1 /*
2 *
3 * BlueZ - Bluetooth protocol stack for Linux
4 *
5 * Copyright (C) 2006-2010 Nokia Corporation
6 * Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
22 *
23 */
24
25 #ifdef HAVE_CONFIG_H
26 #include <config.h>
27 #endif
28
29 #include <stdlib.h>
30 #include <stdio.h>
31 #include <stdint.h>
32 #include <errno.h>
33 #include <unistd.h>
34 #include <assert.h>
35 #include <signal.h>
36 #include <netinet/in.h>
37
38 #include <bluetooth/bluetooth.h>
39 #include <bluetooth/sdp.h>
40 #include <bluetooth/sdp_lib.h>
41
42 #include <glib.h>
43 #include <dbus/dbus.h>
44
45 #include "log.h"
46
47 #include "../src/adapter.h"
48 #include "../src/manager.h"
49 #include "../src/device.h"
50
51 #include "device.h"
52 #include "manager.h"
53 #include "control.h"
54 #include "avdtp.h"
55 #include "glib-helper.h"
56 #include "btio.h"
57 #include "sink.h"
58 #include "source.h"
59
60 #define AVDTP_PSM 25
61
62 #define MAX_SEID 0x3E
63
64 #define AVDTP_DISCOVER 0x01
65 #define AVDTP_GET_CAPABILITIES 0x02
66 #define AVDTP_SET_CONFIGURATION 0x03
67 #define AVDTP_GET_CONFIGURATION 0x04
68 #define AVDTP_RECONFIGURE 0x05
69 #define AVDTP_OPEN 0x06
70 #define AVDTP_START 0x07
71 #define AVDTP_CLOSE 0x08
72 #define AVDTP_SUSPEND 0x09
73 #define AVDTP_ABORT 0x0A
74 #define AVDTP_SECURITY_CONTROL 0x0B
75 #define AVDTP_GET_ALL_CAPABILITIES 0x0C
76 #define AVDTP_DELAY_REPORT 0x0D
77
78 #define AVDTP_PKT_TYPE_SINGLE 0x00
79 #define AVDTP_PKT_TYPE_START 0x01
80 #define AVDTP_PKT_TYPE_CONTINUE 0x02
81 #define AVDTP_PKT_TYPE_END 0x03
82
83 #define AVDTP_MSG_TYPE_COMMAND 0x00
84 #define AVDTP_MSG_TYPE_GEN_REJECT 0x01
85 #define AVDTP_MSG_TYPE_ACCEPT 0x02
86 #define AVDTP_MSG_TYPE_REJECT 0x03
87
88 #define REQ_TIMEOUT 6
89 #define ABORT_TIMEOUT 2
90 #define DISCONNECT_TIMEOUT 1
91 #define STREAM_TIMEOUT 20
92
93 #if __BYTE_ORDER == __LITTLE_ENDIAN
94
95 struct avdtp_common_header {
96 uint8_t message_type:2;
97 uint8_t packet_type:2;
98 uint8_t transaction:4;
99 } __attribute__ ((packed));
100
101 struct avdtp_single_header {
102 uint8_t message_type:2;
103 uint8_t packet_type:2;
104 uint8_t transaction:4;
105 uint8_t signal_id:6;
106 uint8_t rfa0:2;
107 } __attribute__ ((packed));
108
109 struct avdtp_start_header {
110 uint8_t message_type:2;
111 uint8_t packet_type:2;
112 uint8_t transaction:4;
113 uint8_t no_of_packets;
114 uint8_t signal_id:6;
115 uint8_t rfa0:2;
116 } __attribute__ ((packed));
117
118 struct avdtp_continue_header {
119 uint8_t message_type:2;
120 uint8_t packet_type:2;
121 uint8_t transaction:4;
122 } __attribute__ ((packed));
123
124 struct seid_info {
125 uint8_t rfa0:1;
126 uint8_t inuse:1;
127 uint8_t seid:6;
128 uint8_t rfa2:3;
129 uint8_t type:1;
130 uint8_t media_type:4;
131 } __attribute__ ((packed));
132
133 struct seid {
134 uint8_t rfa0:2;
135 uint8_t seid:6;
136 } __attribute__ ((packed));
137
138 #elif __BYTE_ORDER == __BIG_ENDIAN
139
140 struct avdtp_common_header {
141 uint8_t transaction:4;
142 uint8_t packet_type:2;
143 uint8_t message_type:2;
144 } __attribute__ ((packed));
145
146 struct avdtp_single_header {
147 uint8_t transaction:4;
148 uint8_t packet_type:2;
149 uint8_t message_type:2;
150 uint8_t rfa0:2;
151 uint8_t signal_id:6;
152 } __attribute__ ((packed));
153
154 struct avdtp_start_header {
155 uint8_t transaction:4;
156 uint8_t packet_type:2;
157 uint8_t message_type:2;
158 uint8_t no_of_packets;
159 uint8_t rfa0:2;
160 uint8_t signal_id:6;
161 } __attribute__ ((packed));
162
163 struct avdtp_continue_header {
164 uint8_t transaction:4;
165 uint8_t packet_type:2;
166 uint8_t message_type:2;
167 } __attribute__ ((packed));
168
169 struct seid_info {
170 uint8_t seid:6;
171 uint8_t inuse:1;
172 uint8_t rfa0:1;
173 uint8_t media_type:4;
174 uint8_t type:1;
175 uint8_t rfa2:3;
176 } __attribute__ ((packed));
177
178 struct seid {
179 uint8_t seid:6;
180 uint8_t rfa0:2;
181 } __attribute__ ((packed));
182
183 #else
184 #error "Unknown byte order"
185 #endif
186
187 /* packets */
188
189 struct discover_resp {
190 struct seid_info seps[0];
191 } __attribute__ ((packed));
192
193 struct getcap_resp {
194 uint8_t caps[0];
195 } __attribute__ ((packed));
196
197 struct start_req {
198 struct seid first_seid;
199 struct seid other_seids[0];
200 } __attribute__ ((packed));
201
202 struct suspend_req {
203 struct seid first_seid;
204 struct seid other_seids[0];
205 } __attribute__ ((packed));
206
207 struct seid_rej {
208 uint8_t error;
209 } __attribute__ ((packed));
210
211 struct conf_rej {
212 uint8_t category;
213 uint8_t error;
214 } __attribute__ ((packed));
215
216 #if __BYTE_ORDER == __LITTLE_ENDIAN
217
218 struct seid_req {
219 uint8_t rfa0:2;
220 uint8_t acp_seid:6;
221 } __attribute__ ((packed));
222
223 struct setconf_req {
224 uint8_t rfa0:2;
225 uint8_t acp_seid:6;
226 uint8_t rfa1:2;
227 uint8_t int_seid:6;
228
229 uint8_t caps[0];
230 } __attribute__ ((packed));
231
232 struct stream_rej {
233 uint8_t rfa0:2;
234 uint8_t acp_seid:6;
235 uint8_t error;
236 } __attribute__ ((packed));
237
238 struct reconf_req {
239 uint8_t rfa0:2;
240 uint8_t acp_seid:6;
241
242 uint8_t serv_cap;
243 uint8_t serv_cap_len;
244
245 uint8_t caps[0];
246 } __attribute__ ((packed));
247
248 struct delay_req {
249 uint8_t rfa0:2;
250 uint8_t acp_seid:6;
251 uint16_t delay;
252 } __attribute__ ((packed));
253
254 #elif __BYTE_ORDER == __BIG_ENDIAN
255
256 struct seid_req {
257 uint8_t acp_seid:6;
258 uint8_t rfa0:2;
259 } __attribute__ ((packed));
260
261 struct setconf_req {
262 uint8_t acp_seid:6;
263 uint8_t rfa0:2;
264 uint8_t int_seid:6;
265 uint8_t rfa1:2;
266
267 uint8_t caps[0];
268 } __attribute__ ((packed));
269
270 struct stream_rej {
271 uint8_t acp_seid:6;
272 uint8_t rfa0:2;
273 uint8_t error;
274 } __attribute__ ((packed));
275
276 struct reconf_req {
277 uint8_t acp_seid:6;
278 uint8_t rfa0:2;
279
280 uint8_t serv_cap;
281 uint8_t serv_cap_len;
282
283 uint8_t caps[0];
284 } __attribute__ ((packed));
285
286 struct delay_req {
287 uint8_t acp_seid:6;
288 uint8_t rfa0:2;
289 uint16_t delay;
290 } __attribute__ ((packed));
291
292 #else
293 #error "Unknown byte order"
294 #endif
295
296 struct in_buf {
297 gboolean active;
298 int no_of_packets;
299 uint8_t transaction;
300 uint8_t message_type;
301 uint8_t signal_id;
302 uint8_t buf[1024];
303 uint8_t data_size;
304 };
305
306 struct pending_req {
307 uint8_t transaction;
308 uint8_t signal_id;
309 void *data;
310 size_t data_size;
311 struct avdtp_stream *stream; /* Set if the request targeted a stream */
312 guint timeout;
313 };
314
315 struct avdtp_remote_sep {
316 uint8_t seid;
317 uint8_t type;
318 uint8_t media_type;
319 struct avdtp_service_capability *codec;
320 gboolean delay_reporting;
321 GSList *caps; /* of type struct avdtp_service_capability */
322 struct avdtp_stream *stream;
323 };
324
325 struct avdtp_server {
326 bdaddr_t src;
327 uint16_t version;
328 GIOChannel *io;
329 GSList *seps;
330 GSList *sessions;
331 };
332
333 struct avdtp_local_sep {
334 avdtp_state_t state;
335 struct avdtp_stream *stream;
336 struct seid_info info;
337 uint8_t codec;
338 gboolean delay_reporting;
339 GSList *caps;
340 struct avdtp_sep_ind *ind;
341 struct avdtp_sep_cfm *cfm;
342 void *user_data;
343 struct avdtp_server *server;
344 };
345
346 struct stream_callback {
347 avdtp_stream_state_cb cb;
348 void *user_data;
349 unsigned int id;
350 };
351
352 struct avdtp_state_callback {
353 avdtp_session_state_cb cb;
354 void *user_data;
355 unsigned int id;
356 };
357
358 struct avdtp_stream {
359 GIOChannel *io;
360 uint16_t imtu;
361 uint16_t omtu;
362 struct avdtp *session;
363 struct avdtp_local_sep *lsep;
364 uint8_t rseid;
365 GSList *caps;
366 GSList *callbacks;
367 struct avdtp_service_capability *codec;
368 guint io_id; /* Transport GSource ID */
369 guint timer; /* Waiting for other side to close or open
370 * the transport channel */
371 gboolean open_acp; /* If we are in ACT role for Open */
372 gboolean close_int; /* If we are in INT role for Close */
373 gboolean abort_int; /* If we are in INT role for Abort */
374 guint idle_timer;
375 gboolean delay_reporting;
376 uint16_t delay; /* AVDTP 1.3 Delay Reporting feature */
377 gboolean starting; /* only valid while sep state == OPEN */
378 };
379
380 /* Structure describing an AVDTP connection between two devices */
381
382 struct avdtp {
383 int ref;
384 int free_lock;
385
386 uint16_t version;
387
388 struct avdtp_server *server;
389 bdaddr_t dst;
390
391 avdtp_session_state_t state;
392
393 /* True if the session should be automatically disconnected */
394 gboolean auto_dc;
395
396 /* True if the entire device is being disconnected */
397 gboolean device_disconnect;
398
399 GIOChannel *io;
400 guint io_id;
401
402 GSList *seps; /* Elements of type struct avdtp_remote_sep * */
403
404 GSList *streams; /* Elements of type struct avdtp_stream * */
405
406 GSList *req_queue; /* Elements of type struct pending_req * */
407 GSList *prio_queue; /* Same as req_queue but is processed before it */
408
409 struct avdtp_stream *pending_open;
410
411 uint16_t imtu;
412 uint16_t omtu;
413
414 struct in_buf in;
415
416 char *buf;
417
418 avdtp_discover_cb_t discov_cb;
419 void *user_data;
420
421 struct pending_req *req;
422
423 guint dc_timer;
424
425 /* Attempt stream setup instead of disconnecting */
426 gboolean stream_setup;
427
428 DBusPendingCall *pending_auth;
429 };
430
431 static GSList *servers = NULL;
432
433 static GSList *avdtp_callbacks = NULL;
434
435 static gboolean auto_connect = TRUE;
436
437 static int send_request(struct avdtp *session, gboolean priority,
438 struct avdtp_stream *stream, uint8_t signal_id,
439 void *buffer, size_t size);
440 static gboolean avdtp_parse_resp(struct avdtp *session,
441 struct avdtp_stream *stream,
442 uint8_t transaction, uint8_t signal_id,
443 void *buf, int size);
444 static gboolean avdtp_parse_rej(struct avdtp *session,
445 struct avdtp_stream *stream,
446 uint8_t transaction, uint8_t signal_id,
447 void *buf, int size);
448 static int process_queue(struct avdtp *session);
449 static void connection_lost(struct avdtp *session, int err);
450 static void avdtp_sep_set_state(struct avdtp *session,
451 struct avdtp_local_sep *sep,
452 avdtp_state_t state);
453 static void auth_cb(DBusError *derr, void *user_data);
454
find_server(GSList * list,const bdaddr_t * src)455 static struct avdtp_server *find_server(GSList *list, const bdaddr_t *src)
456 {
457 for (; list; list = list->next) {
458 struct avdtp_server *server = list->data;
459
460 if (bacmp(&server->src, src) == 0)
461 return server;
462 }
463
464 return NULL;
465 }
466
avdtp_statestr(avdtp_state_t state)467 static const char *avdtp_statestr(avdtp_state_t state)
468 {
469 switch (state) {
470 case AVDTP_STATE_IDLE:
471 return "IDLE";
472 case AVDTP_STATE_CONFIGURED:
473 return "CONFIGURED";
474 case AVDTP_STATE_OPEN:
475 return "OPEN";
476 case AVDTP_STATE_STREAMING:
477 return "STREAMING";
478 case AVDTP_STATE_CLOSING:
479 return "CLOSING";
480 case AVDTP_STATE_ABORTING:
481 return "ABORTING";
482 default:
483 return "<unknown state>";
484 }
485 }
486
try_send(int sk,void * data,size_t len)487 static gboolean try_send(int sk, void *data, size_t len)
488 {
489 int err;
490
491 do {
492 err = send(sk, data, len, 0);
493 } while (err < 0 && errno == EINTR);
494
495 if (err < 0) {
496 error("send: %s (%d)", strerror(errno), errno);
497 return FALSE;
498 } else if ((size_t) err != len) {
499 error("try_send: complete buffer not sent (%d/%zu bytes)",
500 err, len);
501 return FALSE;
502 }
503
504 return TRUE;
505 }
506
avdtp_send(struct avdtp * session,uint8_t transaction,uint8_t message_type,uint8_t signal_id,void * data,size_t len)507 static gboolean avdtp_send(struct avdtp *session, uint8_t transaction,
508 uint8_t message_type, uint8_t signal_id,
509 void *data, size_t len)
510 {
511 unsigned int cont_fragments, sent;
512 struct avdtp_start_header start;
513 struct avdtp_continue_header cont;
514 int sock;
515
516 if (session->io == NULL) {
517 error("avdtp_send: session is closed");
518 return FALSE;
519 }
520
521 sock = g_io_channel_unix_get_fd(session->io);
522
523 /* Single packet - no fragmentation */
524 if (sizeof(struct avdtp_single_header) + len <= session->omtu) {
525 struct avdtp_single_header single;
526
527 memset(&single, 0, sizeof(single));
528
529 single.transaction = transaction;
530 single.packet_type = AVDTP_PKT_TYPE_SINGLE;
531 single.message_type = message_type;
532 single.signal_id = signal_id;
533
534 memcpy(session->buf, &single, sizeof(single));
535 memcpy(session->buf + sizeof(single), data, len);
536
537 return try_send(sock, session->buf, sizeof(single) + len);
538 }
539
540 /* Check if there is enough space to start packet */
541 if (session->omtu < sizeof(start)) {
542 error("No enough space to fragment packet");
543 return FALSE;
544 }
545
546 /* Count the number of needed fragments */
547 cont_fragments = (len - (session->omtu - sizeof(start))) /
548 (session->omtu - sizeof(cont)) + 1;
549
550 DBG("%zu bytes split into %d fragments", len, cont_fragments + 1);
551
552 /* Send the start packet */
553 memset(&start, 0, sizeof(start));
554 start.transaction = transaction;
555 start.packet_type = AVDTP_PKT_TYPE_START;
556 start.message_type = message_type;
557 start.no_of_packets = cont_fragments + 1;
558 start.signal_id = signal_id;
559
560 memcpy(session->buf, &start, sizeof(start));
561 memcpy(session->buf + sizeof(start), data,
562 session->omtu - sizeof(start));
563
564 if (!try_send(sock, session->buf, session->omtu))
565 return FALSE;
566
567 DBG("first packet with %zu bytes sent", session->omtu - sizeof(start));
568
569 sent = session->omtu - sizeof(start);
570
571 /* Send the continue fragments and the end packet */
572 while (sent < len) {
573 int left, to_copy;
574
575 left = len - sent;
576 if (left + sizeof(cont) > session->omtu) {
577 cont.packet_type = AVDTP_PKT_TYPE_CONTINUE;
578 to_copy = session->omtu - sizeof(cont);
579 DBG("sending continue with %d bytes", to_copy);
580 } else {
581 cont.packet_type = AVDTP_PKT_TYPE_END;
582 to_copy = left;
583 DBG("sending end with %d bytes", to_copy);
584 }
585
586 cont.transaction = transaction;
587 cont.message_type = message_type;
588
589 memcpy(session->buf, &cont, sizeof(cont));
590 memcpy(session->buf + sizeof(cont), data + sent, to_copy);
591
592 if (!try_send(sock, session->buf, to_copy + sizeof(cont)))
593 return FALSE;
594
595 sent += to_copy;
596 }
597
598 return TRUE;
599 }
600
pending_req_free(struct pending_req * req)601 static void pending_req_free(struct pending_req *req)
602 {
603 if (req->timeout)
604 g_source_remove(req->timeout);
605 g_free(req->data);
606 g_free(req);
607 }
608
close_stream(struct avdtp_stream * stream)609 static void close_stream(struct avdtp_stream *stream)
610 {
611 int sock;
612
613 if (stream->io == NULL)
614 return;
615
616 sock = g_io_channel_unix_get_fd(stream->io);
617
618 shutdown(sock, SHUT_RDWR);
619
620 g_io_channel_shutdown(stream->io, FALSE, NULL);
621
622 g_io_channel_unref(stream->io);
623 stream->io = NULL;
624 }
625
stream_close_timeout(gpointer user_data)626 static gboolean stream_close_timeout(gpointer user_data)
627 {
628 struct avdtp_stream *stream = user_data;
629
630 DBG("Timed out waiting for peer to close the transport channel");
631
632 stream->timer = 0;
633
634 close_stream(stream);
635
636 return FALSE;
637 }
638
stream_open_timeout(gpointer user_data)639 static gboolean stream_open_timeout(gpointer user_data)
640 {
641 struct avdtp_stream *stream = user_data;
642
643 DBG("Timed out waiting for peer to open the transport channel");
644
645 stream->timer = 0;
646
647 stream->session->pending_open = NULL;
648
649 avdtp_abort(stream->session, stream);
650
651 return FALSE;
652 }
653
disconnect_timeout(gpointer user_data)654 static gboolean disconnect_timeout(gpointer user_data)
655 {
656 struct avdtp *session = user_data;
657 struct audio_device *dev;
658 gboolean stream_setup;
659
660 session->dc_timer = 0;
661 stream_setup = session->stream_setup;
662 session->stream_setup = FALSE;
663
664 dev = manager_get_device(&session->server->src, &session->dst, FALSE);
665
666 if (dev && dev->sink && stream_setup)
667 sink_setup_stream(dev->sink, session);
668 else if (dev && dev->source && stream_setup)
669 source_setup_stream(dev->source, session);
670 else
671 connection_lost(session, ETIMEDOUT);
672
673 return FALSE;
674 }
675
remove_disconnect_timer(struct avdtp * session)676 static void remove_disconnect_timer(struct avdtp *session)
677 {
678 g_source_remove(session->dc_timer);
679 session->dc_timer = 0;
680 session->stream_setup = FALSE;
681 }
682
set_disconnect_timer(struct avdtp * session)683 static void set_disconnect_timer(struct avdtp *session)
684 {
685 if (session->dc_timer)
686 remove_disconnect_timer(session);
687
688 if (session->device_disconnect) {
689 session->dc_timer = g_idle_add(disconnect_timeout, session);
690 return;
691 }
692
693 session->dc_timer = g_timeout_add_seconds(DISCONNECT_TIMEOUT,
694 disconnect_timeout,
695 session);
696 }
697
avdtp_error_init(struct avdtp_error * err,uint8_t category,int id)698 void avdtp_error_init(struct avdtp_error *err, uint8_t category, int id)
699 {
700 err->category = category;
701
702 if (category == AVDTP_ERRNO)
703 err->err.posix_errno = id;
704 else
705 err->err.error_code = id;
706 }
707
avdtp_error_category(struct avdtp_error * err)708 uint8_t avdtp_error_category(struct avdtp_error *err)
709 {
710 return err->category;
711 }
712
avdtp_error_error_code(struct avdtp_error * err)713 int avdtp_error_error_code(struct avdtp_error *err)
714 {
715 assert(err->category != AVDTP_ERRNO);
716 return err->err.error_code;
717 }
718
avdtp_error_posix_errno(struct avdtp_error * err)719 int avdtp_error_posix_errno(struct avdtp_error *err)
720 {
721 assert(err->category == AVDTP_ERRNO);
722 return err->err.posix_errno;
723 }
724
find_stream_by_rseid(struct avdtp * session,uint8_t rseid)725 static struct avdtp_stream *find_stream_by_rseid(struct avdtp *session,
726 uint8_t rseid)
727 {
728 GSList *l;
729
730 for (l = session->streams; l != NULL; l = g_slist_next(l)) {
731 struct avdtp_stream *stream = l->data;
732
733 if (stream->rseid == rseid)
734 return stream;
735 }
736
737 return NULL;
738 }
739
find_remote_sep(GSList * seps,uint8_t seid)740 static struct avdtp_remote_sep *find_remote_sep(GSList *seps, uint8_t seid)
741 {
742 GSList *l;
743
744 for (l = seps; l != NULL; l = g_slist_next(l)) {
745 struct avdtp_remote_sep *sep = l->data;
746
747 if (sep->seid == seid)
748 return sep;
749 }
750
751 return NULL;
752 }
753
avdtp_set_state(struct avdtp * session,avdtp_session_state_t new_state)754 static void avdtp_set_state(struct avdtp *session,
755 avdtp_session_state_t new_state)
756 {
757 GSList *l;
758 struct audio_device *dev;
759 bdaddr_t src, dst;
760 avdtp_session_state_t old_state = session->state;
761
762 session->state = new_state;
763
764 avdtp_get_peers(session, &src, &dst);
765 dev = manager_get_device(&src, &dst, FALSE);
766 if (dev == NULL) {
767 error("avdtp_set_state(): no matching audio device");
768 return;
769 }
770
771 for (l = avdtp_callbacks; l != NULL; l = l->next) {
772 struct avdtp_state_callback *cb = l->data;
773 cb->cb(dev, session, old_state, new_state, cb->user_data);
774 }
775 }
776
stream_free(struct avdtp_stream * stream)777 static void stream_free(struct avdtp_stream *stream)
778 {
779 struct avdtp_remote_sep *rsep;
780
781 stream->lsep->info.inuse = 0;
782 stream->lsep->stream = NULL;
783
784 rsep = find_remote_sep(stream->session->seps, stream->rseid);
785 if (rsep)
786 rsep->stream = NULL;
787
788 if (stream->timer)
789 g_source_remove(stream->timer);
790
791 if (stream->io)
792 close_stream(stream);
793
794 if (stream->io_id)
795 g_source_remove(stream->io_id);
796
797 g_slist_foreach(stream->callbacks, (GFunc) g_free, NULL);
798 g_slist_free(stream->callbacks);
799
800 g_slist_foreach(stream->caps, (GFunc) g_free, NULL);
801 g_slist_free(stream->caps);
802
803 g_free(stream);
804 }
805
stream_timeout(gpointer user_data)806 static gboolean stream_timeout(gpointer user_data)
807 {
808 struct avdtp_stream *stream = user_data;
809 struct avdtp *session = stream->session;
810
811 if (avdtp_close(session, stream, FALSE) < 0)
812 error("stream_timeout: closing AVDTP stream failed");
813
814 stream->idle_timer = 0;
815
816 return FALSE;
817 }
818
transport_cb(GIOChannel * chan,GIOCondition cond,gpointer data)819 static gboolean transport_cb(GIOChannel *chan, GIOCondition cond,
820 gpointer data)
821 {
822 struct avdtp_stream *stream = data;
823 struct avdtp_local_sep *sep = stream->lsep;
824
825 if (stream->close_int && sep->cfm && sep->cfm->close)
826 sep->cfm->close(stream->session, sep, stream, NULL,
827 sep->user_data);
828
829 if (!(cond & G_IO_NVAL))
830 close_stream(stream);
831
832 stream->io_id = 0;
833
834 if (!stream->abort_int)
835 avdtp_sep_set_state(stream->session, sep, AVDTP_STATE_IDLE);
836
837 return FALSE;
838 }
839
get_send_buffer_size(int sk)840 static int get_send_buffer_size(int sk)
841 {
842 int size;
843 socklen_t optlen = sizeof(size);
844
845 if (getsockopt(sk, SOL_SOCKET, SO_SNDBUF, &size, &optlen) < 0) {
846 int err = -errno;
847 error("getsockopt(SO_SNDBUF) failed: %s (%d)", strerror(-err),
848 -err);
849 return err;
850 }
851
852 /*
853 * Doubled value is returned by getsockopt since kernel uses that
854 * space for its own purposes (see man 7 socket, bookkeeping overhead
855 * for SO_SNDBUF).
856 */
857 return size / 2;
858 }
859
set_send_buffer_size(int sk,int size)860 static int set_send_buffer_size(int sk, int size)
861 {
862 socklen_t optlen = sizeof(size);
863
864 if (setsockopt(sk, SOL_SOCKET, SO_SNDBUF, &size, optlen) < 0) {
865 int err = -errno;
866 error("setsockopt(SO_SNDBUF) failed: %s (%d)", strerror(-err),
867 -err);
868 return err;
869 }
870
871 return 0;
872 }
873
handle_transport_connect(struct avdtp * session,GIOChannel * io,uint16_t imtu,uint16_t omtu)874 static void handle_transport_connect(struct avdtp *session, GIOChannel *io,
875 uint16_t imtu, uint16_t omtu)
876 {
877 struct avdtp_stream *stream = session->pending_open;
878 struct avdtp_local_sep *sep = stream->lsep;
879 int sk, buf_size, min_buf_size;
880 GError *err = NULL;
881
882 session->pending_open = NULL;
883
884 if (stream->timer) {
885 g_source_remove(stream->timer);
886 stream->timer = 0;
887 }
888
889 if (io == NULL) {
890 if (!stream->open_acp && sep->cfm && sep->cfm->open) {
891 struct avdtp_error err;
892 avdtp_error_init(&err, AVDTP_ERRNO, EIO);
893 sep->cfm->open(session, sep, NULL, &err,
894 sep->user_data);
895 }
896 return;
897 }
898
899 if (stream->io == NULL)
900 stream->io = g_io_channel_ref(io);
901
902 stream->omtu = omtu;
903 stream->imtu = imtu;
904
905 /* Apply special settings only if local SEP is of type SRC */
906 if (sep->info.type != AVDTP_SEP_TYPE_SOURCE)
907 goto proceed;
908
909 bt_io_set(stream->io, BT_IO_L2CAP, &err,
910 BT_IO_OPT_FLUSHABLE, TRUE,
911 BT_IO_OPT_INVALID);
912 if (err != NULL) {
913 error("Enabling flushable packets failed: %s", err->message);
914 g_error_free(err);
915 } else
916 DBG("Flushable packets enabled");
917
918 sk = g_io_channel_unix_get_fd(stream->io);
919 buf_size = get_send_buffer_size(sk);
920 if (buf_size < 0)
921 goto proceed;
922
923 DBG("sk %d, omtu %d, send buffer size %d", sk, omtu, buf_size);
924 min_buf_size = omtu * 2;
925 if (buf_size < min_buf_size) {
926 DBG("send buffer size to be increassed to %d",
927 min_buf_size);
928 set_send_buffer_size(sk, min_buf_size);
929 }
930
931 proceed:
932 if (!stream->open_acp && sep->cfm && sep->cfm->open)
933 sep->cfm->open(session, sep, stream, NULL, sep->user_data);
934
935 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
936
937 stream->io_id = g_io_add_watch(io, G_IO_ERR | G_IO_HUP | G_IO_NVAL,
938 (GIOFunc) transport_cb, stream);
939 }
940
pending_req_cmp(gconstpointer a,gconstpointer b)941 static int pending_req_cmp(gconstpointer a, gconstpointer b)
942 {
943 const struct pending_req *req = a;
944 const struct avdtp_stream *stream = b;
945
946 if (req->stream == stream)
947 return 0;
948
949 return -1;
950 }
951
cleanup_queue(struct avdtp * session,struct avdtp_stream * stream)952 static void cleanup_queue(struct avdtp *session, struct avdtp_stream *stream)
953 {
954 GSList *l;
955 struct pending_req *req;
956
957 while ((l = g_slist_find_custom(session->prio_queue, stream,
958 pending_req_cmp))) {
959 req = l->data;
960 pending_req_free(req);
961 session->prio_queue = g_slist_remove(session->prio_queue, req);
962 }
963
964 while ((l = g_slist_find_custom(session->req_queue, stream,
965 pending_req_cmp))) {
966 req = l->data;
967 pending_req_free(req);
968 session->req_queue = g_slist_remove(session->req_queue, req);
969 }
970 }
971
handle_unanswered_req(struct avdtp * session,struct avdtp_stream * stream)972 static void handle_unanswered_req(struct avdtp *session,
973 struct avdtp_stream *stream)
974 {
975 struct pending_req *req;
976 struct avdtp_local_sep *lsep;
977 struct avdtp_error err;
978
979 if (session->req->signal_id == AVDTP_ABORT) {
980 /* Avoid freeing the Abort request here */
981 DBG("handle_unanswered_req: Abort req, returning");
982 session->req->stream = NULL;
983 return;
984 }
985
986 req = session->req;
987 session->req = NULL;
988
989 avdtp_error_init(&err, AVDTP_ERRNO, EIO);
990
991 lsep = stream->lsep;
992
993 switch (req->signal_id) {
994 case AVDTP_RECONFIGURE:
995 error("No reply to Reconfigure request");
996 if (lsep && lsep->cfm && lsep->cfm->reconfigure)
997 lsep->cfm->reconfigure(session, lsep, stream, &err,
998 lsep->user_data);
999 break;
1000 case AVDTP_OPEN:
1001 error("No reply to Open request");
1002 if (lsep && lsep->cfm && lsep->cfm->open)
1003 lsep->cfm->open(session, lsep, stream, &err,
1004 lsep->user_data);
1005 break;
1006 case AVDTP_START:
1007 error("No reply to Start request");
1008 if (lsep && lsep->cfm && lsep->cfm->start)
1009 lsep->cfm->start(session, lsep, stream, &err,
1010 lsep->user_data);
1011 break;
1012 case AVDTP_SUSPEND:
1013 error("No reply to Suspend request");
1014 if (lsep && lsep->cfm && lsep->cfm->suspend)
1015 lsep->cfm->suspend(session, lsep, stream, &err,
1016 lsep->user_data);
1017 break;
1018 case AVDTP_CLOSE:
1019 error("No reply to Close request");
1020 if (lsep && lsep->cfm && lsep->cfm->close)
1021 lsep->cfm->close(session, lsep, stream, &err,
1022 lsep->user_data);
1023 break;
1024 case AVDTP_SET_CONFIGURATION:
1025 error("No reply to SetConfiguration request");
1026 if (lsep && lsep->cfm && lsep->cfm->set_configuration)
1027 lsep->cfm->set_configuration(session, lsep, stream,
1028 &err, lsep->user_data);
1029 }
1030
1031 pending_req_free(req);
1032 }
1033
avdtp_sep_set_state(struct avdtp * session,struct avdtp_local_sep * sep,avdtp_state_t state)1034 static void avdtp_sep_set_state(struct avdtp *session,
1035 struct avdtp_local_sep *sep,
1036 avdtp_state_t state)
1037 {
1038 struct avdtp_stream *stream = sep->stream;
1039 avdtp_state_t old_state;
1040 struct avdtp_error err, *err_ptr = NULL;
1041 GSList *l;
1042
1043 if (!stream) {
1044 error("Error changing sep state: stream not available");
1045 return;
1046 }
1047
1048 if (sep->state == state) {
1049 avdtp_error_init(&err, AVDTP_ERRNO, EIO);
1050 DBG("stream state change failed: %s", avdtp_strerror(&err));
1051 err_ptr = &err;
1052 } else {
1053 err_ptr = NULL;
1054 DBG("stream state changed: %s -> %s",
1055 avdtp_statestr(sep->state),
1056 avdtp_statestr(state));
1057 }
1058
1059 old_state = sep->state;
1060 sep->state = state;
1061
1062 switch (state) {
1063 case AVDTP_STATE_CONFIGURED:
1064 if (sep->info.type == AVDTP_SEP_TYPE_SINK)
1065 avdtp_delay_report(session, stream, stream->delay);
1066 break;
1067 case AVDTP_STATE_OPEN:
1068 stream->starting = FALSE;
1069 if (old_state > AVDTP_STATE_OPEN && session->auto_dc)
1070 stream->idle_timer = g_timeout_add_seconds(STREAM_TIMEOUT,
1071 stream_timeout,
1072 stream);
1073 break;
1074 case AVDTP_STATE_STREAMING:
1075 case AVDTP_STATE_CLOSING:
1076 case AVDTP_STATE_ABORTING:
1077 if (stream->idle_timer) {
1078 g_source_remove(stream->idle_timer);
1079 stream->idle_timer = 0;
1080 }
1081 break;
1082 case AVDTP_STATE_IDLE:
1083 if (stream->idle_timer) {
1084 g_source_remove(stream->idle_timer);
1085 stream->idle_timer = 0;
1086 }
1087 session->streams = g_slist_remove(session->streams, stream);
1088 if (session->pending_open == stream)
1089 handle_transport_connect(session, NULL, 0, 0);
1090 if (session->req && session->req->stream == stream)
1091 handle_unanswered_req(session, stream);
1092 /* Remove pending commands for this stream from the queue */
1093 cleanup_queue(session, stream);
1094 break;
1095 default:
1096 break;
1097 }
1098
1099 for (l = stream->callbacks; l != NULL; l = g_slist_next(l)) {
1100 struct stream_callback *cb = l->data;
1101 cb->cb(stream, old_state, state, err_ptr, cb->user_data);
1102 }
1103
1104 if (state == AVDTP_STATE_IDLE)
1105 stream_free(stream);
1106 }
1107
finalize_discovery(struct avdtp * session,int err)1108 static void finalize_discovery(struct avdtp *session, int err)
1109 {
1110 struct avdtp_error avdtp_err;
1111
1112 avdtp_error_init(&avdtp_err, AVDTP_ERRNO, err);
1113
1114 if (!session->discov_cb)
1115 return;
1116
1117 session->discov_cb(session, session->seps,
1118 err ? &avdtp_err : NULL,
1119 session->user_data);
1120
1121 session->discov_cb = NULL;
1122 session->user_data = NULL;
1123 }
1124
release_stream(struct avdtp_stream * stream,struct avdtp * session)1125 static void release_stream(struct avdtp_stream *stream, struct avdtp *session)
1126 {
1127 struct avdtp_local_sep *sep = stream->lsep;
1128
1129 if (sep->cfm && sep->cfm->abort &&
1130 (sep->state != AVDTP_STATE_ABORTING ||
1131 stream->abort_int))
1132 sep->cfm->abort(session, sep, stream, NULL, sep->user_data);
1133
1134 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
1135 }
1136
connection_lost(struct avdtp * session,int err)1137 static void connection_lost(struct avdtp *session, int err)
1138 {
1139 char address[18];
1140 struct audio_device *dev;
1141
1142 ba2str(&session->dst, address);
1143 DBG("Disconnected from %s", address);
1144
1145 dev = manager_get_device(&session->server->src, &session->dst, FALSE);
1146
1147 if (dev != NULL && session->state == AVDTP_SESSION_STATE_CONNECTING &&
1148 err != EACCES)
1149 audio_device_cancel_authorization(dev, auth_cb, session);
1150
1151 session->free_lock = 1;
1152
1153 finalize_discovery(session, err);
1154
1155 g_slist_foreach(session->streams, (GFunc) release_stream, session);
1156 session->streams = NULL;
1157
1158 session->free_lock = 0;
1159
1160 if (session->io) {
1161 g_io_channel_shutdown(session->io, FALSE, NULL);
1162 g_io_channel_unref(session->io);
1163 session->io = NULL;
1164 }
1165
1166 avdtp_set_state(session, AVDTP_SESSION_STATE_DISCONNECTED);
1167
1168 if (session->io_id) {
1169 g_source_remove(session->io_id);
1170 session->io_id = 0;
1171 }
1172
1173 if (session->dc_timer)
1174 remove_disconnect_timer(session);
1175
1176 session->auto_dc = TRUE;
1177
1178 if (session->ref != 1)
1179 error("connection_lost: ref count not 1 after all callbacks");
1180 else
1181 avdtp_unref(session);
1182 }
1183
avdtp_unref(struct avdtp * session)1184 void avdtp_unref(struct avdtp *session)
1185 {
1186 struct avdtp_server *server;
1187
1188 if (!session)
1189 return;
1190
1191 session->ref--;
1192
1193 DBG("%p: ref=%d", session, session->ref);
1194
1195 if (session->ref == 1) {
1196 if (session->state == AVDTP_SESSION_STATE_CONNECTING &&
1197 session->io) {
1198 struct audio_device *dev;
1199 dev = manager_get_device(&session->server->src,
1200 &session->dst, FALSE);
1201 audio_device_cancel_authorization(dev, auth_cb,
1202 session);
1203 g_io_channel_shutdown(session->io, TRUE, NULL);
1204 g_io_channel_unref(session->io);
1205 session->io = NULL;
1206 avdtp_set_state(session,
1207 AVDTP_SESSION_STATE_DISCONNECTED);
1208 }
1209
1210 if (session->io)
1211 set_disconnect_timer(session);
1212 else if (!session->free_lock) /* Drop the local ref if we
1213 aren't connected */
1214 session->ref--;
1215 }
1216
1217 if (session->ref > 0)
1218 return;
1219
1220 server = session->server;
1221
1222 DBG("%p: freeing session and removing from list", session);
1223
1224 if (session->dc_timer)
1225 remove_disconnect_timer(session);
1226
1227 server->sessions = g_slist_remove(server->sessions, session);
1228
1229 if (session->req)
1230 pending_req_free(session->req);
1231
1232 g_slist_foreach(session->seps, (GFunc) g_free, NULL);
1233 g_slist_free(session->seps);
1234
1235 g_free(session->buf);
1236
1237 g_free(session);
1238 }
1239
avdtp_ref(struct avdtp * session)1240 struct avdtp *avdtp_ref(struct avdtp *session)
1241 {
1242 session->ref++;
1243 DBG("%p: ref=%d", session, session->ref);
1244 if (session->dc_timer)
1245 remove_disconnect_timer(session);
1246 return session;
1247 }
1248
find_local_sep_by_seid(struct avdtp_server * server,uint8_t seid)1249 static struct avdtp_local_sep *find_local_sep_by_seid(struct avdtp_server *server,
1250 uint8_t seid)
1251 {
1252 GSList *l;
1253
1254 for (l = server->seps; l != NULL; l = g_slist_next(l)) {
1255 struct avdtp_local_sep *sep = l->data;
1256
1257 if (sep->info.seid == seid)
1258 return sep;
1259 }
1260
1261 return NULL;
1262 }
1263
avdtp_find_remote_sep(struct avdtp * session,struct avdtp_local_sep * lsep)1264 struct avdtp_remote_sep *avdtp_find_remote_sep(struct avdtp *session,
1265 struct avdtp_local_sep *lsep)
1266 {
1267 GSList *l;
1268
1269 if (lsep->info.inuse)
1270 return NULL;
1271
1272 for (l = session->seps; l != NULL; l = g_slist_next(l)) {
1273 struct avdtp_remote_sep *sep = l->data;
1274 struct avdtp_service_capability *cap;
1275 struct avdtp_media_codec_capability *codec_data;
1276
1277 /* Type must be different: source <-> sink */
1278 if (sep->type == lsep->info.type)
1279 continue;
1280
1281 if (sep->media_type != lsep->info.media_type)
1282 continue;
1283
1284 if (!sep->codec)
1285 continue;
1286
1287 cap = sep->codec;
1288 codec_data = (void *) cap->data;
1289
1290 if (codec_data->media_codec_type != lsep->codec)
1291 continue;
1292
1293 if (sep->stream == NULL)
1294 return sep;
1295 }
1296
1297 return NULL;
1298 }
1299
caps_to_list(uint8_t * data,int size,struct avdtp_service_capability ** codec,gboolean * delay_reporting)1300 static GSList *caps_to_list(uint8_t *data, int size,
1301 struct avdtp_service_capability **codec,
1302 gboolean *delay_reporting)
1303 {
1304 GSList *caps;
1305 int processed;
1306
1307 if (delay_reporting)
1308 *delay_reporting = FALSE;
1309
1310 for (processed = 0, caps = NULL; processed + 2 <= size;) {
1311 struct avdtp_service_capability *cap;
1312 uint8_t length, category;
1313
1314 category = data[0];
1315 length = data[1];
1316
1317 if (processed + 2 + length > size) {
1318 error("Invalid capability data in getcap resp");
1319 break;
1320 }
1321
1322 cap = g_malloc(sizeof(struct avdtp_service_capability) +
1323 length);
1324 memcpy(cap, data, 2 + length);
1325
1326 processed += 2 + length;
1327 data += 2 + length;
1328
1329 caps = g_slist_append(caps, cap);
1330
1331 if (category == AVDTP_MEDIA_CODEC &&
1332 length >=
1333 sizeof(struct avdtp_media_codec_capability))
1334 *codec = cap;
1335 else if (category == AVDTP_DELAY_REPORTING && delay_reporting)
1336 *delay_reporting = TRUE;
1337 }
1338
1339 return caps;
1340 }
1341
avdtp_unknown_cmd(struct avdtp * session,uint8_t transaction,uint8_t signal_id)1342 static gboolean avdtp_unknown_cmd(struct avdtp *session, uint8_t transaction,
1343 uint8_t signal_id)
1344 {
1345 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_GEN_REJECT,
1346 signal_id, NULL, 0);
1347 }
1348
avdtp_discover_cmd(struct avdtp * session,uint8_t transaction,void * buf,int size)1349 static gboolean avdtp_discover_cmd(struct avdtp *session, uint8_t transaction,
1350 void *buf, int size)
1351 {
1352 GSList *l;
1353 unsigned int rsp_size, sep_count, i;
1354 struct seid_info *seps;
1355 gboolean ret;
1356
1357 sep_count = g_slist_length(session->server->seps);
1358
1359 if (sep_count == 0) {
1360 uint8_t err = AVDTP_NOT_SUPPORTED_COMMAND;
1361 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1362 AVDTP_DISCOVER, &err, sizeof(err));
1363 }
1364
1365 rsp_size = sep_count * sizeof(struct seid_info);
1366
1367 seps = g_new0(struct seid_info, sep_count);
1368
1369 for (l = session->server->seps, i = 0; l != NULL; l = l->next, i++) {
1370 struct avdtp_local_sep *sep = l->data;
1371
1372 memcpy(&seps[i], &sep->info, sizeof(struct seid_info));
1373 }
1374
1375 ret = avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1376 AVDTP_DISCOVER, seps, rsp_size);
1377 g_free(seps);
1378
1379 return ret;
1380 }
1381
avdtp_getcap_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size,gboolean get_all)1382 static gboolean avdtp_getcap_cmd(struct avdtp *session, uint8_t transaction,
1383 struct seid_req *req, unsigned int size,
1384 gboolean get_all)
1385 {
1386 GSList *l, *caps;
1387 struct avdtp_local_sep *sep = NULL;
1388 unsigned int rsp_size;
1389 uint8_t err, buf[1024], *ptr = buf;
1390 uint8_t cmd;
1391
1392 cmd = get_all ? AVDTP_GET_ALL_CAPABILITIES : AVDTP_GET_CAPABILITIES;
1393
1394 if (size < sizeof(struct seid_req)) {
1395 err = AVDTP_BAD_LENGTH;
1396 goto failed;
1397 }
1398
1399 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1400 if (!sep) {
1401 err = AVDTP_BAD_ACP_SEID;
1402 goto failed;
1403 }
1404
1405 if (get_all && session->server->version < 0x0103)
1406 return avdtp_unknown_cmd(session, transaction, cmd);
1407
1408 if (!sep->ind->get_capability(session, sep, get_all, &caps,
1409 &err, sep->user_data))
1410 goto failed;
1411
1412 for (l = caps, rsp_size = 0; l != NULL; l = g_slist_next(l)) {
1413 struct avdtp_service_capability *cap = l->data;
1414
1415 if (rsp_size + cap->length + 2 > sizeof(buf))
1416 break;
1417
1418 memcpy(ptr, cap, cap->length + 2);
1419 rsp_size += cap->length + 2;
1420 ptr += cap->length + 2;
1421
1422 g_free(cap);
1423 }
1424
1425 g_slist_free(caps);
1426
1427 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT, cmd,
1428 buf, rsp_size);
1429
1430 failed:
1431 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT, cmd,
1432 &err, sizeof(err));
1433 }
1434
setconf_cb(struct avdtp * session,struct avdtp_stream * stream,struct avdtp_error * err)1435 static void setconf_cb(struct avdtp *session, struct avdtp_stream *stream,
1436 struct avdtp_error *err)
1437 {
1438 struct conf_rej rej;
1439 struct avdtp_local_sep *sep;
1440
1441 if (err != NULL) {
1442 rej.error = AVDTP_UNSUPPORTED_CONFIGURATION;
1443 rej.category = err->err.error_code;
1444 avdtp_send(session, session->in.transaction,
1445 AVDTP_MSG_TYPE_REJECT, AVDTP_SET_CONFIGURATION,
1446 &rej, sizeof(rej));
1447 return;
1448 }
1449
1450 if (!avdtp_send(session, session->in.transaction, AVDTP_MSG_TYPE_ACCEPT,
1451 AVDTP_SET_CONFIGURATION, NULL, 0)) {
1452 stream_free(stream);
1453 return;
1454 }
1455
1456 sep = stream->lsep;
1457 sep->stream = stream;
1458 sep->info.inuse = 1;
1459 session->streams = g_slist_append(session->streams, stream);
1460
1461 avdtp_sep_set_state(session, sep, AVDTP_STATE_CONFIGURED);
1462 }
1463
avdtp_setconf_cmd(struct avdtp * session,uint8_t transaction,struct setconf_req * req,unsigned int size)1464 static gboolean avdtp_setconf_cmd(struct avdtp *session, uint8_t transaction,
1465 struct setconf_req *req, unsigned int size)
1466 {
1467 struct conf_rej rej;
1468 struct avdtp_local_sep *sep;
1469 struct avdtp_stream *stream;
1470 uint8_t err, category = 0x00;
1471 struct audio_device *dev;
1472 bdaddr_t src, dst;
1473 GSList *l;
1474
1475 if (size < sizeof(struct setconf_req)) {
1476 error("Too short getcap request");
1477 return FALSE;
1478 }
1479
1480 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1481 if (!sep) {
1482 err = AVDTP_BAD_ACP_SEID;
1483 goto failed;
1484 }
1485
1486 if (sep->stream) {
1487 err = AVDTP_SEP_IN_USE;
1488 goto failed;
1489 }
1490
1491 avdtp_get_peers(session, &src, &dst);
1492 dev = manager_get_device(&src, &dst, FALSE);
1493 if (!dev) {
1494 error("Unable to get a audio device object");
1495 err = AVDTP_BAD_STATE;
1496 goto failed;
1497 }
1498
1499 switch (sep->info.type) {
1500 case AVDTP_SEP_TYPE_SOURCE:
1501 if (!dev->sink) {
1502 btd_device_add_uuid(dev->btd_dev, A2DP_SINK_UUID);
1503 if (!dev->sink) {
1504 error("Unable to get a audio sink object");
1505 err = AVDTP_BAD_STATE;
1506 goto failed;
1507 }
1508 }
1509 break;
1510 case AVDTP_SEP_TYPE_SINK:
1511 if (!dev->source) {
1512 btd_device_add_uuid(dev->btd_dev, A2DP_SOURCE_UUID);
1513 if (!dev->sink) {
1514 error("Unable to get a audio source object");
1515 err = AVDTP_BAD_STATE;
1516 goto failed;
1517 }
1518 }
1519 break;
1520 }
1521
1522 stream = g_new0(struct avdtp_stream, 1);
1523 stream->session = session;
1524 stream->lsep = sep;
1525 stream->rseid = req->int_seid;
1526 stream->caps = caps_to_list(req->caps,
1527 size - sizeof(struct setconf_req),
1528 &stream->codec,
1529 &stream->delay_reporting);
1530
1531 /* Verify that the Media Transport capability's length = 0. Reject otherwise */
1532 for (l = stream->caps; l != NULL; l = g_slist_next(l)) {
1533 struct avdtp_service_capability *cap = l->data;
1534
1535 if (cap->category == AVDTP_MEDIA_TRANSPORT && cap->length != 0) {
1536 err = AVDTP_BAD_MEDIA_TRANSPORT_FORMAT;
1537 goto failed_stream;
1538 }
1539 }
1540
1541 if (stream->delay_reporting && session->version < 0x0103)
1542 session->version = 0x0103;
1543
1544 if (sep->ind && sep->ind->set_configuration) {
1545 if (!sep->ind->set_configuration(session, sep, stream,
1546 stream->caps,
1547 setconf_cb,
1548 sep->user_data)) {
1549 err = AVDTP_UNSUPPORTED_CONFIGURATION;
1550 category = 0x00;
1551 goto failed_stream;
1552 }
1553 } else {
1554 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1555 AVDTP_SET_CONFIGURATION, NULL, 0)) {
1556 stream_free(stream);
1557 return FALSE;
1558 }
1559
1560 sep->stream = stream;
1561 sep->info.inuse = 1;
1562 session->streams = g_slist_append(session->streams, stream);
1563
1564 avdtp_sep_set_state(session, sep, AVDTP_STATE_CONFIGURED);
1565 }
1566
1567 return TRUE;
1568
1569 failed_stream:
1570 stream_free(stream);
1571 failed:
1572 rej.error = err;
1573 rej.category = category;
1574 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1575 AVDTP_SET_CONFIGURATION, &rej, sizeof(rej));
1576 }
1577
avdtp_getconf_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1578 static gboolean avdtp_getconf_cmd(struct avdtp *session, uint8_t transaction,
1579 struct seid_req *req, int size)
1580 {
1581 GSList *l;
1582 struct avdtp_local_sep *sep = NULL;
1583 int rsp_size;
1584 uint8_t err;
1585 uint8_t buf[1024];
1586 uint8_t *ptr = buf;
1587
1588 if (size < (int) sizeof(struct seid_req)) {
1589 error("Too short getconf request");
1590 return FALSE;
1591 }
1592
1593 memset(buf, 0, sizeof(buf));
1594
1595 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1596 if (!sep) {
1597 err = AVDTP_BAD_ACP_SEID;
1598 goto failed;
1599 }
1600 if (!sep->stream || !sep->stream->caps) {
1601 err = AVDTP_UNSUPPORTED_CONFIGURATION;
1602 goto failed;
1603 }
1604
1605 for (l = sep->stream->caps, rsp_size = 0; l != NULL; l = g_slist_next(l)) {
1606 struct avdtp_service_capability *cap = l->data;
1607
1608 if (rsp_size + cap->length + 2 > (int) sizeof(buf))
1609 break;
1610
1611 memcpy(ptr, cap, cap->length + 2);
1612 rsp_size += cap->length + 2;
1613 ptr += cap->length + 2;
1614 }
1615
1616 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1617 AVDTP_GET_CONFIGURATION, buf, rsp_size);
1618
1619 failed:
1620 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1621 AVDTP_GET_CONFIGURATION, &err, sizeof(err));
1622 }
1623
avdtp_reconf_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1624 static gboolean avdtp_reconf_cmd(struct avdtp *session, uint8_t transaction,
1625 struct seid_req *req, int size)
1626 {
1627 return avdtp_unknown_cmd(session, transaction, AVDTP_RECONFIGURE);
1628 }
1629
avdtp_open_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1630 static gboolean avdtp_open_cmd(struct avdtp *session, uint8_t transaction,
1631 struct seid_req *req, unsigned int size)
1632 {
1633 struct avdtp_local_sep *sep;
1634 struct avdtp_stream *stream;
1635 uint8_t err;
1636
1637 if (size < sizeof(struct seid_req)) {
1638 error("Too short abort request");
1639 return FALSE;
1640 }
1641
1642 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1643 if (!sep) {
1644 err = AVDTP_BAD_ACP_SEID;
1645 goto failed;
1646 }
1647
1648 if (sep->state != AVDTP_STATE_CONFIGURED) {
1649 err = AVDTP_BAD_STATE;
1650 goto failed;
1651 }
1652
1653 stream = sep->stream;
1654
1655 if (sep->ind && sep->ind->open) {
1656 if (!sep->ind->open(session, sep, stream, &err,
1657 sep->user_data))
1658 goto failed;
1659 }
1660
1661 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1662 AVDTP_OPEN, NULL, 0))
1663 return FALSE;
1664
1665 stream->open_acp = TRUE;
1666 session->pending_open = stream;
1667 stream->timer = g_timeout_add_seconds(REQ_TIMEOUT,
1668 stream_open_timeout,
1669 stream);
1670
1671 return TRUE;
1672
1673 failed:
1674 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1675 AVDTP_OPEN, &err, sizeof(err));
1676 }
1677
avdtp_start_cmd(struct avdtp * session,uint8_t transaction,struct start_req * req,unsigned int size)1678 static gboolean avdtp_start_cmd(struct avdtp *session, uint8_t transaction,
1679 struct start_req *req, unsigned int size)
1680 {
1681 struct avdtp_local_sep *sep;
1682 struct avdtp_stream *stream;
1683 struct stream_rej rej;
1684 struct seid *seid;
1685 uint8_t err, failed_seid;
1686 int seid_count, i;
1687
1688 if (size < sizeof(struct start_req)) {
1689 error("Too short start request");
1690 return FALSE;
1691 }
1692
1693 seid_count = 1 + size - sizeof(struct start_req);
1694
1695 seid = &req->first_seid;
1696
1697 for (i = 0; i < seid_count; i++, seid++) {
1698 failed_seid = seid->seid;
1699
1700 sep = find_local_sep_by_seid(session->server,
1701 req->first_seid.seid);
1702 if (!sep || !sep->stream) {
1703 err = AVDTP_BAD_ACP_SEID;
1704 goto failed;
1705 }
1706
1707 stream = sep->stream;
1708
1709 /* Also reject start cmd if we already initiated start */
1710 if (sep->state != AVDTP_STATE_OPEN ||
1711 stream->starting == TRUE) {
1712 err = AVDTP_BAD_STATE;
1713 goto failed;
1714 }
1715 stream->starting = TRUE;
1716
1717 if (sep->ind && sep->ind->start) {
1718 if (!sep->ind->start(session, sep, stream, &err,
1719 sep->user_data))
1720 goto failed;
1721 }
1722
1723 avdtp_sep_set_state(session, sep, AVDTP_STATE_STREAMING);
1724 }
1725
1726 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1727 AVDTP_START, NULL, 0);
1728
1729 failed:
1730 DBG("Rejecting (%d)", err);
1731 memset(&rej, 0, sizeof(rej));
1732 rej.acp_seid = failed_seid;
1733 rej.error = err;
1734 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1735 AVDTP_START, &rej, sizeof(rej));
1736 }
1737
avdtp_close_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1738 static gboolean avdtp_close_cmd(struct avdtp *session, uint8_t transaction,
1739 struct seid_req *req, unsigned int size)
1740 {
1741 struct avdtp_local_sep *sep;
1742 struct avdtp_stream *stream;
1743 uint8_t err;
1744
1745 if (size < sizeof(struct seid_req)) {
1746 error("Too short close request");
1747 return FALSE;
1748 }
1749
1750 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1751 if (!sep || !sep->stream) {
1752 err = AVDTP_BAD_ACP_SEID;
1753 goto failed;
1754 }
1755
1756 if (sep->state != AVDTP_STATE_OPEN &&
1757 sep->state != AVDTP_STATE_STREAMING) {
1758 err = AVDTP_BAD_STATE;
1759 goto failed;
1760 }
1761
1762 stream = sep->stream;
1763
1764 if (sep->ind && sep->ind->close) {
1765 if (!sep->ind->close(session, sep, stream, &err,
1766 sep->user_data))
1767 goto failed;
1768 }
1769
1770 avdtp_sep_set_state(session, sep, AVDTP_STATE_CLOSING);
1771
1772 if (!avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1773 AVDTP_CLOSE, NULL, 0))
1774 return FALSE;
1775
1776 stream->timer = g_timeout_add_seconds(REQ_TIMEOUT,
1777 stream_close_timeout,
1778 stream);
1779
1780 return TRUE;
1781
1782 failed:
1783 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1784 AVDTP_CLOSE, &err, sizeof(err));
1785 }
1786
avdtp_suspend_cmd(struct avdtp * session,uint8_t transaction,struct suspend_req * req,unsigned int size)1787 static gboolean avdtp_suspend_cmd(struct avdtp *session, uint8_t transaction,
1788 struct suspend_req *req, unsigned int size)
1789 {
1790 struct avdtp_local_sep *sep;
1791 struct avdtp_stream *stream;
1792 struct stream_rej rej;
1793 struct seid *seid;
1794 uint8_t err, failed_seid;
1795 int seid_count, i;
1796
1797 if (size < sizeof(struct suspend_req)) {
1798 error("Too short suspend request");
1799 return FALSE;
1800 }
1801
1802 seid_count = 1 + size - sizeof(struct suspend_req);
1803
1804 seid = &req->first_seid;
1805
1806 for (i = 0; i < seid_count; i++, seid++) {
1807 failed_seid = seid->seid;
1808
1809 sep = find_local_sep_by_seid(session->server,
1810 req->first_seid.seid);
1811 if (!sep || !sep->stream) {
1812 err = AVDTP_BAD_ACP_SEID;
1813 goto failed;
1814 }
1815
1816 stream = sep->stream;
1817
1818 if (sep->state != AVDTP_STATE_STREAMING) {
1819 err = AVDTP_BAD_STATE;
1820 goto failed;
1821 }
1822
1823 if (sep->ind && sep->ind->suspend) {
1824 if (!sep->ind->suspend(session, sep, stream, &err,
1825 sep->user_data))
1826 goto failed;
1827 }
1828
1829 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
1830 }
1831
1832 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1833 AVDTP_SUSPEND, NULL, 0);
1834
1835 failed:
1836 memset(&rej, 0, sizeof(rej));
1837 rej.acp_seid = failed_seid;
1838 rej.error = err;
1839 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1840 AVDTP_SUSPEND, &rej, sizeof(rej));
1841 }
1842
avdtp_abort_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,unsigned int size)1843 static gboolean avdtp_abort_cmd(struct avdtp *session, uint8_t transaction,
1844 struct seid_req *req, unsigned int size)
1845 {
1846 struct avdtp_local_sep *sep;
1847 uint8_t err;
1848 gboolean ret;
1849
1850 if (size < sizeof(struct seid_req)) {
1851 error("Too short abort request");
1852 return FALSE;
1853 }
1854
1855 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1856 if (!sep || !sep->stream) {
1857 err = AVDTP_BAD_ACP_SEID;
1858 goto failed;
1859 }
1860
1861 if (sep->ind && sep->ind->abort) {
1862 if (!sep->ind->abort(session, sep, sep->stream, &err,
1863 sep->user_data))
1864 goto failed;
1865 }
1866
1867 ret = avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1868 AVDTP_ABORT, NULL, 0);
1869 if (ret)
1870 avdtp_sep_set_state(session, sep, AVDTP_STATE_ABORTING);
1871
1872 return ret;
1873
1874 failed:
1875 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1876 AVDTP_ABORT, &err, sizeof(err));
1877 }
1878
avdtp_secctl_cmd(struct avdtp * session,uint8_t transaction,struct seid_req * req,int size)1879 static gboolean avdtp_secctl_cmd(struct avdtp *session, uint8_t transaction,
1880 struct seid_req *req, int size)
1881 {
1882 return avdtp_unknown_cmd(session, transaction, AVDTP_SECURITY_CONTROL);
1883 }
1884
avdtp_delayreport_cmd(struct avdtp * session,uint8_t transaction,struct delay_req * req,unsigned int size)1885 static gboolean avdtp_delayreport_cmd(struct avdtp *session,
1886 uint8_t transaction,
1887 struct delay_req *req,
1888 unsigned int size)
1889 {
1890 struct avdtp_local_sep *sep;
1891 struct avdtp_stream *stream;
1892 uint8_t err;
1893
1894 if (size < sizeof(struct delay_req)) {
1895 error("Too short delay report request");
1896 return FALSE;
1897 }
1898
1899 sep = find_local_sep_by_seid(session->server, req->acp_seid);
1900 if (!sep || !sep->stream) {
1901 err = AVDTP_BAD_ACP_SEID;
1902 goto failed;
1903 }
1904
1905 stream = sep->stream;
1906
1907 if (sep->state != AVDTP_STATE_CONFIGURED &&
1908 sep->state != AVDTP_STATE_STREAMING) {
1909 err = AVDTP_BAD_STATE;
1910 goto failed;
1911 }
1912
1913 stream->delay = ntohs(req->delay);
1914
1915 if (sep->ind && sep->ind->delayreport) {
1916 if (!sep->ind->delayreport(session, sep, stream->rseid,
1917 stream->delay, &err,
1918 sep->user_data))
1919 goto failed;
1920 }
1921
1922 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_ACCEPT,
1923 AVDTP_DELAY_REPORT, NULL, 0);
1924
1925 failed:
1926 return avdtp_send(session, transaction, AVDTP_MSG_TYPE_REJECT,
1927 AVDTP_DELAY_REPORT, &err, sizeof(err));
1928 }
1929
avdtp_parse_cmd(struct avdtp * session,uint8_t transaction,uint8_t signal_id,void * buf,int size)1930 static gboolean avdtp_parse_cmd(struct avdtp *session, uint8_t transaction,
1931 uint8_t signal_id, void *buf, int size)
1932 {
1933 switch (signal_id) {
1934 case AVDTP_DISCOVER:
1935 DBG("Received DISCOVER_CMD");
1936 return avdtp_discover_cmd(session, transaction, buf, size);
1937 case AVDTP_GET_CAPABILITIES:
1938 DBG("Received GET_CAPABILITIES_CMD");
1939 return avdtp_getcap_cmd(session, transaction, buf, size,
1940 FALSE);
1941 case AVDTP_GET_ALL_CAPABILITIES:
1942 DBG("Received GET_ALL_CAPABILITIES_CMD");
1943 return avdtp_getcap_cmd(session, transaction, buf, size, TRUE);
1944 case AVDTP_SET_CONFIGURATION:
1945 DBG("Received SET_CONFIGURATION_CMD");
1946 return avdtp_setconf_cmd(session, transaction, buf, size);
1947 case AVDTP_GET_CONFIGURATION:
1948 DBG("Received GET_CONFIGURATION_CMD");
1949 return avdtp_getconf_cmd(session, transaction, buf, size);
1950 case AVDTP_RECONFIGURE:
1951 DBG("Received RECONFIGURE_CMD");
1952 return avdtp_reconf_cmd(session, transaction, buf, size);
1953 case AVDTP_OPEN:
1954 DBG("Received OPEN_CMD");
1955 return avdtp_open_cmd(session, transaction, buf, size);
1956 case AVDTP_START:
1957 DBG("Received START_CMD");
1958 return avdtp_start_cmd(session, transaction, buf, size);
1959 case AVDTP_CLOSE:
1960 DBG("Received CLOSE_CMD");
1961 return avdtp_close_cmd(session, transaction, buf, size);
1962 case AVDTP_SUSPEND:
1963 DBG("Received SUSPEND_CMD");
1964 return avdtp_suspend_cmd(session, transaction, buf, size);
1965 case AVDTP_ABORT:
1966 DBG("Received ABORT_CMD");
1967 return avdtp_abort_cmd(session, transaction, buf, size);
1968 case AVDTP_SECURITY_CONTROL:
1969 DBG("Received SECURITY_CONTROL_CMD");
1970 return avdtp_secctl_cmd(session, transaction, buf, size);
1971 case AVDTP_DELAY_REPORT:
1972 DBG("Received DELAY_REPORT_CMD");
1973 return avdtp_delayreport_cmd(session, transaction, buf, size);
1974 default:
1975 DBG("Received unknown request id %u", signal_id);
1976 return avdtp_unknown_cmd(session, transaction, signal_id);
1977 }
1978 }
1979
1980 enum avdtp_parse_result { PARSE_ERROR, PARSE_FRAGMENT, PARSE_SUCCESS };
1981
avdtp_parse_data(struct avdtp * session,void * buf,size_t size)1982 static enum avdtp_parse_result avdtp_parse_data(struct avdtp *session,
1983 void *buf, size_t size)
1984 {
1985 struct avdtp_common_header *header = buf;
1986 struct avdtp_single_header *single = (void *) session->buf;
1987 struct avdtp_start_header *start = (void *) session->buf;
1988 void *payload;
1989 gsize payload_size;
1990
1991 switch (header->packet_type) {
1992 case AVDTP_PKT_TYPE_SINGLE:
1993 if (size < sizeof(*single)) {
1994 error("Received too small single packet (%zu bytes)", size);
1995 return PARSE_ERROR;
1996 }
1997 if (session->in.active) {
1998 error("SINGLE: Invalid AVDTP packet fragmentation");
1999 return PARSE_ERROR;
2000 }
2001
2002 payload = session->buf + sizeof(*single);
2003 payload_size = size - sizeof(*single);
2004
2005 session->in.active = TRUE;
2006 session->in.data_size = 0;
2007 session->in.no_of_packets = 1;
2008 session->in.transaction = header->transaction;
2009 session->in.message_type = header->message_type;
2010 session->in.signal_id = single->signal_id;
2011
2012 break;
2013 case AVDTP_PKT_TYPE_START:
2014 if (size < sizeof(*start)) {
2015 error("Received too small start packet (%zu bytes)", size);
2016 return PARSE_ERROR;
2017 }
2018 if (session->in.active) {
2019 error("START: Invalid AVDTP packet fragmentation");
2020 return PARSE_ERROR;
2021 }
2022
2023 session->in.active = TRUE;
2024 session->in.data_size = 0;
2025 session->in.transaction = header->transaction;
2026 session->in.message_type = header->message_type;
2027 session->in.no_of_packets = start->no_of_packets;
2028 session->in.signal_id = start->signal_id;
2029
2030 payload = session->buf + sizeof(*start);
2031 payload_size = size - sizeof(*start);
2032
2033 break;
2034 case AVDTP_PKT_TYPE_CONTINUE:
2035 if (size < sizeof(struct avdtp_continue_header)) {
2036 error("Received too small continue packet (%zu bytes)",
2037 size);
2038 return PARSE_ERROR;
2039 }
2040 if (!session->in.active) {
2041 error("CONTINUE: Invalid AVDTP packet fragmentation");
2042 return PARSE_ERROR;
2043 }
2044 if (session->in.transaction != header->transaction) {
2045 error("Continue transaction id doesn't match");
2046 return PARSE_ERROR;
2047 }
2048 if (session->in.no_of_packets <= 1) {
2049 error("Too few continue packets");
2050 return PARSE_ERROR;
2051 }
2052
2053 payload = session->buf + sizeof(struct avdtp_continue_header);
2054 payload_size = size - sizeof(struct avdtp_continue_header);
2055
2056 break;
2057 case AVDTP_PKT_TYPE_END:
2058 if (size < sizeof(struct avdtp_continue_header)) {
2059 error("Received too small end packet (%zu bytes)", size);
2060 return PARSE_ERROR;
2061 }
2062 if (!session->in.active) {
2063 error("END: Invalid AVDTP packet fragmentation");
2064 return PARSE_ERROR;
2065 }
2066 if (session->in.transaction != header->transaction) {
2067 error("End transaction id doesn't match");
2068 return PARSE_ERROR;
2069 }
2070 if (session->in.no_of_packets > 1) {
2071 error("Got an end packet too early");
2072 return PARSE_ERROR;
2073 }
2074
2075 payload = session->buf + sizeof(struct avdtp_continue_header);
2076 payload_size = size - sizeof(struct avdtp_continue_header);
2077
2078 break;
2079 default:
2080 error("Invalid AVDTP packet type 0x%02X", header->packet_type);
2081 return PARSE_ERROR;
2082 }
2083
2084 if (session->in.data_size + payload_size >
2085 sizeof(session->in.buf)) {
2086 error("Not enough incoming buffer space!");
2087 return PARSE_ERROR;
2088 }
2089
2090 memcpy(session->in.buf + session->in.data_size, payload, payload_size);
2091 session->in.data_size += payload_size;
2092
2093 if (session->in.no_of_packets > 1) {
2094 session->in.no_of_packets--;
2095 DBG("Received AVDTP fragment. %d to go",
2096 session->in.no_of_packets);
2097 return PARSE_FRAGMENT;
2098 }
2099
2100 session->in.active = FALSE;
2101
2102 return PARSE_SUCCESS;
2103 }
2104
session_cb(GIOChannel * chan,GIOCondition cond,gpointer data)2105 static gboolean session_cb(GIOChannel *chan, GIOCondition cond,
2106 gpointer data)
2107 {
2108 struct avdtp *session = data;
2109 struct avdtp_common_header *header;
2110 ssize_t size;
2111 int fd;
2112
2113 DBG("");
2114
2115 if (cond & G_IO_NVAL)
2116 return FALSE;
2117
2118 header = (void *) session->buf;
2119
2120 if (cond & (G_IO_HUP | G_IO_ERR))
2121 goto failed;
2122
2123 fd = g_io_channel_unix_get_fd(chan);
2124 size = read(fd, session->buf, session->imtu);
2125 if (size < 0) {
2126 error("IO Channel read error");
2127 goto failed;
2128 }
2129
2130 if ((size_t) size < sizeof(struct avdtp_common_header)) {
2131 error("Received too small packet (%zu bytes)", size);
2132 goto failed;
2133 }
2134
2135 switch (avdtp_parse_data(session, session->buf, size)) {
2136 case PARSE_ERROR:
2137 goto failed;
2138 case PARSE_FRAGMENT:
2139 return TRUE;
2140 case PARSE_SUCCESS:
2141 break;
2142 }
2143
2144 if (session->in.message_type == AVDTP_MSG_TYPE_COMMAND) {
2145 if (!avdtp_parse_cmd(session, session->in.transaction,
2146 session->in.signal_id,
2147 session->in.buf,
2148 session->in.data_size)) {
2149 error("Unable to handle command. Disconnecting");
2150 goto failed;
2151 }
2152
2153 if (session->ref == 1 && !session->streams && !session->req)
2154 set_disconnect_timer(session);
2155
2156 if (session->streams && session->dc_timer)
2157 remove_disconnect_timer(session);
2158
2159 return TRUE;
2160 }
2161
2162 if (session->req == NULL) {
2163 error("No pending request, ignoring message");
2164 return TRUE;
2165 }
2166
2167 if (header->transaction != session->req->transaction) {
2168 error("Transaction label doesn't match");
2169 return TRUE;
2170 }
2171
2172 if (session->in.signal_id != session->req->signal_id) {
2173 error("Reponse signal doesn't match");
2174 return TRUE;
2175 }
2176
2177 g_source_remove(session->req->timeout);
2178 session->req->timeout = 0;
2179
2180 switch (header->message_type) {
2181 case AVDTP_MSG_TYPE_ACCEPT:
2182 if (!avdtp_parse_resp(session, session->req->stream,
2183 session->in.transaction,
2184 session->in.signal_id,
2185 session->in.buf,
2186 session->in.data_size)) {
2187 error("Unable to parse accept response");
2188 goto failed;
2189 }
2190 break;
2191 case AVDTP_MSG_TYPE_REJECT:
2192 if (!avdtp_parse_rej(session, session->req->stream,
2193 session->in.transaction,
2194 session->in.signal_id,
2195 session->in.buf,
2196 session->in.data_size)) {
2197 error("Unable to parse reject response");
2198 goto failed;
2199 }
2200 break;
2201 case AVDTP_MSG_TYPE_GEN_REJECT:
2202 error("Received a General Reject message");
2203 break;
2204 default:
2205 error("Unknown message type 0x%02X", header->message_type);
2206 break;
2207 }
2208
2209 pending_req_free(session->req);
2210 session->req = NULL;
2211
2212 process_queue(session);
2213
2214 return TRUE;
2215
2216 failed:
2217 connection_lost(session, EIO);
2218
2219 return FALSE;
2220 }
2221
find_session(GSList * list,const bdaddr_t * dst)2222 static struct avdtp *find_session(GSList *list, const bdaddr_t *dst)
2223 {
2224 for (; list != NULL; list = g_slist_next(list)) {
2225 struct avdtp *s = list->data;
2226
2227 if (bacmp(dst, &s->dst))
2228 continue;
2229
2230 return s;
2231 }
2232
2233 return NULL;
2234 }
2235
get_version(struct avdtp * session)2236 static uint16_t get_version(struct avdtp *session)
2237 {
2238 struct btd_adapter *adapter;
2239 struct btd_device *device;
2240 const sdp_record_t *rec;
2241 sdp_list_t *protos;
2242 sdp_data_t *proto_desc;
2243 char addr[18];
2244 uint16_t ver = 0x0100;
2245
2246 adapter = manager_find_adapter(&session->server->src);
2247 if (!adapter)
2248 goto done;
2249
2250 ba2str(&session->dst, addr);
2251 device = adapter_find_device(adapter, addr);
2252 if (!device)
2253 goto done;
2254
2255 rec = btd_device_get_record(device, A2DP_SINK_UUID);
2256 if (!rec)
2257 rec = btd_device_get_record(device, A2DP_SOURCE_UUID);
2258
2259 if (!rec)
2260 goto done;
2261
2262 if (sdp_get_access_protos(rec, &protos) < 0)
2263 goto done;
2264
2265 proto_desc = sdp_get_proto_desc(protos, AVDTP_UUID);
2266 if (proto_desc && proto_desc->dtd == SDP_UINT16)
2267 ver = proto_desc->val.uint16;
2268
2269 sdp_list_foreach(protos, (sdp_list_func_t) sdp_list_free, NULL);
2270 sdp_list_free(protos, NULL);
2271
2272 done:
2273 return ver;
2274 }
2275
avdtp_get_internal(const bdaddr_t * src,const bdaddr_t * dst)2276 static struct avdtp *avdtp_get_internal(const bdaddr_t *src, const bdaddr_t *dst)
2277 {
2278 struct avdtp_server *server;
2279 struct avdtp *session;
2280
2281 assert(src != NULL);
2282 assert(dst != NULL);
2283
2284 server = find_server(servers, src);
2285 if (server == NULL)
2286 return NULL;
2287
2288 session = find_session(server->sessions, dst);
2289 if (session) {
2290 if (session->pending_auth)
2291 return NULL;
2292 else
2293 return session;
2294 }
2295
2296 session = g_new0(struct avdtp, 1);
2297
2298 session->server = server;
2299 bacpy(&session->dst, dst);
2300 session->ref = 1;
2301 /* We don't use avdtp_set_state() here since this isn't a state change
2302 * but just setting of the initial state */
2303 session->state = AVDTP_SESSION_STATE_DISCONNECTED;
2304 session->auto_dc = TRUE;
2305
2306 session->version = get_version(session);
2307
2308 server->sessions = g_slist_append(server->sessions, session);
2309
2310 return session;
2311 }
2312
avdtp_get(bdaddr_t * src,bdaddr_t * dst)2313 struct avdtp *avdtp_get(bdaddr_t *src, bdaddr_t *dst)
2314 {
2315 struct avdtp *session;
2316
2317 session = avdtp_get_internal(src, dst);
2318
2319 if (!session)
2320 return NULL;
2321
2322 return avdtp_ref(session);
2323 }
2324
avdtp_connect_cb(GIOChannel * chan,GError * err,gpointer user_data)2325 static void avdtp_connect_cb(GIOChannel *chan, GError *err, gpointer user_data)
2326 {
2327 struct avdtp *session = user_data;
2328 char address[18];
2329 GError *gerr = NULL;
2330
2331 if (err) {
2332 error("%s", err->message);
2333 goto failed;
2334 }
2335
2336 if (!session->io)
2337 session->io = g_io_channel_ref(chan);
2338
2339 bt_io_get(chan, BT_IO_L2CAP, &gerr,
2340 BT_IO_OPT_OMTU, &session->omtu,
2341 BT_IO_OPT_IMTU, &session->imtu,
2342 BT_IO_OPT_INVALID);
2343 if (gerr) {
2344 error("%s", gerr->message);
2345 g_error_free(gerr);
2346 goto failed;
2347 }
2348
2349 ba2str(&session->dst, address);
2350 DBG("AVDTP: connected %s channel to %s",
2351 session->pending_open ? "transport" : "signaling",
2352 address);
2353
2354 if (session->state == AVDTP_SESSION_STATE_CONNECTING) {
2355 DBG("AVDTP imtu=%u, omtu=%u", session->imtu, session->omtu);
2356
2357 session->buf = g_malloc0(session->imtu);
2358 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTED);
2359
2360 if (session->io_id)
2361 g_source_remove(session->io_id);
2362
2363 /* This watch should be low priority since otherwise the
2364 * connect callback might be dispatched before the session
2365 * callback if the kernel wakes us up at the same time for
2366 * them. This could happen if a headset is very quick in
2367 * sending the Start command after connecting the stream
2368 * transport channel.
2369 */
2370 session->io_id = g_io_add_watch_full(chan,
2371 G_PRIORITY_LOW,
2372 G_IO_IN | G_IO_ERR | G_IO_HUP
2373 | G_IO_NVAL,
2374 (GIOFunc) session_cb, session,
2375 NULL);
2376
2377 if (session->stream_setup) {
2378 set_disconnect_timer(session);
2379 avdtp_set_auto_disconnect(session, FALSE);
2380 }
2381 } else if (session->pending_open)
2382 handle_transport_connect(session, chan, session->imtu,
2383 session->omtu);
2384 else
2385 goto failed;
2386
2387 process_queue(session);
2388
2389 return;
2390
2391 failed:
2392 if (session->pending_open) {
2393 struct avdtp_stream *stream = session->pending_open;
2394
2395 handle_transport_connect(session, NULL, 0, 0);
2396
2397 if (avdtp_abort(session, stream) < 0)
2398 avdtp_sep_set_state(session, stream->lsep,
2399 AVDTP_STATE_IDLE);
2400 } else
2401 connection_lost(session, EIO);
2402 }
2403
auth_cb(DBusError * derr,void * user_data)2404 static void auth_cb(DBusError *derr, void *user_data)
2405 {
2406 struct avdtp *session = user_data;
2407 GError *err = NULL;
2408
2409 if (derr && dbus_error_is_set(derr)) {
2410 error("Access denied: %s", derr->message);
2411 connection_lost(session, EACCES);
2412 return;
2413 }
2414
2415 if (!bt_io_accept(session->io, avdtp_connect_cb, session, NULL,
2416 &err)) {
2417 error("bt_io_accept: %s", err->message);
2418 connection_lost(session, EACCES);
2419 g_error_free(err);
2420 return;
2421 }
2422
2423 /* This is so that avdtp_connect_cb will know to do the right thing
2424 * with respect to the disconnect timer */
2425 session->stream_setup = TRUE;
2426 }
2427
avdtp_confirm_cb(GIOChannel * chan,gpointer data)2428 static void avdtp_confirm_cb(GIOChannel *chan, gpointer data)
2429 {
2430 struct avdtp *session;
2431 struct audio_device *dev;
2432 char address[18];
2433 bdaddr_t src, dst;
2434 int perr;
2435 GError *err = NULL;
2436
2437 bt_io_get(chan, BT_IO_L2CAP, &err,
2438 BT_IO_OPT_SOURCE_BDADDR, &src,
2439 BT_IO_OPT_DEST_BDADDR, &dst,
2440 BT_IO_OPT_DEST, address,
2441 BT_IO_OPT_INVALID);
2442 if (err) {
2443 error("%s", err->message);
2444 g_error_free(err);
2445 goto drop;
2446 }
2447
2448 DBG("AVDTP: incoming connect from %s", address);
2449
2450 session = avdtp_get_internal(&src, &dst);
2451 if (!session)
2452 goto drop;
2453
2454 /* This state (ie, session is already *connecting*) happens when the
2455 * device initiates a connect (really a config'd L2CAP channel) even
2456 * though there is a connect we initiated in progress. In sink.c &
2457 * source.c, this state is referred to as XCASE connect:connect.
2458 * Abort the device's channel in favor of our own.
2459 */
2460 if (session->state == AVDTP_SESSION_STATE_CONNECTING) {
2461 DBG("connect already in progress (XCASE connect:connect)");
2462 goto drop;
2463 }
2464
2465 if (session->pending_open && session->pending_open->open_acp) {
2466 if (!bt_io_accept(chan, avdtp_connect_cb, session, NULL, NULL))
2467 goto drop;
2468 return;
2469 }
2470
2471 if (session->io) {
2472 error("Refusing unexpected connect from %s", address);
2473 goto drop;
2474 }
2475
2476 dev = manager_get_device(&src, &dst, FALSE);
2477 if (!dev) {
2478 dev = manager_get_device(&src, &dst, TRUE);
2479 if (!dev) {
2480 error("Unable to get audio device object for %s",
2481 address);
2482 goto drop;
2483 }
2484 btd_device_add_uuid(dev->btd_dev, ADVANCED_AUDIO_UUID);
2485 }
2486
2487 session->io = g_io_channel_ref(chan);
2488 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTING);
2489
2490 session->io_id = g_io_add_watch(chan, G_IO_ERR | G_IO_HUP | G_IO_NVAL,
2491 (GIOFunc) session_cb, session);
2492
2493 perr = audio_device_request_authorization(dev, ADVANCED_AUDIO_UUID,
2494 auth_cb, session);
2495 if (perr < 0) {
2496 avdtp_unref(session);
2497 goto drop;
2498 }
2499
2500 dev->auto_connect = auto_connect;
2501
2502 return;
2503
2504 drop:
2505 g_io_channel_shutdown(chan, TRUE, NULL);
2506 }
2507
l2cap_connect(struct avdtp * session)2508 static GIOChannel *l2cap_connect(struct avdtp *session)
2509 {
2510 GError *err = NULL;
2511 GIOChannel *io;
2512
2513 io = bt_io_connect(BT_IO_L2CAP, avdtp_connect_cb, session,
2514 NULL, &err,
2515 BT_IO_OPT_SOURCE_BDADDR, &session->server->src,
2516 BT_IO_OPT_DEST_BDADDR, &session->dst,
2517 BT_IO_OPT_PSM, AVDTP_PSM,
2518 BT_IO_OPT_INVALID);
2519 if (!io) {
2520 error("%s", err->message);
2521 g_error_free(err);
2522 return NULL;
2523 }
2524
2525 return io;
2526 }
2527
queue_request(struct avdtp * session,struct pending_req * req,gboolean priority)2528 static void queue_request(struct avdtp *session, struct pending_req *req,
2529 gboolean priority)
2530 {
2531 if (priority)
2532 session->prio_queue = g_slist_append(session->prio_queue, req);
2533 else
2534 session->req_queue = g_slist_append(session->req_queue, req);
2535 }
2536
req_get_seid(struct pending_req * req)2537 static uint8_t req_get_seid(struct pending_req *req)
2538 {
2539 if (req->signal_id == AVDTP_DISCOVER)
2540 return 0;
2541
2542 return ((struct seid_req *) (req->data))->acp_seid;
2543 }
2544
cancel_request(struct avdtp * session,int err)2545 static int cancel_request(struct avdtp *session, int err)
2546 {
2547 struct pending_req *req;
2548 struct seid_req sreq;
2549 struct avdtp_local_sep *lsep;
2550 struct avdtp_stream *stream;
2551 uint8_t seid;
2552 struct avdtp_error averr;
2553
2554 req = session->req;
2555 session->req = NULL;
2556
2557 avdtp_error_init(&averr, AVDTP_ERRNO, err);
2558
2559 seid = req_get_seid(req);
2560 if (seid)
2561 stream = find_stream_by_rseid(session, seid);
2562 else
2563 stream = NULL;
2564
2565 if (stream) {
2566 stream->abort_int = TRUE;
2567 lsep = stream->lsep;
2568 } else
2569 lsep = NULL;
2570
2571 switch (req->signal_id) {
2572 case AVDTP_RECONFIGURE:
2573 error("Reconfigure: %s (%d)", strerror(err), err);
2574 if (lsep && lsep->cfm && lsep->cfm->reconfigure)
2575 lsep->cfm->reconfigure(session, lsep, stream, &averr,
2576 lsep->user_data);
2577 break;
2578 case AVDTP_OPEN:
2579 error("Open: %s (%d)", strerror(err), err);
2580 if (lsep && lsep->cfm && lsep->cfm->open)
2581 lsep->cfm->open(session, lsep, stream, &averr,
2582 lsep->user_data);
2583 break;
2584 case AVDTP_START:
2585 error("Start: %s (%d)", strerror(err), err);
2586 if (lsep && lsep->cfm && lsep->cfm->start) {
2587 lsep->cfm->start(session, lsep, stream, &averr,
2588 lsep->user_data);
2589 if (stream)
2590 stream->starting = FALSE;
2591 }
2592 break;
2593 case AVDTP_SUSPEND:
2594 error("Suspend: %s (%d)", strerror(err), err);
2595 if (lsep && lsep->cfm && lsep->cfm->suspend)
2596 lsep->cfm->suspend(session, lsep, stream, &averr,
2597 lsep->user_data);
2598 break;
2599 case AVDTP_CLOSE:
2600 error("Close: %s (%d)", strerror(err), err);
2601 if (lsep && lsep->cfm && lsep->cfm->close) {
2602 lsep->cfm->close(session, lsep, stream, &averr,
2603 lsep->user_data);
2604 if (stream)
2605 stream->close_int = FALSE;
2606 }
2607 break;
2608 case AVDTP_SET_CONFIGURATION:
2609 error("SetConfiguration: %s (%d)", strerror(err), err);
2610 if (lsep && lsep->cfm && lsep->cfm->set_configuration)
2611 lsep->cfm->set_configuration(session, lsep, stream,
2612 &averr, lsep->user_data);
2613 goto failed;
2614 case AVDTP_DISCOVER:
2615 error("Discover: %s (%d)", strerror(err), err);
2616 goto failed;
2617 case AVDTP_GET_CAPABILITIES:
2618 error("GetCapabilities: %s (%d)", strerror(err), err);
2619 goto failed;
2620 case AVDTP_ABORT:
2621 error("Abort: %s (%d)", strerror(err), err);
2622 goto failed;
2623 }
2624
2625 if (!stream)
2626 goto failed;
2627
2628 memset(&sreq, 0, sizeof(sreq));
2629 sreq.acp_seid = seid;
2630
2631 err = send_request(session, TRUE, stream, AVDTP_ABORT, &sreq,
2632 sizeof(sreq));
2633 if (err < 0) {
2634 error("Unable to send abort request");
2635 goto failed;
2636 }
2637
2638 goto done;
2639
2640 failed:
2641 connection_lost(session, err);
2642 done:
2643 pending_req_free(req);
2644 return err;
2645 }
2646
request_timeout(gpointer user_data)2647 static gboolean request_timeout(gpointer user_data)
2648 {
2649 struct avdtp *session = user_data;
2650
2651 cancel_request(session, ETIMEDOUT);
2652
2653 return FALSE;
2654 }
2655
send_req(struct avdtp * session,gboolean priority,struct pending_req * req)2656 static int send_req(struct avdtp *session, gboolean priority,
2657 struct pending_req *req)
2658 {
2659 static int transaction = 0;
2660 int err;
2661
2662 if (session->state == AVDTP_SESSION_STATE_DISCONNECTED) {
2663 session->io = l2cap_connect(session);
2664 if (!session->io) {
2665 err = -EIO;
2666 goto failed;
2667 }
2668 avdtp_set_state(session, AVDTP_SESSION_STATE_CONNECTING);
2669 }
2670
2671 if (session->state < AVDTP_SESSION_STATE_CONNECTED ||
2672 session->req != NULL) {
2673 queue_request(session, req, priority);
2674 return 0;
2675 }
2676
2677 req->transaction = transaction++;
2678 transaction %= 16;
2679
2680 /* FIXME: Should we retry to send if the buffer
2681 was not totally sent or in case of EINTR? */
2682 if (!avdtp_send(session, req->transaction, AVDTP_MSG_TYPE_COMMAND,
2683 req->signal_id, req->data, req->data_size)) {
2684 err = -EIO;
2685 goto failed;
2686 }
2687
2688 session->req = req;
2689
2690 req->timeout = g_timeout_add_seconds(req->signal_id == AVDTP_ABORT ?
2691 ABORT_TIMEOUT : REQ_TIMEOUT,
2692 request_timeout,
2693 session);
2694 return 0;
2695
2696 failed:
2697 g_free(req->data);
2698 g_free(req);
2699 return err;
2700 }
2701
send_request(struct avdtp * session,gboolean priority,struct avdtp_stream * stream,uint8_t signal_id,void * buffer,size_t size)2702 static int send_request(struct avdtp *session, gboolean priority,
2703 struct avdtp_stream *stream, uint8_t signal_id,
2704 void *buffer, size_t size)
2705 {
2706 struct pending_req *req;
2707
2708 if (stream && stream->abort_int && signal_id != AVDTP_ABORT) {
2709 DBG("Unable to send requests while aborting");
2710 return -EINVAL;
2711 }
2712
2713 req = g_new0(struct pending_req, 1);
2714 req->signal_id = signal_id;
2715 req->data = g_malloc(size);
2716 memcpy(req->data, buffer, size);
2717 req->data_size = size;
2718 req->stream = stream;
2719
2720 return send_req(session, priority, req);
2721 }
2722
avdtp_discover_resp(struct avdtp * session,struct discover_resp * resp,int size)2723 static gboolean avdtp_discover_resp(struct avdtp *session,
2724 struct discover_resp *resp, int size)
2725 {
2726 int sep_count, i;
2727 uint8_t getcap_cmd;
2728
2729 if (session->version >= 0x0103 && session->server->version >= 0x0103)
2730 getcap_cmd = AVDTP_GET_ALL_CAPABILITIES;
2731 else
2732 getcap_cmd = AVDTP_GET_CAPABILITIES;
2733
2734 sep_count = size / sizeof(struct seid_info);
2735
2736 for (i = 0; i < sep_count; i++) {
2737 struct avdtp_remote_sep *sep;
2738 struct avdtp_stream *stream;
2739 struct seid_req req;
2740 int ret;
2741
2742 DBG("seid %d type %d media %d in use %d",
2743 resp->seps[i].seid, resp->seps[i].type,
2744 resp->seps[i].media_type, resp->seps[i].inuse);
2745
2746 stream = find_stream_by_rseid(session, resp->seps[i].seid);
2747
2748 sep = find_remote_sep(session->seps, resp->seps[i].seid);
2749 if (!sep) {
2750 if (resp->seps[i].inuse && !stream)
2751 continue;
2752 sep = g_new0(struct avdtp_remote_sep, 1);
2753 session->seps = g_slist_append(session->seps, sep);
2754 }
2755
2756 sep->stream = stream;
2757 sep->seid = resp->seps[i].seid;
2758 sep->type = resp->seps[i].type;
2759 sep->media_type = resp->seps[i].media_type;
2760
2761 memset(&req, 0, sizeof(req));
2762 req.acp_seid = sep->seid;
2763
2764 ret = send_request(session, TRUE, NULL, getcap_cmd,
2765 &req, sizeof(req));
2766 if (ret < 0) {
2767 finalize_discovery(session, -ret);
2768 break;
2769 }
2770 }
2771
2772 return TRUE;
2773 }
2774
avdtp_get_capabilities_resp(struct avdtp * session,struct getcap_resp * resp,unsigned int size)2775 static gboolean avdtp_get_capabilities_resp(struct avdtp *session,
2776 struct getcap_resp *resp,
2777 unsigned int size)
2778 {
2779 struct avdtp_remote_sep *sep;
2780 uint8_t seid;
2781
2782 /* Check for minimum required packet size includes:
2783 * 1. getcap resp header
2784 * 2. media transport capability (2 bytes)
2785 * 3. media codec capability type + length (2 bytes)
2786 * 4. the actual media codec elements
2787 * */
2788 if (size < (sizeof(struct getcap_resp) + 4 +
2789 sizeof(struct avdtp_media_codec_capability))) {
2790 error("Too short getcap resp packet");
2791 return FALSE;
2792 }
2793
2794 seid = ((struct seid_req *) session->req->data)->acp_seid;
2795
2796 sep = find_remote_sep(session->seps, seid);
2797
2798 DBG("seid %d type %d media %d", sep->seid,
2799 sep->type, sep->media_type);
2800
2801 if (sep->caps) {
2802 g_slist_foreach(sep->caps, (GFunc) g_free, NULL);
2803 g_slist_free(sep->caps);
2804 sep->caps = NULL;
2805 sep->codec = NULL;
2806 sep->delay_reporting = FALSE;
2807 }
2808
2809 sep->caps = caps_to_list(resp->caps, size - sizeof(struct getcap_resp),
2810 &sep->codec, &sep->delay_reporting);
2811
2812 return TRUE;
2813 }
2814
avdtp_set_configuration_resp(struct avdtp * session,struct avdtp_stream * stream,struct avdtp_single_header * resp,int size)2815 static gboolean avdtp_set_configuration_resp(struct avdtp *session,
2816 struct avdtp_stream *stream,
2817 struct avdtp_single_header *resp,
2818 int size)
2819 {
2820 struct avdtp_local_sep *sep = stream->lsep;
2821
2822 if (sep->cfm && sep->cfm->set_configuration)
2823 sep->cfm->set_configuration(session, sep, stream, NULL,
2824 sep->user_data);
2825
2826 avdtp_sep_set_state(session, sep, AVDTP_STATE_CONFIGURED);
2827
2828 return TRUE;
2829 }
2830
avdtp_reconfigure_resp(struct avdtp * session,struct avdtp_stream * stream,struct avdtp_single_header * resp,int size)2831 static gboolean avdtp_reconfigure_resp(struct avdtp *session,
2832 struct avdtp_stream *stream,
2833 struct avdtp_single_header *resp, int size)
2834 {
2835 return TRUE;
2836 }
2837
avdtp_open_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2838 static gboolean avdtp_open_resp(struct avdtp *session, struct avdtp_stream *stream,
2839 struct seid_rej *resp, int size)
2840 {
2841 struct avdtp_local_sep *sep = stream->lsep;
2842
2843 stream->io = l2cap_connect(session);
2844 if (!stream->io) {
2845 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
2846 return FALSE;
2847 }
2848
2849 session->pending_open = stream;
2850
2851 return TRUE;
2852 }
2853
avdtp_start_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2854 static gboolean avdtp_start_resp(struct avdtp *session,
2855 struct avdtp_stream *stream,
2856 struct seid_rej *resp, int size)
2857 {
2858 struct avdtp_local_sep *sep = stream->lsep;
2859
2860 if (sep->cfm && sep->cfm->start)
2861 sep->cfm->start(session, sep, stream, NULL, sep->user_data);
2862
2863 /* We might be in STREAMING already if both sides send START_CMD at the
2864 * same time and the one in SNK role doesn't reject it as it should */
2865 if (sep->state != AVDTP_STATE_STREAMING)
2866 avdtp_sep_set_state(session, sep, AVDTP_STATE_STREAMING);
2867
2868 return TRUE;
2869 }
2870
avdtp_close_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2871 static gboolean avdtp_close_resp(struct avdtp *session,
2872 struct avdtp_stream *stream,
2873 struct seid_rej *resp, int size)
2874 {
2875 struct avdtp_local_sep *sep = stream->lsep;
2876
2877 avdtp_sep_set_state(session, sep, AVDTP_STATE_CLOSING);
2878
2879 close_stream(stream);
2880
2881 return TRUE;
2882 }
2883
avdtp_suspend_resp(struct avdtp * session,struct avdtp_stream * stream,void * data,int size)2884 static gboolean avdtp_suspend_resp(struct avdtp *session,
2885 struct avdtp_stream *stream,
2886 void *data, int size)
2887 {
2888 struct avdtp_local_sep *sep = stream->lsep;
2889
2890 avdtp_sep_set_state(session, sep, AVDTP_STATE_OPEN);
2891
2892 if (sep->cfm && sep->cfm->suspend)
2893 sep->cfm->suspend(session, sep, stream, NULL, sep->user_data);
2894
2895 return TRUE;
2896 }
2897
avdtp_abort_resp(struct avdtp * session,struct avdtp_stream * stream,struct seid_rej * resp,int size)2898 static gboolean avdtp_abort_resp(struct avdtp *session,
2899 struct avdtp_stream *stream,
2900 struct seid_rej *resp, int size)
2901 {
2902 struct avdtp_local_sep *sep = stream->lsep;
2903
2904 avdtp_sep_set_state(session, sep, AVDTP_STATE_ABORTING);
2905
2906 if (sep->cfm && sep->cfm->abort)
2907 sep->cfm->abort(session, sep, stream, NULL, sep->user_data);
2908
2909 avdtp_sep_set_state(session, sep, AVDTP_STATE_IDLE);
2910
2911 return TRUE;
2912 }
2913
avdtp_delay_report_resp(struct avdtp * session,struct avdtp_stream * stream,void * data,int size)2914 static gboolean avdtp_delay_report_resp(struct avdtp *session,
2915 struct avdtp_stream *stream,
2916 void *data, int size)
2917 {
2918 struct avdtp_local_sep *sep = stream->lsep;
2919
2920 if (sep->cfm && sep->cfm->delay_report)
2921 sep->cfm->delay_report(session, sep, stream, NULL, sep->user_data);
2922
2923 return TRUE;
2924 }
2925
avdtp_parse_resp(struct avdtp * session,struct avdtp_stream * stream,uint8_t transaction,uint8_t signal_id,void * buf,int size)2926 static gboolean avdtp_parse_resp(struct avdtp *session,
2927 struct avdtp_stream *stream,
2928 uint8_t transaction, uint8_t signal_id,
2929 void *buf, int size)
2930 {
2931 struct pending_req *next;
2932 const char *get_all = "";
2933
2934 if (session->prio_queue)
2935 next = session->prio_queue->data;
2936 else if (session->req_queue)
2937 next = session->req_queue->data;
2938 else
2939 next = NULL;
2940
2941 switch (signal_id) {
2942 case AVDTP_DISCOVER:
2943 DBG("DISCOVER request succeeded");
2944 return avdtp_discover_resp(session, buf, size);
2945 case AVDTP_GET_ALL_CAPABILITIES:
2946 get_all = "ALL_";
2947 case AVDTP_GET_CAPABILITIES:
2948 DBG("GET_%sCAPABILITIES request succeeded", get_all);
2949 if (!avdtp_get_capabilities_resp(session, buf, size))
2950 return FALSE;
2951 if (!(next && (next->signal_id == AVDTP_GET_CAPABILITIES ||
2952 next->signal_id == AVDTP_GET_ALL_CAPABILITIES)))
2953 finalize_discovery(session, 0);
2954 return TRUE;
2955 }
2956
2957 /* The remaining commands require an existing stream so bail out
2958 * here if the stream got unexpectedly disconnected */
2959 if (!stream) {
2960 DBG("AVDTP: stream was closed while waiting for reply");
2961 return TRUE;
2962 }
2963
2964 switch (signal_id) {
2965 case AVDTP_SET_CONFIGURATION:
2966 DBG("SET_CONFIGURATION request succeeded");
2967 return avdtp_set_configuration_resp(session, stream,
2968 buf, size);
2969 case AVDTP_RECONFIGURE:
2970 DBG("RECONFIGURE request succeeded");
2971 return avdtp_reconfigure_resp(session, stream, buf, size);
2972 case AVDTP_OPEN:
2973 DBG("OPEN request succeeded");
2974 return avdtp_open_resp(session, stream, buf, size);
2975 case AVDTP_SUSPEND:
2976 DBG("SUSPEND request succeeded");
2977 return avdtp_suspend_resp(session, stream, buf, size);
2978 case AVDTP_START:
2979 DBG("START request succeeded");
2980 return avdtp_start_resp(session, stream, buf, size);
2981 case AVDTP_CLOSE:
2982 DBG("CLOSE request succeeded");
2983 return avdtp_close_resp(session, stream, buf, size);
2984 case AVDTP_ABORT:
2985 DBG("ABORT request succeeded");
2986 return avdtp_abort_resp(session, stream, buf, size);
2987 case AVDTP_DELAY_REPORT:
2988 DBG("DELAY_REPORT request succeeded");
2989 return avdtp_delay_report_resp(session, stream, buf, size);
2990 }
2991
2992 error("Unknown signal id in accept response: %u", signal_id);
2993 return TRUE;
2994 }
2995
seid_rej_to_err(struct seid_rej * rej,unsigned int size,struct avdtp_error * err)2996 static gboolean seid_rej_to_err(struct seid_rej *rej, unsigned int size,
2997 struct avdtp_error *err)
2998 {
2999 if (size < sizeof(struct seid_rej)) {
3000 error("Too small packet for seid_rej");
3001 return FALSE;
3002 }
3003
3004 avdtp_error_init(err, 0x00, rej->error);
3005
3006 return TRUE;
3007 }
3008
conf_rej_to_err(struct conf_rej * rej,unsigned int size,struct avdtp_error * err)3009 static gboolean conf_rej_to_err(struct conf_rej *rej, unsigned int size,
3010 struct avdtp_error *err)
3011 {
3012 if (size < sizeof(struct conf_rej)) {
3013 error("Too small packet for conf_rej");
3014 return FALSE;
3015 }
3016
3017 avdtp_error_init(err, rej->category, rej->error);
3018
3019 return TRUE;
3020 }
3021
stream_rej_to_err(struct stream_rej * rej,unsigned int size,struct avdtp_error * err,uint8_t * acp_seid)3022 static gboolean stream_rej_to_err(struct stream_rej *rej, unsigned int size,
3023 struct avdtp_error *err,
3024 uint8_t *acp_seid)
3025 {
3026 if (size < sizeof(struct stream_rej)) {
3027 error("Too small packet for stream_rej");
3028 return FALSE;
3029 }
3030
3031 avdtp_error_init(err, 0x00, rej->error);
3032
3033 if (acp_seid)
3034 *acp_seid = rej->acp_seid;
3035
3036 return TRUE;
3037 }
3038
avdtp_parse_rej(struct avdtp * session,struct avdtp_stream * stream,uint8_t transaction,uint8_t signal_id,void * buf,int size)3039 static gboolean avdtp_parse_rej(struct avdtp *session,
3040 struct avdtp_stream *stream,
3041 uint8_t transaction, uint8_t signal_id,
3042 void *buf, int size)
3043 {
3044 struct avdtp_error err;
3045 uint8_t acp_seid;
3046 struct avdtp_local_sep *sep = stream ? stream->lsep : NULL;
3047
3048 switch (signal_id) {
3049 case AVDTP_DISCOVER:
3050 if (!seid_rej_to_err(buf, size, &err))
3051 return FALSE;
3052 error("DISCOVER request rejected: %s (%d)",
3053 avdtp_strerror(&err), err.err.error_code);
3054 return TRUE;
3055 case AVDTP_GET_CAPABILITIES:
3056 case AVDTP_GET_ALL_CAPABILITIES:
3057 if (!seid_rej_to_err(buf, size, &err))
3058 return FALSE;
3059 error("GET_CAPABILITIES request rejected: %s (%d)",
3060 avdtp_strerror(&err), err.err.error_code);
3061 return TRUE;
3062 case AVDTP_OPEN:
3063 if (!seid_rej_to_err(buf, size, &err))
3064 return FALSE;
3065 error("OPEN request rejected: %s (%d)",
3066 avdtp_strerror(&err), err.err.error_code);
3067 if (sep && sep->cfm && sep->cfm->open)
3068 sep->cfm->open(session, sep, stream, &err,
3069 sep->user_data);
3070 return TRUE;
3071 case AVDTP_SET_CONFIGURATION:
3072 if (!conf_rej_to_err(buf, size, &err))
3073 return FALSE;
3074 error("SET_CONFIGURATION request rejected: %s (%d)",
3075 avdtp_strerror(&err), err.err.error_code);
3076 if (sep && sep->cfm && sep->cfm->set_configuration)
3077 sep->cfm->set_configuration(session, sep, stream,
3078 &err, sep->user_data);
3079 return TRUE;
3080 case AVDTP_RECONFIGURE:
3081 if (!conf_rej_to_err(buf, size, &err))
3082 return FALSE;
3083 error("RECONFIGURE request rejected: %s (%d)",
3084 avdtp_strerror(&err), err.err.error_code);
3085 if (sep && sep->cfm && sep->cfm->reconfigure)
3086 sep->cfm->reconfigure(session, sep, stream, &err,
3087 sep->user_data);
3088 return TRUE;
3089 case AVDTP_START:
3090 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
3091 return FALSE;
3092 error("START request rejected: %s (%d)",
3093 avdtp_strerror(&err), err.err.error_code);
3094 if (sep && sep->cfm && sep->cfm->start) {
3095 sep->cfm->start(session, sep, stream, &err,
3096 sep->user_data);
3097 stream->starting = FALSE;
3098 }
3099 return TRUE;
3100 case AVDTP_SUSPEND:
3101 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
3102 return FALSE;
3103 error("SUSPEND request rejected: %s (%d)",
3104 avdtp_strerror(&err), err.err.error_code);
3105 if (sep && sep->cfm && sep->cfm->suspend)
3106 sep->cfm->suspend(session, sep, stream, &err,
3107 sep->user_data);
3108 return TRUE;
3109 case AVDTP_CLOSE:
3110 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
3111 return FALSE;
3112 error("CLOSE request rejected: %s (%d)",
3113 avdtp_strerror(&err), err.err.error_code);
3114 if (sep && sep->cfm && sep->cfm->close) {
3115 sep->cfm->close(session, sep, stream, &err,
3116 sep->user_data);
3117 stream->close_int = FALSE;
3118 }
3119 return TRUE;
3120 case AVDTP_ABORT:
3121 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
3122 return FALSE;
3123 error("ABORT request rejected: %s (%d)",
3124 avdtp_strerror(&err), err.err.error_code);
3125 if (sep && sep->cfm && sep->cfm->abort)
3126 sep->cfm->abort(session, sep, stream, &err,
3127 sep->user_data);
3128 return FALSE;
3129 case AVDTP_DELAY_REPORT:
3130 if (!stream_rej_to_err(buf, size, &err, &acp_seid))
3131 return FALSE;
3132 error("DELAY_REPORT request rejected: %s (%d)",
3133 avdtp_strerror(&err), err.err.error_code);
3134 if (sep && sep->cfm && sep->cfm->delay_report)
3135 sep->cfm->delay_report(session, sep, stream, &err,
3136 sep->user_data);
3137 return TRUE;
3138 default:
3139 error("Unknown reject response signal id: %u", signal_id);
3140 return TRUE;
3141 }
3142 }
3143
avdtp_is_connected(const bdaddr_t * src,const bdaddr_t * dst)3144 gboolean avdtp_is_connected(const bdaddr_t *src, const bdaddr_t *dst)
3145 {
3146 struct avdtp_server *server;
3147 struct avdtp *session;
3148
3149 server = find_server(servers, src);
3150 if (!server)
3151 return FALSE;
3152
3153 session = find_session(server->sessions, dst);
3154 if (!session)
3155 return FALSE;
3156
3157 if (session->state != AVDTP_SESSION_STATE_DISCONNECTED)
3158 return TRUE;
3159
3160 return FALSE;
3161 }
3162
avdtp_stream_get_codec(struct avdtp_stream * stream)3163 struct avdtp_service_capability *avdtp_stream_get_codec(
3164 struct avdtp_stream *stream)
3165 {
3166 GSList *l;
3167
3168 for (l = stream->caps; l; l = l->next) {
3169 struct avdtp_service_capability *cap = l->data;
3170
3171 if (cap->category == AVDTP_MEDIA_CODEC)
3172 return cap;
3173 }
3174
3175 return NULL;
3176 }
3177
avdtp_stream_has_capability(struct avdtp_stream * stream,struct avdtp_service_capability * cap)3178 gboolean avdtp_stream_has_capability(struct avdtp_stream *stream,
3179 struct avdtp_service_capability *cap)
3180 {
3181 GSList *l;
3182 struct avdtp_service_capability *stream_cap;
3183
3184 for (l = stream->caps; l; l = g_slist_next(l)) {
3185 stream_cap = l->data;
3186
3187 if (stream_cap->category != cap->category ||
3188 stream_cap->length != cap->length)
3189 continue;
3190
3191 if (memcmp(stream_cap->data, cap->data, cap->length) == 0)
3192 return TRUE;
3193 }
3194
3195 return FALSE;
3196 }
3197
avdtp_stream_has_capabilities(struct avdtp_stream * stream,GSList * caps)3198 gboolean avdtp_stream_has_capabilities(struct avdtp_stream *stream,
3199 GSList *caps)
3200 {
3201 for (; caps; caps = g_slist_next(caps)) {
3202 struct avdtp_service_capability *cap = caps->data;
3203
3204 if (!avdtp_stream_has_capability(stream, cap))
3205 return FALSE;
3206 }
3207
3208 return TRUE;
3209 }
3210
avdtp_stream_get_remote_sep(struct avdtp_stream * stream)3211 struct avdtp_remote_sep *avdtp_stream_get_remote_sep(
3212 struct avdtp_stream *stream)
3213 {
3214 return avdtp_get_remote_sep(stream->session, stream->rseid);
3215 }
3216
avdtp_stream_get_transport(struct avdtp_stream * stream,int * sock,uint16_t * imtu,uint16_t * omtu,GSList ** caps)3217 gboolean avdtp_stream_get_transport(struct avdtp_stream *stream, int *sock,
3218 uint16_t *imtu, uint16_t *omtu,
3219 GSList **caps)
3220 {
3221 if (stream->io == NULL)
3222 return FALSE;
3223
3224 if (sock)
3225 *sock = g_io_channel_unix_get_fd(stream->io);
3226
3227 if (omtu)
3228 *omtu = stream->omtu;
3229
3230 if (imtu)
3231 *imtu = stream->imtu;
3232
3233 if (caps)
3234 *caps = stream->caps;
3235
3236 return TRUE;
3237 }
3238
process_queue(struct avdtp * session)3239 static int process_queue(struct avdtp *session)
3240 {
3241 GSList **queue, *l;
3242 struct pending_req *req;
3243
3244 if (session->req)
3245 return 0;
3246
3247 if (session->prio_queue)
3248 queue = &session->prio_queue;
3249 else
3250 queue = &session->req_queue;
3251
3252 if (!*queue)
3253 return 0;
3254
3255 l = *queue;
3256 req = l->data;
3257
3258 *queue = g_slist_remove(*queue, req);
3259
3260 return send_req(session, FALSE, req);
3261 }
3262
avdtp_get_remote_sep(struct avdtp * session,uint8_t seid)3263 struct avdtp_remote_sep *avdtp_get_remote_sep(struct avdtp *session,
3264 uint8_t seid)
3265 {
3266 GSList *l;
3267
3268 for (l = session->seps; l; l = l->next) {
3269 struct avdtp_remote_sep *sep = l->data;
3270
3271 if (sep->seid == seid)
3272 return sep;
3273 }
3274
3275 return NULL;
3276 }
3277
avdtp_get_seid(struct avdtp_remote_sep * sep)3278 uint8_t avdtp_get_seid(struct avdtp_remote_sep *sep)
3279 {
3280 return sep->seid;
3281 }
3282
avdtp_get_type(struct avdtp_remote_sep * sep)3283 uint8_t avdtp_get_type(struct avdtp_remote_sep *sep)
3284 {
3285 return sep->type;
3286 }
3287
avdtp_get_codec(struct avdtp_remote_sep * sep)3288 struct avdtp_service_capability *avdtp_get_codec(struct avdtp_remote_sep *sep)
3289 {
3290 return sep->codec;
3291 }
3292
avdtp_get_delay_reporting(struct avdtp_remote_sep * sep)3293 gboolean avdtp_get_delay_reporting(struct avdtp_remote_sep *sep)
3294 {
3295 return sep->delay_reporting;
3296 }
3297
avdtp_get_stream(struct avdtp_remote_sep * sep)3298 struct avdtp_stream *avdtp_get_stream(struct avdtp_remote_sep *sep)
3299 {
3300 return sep->stream;
3301 }
3302
avdtp_service_cap_new(uint8_t category,void * data,int length)3303 struct avdtp_service_capability *avdtp_service_cap_new(uint8_t category,
3304 void *data, int length)
3305 {
3306 struct avdtp_service_capability *cap;
3307
3308 if (category < AVDTP_MEDIA_TRANSPORT || category > AVDTP_DELAY_REPORTING)
3309 return NULL;
3310
3311 cap = g_malloc(sizeof(struct avdtp_service_capability) + length);
3312 cap->category = category;
3313 cap->length = length;
3314 memcpy(cap->data, data, length);
3315
3316 return cap;
3317 }
3318
process_discover(gpointer data)3319 static gboolean process_discover(gpointer data)
3320 {
3321 struct avdtp *session = data;
3322
3323 finalize_discovery(session, 0);
3324
3325 return FALSE;
3326 }
3327
avdtp_discover(struct avdtp * session,avdtp_discover_cb_t cb,void * user_data)3328 int avdtp_discover(struct avdtp *session, avdtp_discover_cb_t cb,
3329 void *user_data)
3330 {
3331 int err;
3332
3333 if (session->discov_cb)
3334 return -EBUSY;
3335
3336 if (session->seps) {
3337 session->discov_cb = cb;
3338 session->user_data = user_data;
3339 g_idle_add(process_discover, session);
3340 return 0;
3341 }
3342
3343 err = send_request(session, FALSE, NULL, AVDTP_DISCOVER, NULL, 0);
3344 if (err == 0) {
3345 session->discov_cb = cb;
3346 session->user_data = user_data;
3347 }
3348
3349 return err;
3350 }
3351
avdtp_stream_remove_cb(struct avdtp * session,struct avdtp_stream * stream,unsigned int id)3352 gboolean avdtp_stream_remove_cb(struct avdtp *session,
3353 struct avdtp_stream *stream,
3354 unsigned int id)
3355 {
3356 GSList *l;
3357 struct stream_callback *cb;
3358
3359 if (!stream)
3360 return FALSE;
3361
3362 for (cb = NULL, l = stream->callbacks; l != NULL; l = l->next) {
3363 struct stream_callback *tmp = l->data;
3364 if (tmp && tmp->id == id) {
3365 cb = tmp;
3366 break;
3367 }
3368 }
3369
3370 if (!cb)
3371 return FALSE;
3372
3373 stream->callbacks = g_slist_remove(stream->callbacks, cb);
3374 g_free(cb);
3375
3376 return TRUE;
3377 }
3378
avdtp_stream_add_cb(struct avdtp * session,struct avdtp_stream * stream,avdtp_stream_state_cb cb,void * data)3379 unsigned int avdtp_stream_add_cb(struct avdtp *session,
3380 struct avdtp_stream *stream,
3381 avdtp_stream_state_cb cb, void *data)
3382 {
3383 struct stream_callback *stream_cb;
3384 static unsigned int id = 0;
3385
3386 stream_cb = g_new(struct stream_callback, 1);
3387 stream_cb->cb = cb;
3388 stream_cb->user_data = data;
3389 stream_cb->id = ++id;
3390
3391 stream->callbacks = g_slist_append(stream->callbacks, stream_cb);;
3392
3393 return stream_cb->id;
3394 }
3395
avdtp_get_configuration(struct avdtp * session,struct avdtp_stream * stream)3396 int avdtp_get_configuration(struct avdtp *session, struct avdtp_stream *stream)
3397 {
3398 struct seid_req req;
3399
3400 if (session->state < AVDTP_SESSION_STATE_CONNECTED)
3401 return -EINVAL;
3402
3403 memset(&req, 0, sizeof(req));
3404 req.acp_seid = stream->rseid;
3405
3406 return send_request(session, FALSE, stream, AVDTP_GET_CONFIGURATION,
3407 &req, sizeof(req));
3408 }
3409
copy_capabilities(gpointer data,gpointer user_data)3410 static void copy_capabilities(gpointer data, gpointer user_data)
3411 {
3412 struct avdtp_service_capability *src_cap = data;
3413 struct avdtp_service_capability *dst_cap;
3414 GSList **l = user_data;
3415
3416 dst_cap = avdtp_service_cap_new(src_cap->category, src_cap->data,
3417 src_cap->length);
3418
3419 *l = g_slist_append(*l, dst_cap);
3420 }
3421
avdtp_set_configuration(struct avdtp * session,struct avdtp_remote_sep * rsep,struct avdtp_local_sep * lsep,GSList * caps,struct avdtp_stream ** stream)3422 int avdtp_set_configuration(struct avdtp *session,
3423 struct avdtp_remote_sep *rsep,
3424 struct avdtp_local_sep *lsep,
3425 GSList *caps,
3426 struct avdtp_stream **stream)
3427 {
3428 struct setconf_req *req;
3429 struct avdtp_stream *new_stream;
3430 unsigned char *ptr;
3431 int err, caps_len;
3432 struct avdtp_service_capability *cap;
3433 GSList *l;
3434
3435 if (session->state != AVDTP_SESSION_STATE_CONNECTED)
3436 return -ENOTCONN;
3437
3438 if (!(lsep && rsep))
3439 return -EINVAL;
3440
3441 DBG("%p: int_seid=%u, acp_seid=%u", session,
3442 lsep->info.seid, rsep->seid);
3443
3444 new_stream = g_new0(struct avdtp_stream, 1);
3445 new_stream->session = session;
3446 new_stream->lsep = lsep;
3447 new_stream->rseid = rsep->seid;
3448
3449 if (rsep->delay_reporting && lsep->delay_reporting) {
3450 struct avdtp_service_capability *delay_reporting;
3451
3452 delay_reporting = avdtp_service_cap_new(AVDTP_DELAY_REPORTING,
3453 NULL, 0);
3454 caps = g_slist_append(caps, delay_reporting);
3455 new_stream->delay_reporting = TRUE;
3456 }
3457
3458 g_slist_foreach(caps, copy_capabilities, &new_stream->caps);
3459
3460 /* Calculate total size of request */
3461 for (l = caps, caps_len = 0; l != NULL; l = g_slist_next(l)) {
3462 cap = l->data;
3463 caps_len += cap->length + 2;
3464 }
3465
3466 req = g_malloc0(sizeof(struct setconf_req) + caps_len);
3467
3468 req->int_seid = lsep->info.seid;
3469 req->acp_seid = rsep->seid;
3470
3471 /* Copy the capabilities into the request */
3472 for (l = caps, ptr = req->caps; l != NULL; l = g_slist_next(l)) {
3473 cap = l->data;
3474 memcpy(ptr, cap, cap->length + 2);
3475 ptr += cap->length + 2;
3476 }
3477
3478 err = send_request(session, FALSE, new_stream,
3479 AVDTP_SET_CONFIGURATION, req,
3480 sizeof(struct setconf_req) + caps_len);
3481 if (err < 0)
3482 stream_free(new_stream);
3483 else {
3484 lsep->info.inuse = 1;
3485 lsep->stream = new_stream;
3486 rsep->stream = new_stream;
3487 session->streams = g_slist_append(session->streams, new_stream);
3488 if (stream)
3489 *stream = new_stream;
3490 }
3491
3492 g_free(req);
3493
3494 return err;
3495 }
3496
avdtp_reconfigure(struct avdtp * session,GSList * caps,struct avdtp_stream * stream)3497 int avdtp_reconfigure(struct avdtp *session, GSList *caps,
3498 struct avdtp_stream *stream)
3499 {
3500 struct reconf_req *req;
3501 unsigned char *ptr;
3502 int caps_len, err;
3503 GSList *l;
3504 struct avdtp_service_capability *cap;
3505
3506 if (!g_slist_find(session->streams, stream))
3507 return -EINVAL;
3508
3509 if (stream->lsep->state != AVDTP_STATE_OPEN)
3510 return -EINVAL;
3511
3512 /* Calculate total size of request */
3513 for (l = caps, caps_len = 0; l != NULL; l = g_slist_next(l)) {
3514 cap = l->data;
3515 caps_len += cap->length + 2;
3516 }
3517
3518 req = g_malloc0(sizeof(struct reconf_req) + caps_len);
3519
3520 req->acp_seid = stream->rseid;
3521
3522 /* Copy the capabilities into the request */
3523 for (l = caps, ptr = req->caps; l != NULL; l = g_slist_next(l)) {
3524 cap = l->data;
3525 memcpy(ptr, cap, cap->length + 2);
3526 ptr += cap->length + 2;
3527 }
3528
3529 err = send_request(session, FALSE, stream, AVDTP_RECONFIGURE, req,
3530 sizeof(*req) + caps_len);
3531 g_free(req);
3532
3533 return err;
3534 }
3535
avdtp_open(struct avdtp * session,struct avdtp_stream * stream)3536 int avdtp_open(struct avdtp *session, struct avdtp_stream *stream)
3537 {
3538 struct seid_req req;
3539
3540 if (!g_slist_find(session->streams, stream))
3541 return -EINVAL;
3542
3543 if (stream->lsep->state > AVDTP_STATE_CONFIGURED)
3544 return -EINVAL;
3545
3546 memset(&req, 0, sizeof(req));
3547 req.acp_seid = stream->rseid;
3548
3549 return send_request(session, FALSE, stream, AVDTP_OPEN,
3550 &req, sizeof(req));
3551 }
3552
avdtp_start(struct avdtp * session,struct avdtp_stream * stream)3553 int avdtp_start(struct avdtp *session, struct avdtp_stream *stream)
3554 {
3555 struct start_req req;
3556 int ret;
3557
3558 if (!g_slist_find(session->streams, stream))
3559 return -EINVAL;
3560
3561 if (stream->lsep->state != AVDTP_STATE_OPEN)
3562 return -EINVAL;
3563
3564 if (stream->close_int == TRUE) {
3565 error("avdtp_start: rejecting start since close is initiated");
3566 return -EINVAL;
3567 }
3568
3569 if (stream->starting == TRUE) {
3570 DBG("stream already started");
3571 return -EINVAL;
3572 }
3573
3574 memset(&req, 0, sizeof(req));
3575 req.first_seid.seid = stream->rseid;
3576
3577 ret = send_request(session, FALSE, stream, AVDTP_START,
3578 &req, sizeof(req));
3579 if (ret == 0)
3580 stream->starting = TRUE;
3581
3582 return ret;
3583 }
3584
avdtp_close(struct avdtp * session,struct avdtp_stream * stream,gboolean immediate)3585 int avdtp_close(struct avdtp *session, struct avdtp_stream *stream,
3586 gboolean immediate)
3587 {
3588 struct seid_req req;
3589 int ret;
3590
3591 if (!g_slist_find(session->streams, stream))
3592 return -EINVAL;
3593
3594 if (stream->lsep->state < AVDTP_STATE_OPEN)
3595 return -EINVAL;
3596
3597 if (stream->close_int == TRUE) {
3598 error("avdtp_close: rejecting since close is already initiated");
3599 return -EINVAL;
3600 }
3601
3602 if (immediate && session->req && stream == session->req->stream)
3603 return avdtp_abort(session, stream);
3604
3605 memset(&req, 0, sizeof(req));
3606 req.acp_seid = stream->rseid;
3607
3608 ret = send_request(session, FALSE, stream, AVDTP_CLOSE,
3609 &req, sizeof(req));
3610 if (ret == 0)
3611 stream->close_int = TRUE;
3612
3613 return ret;
3614 }
3615
avdtp_suspend(struct avdtp * session,struct avdtp_stream * stream)3616 int avdtp_suspend(struct avdtp *session, struct avdtp_stream *stream)
3617 {
3618 struct seid_req req;
3619
3620 if (!g_slist_find(session->streams, stream))
3621 return -EINVAL;
3622
3623 if (stream->lsep->state <= AVDTP_STATE_OPEN || stream->close_int)
3624 return -EINVAL;
3625
3626 memset(&req, 0, sizeof(req));
3627 req.acp_seid = stream->rseid;
3628
3629 return send_request(session, FALSE, stream, AVDTP_SUSPEND,
3630 &req, sizeof(req));
3631 }
3632
avdtp_abort(struct avdtp * session,struct avdtp_stream * stream)3633 int avdtp_abort(struct avdtp *session, struct avdtp_stream *stream)
3634 {
3635 struct seid_req req;
3636 int ret;
3637
3638 if (!g_slist_find(session->streams, stream))
3639 return -EINVAL;
3640
3641 if (stream->lsep->state == AVDTP_STATE_ABORTING)
3642 return -EINVAL;
3643
3644 if (session->req && stream == session->req->stream)
3645 return cancel_request(session, ECANCELED);
3646
3647 memset(&req, 0, sizeof(req));
3648 req.acp_seid = stream->rseid;
3649
3650 ret = send_request(session, TRUE, stream, AVDTP_ABORT,
3651 &req, sizeof(req));
3652 if (ret == 0)
3653 stream->abort_int = TRUE;
3654
3655 return ret;
3656 }
3657
avdtp_delay_report(struct avdtp * session,struct avdtp_stream * stream,uint16_t delay)3658 int avdtp_delay_report(struct avdtp *session, struct avdtp_stream *stream,
3659 uint16_t delay)
3660 {
3661 struct delay_req req;
3662
3663 if (!g_slist_find(session->streams, stream))
3664 return -EINVAL;
3665
3666 if (stream->lsep->state != AVDTP_STATE_CONFIGURED &&
3667 stream->lsep->state != AVDTP_STATE_STREAMING)
3668 return -EINVAL;
3669
3670 if (!stream->delay_reporting || session->version < 0x0103 ||
3671 session->server->version < 0x0103)
3672 return -EINVAL;
3673
3674 stream->delay = delay;
3675
3676 memset(&req, 0, sizeof(req));
3677 req.acp_seid = stream->rseid;
3678 req.delay = htons(delay);
3679
3680 return send_request(session, TRUE, stream, AVDTP_DELAY_REPORT,
3681 &req, sizeof(req));
3682 }
3683
avdtp_register_sep(const bdaddr_t * src,uint8_t type,uint8_t media_type,uint8_t codec_type,gboolean delay_reporting,struct avdtp_sep_ind * ind,struct avdtp_sep_cfm * cfm,void * user_data)3684 struct avdtp_local_sep *avdtp_register_sep(const bdaddr_t *src, uint8_t type,
3685 uint8_t media_type,
3686 uint8_t codec_type,
3687 gboolean delay_reporting,
3688 struct avdtp_sep_ind *ind,
3689 struct avdtp_sep_cfm *cfm,
3690 void *user_data)
3691 {
3692 struct avdtp_server *server;
3693 struct avdtp_local_sep *sep;
3694
3695 server = find_server(servers, src);
3696 if (!server)
3697 return NULL;
3698
3699 if (g_slist_length(server->seps) > MAX_SEID)
3700 return NULL;
3701
3702 sep = g_new0(struct avdtp_local_sep, 1);
3703
3704 sep->state = AVDTP_STATE_IDLE;
3705 sep->info.seid = g_slist_length(server->seps) + 1;
3706 sep->info.type = type;
3707 sep->info.media_type = media_type;
3708 sep->codec = codec_type;
3709 sep->ind = ind;
3710 sep->cfm = cfm;
3711 sep->user_data = user_data;
3712 sep->server = server;
3713 sep->delay_reporting = TRUE;
3714
3715 DBG("SEP %p registered: type:%d codec:%d seid:%d", sep,
3716 sep->info.type, sep->codec, sep->info.seid);
3717 server->seps = g_slist_append(server->seps, sep);
3718
3719 return sep;
3720 }
3721
avdtp_unregister_sep(struct avdtp_local_sep * sep)3722 int avdtp_unregister_sep(struct avdtp_local_sep *sep)
3723 {
3724 struct avdtp_server *server;
3725
3726 if (!sep)
3727 return -EINVAL;
3728
3729 server = sep->server;
3730 server->seps = g_slist_remove(server->seps, sep);
3731
3732 if (sep->stream)
3733 release_stream(sep->stream, sep->stream->session);
3734
3735 DBG("SEP %p unregistered: type:%d codec:%d seid:%d", sep,
3736 sep->info.type, sep->codec, sep->info.seid);
3737
3738 g_free(sep);
3739
3740 return 0;
3741 }
3742
avdtp_server_socket(const bdaddr_t * src,gboolean master)3743 static GIOChannel *avdtp_server_socket(const bdaddr_t *src, gboolean master)
3744 {
3745 GError *err = NULL;
3746 GIOChannel *io;
3747
3748 io = bt_io_listen(BT_IO_L2CAP, NULL, avdtp_confirm_cb,
3749 NULL, NULL, &err,
3750 BT_IO_OPT_SOURCE_BDADDR, src,
3751 BT_IO_OPT_PSM, AVDTP_PSM,
3752 BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
3753 BT_IO_OPT_MASTER, master,
3754 BT_IO_OPT_INVALID);
3755 if (!io) {
3756 error("%s", err->message);
3757 g_error_free(err);
3758 }
3759
3760 return io;
3761 }
3762
avdtp_strerror(struct avdtp_error * err)3763 const char *avdtp_strerror(struct avdtp_error *err)
3764 {
3765 if (err->category == AVDTP_ERRNO)
3766 return strerror(err->err.posix_errno);
3767
3768 switch(err->err.error_code) {
3769 case AVDTP_BAD_HEADER_FORMAT:
3770 return "Bad Header Format";
3771 case AVDTP_BAD_LENGTH:
3772 return "Bad Packet Lenght";
3773 case AVDTP_BAD_ACP_SEID:
3774 return "Bad Acceptor SEID";
3775 case AVDTP_SEP_IN_USE:
3776 return "Stream End Point in Use";
3777 case AVDTP_SEP_NOT_IN_USE:
3778 return "Stream End Point Not in Use";
3779 case AVDTP_BAD_SERV_CATEGORY:
3780 return "Bad Service Category";
3781 case AVDTP_BAD_PAYLOAD_FORMAT:
3782 return "Bad Payload format";
3783 case AVDTP_NOT_SUPPORTED_COMMAND:
3784 return "Command Not Supported";
3785 case AVDTP_INVALID_CAPABILITIES:
3786 return "Invalid Capabilities";
3787 case AVDTP_BAD_RECOVERY_TYPE:
3788 return "Bad Recovery Type";
3789 case AVDTP_BAD_MEDIA_TRANSPORT_FORMAT:
3790 return "Bad Media Transport Format";
3791 case AVDTP_BAD_RECOVERY_FORMAT:
3792 return "Bad Recovery Format";
3793 case AVDTP_BAD_ROHC_FORMAT:
3794 return "Bad Header Compression Format";
3795 case AVDTP_BAD_CP_FORMAT:
3796 return "Bad Content Protetion Format";
3797 case AVDTP_BAD_MULTIPLEXING_FORMAT:
3798 return "Bad Multiplexing Format";
3799 case AVDTP_UNSUPPORTED_CONFIGURATION:
3800 return "Configuration not supported";
3801 case AVDTP_BAD_STATE:
3802 return "Bad State";
3803 default:
3804 return "Unknow error";
3805 }
3806 }
3807
avdtp_sep_get_state(struct avdtp_local_sep * sep)3808 avdtp_state_t avdtp_sep_get_state(struct avdtp_local_sep *sep)
3809 {
3810 return sep->state;
3811 }
3812
avdtp_get_peers(struct avdtp * session,bdaddr_t * src,bdaddr_t * dst)3813 void avdtp_get_peers(struct avdtp *session, bdaddr_t *src, bdaddr_t *dst)
3814 {
3815 if (src)
3816 bacpy(src, &session->server->src);
3817 if (dst)
3818 bacpy(dst, &session->dst);
3819 }
3820
avdtp_init(const bdaddr_t * src,GKeyFile * config,uint16_t * version)3821 int avdtp_init(const bdaddr_t *src, GKeyFile *config, uint16_t *version)
3822 {
3823 GError *err = NULL;
3824 gboolean tmp, master = TRUE;
3825 struct avdtp_server *server;
3826 uint16_t ver = 0x0102;
3827
3828 if (!config)
3829 goto proceed;
3830
3831 tmp = g_key_file_get_boolean(config, "General",
3832 "Master", &err);
3833 if (err) {
3834 DBG("audio.conf: %s", err->message);
3835 g_clear_error(&err);
3836 } else
3837 master = tmp;
3838
3839 tmp = g_key_file_get_boolean(config, "General", "AutoConnect",
3840 &err);
3841 if (err)
3842 g_clear_error(&err);
3843 else
3844 auto_connect = tmp;
3845
3846 if (g_key_file_get_boolean(config, "A2DP", "DelayReporting", NULL))
3847 ver = 0x0103;
3848
3849 proceed:
3850 server = g_new0(struct avdtp_server, 1);
3851 if (!server)
3852 return -ENOMEM;
3853
3854 server->version = ver;
3855
3856 if (version)
3857 *version = server->version;
3858
3859 server->io = avdtp_server_socket(src, master);
3860 if (!server->io) {
3861 g_free(server);
3862 return -1;
3863 }
3864
3865 bacpy(&server->src, src);
3866
3867 servers = g_slist_append(servers, server);
3868
3869 return 0;
3870 }
3871
avdtp_exit(const bdaddr_t * src)3872 void avdtp_exit(const bdaddr_t *src)
3873 {
3874 struct avdtp_server *server;
3875 GSList *l;
3876
3877 server = find_server(servers, src);
3878 if (!server)
3879 return;
3880
3881 for (l = server->sessions; l; l = l->next) {
3882 struct avdtp *session = l->data;
3883
3884 connection_lost(session, -ECONNABORTED);
3885 }
3886
3887 servers = g_slist_remove(servers, server);
3888
3889 g_io_channel_shutdown(server->io, TRUE, NULL);
3890 g_io_channel_unref(server->io);
3891 g_free(server);
3892 }
3893
avdtp_has_stream(struct avdtp * session,struct avdtp_stream * stream)3894 gboolean avdtp_has_stream(struct avdtp *session, struct avdtp_stream *stream)
3895 {
3896 return g_slist_find(session->streams, stream) ? TRUE : FALSE;
3897 }
3898
avdtp_set_auto_disconnect(struct avdtp * session,gboolean auto_dc)3899 void avdtp_set_auto_disconnect(struct avdtp *session, gboolean auto_dc)
3900 {
3901 session->auto_dc = auto_dc;
3902 }
3903
avdtp_stream_setup_active(struct avdtp * session)3904 gboolean avdtp_stream_setup_active(struct avdtp *session)
3905 {
3906 return session->stream_setup;
3907 }
3908
avdtp_set_device_disconnect(struct avdtp * session,gboolean dev_dc)3909 void avdtp_set_device_disconnect(struct avdtp *session, gboolean dev_dc)
3910 {
3911 session->device_disconnect = dev_dc;
3912 }
3913
avdtp_add_state_cb(avdtp_session_state_cb cb,void * user_data)3914 unsigned int avdtp_add_state_cb(avdtp_session_state_cb cb, void *user_data)
3915 {
3916 struct avdtp_state_callback *state_cb;
3917 static unsigned int id = 0;
3918
3919 state_cb = g_new(struct avdtp_state_callback, 1);
3920 state_cb->cb = cb;
3921 state_cb->user_data = user_data;
3922 state_cb->id = ++id;
3923
3924 avdtp_callbacks = g_slist_append(avdtp_callbacks, state_cb);;
3925
3926 return state_cb->id;
3927 }
3928
avdtp_remove_state_cb(unsigned int id)3929 gboolean avdtp_remove_state_cb(unsigned int id)
3930 {
3931 GSList *l;
3932
3933 for (l = avdtp_callbacks; l != NULL; l = l->next) {
3934 struct avdtp_state_callback *cb = l->data;
3935 if (cb && cb->id == id) {
3936 avdtp_callbacks = g_slist_remove(avdtp_callbacks, cb);
3937 g_free(cb);
3938 return TRUE;
3939 }
3940 }
3941
3942 return FALSE;
3943 }
3944