1330449Seadler/*- 2121054Semax * rfcomm_sdp.c 3121054Semax * 4330449Seadler * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 5330449Seadler * 6121054Semax * Copyright (c) 2003 Maksim Yevmenkin <m_evmenkin@yahoo.com> 7121054Semax * All rights reserved. 8121054Semax * 9121054Semax * Redistribution and use in source and binary forms, with or without 10121054Semax * modification, are permitted provided that the following conditions 11121054Semax * are met: 12121054Semax * 1. Redistributions of source code must retain the above copyright 13121054Semax * notice, this list of conditions and the following disclaimer. 14121054Semax * 2. Redistributions in binary form must reproduce the above copyright 15121054Semax * notice, this list of conditions and the following disclaimer in the 16121054Semax * documentation and/or other materials provided with the distribution. 17121054Semax * 18121054Semax * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19121054Semax * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20121054Semax * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21121054Semax * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22121054Semax * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23121054Semax * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24121054Semax * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25121054Semax * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26121054Semax * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27121054Semax * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28121054Semax * SUCH DAMAGE. 29121054Semax * 30121054Semax * $Id: rfcomm_sdp.c,v 1.1 2003/09/07 18:15:55 max Exp $ 31121054Semax * $FreeBSD: stable/11/usr.bin/bluetooth/rfcomm_sppd/rfcomm_sdp.c 330449 2018-03-05 07:26:05Z eadler $ 32121054Semax */ 33281210Stakawata#define L2CAP_SOCKET_CHECKED 34121054Semax#include <bluetooth.h> 35121054Semax#include <errno.h> 36121054Semax#include <sdp.h> 37121054Semax#include <stdio.h> 38121054Semax 39121054Semax#undef PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE 40121054Semax#define PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE 256 41121054Semax 42121054Semax#undef PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE 43121054Semax#define PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE 12 44121054Semax 45128077Semaxstatic int rfcomm_proto_list_parse (uint8_t const *start, uint8_t const *end, 46121054Semax int *channel, int *error); 47121054Semax 48121054Semax/* 49121054Semax * Lookup RFCOMM channel number in the Protocol Descriptor List 50121054Semax */ 51121054Semax 52121054Semax#undef rfcomm_channel_lookup_exit 53121054Semax#define rfcomm_channel_lookup_exit(e) { \ 54121054Semax if (error != NULL) \ 55121054Semax *error = (e); \ 56121054Semax if (ss != NULL) { \ 57121054Semax sdp_close(ss); \ 58121054Semax ss = NULL; \ 59121054Semax } \ 60121054Semax return (((e) == 0)? 0 : -1); \ 61121054Semax} 62121054Semax 63121054Semaxint 64121054Semaxrfcomm_channel_lookup(bdaddr_t const *local, bdaddr_t const *remote, 65121054Semax int service, int *channel, int *error) 66121054Semax{ 67128077Semax uint8_t buffer[PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE]; 68128077Semax void *ss = NULL; 69128077Semax uint16_t serv = (uint16_t) service; 70128077Semax uint32_t attr = SDP_ATTR_RANGE( 71121054Semax SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST, 72121054Semax SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST); 73128077Semax sdp_attr_t proto = { SDP_ATTR_INVALID,0,sizeof(buffer),buffer }; 74128077Semax uint32_t type, len; 75121054Semax 76121054Semax if (local == NULL) 77121054Semax local = NG_HCI_BDADDR_ANY; 78121054Semax if (remote == NULL || channel == NULL) 79121054Semax rfcomm_channel_lookup_exit(EINVAL); 80121054Semax 81121054Semax if ((ss = sdp_open(local, remote)) == NULL) 82121054Semax rfcomm_channel_lookup_exit(ENOMEM); 83121054Semax if (sdp_error(ss) != 0) 84121054Semax rfcomm_channel_lookup_exit(sdp_error(ss)); 85121054Semax 86121054Semax if (sdp_search(ss, 1, &serv, 1, &attr, 1, &proto) != 0) 87121054Semax rfcomm_channel_lookup_exit(sdp_error(ss)); 88121054Semax if (proto.flags != SDP_ATTR_OK) 89121054Semax rfcomm_channel_lookup_exit(ENOATTR); 90121054Semax 91121054Semax sdp_close(ss); 92121054Semax ss = NULL; 93121054Semax 94121054Semax /* 95121054Semax * If it is possible for more than one kind of protocol stack to be 96121054Semax * used to gain access to the service, the ProtocolDescriptorList 97121054Semax * takes the form of a data element alternative. We always use the 98121054Semax * first protocol stack. 99121054Semax * 100121054Semax * A minimal Protocol Descriptor List for RFCOMM based service would 101121054Semax * look like 102121054Semax * 103121054Semax * seq8 len8 - 2 bytes 104121054Semax * seq8 len8 - 2 bytes 105121054Semax * uuid16 value16 - 3 bytes L2CAP 106121054Semax * seq8 len8 - 2 bytes 107121054Semax * uuid16 value16 - 3 bytes RFCOMM 108121054Semax * uint8 value8 - 2 bytes RFCOMM param #1 109121054Semax * ========= 110121054Semax * 14 bytes 111121054Semax * 112121054Semax * Lets not count first [seq8 len8] wrapper, so the minimal size of 113121054Semax * the Protocol Descriptor List (the data we are actually interested 114121054Semax * in) for RFCOMM based service would be 12 bytes. 115121054Semax */ 116121054Semax 117121054Semax if (proto.vlen < PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE) 118121054Semax rfcomm_channel_lookup_exit(EINVAL); 119121054Semax 120121054Semax SDP_GET8(type, proto.value); 121121054Semax 122121054Semax if (type == SDP_DATA_ALT8) { 123121054Semax SDP_GET8(len, proto.value); 124121054Semax } else if (type == SDP_DATA_ALT16) { 125121054Semax SDP_GET16(len, proto.value); 126121054Semax } else if (type == SDP_DATA_ALT32) { 127121054Semax SDP_GET32(len, proto.value); 128121054Semax } else 129121054Semax len = 0; 130121054Semax 131121054Semax if (len > 0) 132121054Semax SDP_GET8(type, proto.value); 133121054Semax 134121054Semax switch (type) { 135121054Semax case SDP_DATA_SEQ8: 136121054Semax SDP_GET8(len, proto.value); 137121054Semax break; 138121054Semax 139121054Semax case SDP_DATA_SEQ16: 140121054Semax SDP_GET16(len, proto.value); 141121054Semax break; 142121054Semax 143121054Semax case SDP_DATA_SEQ32: 144121054Semax SDP_GET32(len, proto.value); 145121054Semax break; 146121054Semax 147121054Semax default: 148121054Semax rfcomm_channel_lookup_exit(ENOATTR); 149121054Semax /* NOT REACHED */ 150121054Semax } 151121054Semax 152121054Semax if (len < PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE) 153121054Semax rfcomm_channel_lookup_exit(EINVAL); 154121054Semax 155121054Semax return (rfcomm_proto_list_parse(proto.value, 156121054Semax buffer + proto.vlen, channel, error)); 157121054Semax} 158121054Semax 159121054Semax/* 160121054Semax * Parse protocol descriptor list 161121054Semax * 162121054Semax * The ProtocolDescriptorList attribute describes one or more protocol 163121054Semax * stacks that may be used to gain access to the service described by 164121054Semax * the service record. If the ProtocolDescriptorList describes a single 165121054Semax * stack, it takes the form of a data element sequence in which each 166121054Semax * element of the sequence is a protocol descriptor. 167121054Semax */ 168121054Semax 169121054Semax#undef rfcomm_proto_list_parse_exit 170121054Semax#define rfcomm_proto_list_parse_exit(e) { \ 171121054Semax if (error != NULL) \ 172121054Semax *error = (e); \ 173121054Semax return (((e) == 0)? 0 : -1); \ 174121054Semax} 175121054Semax 176121054Semaxstatic int 177128077Semaxrfcomm_proto_list_parse(uint8_t const *start, uint8_t const *end, 178121054Semax int *channel, int *error) 179121054Semax{ 180121054Semax int type, len, value; 181121054Semax 182121054Semax while (start < end) { 183121054Semax 184121054Semax /* 185121054Semax * Parse protocol descriptor 186121054Semax * 187121054Semax * A protocol descriptor identifies a communications protocol 188121054Semax * and provides protocol specific parameters. A protocol 189121054Semax * descriptor is represented as a data element sequence. The 190121054Semax * first data element in the sequence must be the UUID that 191121054Semax * identifies the protocol. Additional data elements optionally 192121054Semax * provide protocol specific information, such as the L2CAP 193121054Semax * protocol/service multiplexer (PSM) and the RFCOMM server 194121054Semax * channel number (CN). 195121054Semax */ 196121054Semax 197121054Semax /* We must have at least one byte (type) */ 198121054Semax if (end - start < 1) 199121054Semax rfcomm_proto_list_parse_exit(EINVAL) 200121054Semax 201121054Semax SDP_GET8(type, start); 202121054Semax switch (type) { 203121054Semax case SDP_DATA_SEQ8: 204121054Semax SDP_GET8(len, start); 205121054Semax break; 206121054Semax 207121054Semax case SDP_DATA_SEQ16: 208121054Semax SDP_GET16(len, start); 209121054Semax break; 210121054Semax 211121054Semax case SDP_DATA_SEQ32: 212121054Semax SDP_GET32(len, start); 213121054Semax break; 214121054Semax 215121054Semax default: 216121054Semax rfcomm_proto_list_parse_exit(ENOATTR) 217121054Semax /* NOT REACHED */ 218121054Semax } 219121054Semax 220121054Semax /* We must have at least 3 bytes (type + UUID16) */ 221121054Semax if (end - start < 3) 222121054Semax rfcomm_proto_list_parse_exit(EINVAL); 223121054Semax 224121054Semax /* Get protocol UUID */ 225128077Semax SDP_GET8(type, start); len -= sizeof(uint8_t); 226121054Semax switch (type) { 227121054Semax case SDP_DATA_UUID16: 228128077Semax SDP_GET16(value, start); len -= sizeof(uint16_t); 229121054Semax if (value != SDP_UUID_PROTOCOL_RFCOMM) 230121054Semax goto next_protocol; 231121054Semax break; 232121054Semax 233121054Semax case SDP_DATA_UUID32: /* XXX FIXME can we have 32-bit UUID */ 234121054Semax case SDP_DATA_UUID128: /* XXX FIXME can we have 128-bit UUID */ 235121054Semax default: 236121054Semax rfcomm_proto_list_parse_exit(ENOATTR); 237121054Semax /* NOT REACHED */ 238121054Semax } 239121054Semax 240121054Semax /* 241121054Semax * First protocol specific parameter for RFCOMM procotol must 242121054Semax * be uint8 that represents RFCOMM channel number. So we must 243121054Semax * have at least two bytes. 244121054Semax */ 245121054Semax 246121054Semax if (end - start < 2) 247121054Semax rfcomm_proto_list_parse_exit(EINVAL); 248121054Semax 249121054Semax SDP_GET8(type, start); 250121054Semax if (type != SDP_DATA_UINT8) 251121054Semax rfcomm_proto_list_parse_exit(ENOATTR); 252121054Semax 253121054Semax SDP_GET8(*channel, start); 254121054Semax 255121054Semax rfcomm_proto_list_parse_exit(0); 256121054Semax /* NOT REACHED */ 257121054Semaxnext_protocol: 258121054Semax start += len; 259121054Semax } 260121054Semax 261121054Semax /* 262121054Semax * If we got here then it means we could not find RFCOMM protocol 263121054Semax * descriptor, but the reply format was actually valid. 264121054Semax */ 265121054Semax 266121054Semax rfcomm_proto_list_parse_exit(ENOATTR); 267121054Semax} 268121054Semax 269