1/* 2 * ssar.c 3 * 4 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $Id: ssar.c,v 1.4 2004/01/12 22:54:31 max Exp $
| 1/* 2 * ssar.c 3 * 4 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $Id: ssar.c,v 1.4 2004/01/12 22:54:31 max Exp $
|
29 * $FreeBSD: head/usr.sbin/bluetooth/sdpd/ssar.c 124758 2004-01-20 20:48:26Z emax $
| 29 * $FreeBSD: head/usr.sbin/bluetooth/sdpd/ssar.c 139721 2005-01-05 18:37:37Z emax $
|
30 */ 31 32#include <sys/queue.h> 33#include <bluetooth.h> 34#include <sdp.h> 35#include <string.h> 36#include "profile.h" 37#include "provider.h" 38#include "server.h"
| 30 */ 31 32#include <sys/queue.h> 33#include <bluetooth.h> 34#include <sdp.h> 35#include <string.h> 36#include "profile.h" 37#include "provider.h" 38#include "server.h"
|
| 39#include "uuid-private.h"
|
39 40/* from sar.c */ 41int32_t server_prepare_attr_list(provider_p const provider, 42 uint8_t const *req, uint8_t const * const req_end, 43 uint8_t *rsp, uint8_t const * const rsp_end); 44 45/* 46 * Prepare SDP Service Search Attribute Response 47 */ 48 49int32_t 50server_prepare_service_search_attribute_response(server_p srv, int32_t fd) 51{ 52 uint8_t const *req = srv->req + sizeof(sdp_pdu_t); 53 uint8_t const *req_end = req + ((sdp_pdu_p)(srv->req))->len; 54 uint8_t *rsp = srv->fdidx[fd].rsp; 55 uint8_t const *rsp_end = rsp + NG_L2CAP_MTU_MAXIMUM; 56 57 uint8_t const *sspptr = NULL, *aidptr = NULL; 58 uint8_t *ptr = NULL; 59 60 provider_t *provider = NULL;
| 40 41/* from sar.c */ 42int32_t server_prepare_attr_list(provider_p const provider, 43 uint8_t const *req, uint8_t const * const req_end, 44 uint8_t *rsp, uint8_t const * const rsp_end); 45 46/* 47 * Prepare SDP Service Search Attribute Response 48 */ 49 50int32_t 51server_prepare_service_search_attribute_response(server_p srv, int32_t fd) 52{ 53 uint8_t const *req = srv->req + sizeof(sdp_pdu_t); 54 uint8_t const *req_end = req + ((sdp_pdu_p)(srv->req))->len; 55 uint8_t *rsp = srv->fdidx[fd].rsp; 56 uint8_t const *rsp_end = rsp + NG_L2CAP_MTU_MAXIMUM; 57 58 uint8_t const *sspptr = NULL, *aidptr = NULL; 59 uint8_t *ptr = NULL; 60 61 provider_t *provider = NULL;
|
61 int32_t type, rsp_limit, ssplen, aidlen, cslen, cs, uuid;
| 62 int32_t type, rsp_limit, ssplen, aidlen, cslen, cs; 63 uint128_t uuid, puuid;
|
62 63 /* 64 * Minimal Service Search Attribute Request request 65 * 66 * seq8 len8 - 2 bytes 67 * uuid16 value16 - 3 bytes ServiceSearchPattern 68 * value16 - 2 bytes MaximumAttributeByteCount 69 * seq8 len8 - 2 bytes 70 * uint16 value16 - 3 bytes AttributeIDList 71 * value8 - 1 byte ContinuationState 72 */ 73 74 if (req_end - req < 13) 75 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 76 77 /* Get size of ServiceSearchPattern */ 78 ssplen = 0; 79 SDP_GET8(type, req); 80 switch (type) { 81 case SDP_DATA_SEQ8: 82 SDP_GET8(ssplen, req); 83 break; 84 85 case SDP_DATA_SEQ16: 86 SDP_GET16(ssplen, req); 87 break; 88 89 case SDP_DATA_SEQ32: 90 SDP_GET32(ssplen, req); 91 break; 92 } 93 if (ssplen <= 0) 94 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 95 96 sspptr = req; 97 req += ssplen; 98 99 /* Get MaximumAttributeByteCount */ 100 if (req + 2 > req_end) 101 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 102 103 SDP_GET16(rsp_limit, req); 104 if (rsp_limit <= 0) 105 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 106 107 /* Get size of AttributeIDList */ 108 if (req + 1 > req_end) 109 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 110 111 aidlen = 0; 112 SDP_GET8(type, req); 113 switch (type) { 114 case SDP_DATA_SEQ8: 115 if (req + 1 > req_end) 116 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 117 118 SDP_GET8(aidlen, req); 119 break; 120 121 case SDP_DATA_SEQ16: 122 if (req + 2 > req_end) 123 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 124 125 SDP_GET16(aidlen, req); 126 break; 127 128 case SDP_DATA_SEQ32: 129 if (req + 4 > req_end) 130 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 131 132 SDP_GET32(aidlen, req); 133 break; 134 } 135 if (aidlen <= 0) 136 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 137 138 aidptr = req; 139 req += aidlen; 140 141 /* Get ContinuationState */ 142 if (req + 1 > req_end) 143 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 144 145 SDP_GET8(cslen, req); 146 if (cslen != 0) { 147 if (cslen != 2 || req_end - req != 2) 148 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 149 150 SDP_GET16(cs, req); 151 } else 152 cs = 0; 153 154 /* Process the request. First, check continuation state */ 155 if (srv->fdidx[fd].rsp_cs != cs) 156 return (SDP_ERROR_CODE_INVALID_CONTINUATION_STATE); 157 if (srv->fdidx[fd].rsp_size > 0) 158 return (0); 159 160 /* 161 * Service Search Attribute Response format 162 * 163 * value16 - 2 bytes AttributeListByteCount (not incl.) 164 * seq8 len16 - 3 bytes 165 * attr list - 3+ bytes AttributeLists 166 * [ attr list ] 167 */ 168 169 ptr = rsp + 3; 170 171 while (ssplen > 0) { 172 SDP_GET8(type, sspptr); 173 ssplen --; 174 175 switch (type) { 176 case SDP_DATA_UUID16: 177 if (ssplen < 2) 178 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 179
| 64 65 /* 66 * Minimal Service Search Attribute Request request 67 * 68 * seq8 len8 - 2 bytes 69 * uuid16 value16 - 3 bytes ServiceSearchPattern 70 * value16 - 2 bytes MaximumAttributeByteCount 71 * seq8 len8 - 2 bytes 72 * uint16 value16 - 3 bytes AttributeIDList 73 * value8 - 1 byte ContinuationState 74 */ 75 76 if (req_end - req < 13) 77 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 78 79 /* Get size of ServiceSearchPattern */ 80 ssplen = 0; 81 SDP_GET8(type, req); 82 switch (type) { 83 case SDP_DATA_SEQ8: 84 SDP_GET8(ssplen, req); 85 break; 86 87 case SDP_DATA_SEQ16: 88 SDP_GET16(ssplen, req); 89 break; 90 91 case SDP_DATA_SEQ32: 92 SDP_GET32(ssplen, req); 93 break; 94 } 95 if (ssplen <= 0) 96 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 97 98 sspptr = req; 99 req += ssplen; 100 101 /* Get MaximumAttributeByteCount */ 102 if (req + 2 > req_end) 103 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 104 105 SDP_GET16(rsp_limit, req); 106 if (rsp_limit <= 0) 107 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 108 109 /* Get size of AttributeIDList */ 110 if (req + 1 > req_end) 111 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 112 113 aidlen = 0; 114 SDP_GET8(type, req); 115 switch (type) { 116 case SDP_DATA_SEQ8: 117 if (req + 1 > req_end) 118 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 119 120 SDP_GET8(aidlen, req); 121 break; 122 123 case SDP_DATA_SEQ16: 124 if (req + 2 > req_end) 125 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 126 127 SDP_GET16(aidlen, req); 128 break; 129 130 case SDP_DATA_SEQ32: 131 if (req + 4 > req_end) 132 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 133 134 SDP_GET32(aidlen, req); 135 break; 136 } 137 if (aidlen <= 0) 138 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 139 140 aidptr = req; 141 req += aidlen; 142 143 /* Get ContinuationState */ 144 if (req + 1 > req_end) 145 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 146 147 SDP_GET8(cslen, req); 148 if (cslen != 0) { 149 if (cslen != 2 || req_end - req != 2) 150 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 151 152 SDP_GET16(cs, req); 153 } else 154 cs = 0; 155 156 /* Process the request. First, check continuation state */ 157 if (srv->fdidx[fd].rsp_cs != cs) 158 return (SDP_ERROR_CODE_INVALID_CONTINUATION_STATE); 159 if (srv->fdidx[fd].rsp_size > 0) 160 return (0); 161 162 /* 163 * Service Search Attribute Response format 164 * 165 * value16 - 2 bytes AttributeListByteCount (not incl.) 166 * seq8 len16 - 3 bytes 167 * attr list - 3+ bytes AttributeLists 168 * [ attr list ] 169 */ 170 171 ptr = rsp + 3; 172 173 while (ssplen > 0) { 174 SDP_GET8(type, sspptr); 175 ssplen --; 176 177 switch (type) { 178 case SDP_DATA_UUID16: 179 if (ssplen < 2) 180 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 181
|
180 SDP_GET16(uuid, sspptr);
| 182 memcpy(&uuid, &uuid_base, sizeof(uuid)); 183 uuid.b[2] = *sspptr ++; 184 uuid.b[3] = *sspptr ++;
|
181 ssplen -= 2; 182 break; 183
| 185 ssplen -= 2; 186 break; 187
|
184 case SDP_DATA_UUID32: /* XXX FIXME */ 185 case SDP_DATA_UUID128: /* XXX FIXME */
| 188 case SDP_DATA_UUID32: 189 if (ssplen < 4) 190 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 191 192 memcpy(&uuid, &uuid_base, sizeof(uuid)); 193 uuid.b[0] = *sspptr ++; 194 uuid.b[1] = *sspptr ++; 195 uuid.b[2] = *sspptr ++; 196 uuid.b[3] = *sspptr ++; 197 ssplen -= 4; 198 break; 199 200 case SDP_DATA_UUID128: 201 if (ssplen < 16) 202 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 203 204 memcpy(uuid.b, sspptr, 16); 205 sspptr += 16; 206 ssplen -= 16; 207 break; 208
|
186 default: 187 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 188 /* NOT REACHED */ 189 } 190 191 for (provider = provider_get_first(); 192 provider != NULL; 193 provider = provider_get_next(provider)) { 194 if (!provider_match_bdaddr(provider, &srv->req_sa.l2cap_bdaddr)) 195 continue; 196
| 209 default: 210 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX); 211 /* NOT REACHED */ 212 } 213 214 for (provider = provider_get_first(); 215 provider != NULL; 216 provider = provider_get_next(provider)) { 217 if (!provider_match_bdaddr(provider, &srv->req_sa.l2cap_bdaddr)) 218 continue; 219
|
197 if (provider->profile->uuid != uuid && 198 SDP_SERVICE_CLASS_PUBLIC_BROWSE_GROUP != uuid)
| 220 memcpy(&puuid, &uuid_base, sizeof(puuid)); 221 puuid.b[2] = provider->profile->uuid >> 8; 222 puuid.b[3] = provider->profile->uuid; 223 224 if (memcmp(&uuid, &puuid, sizeof(uuid)) != 0 && 225 memcmp(&uuid, &uuid_public_browse_group, sizeof(uuid)) != 0)
|
199 continue; 200 201 cs = server_prepare_attr_list(provider, 202 aidptr, aidptr + aidlen, ptr, rsp_end); 203 if (cs < 0) 204 return (SDP_ERROR_CODE_INSUFFICIENT_RESOURCES); 205 206 ptr += cs; 207 } 208 } 209 210 /* Set reply size (not counting PDU header and continuation state) */ 211 srv->fdidx[fd].rsp_limit = srv->fdidx[fd].omtu - sizeof(sdp_pdu_t) - 2; 212 if (srv->fdidx[fd].rsp_limit > rsp_limit) 213 srv->fdidx[fd].rsp_limit = rsp_limit; 214 215 srv->fdidx[fd].rsp_size = ptr - rsp; 216 srv->fdidx[fd].rsp_cs = 0; 217 218 /* Fix AttributeLists sequence header */ 219 ptr = rsp; 220 SDP_PUT8(SDP_DATA_SEQ16, ptr); 221 SDP_PUT16(srv->fdidx[fd].rsp_size - 3, ptr); 222 223 return (0); 224} 225
| 226 continue; 227 228 cs = server_prepare_attr_list(provider, 229 aidptr, aidptr + aidlen, ptr, rsp_end); 230 if (cs < 0) 231 return (SDP_ERROR_CODE_INSUFFICIENT_RESOURCES); 232 233 ptr += cs; 234 } 235 } 236 237 /* Set reply size (not counting PDU header and continuation state) */ 238 srv->fdidx[fd].rsp_limit = srv->fdidx[fd].omtu - sizeof(sdp_pdu_t) - 2; 239 if (srv->fdidx[fd].rsp_limit > rsp_limit) 240 srv->fdidx[fd].rsp_limit = rsp_limit; 241 242 srv->fdidx[fd].rsp_size = ptr - rsp; 243 srv->fdidx[fd].rsp_cs = 0; 244 245 /* Fix AttributeLists sequence header */ 246 ptr = rsp; 247 SDP_PUT8(SDP_DATA_SEQ16, ptr); 248 SDP_PUT16(srv->fdidx[fd].rsp_size - 3, ptr); 249 250 return (0); 251} 252
|