caps; l; l = l->next) {
2775 struct avdtp_service_capability *cap = l->data;
2776
2777 if (cap->category == AVDTP_MEDIA_CODEC)
2778 return cap;
2779 }
2780
2781 return NULL;
2782 }
2783
avdtp_stream_has_capability(struct avdtp_stream * stream,struct avdtp_service_capability * cap)2784 gboolean avdtp_stream_has_capability(struct avdtp_stream *stream,
2785 struct avdtp_service_capability *cap)
2786 {
2787 GSList *l;
2788 struct avdtp_service_capability *stream_cap;
2789
2790 for (l = stream->caps; l; l = g_slist_next(l)) {
2791 stream_cap = l->data;
2792
2793 if (stream_cap->category != cap->category ||
2794 stream_cap->length != cap->length)
2795 continue;
2796
2797 if (memcmp(stream_cap->data, cap->data, cap->length) == 0)
2798 return TRUE;
2799 }
2800
2801 return FALSE;
2802 }
2803
avdtp_stream_has_capabilities(struct avdtp_stream * stream,GSList * caps)2804 gboolean avdtp_stream_has_capabilities(struct avdtp_stream *stream,
2805 GSList *caps)
2806 {
2807 GSList *l;
2808
2809 for (l = caps; l; l = g_slist_next(l)) {
2810 struct avdtp_service_capability *cap = l->data;
2811
2812 if (!avdtp_stream_has_capability(stream, cap))
2813 return FALSE;
2814 }
2815
2816 return TRUE;
2817 }
2818
avdtp_stream_get_transport(struct avdtp_stream * stream,int * sock,uint16_t * imtu,uint16_t * omtu,GSList ** caps)2819 gboolean avdtp_stream_get_transport(struct avdtp_stream *stream, int *sock,
2820 uint16_t *imtu, uint16_t *omtu,
2821 GSList **caps)
2822 {
2823 if (stream->io == NULL)
2824 return FALSE;
2825
2826 if (sock)
2827 *sock = g_io_channel_unix_get_fd(stream->io);
2828
2829 if (omtu)
2830 *omtu = stream->omtu;
2831
2832 if (imtu)
2833 *imtu = stream->imtu;
2834
2835 if (caps)
2836 *caps = stream->caps;
2837
2838 return TRUE;
2839 }
2840
process_queue(struct avdtp * session)2841 static int process_queue(struct avdtp *session)
2842 {
2843 GSList **queue, *l;
2844 struct pending_req *req;
2845
2846 if (session->req)
2847 return 0;
2848
2849 if (session->prio_queue)
2850 queue = &session->prio_queue;
2851 else
2852 queue = &session->req_queue;
2853
2854 if (!*queue)
2855 return 0;
2856
2857 l = *queue;
2858 req = l->data;
2859
2860 *queue = g_slist_remove(*queue, req);
2861
2862 return send_req(session, FALSE, req);
2863 }
2864
avdtp_get_remote_sep(struct avdtp * session,uint8_t seid)2865 struct avdtp_remote_sep *avdtp_get_remote_sep(struct avdtp *session,
2866 uint8_t seid)
2867 {
2868 GSList *l;
2869
2870 for (l = session->seps; l; l = l->next) {
2871 struct avdtp_remote_sep *sep = l->data;
2872
2873 if (sep->seid == seid)
2874 return sep;
2875 }
2876
2877 return NULL;
2878 }
2879
avdtp_get_seid(struct avdtp_remote_sep * sep)2880 uint8_t avdtp_get_seid(struct avdtp_remote_sep *sep)
2881 {
2882 return sep->seid;
2883 }
2884
avdtp_get_type(struct avdtp_remote_sep * sep)2885 uint8_t avdtp_get_type(struct avdtp_remote_sep *sep)
2886 {
2887 return sep->type;
2888 }
2889
avdtp_get_codec(struct avdtp_remote_sep * sep)2890 struct avdtp_service_capability *avdtp_get_codec(struct avdtp_remote_sep *sep)
2891 {
2892 return sep->codec;
2893 }
2894
avdtp_get_stream(struct avdtp_remote_sep * sep)2895 struct avdtp_stream *avdtp_get_stream(struct avdtp_remote_sep *sep)
2896 {
2897 return sep->stream;
2898 }
2899
avdtp_service_cap_new(uint8_t category,void * data,int length)2900 struct avdtp_service_capability *avdtp_service_cap_new(uint8_t category,
2901 void *data, int length)
2902 {
2903 struct avdtp_service_capability *cap;
2904
2905 if (category < AVDTP_MEDIA_TRANSPORT || category > AVDTP_MEDIA_CODEC)
2906 return NULL;
2907
2908 cap = g_malloc(sizeof(struct avdtp_service_capability) + length);
2909 cap->category = category;
2910 cap->length = length;
2911 memcpy(cap->data, data, length);
2912
2913 return cap;
2914 }
2915
process_discover(gpointer data)2916 static gboolean process_discover(gpointer data)
2917 {
2918 struct avdtp *session = data;
2919
2920 finalize_discovery(session, 0);
2921
2922 return FALSE;
2923 }
2924
avdtp_discover(struct avdtp * session,avdtp_discover_cb_t cb,void * user_data)2925 int avdtp_discover(struct avdtp *session, avdtp_discover_cb_t cb,
2926 void *user_data)
2927 {
2928 int ret;
2929
2930 if (session->discov_cb)
2931 return -EBUSY;
2932
2933 if (session->seps) {
2934 session->discov_cb = cb;
2935 session->user_data = user_data;
2936 g_idle_add(process_discover, session);
2937 return 0;
2938 }
2939
2940 ret = send_request(session, FALSE, NULL, AVDTP_DISCOVER, NULL, 0);
2941 if (ret == 0) {
2942 session->discov_cb = cb;
2943 session->user_data = user_data;
2944 }
2945
2946 return ret;
2947 }
2948
avdtp_get_seps(struct avdtp * session,uint8_t acp_type,uint8_t media_type,uint8_t codec,struct avdtp_local_sep ** lsep,struct avdtp_remote_sep ** rsep)2949 int avdtp_get_seps(struct avdtp *session, uint8_t acp_type, uint8_t media_type,
2950 uint8_t codec, struct avdtp_local_sep **lsep,
2951 struct avdtp_remote_sep **rsep)
2952 {
2953 GSList *l;
2954 uint8_t int_type;
2955
2956 int_type = acp_type == AVDTP_SEP_TYPE_SINK ?
2957 AVDTP_SEP_TYPE_SOURCE : AVDTP_SEP_TYPE_SINK;
2958
2959 *lsep = find_local_sep(session->server, int_type, media_type, codec);
2960 if (!*lsep)
2961 return -EINVAL;
2962
2963 for (l = session->seps; l != NULL; l = g_slist_next(l)) {
2964 struct avdtp_remote_sep *sep = l->data;
2965 struct avdtp_service_capability *cap;
2966 struct avdtp_media_codec_capability *codec_data;
2967
2968 if (sep->type != acp_type)
2969 continue;
2970
2971 if (sep->media_type != media_type)
2972 continue;
2973
2974 if (!sep->codec)
2975 continue;
2976
2977 cap = sep->codec;
2978 codec_data = (void *) cap->data;
2979
2980 if (codec_data->media_codec_type != codec)
2981 continue;
2982
2983 if (!sep->stream) {
2984 *rsep = sep;
2985 return 0;
2986 }
2987 }
2988
2989 return -EINVAL;
2990 }
2991
avdtp_stream_remove_cb(struct avdtp * session,struct avdtp_stream * stream,unsigned int id)2992 gboolean avdtp_stream_remove_cb(struct avdtp *session,
2993 struct avdtp_stream *stream,
2994 unsigned int id)
2995 {
2996 GSList *l;
2997 struct stream_callback *cb;
2998
2999 if (!stream)
3000 return FALSE;
3001
3002 for (cb = NULL, l = stream->callbacks; l != NULL; l = l->next) {
3003 struct stream_callback *tmp = l->data;
3004 if (tmp && tmp->id == id) {
3005 cb = tmp;
3006 break;
3007 }
3008 }
3009
3010 if (!cb)
3011 return FALSE;
3012
3013 stream->callbacks = g_slist_remove(stream->callbacks, cb);
3014 g_free(cb);
3015
3016 return TRUE;
3017 }
3018
avdtp_stream_add_cb(struct avdtp * session,struct avdtp_stream * stream,avdtp_stream_state_cb cb,void * data)3019 unsigned int avdtp_stream_add_cb(struct avdtp *session,
3020 struct avdtp_stream *stream,
3021 avdtp_stream_state_cb cb, void *data)
3022 {
3023 struct stream_callback *stream_cb;
3024 static unsigned int id = 0;
3025
3026 stream_cb = g_new(struct stream_callback, 1);
3027 stream_cb->cb = cb;
3028 stream_cb->user_data = data;
3029 stream_cb->id = ++id;
3030
3031 stream->callbacks = g_slist_append(stream->callbacks, stream_cb);;
3032
3033 return stream_cb->id;
3034 }
3035
avdtp_get_configuration(struct avdtp * session,struct avdtp_stream * stream)3036 int avdtp_get_configuration(struct avdtp *session, struct avdtp_stream *stream)
3037 {
3038 struct seid_req req;
3039
3040 if (session->state < AVDTP_SESSION_STATE_CONNECTED)
3041 return -EINVAL;
3042
3043 memset(&req, 0, sizeof(req));
3044 req.acp_seid = stream->rseid;
3045
3046 return send_request(session, FALSE, stream, AVDTP_GET_CONFIGURATION,
3047 &req, sizeof(req));
3048 }
3049
copy_capabilities(gpointer data,gpointer user_data)3050 static void copy_capabilities(gpointer data, gpointer user_data)
3051 {
3052 struct avdtp_service_capability *src_cap = data;
3053 struct avdtp_service_capability *dst_cap;
3054 GSList **l = user_data;
3055
3056 dst_cap = avdtp_service_cap_new(src_cap->category, src_cap->data,
3057 src_cap->length);
3058
3059 *l = g_slist_append(*l, dst_cap);
3060 }
3061
avdtp_set_configuration(struct avdtp * session,struct avdtp_remote_sep * rsep,struct avdtp_local_sep * lsep,GSList * caps,struct avdtp_stream ** stream)3062 int avdtp_set_configuration(struct avdtp *session,
3063 struct avdtp_remote_sep *rsep,
3064 struct avdtp_local_sep *lsep,
3065 GSList *caps,
3066 struct avdtp_stream **stream)
3067 {
3068 struct setconf_req *req;
3069 struct avdtp_stream *new_stream;
3070 unsigned char *ptr;
3071 int ret, caps_len;
3072 struct avdtp_service_capability *cap;
3073 GSList *l;
3074
3075 if (session->state != AVDTP_SESSION_STATE_CONNECTED)
3076 return -ENOTCONN;
3077
3078 if (!(lsep && rsep))
3079 return -EINVAL;
3080
3081 debug("avdtp_set_configuration(%p): int_seid=%u, acp_seid=%u",
3082 session, lsep->info.seid, rsep->seid);
3083
3084 new_stream = g_new0(struct avdtp_stream, 1);
3085 new_stream->session = session;
3086 new_stream->lsep = lsep;
3087 new_stream->rseid = rsep->seid;
3088
3089 g_slist_foreach(caps, copy_capabilities, &new_stream->caps);
3090
3091 /* Calculate total size of request */
3092 for (l = caps, caps_len = 0; l != NULL; l = g_slist_next(l)) {
3093 cap = l->data;
3094 caps_len += cap->length + 2;
3095 }
3096
3097 req = g_malloc0(sizeof(struct setconf_req) + caps_len);
3098
3099 req->int_seid = lsep->info.seid;
3100 req->acp_seid = rsep->seid;
3101
3102 /* Copy the capabilities into the request */
3103 for (l = caps, ptr = req->caps; l != NULL; l = g_slist_next(l)) {
3104 cap = l->data;
3105 memcpy(ptr, cap, cap->length + 2);
3106 ptr += cap->length + 2;
3107 }
3108
3109 ret = send_request(session, FALSE, new_stream,
3110 AVDTP_SET_CONFIGURATION, req,
3111 sizeof(struct setconf_req) + caps_len);
3112 if (ret < 0)
3113 stream_free(new_stream);
3114 else {
3115 lsep->info.inuse = 1;
3116 lsep->stream = new_stream;
3117 rsep->stream = new_stream;
3118 session->streams = g_slist_append(session->streams, new_stream);
3119 if (stream)
3120 *stream = new_stream;
3121 }
3122
3123 g_free(req);
3124
3125 return ret;
3126 }
3127
avdtp_reconfigure(struct avdtp * session,GSList * caps,struct avdtp_stream * stream)3128 int avdtp_reconfigure(struct avdtp *session, GSList *caps,
3129 struct avdtp_stream *stream)
3130 {
3131 struct reconf_req *req;
3132 unsigned char *ptr;
3133 int caps_len, err;
3134 GSList *l;
3135 struct avdtp_service_capability *cap;
3136
3137 if (!g_slist_find(session->streams, stream))
3138 return -EINVAL;
3139
3140 if (stream->lsep->state != AVDTP_STATE_OPEN)
3141 return -EINVAL;
3142
3143 /* Calculate total size of request */
3144 for (l = caps, caps_len = 0; l != NULL; l = g_slist_next(l)) {
3145 cap = l->data;
3146 caps_len += cap->length + 2;
3147 }
3148
3149 req = g_malloc0(sizeof(struct reconf_req) + caps_len);
3150
3151 req->acp_seid = stream->rseid;
3152
3153 /* Copy the capabilities into the request */
3154 for (l = caps, ptr = req->caps; l != NULL; l = g_slist_next(l)) {
3155 cap = l->data;
3156 memcpy(ptr, cap, cap->length + 2);
3157 ptr += cap->length + 2;
3158 }
3159
3160 err = send_request(session, FALSE, stream, AVDTP_RECONFIGURE, req,
3161 sizeof(*req) + caps_len);
3162 g_free(req);
3163
3164 return err;
3165 }
3166
avdtp_open(struct avdtp * session,struct avdtp_stream * stream)3167 int avdtp_open(struct avdtp *session, struct avdtp_stream *stream)
3168 {
3169 struct seid_req req;
3170
3171 if (!g_slist_find(session->streams, stream))
3172 return -EINVAL;
3173
3174 if (stream->lsep->state > AVDTP_STATE_CONFIGURED)
3175 return -EINVAL;
3176
3177 memset(&req, 0, sizeof(req));
3178 req.acp_seid = stream->rseid;
3179
3180 return send_request(session, FALSE, stream, AVDTP_OPEN,
3181 &req, sizeof(req));
3182 }
3183
avdtp_start(struct avdtp * session,struct avdtp_stream * stream)3184 int avdtp_start(struct avdtp *session, struct avdtp_stream *stream)
3185 {
3186 struct start_req req;
3187
3188 if (!g_slist_find(session->streams, stream))
3189 return -EINVAL;
3190
3191 if (stream->lsep->state != AVDTP_STATE_OPEN)
3192 return -EINVAL;
3193
3194 if (stream->close_int == TRUE) {
3195 error("avdtp_start: rejecting start since close is initiated");
3196 return -EINVAL;
3197 }
3198
3199 memset(&req, 0, sizeof(req));
3200 req.first_seid.seid = stream->rseid;
3201
3202 return send_request(session, FALSE, stream, AVDTP_START,
3203 &req, sizeof(req));
3204 }
3205
avdtp_close(struct avdtp * session,struct avdtp_stream * stream)3206 int avdtp_close(struct avdtp *session, struct avdtp_stream *stream)
3207 {
3208 struct seid_req req;
3209 int ret;
3210
3211 if (!g_slist_find(session->streams, stream))
3212 return -EINVAL;
3213
3214 if (stream->lsep->state < AVDTP_STATE_OPEN)
3215 return -EINVAL;
3216
3217 if (stream->close_int == TRUE) {
3218 error("avdtp_close: rejecting since close is already initiated");
3219 return -EINVAL;
3220 }
3221
3222 memset(&req, 0, sizeof(req));
3223 req.acp_seid = stream->rseid;
3224
3225 ret = send_request(session, FALSE, stream, AVDTP_CLOSE,
3226 &req, sizeof(req));
3227 if (ret == 0)
3228 stream->close_int = TRUE;
3229
3230 return ret;
3231 }
3232
avdtp_suspend(struct avdtp * session,struct avdtp_stream * stream)3233 int avdtp_suspend(struct avdtp *session, struct avdtp_stream *stream)
3234 {
3235 struct seid_req req;
3236
3237 if (!g_slist_find(session->streams, stream))
3238 return -EINVAL;
3239
3240 if (stream->lsep->state <= AVDTP_STATE_OPEN || stream->close_int)
3241 return -EINVAL;
3242
3243 memset(&req, 0, sizeof(req));
3244 req.acp_seid = stream->rseid;
3245
3246 return send_request(session, FALSE, stream, AVDTP_SUSPEND,
3247 &req, sizeof(req));
3248 }
3249
avdtp_abort(struct avdtp * session,struct avdtp_stream * stream)3250 int avdtp_abort(struct avdtp *session, struct avdtp_stream *stream)
3251 {
3252 struct seid_req req;
3253 int ret;
3254
3255 if (!g_slist_find(session->streams, stream))
3256 return -EINVAL;
3257
3258 if (stream->lsep->state <= AVDTP_STATE_OPEN)
3259 return -EINVAL;
3260
3261 memset(&req, 0, sizeof(req));
3262 req.acp_seid = stream->rseid;
3263
3264 ret = send_request(session, TRUE, stream, AVDTP_ABORT,
3265 &req, sizeof(req));
3266 if (ret == 0)
3267 stream->abort_int = TRUE;
3268
3269 return ret;
3270 }
3271
avdtp_register_sep(const bdaddr_t * src,uint8_t type,uint8_t media_type,uint8_t codec_type,struct avdtp_sep_ind * ind,struct avdtp_sep_cfm * cfm,void * user_data)3272 struct avdtp_local_sep *avdtp_register_sep(const bdaddr_t *src, uint8_t type,
3273 uint8_t media_type,
3274 uint8_t codec_type,
3275 struct avdtp_sep_ind *ind,
3276 struct avdtp_sep_cfm *cfm,
3277 void *user_data)
3278 {
3279 struct avdtp_server *server;
3280 struct avdtp_local_sep *sep;
3281
3282 server = find_server(servers, src);
3283 if (!server)
3284 return NULL;
3285
3286 if (g_slist_length(server->seps) > MAX_SEID)
3287 return NULL;
3288
3289 sep = g_new0(struct avdtp_local_sep, 1);
3290
3291 sep->state = AVDTP_STATE_IDLE;
3292 sep->info.seid = g_slist_length(server->seps) + 1;
3293 sep->info.type = type;
3294 sep->info.media_type = media_type;
3295 sep->codec = codec_type;
3296 sep->ind = ind;
3297 sep->cfm = cfm;
3298 sep->user_data = user_data;
3299 sep->server = server;
3300
3301 debug("SEP %p registered: type:%d codec:%d seid:%d", sep,
3302 sep->info.type, sep->codec, sep->info.seid);
3303 server->seps = g_slist_append(server->seps, sep);
3304
3305 return sep;
3306 }
3307
avdtp_unregister_sep(struct avdtp_local_sep * sep)3308 int avdtp_unregister_sep(struct avdtp_local_sep *sep)
3309 {
3310 struct avdtp_server *server;
3311
3312 if (!sep)
3313 return -EINVAL;
3314
3315 server = sep->server;
3316 server->seps = g_slist_remove(server->seps, sep);
3317
3318 if (sep->stream)
3319 release_stream(sep->stream, sep->stream->session);
3320
3321 g_free(sep);
3322
3323 return 0;
3324 }
3325
avdtp_server_socket(const bdaddr_t * src,gboolean master)3326 static GIOChannel *avdtp_server_socket(const bdaddr_t *src, gboolean master)
3327 {
3328 GError *err = NULL;
3329 GIOChannel *io;
3330
3331 io = bt_io_listen(BT_IO_L2CAP, NULL, avdtp_confirm_cb,
3332 NULL, NULL, &err,
3333 BT_IO_OPT_SOURCE_BDADDR, src,
3334 BT_IO_OPT_PSM, AVDTP_PSM,
3335 BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
3336 BT_IO_OPT_MASTER, master,
3337 BT_IO_OPT_INVALID);
3338 if (!io) {
3339 error("%s", err->message);
3340 g_error_free(err);
3341 }
3342
3343 return io;
3344 }
3345
avdtp_strerror(struct avdtp_error * err)3346 const char *avdtp_strerror(struct avdtp_error *err)
3347 {
3348 if (err->type == AVDTP_ERROR_ERRNO)
3349 return strerror(err->err.posix_errno);
3350
3351 switch(err->err.error_code) {
3352 case AVDTP_BAD_HEADER_FORMAT:
3353 return "Bad Header Format";
3354 case AVDTP_BAD_LENGTH:
3355 return "Bad Packet Lenght";
3356 case AVDTP_BAD_ACP_SEID:
3357 return "Bad Acceptor SEID";
3358 case AVDTP_SEP_IN_USE:
3359 return "Stream End Point in Use";
3360 case AVDTP_SEP_NOT_IN_USE:
3361 return "Stream End Point Not in Use";
3362 case AVDTP_BAD_SERV_CATEGORY:
3363 return "Bad Service Category";
3364 case AVDTP_BAD_PAYLOAD_FORMAT:
3365 return "Bad Payload format";
3366 case AVDTP_NOT_SUPPORTED_COMMAND:
3367 return "Command Not Supported";
3368 case AVDTP_INVALID_CAPABILITIES:
3369 return "Invalid Capabilities";
3370 case AVDTP_BAD_RECOVERY_TYPE:
3371 return "Bad Recovery Type";
3372 case AVDTP_BAD_MEDIA_TRANSPORT_FORMAT:
3373 return "Bad Media Transport Format";
3374 case AVDTP_BAD_RECOVERY_FORMAT:
3375 return "Bad Recovery Format";
3376 case AVDTP_BAD_ROHC_FORMAT:
3377 return "Bad Header Compression Format";
3378 case AVDTP_BAD_CP_FORMAT:
3379 return "Bad Content Protetion Format";
3380 case AVDTP_BAD_MULTIPLEXING_FORMAT:
3381 return "Bad Multiplexing Format";
3382 case AVDTP_UNSUPPORTED_CONFIGURATION:
3383 return "Configuration not supported";
3384 case AVDTP_BAD_STATE:
3385 return "Bad State";
3386 default:
3387 return "Unknow error";
3388 }
3389 }
3390
avdtp_sep_get_state(struct avdtp_local_sep * sep)3391 avdtp_state_t avdtp_sep_get_state(struct avdtp_local_sep *sep)
3392 {
3393 return sep->state;
3394 }
3395
avdtp_get_peers(struct avdtp * session,bdaddr_t * src,bdaddr_t * dst)3396 void avdtp_get_peers(struct avdtp *session, bdaddr_t *src, bdaddr_t *dst)
3397 {
3398 if (src)
3399 bacpy(src, &session->server->src);
3400 if (dst)
3401 bacpy(dst, &session->dst);
3402 }
3403
avdtp_init(const bdaddr_t * src,GKeyFile * config)3404 int avdtp_init(const bdaddr_t *src, GKeyFile *config)
3405 {
3406 GError *err = NULL;
3407 gboolean tmp, master = TRUE;
3408 struct avdtp_server *server;
3409
3410 if (config) {
3411 tmp = g_key_file_get_boolean(config, "General",
3412 "Master", &err);
3413 if (err) {
3414 debug("audio.conf: %s", err->message);
3415 g_clear_error(&err);
3416 } else
3417 master = tmp;
3418
3419 tmp = g_key_file_get_boolean(config, "General", "AutoConnect",
3420 &err);
3421 if (err)
3422 g_clear_error(&err);
3423 else
3424 auto_connect = tmp;
3425 }
3426
3427 server = g_new0(struct avdtp_server, 1);
3428 if (!server)
3429 return -ENOMEM;
3430
3431 server->io = avdtp_server_socket(src, master);
3432 if (!server->io) {
3433 g_free(server);
3434 return -1;
3435 }
3436
3437 bacpy(&server->src, src);
3438
3439 servers = g_slist_append(servers, server);
3440
3441 return 0;
3442 }
3443
avdtp_exit(const bdaddr_t * src)3444 void avdtp_exit(const bdaddr_t *src)
3445 {
3446 struct avdtp_server *server;
3447 GSList *l;
3448
3449 server = find_server(servers, src);
3450 if (!server)
3451 return;
3452
3453 for (l = server->sessions; l; l = l->next) {
3454 struct avdtp *session = l->data;
3455
3456 connection_lost(session, -ECONNABORTED);
3457 }
3458
3459 servers = g_slist_remove(servers, server);
3460
3461 g_io_channel_shutdown(server->io, TRUE, NULL);
3462 g_io_channel_unref(server->io);
3463 g_free(server);
3464 }
3465
avdtp_has_stream(struct avdtp * session,struct avdtp_stream * stream)3466 gboolean avdtp_has_stream(struct avdtp *session, struct avdtp_stream *stream)
3467 {
3468 return g_slist_find(session->streams, stream) ? TRUE : FALSE;
3469 }
3470
avdtp_set_auto_disconnect(struct avdtp * session,gboolean auto_dc)3471 void avdtp_set_auto_disconnect(struct avdtp *session, gboolean auto_dc)
3472 {
3473 session->auto_dc = auto_dc;
3474 }
3475
avdtp_stream_setup_active(struct avdtp * session)3476 gboolean avdtp_stream_setup_active(struct avdtp *session)
3477 {
3478 return session->stream_setup;
3479 }
3480
avdtp_add_state_cb(avdtp_session_state_cb cb,void * user_data)3481 unsigned int avdtp_add_state_cb(avdtp_session_state_cb cb, void *user_data)
3482 {
3483 struct avdtp_state_callback *state_cb;
3484 static unsigned int id = 0;
3485
3486 state_cb = g_new(struct avdtp_state_callback, 1);
3487 state_cb->cb = cb;
3488 state_cb->user_data = user_data;
3489 state_cb->id = ++id;
3490
3491 avdtp_callbacks = g_slist_append(avdtp_callbacks, state_cb);;
3492
3493 return state_cb->id;
3494 }
3495
avdtp_remove_state_cb(unsigned int id)3496 gboolean avdtp_remove_state_cb(unsigned int id)
3497 {
3498 GSList *l;
3499
3500 for (l = avdtp_callbacks; l != NULL; l = l->next) {
3501 struct avdtp_state_callback *cb = l->data;
3502 if (cb && cb->id == id) {
3503 avdtp_callbacks = g_slist_remove(avdtp_callbacks, cb);
3504 g_free(cb);
3505 return TRUE;
3506 }
3507 }
3508
3509 return FALSE;
3510 }
3511