1 /*-
2 * rfcomm_sdp.c
3 *
4 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
5 *
6 * Copyright (c) 2003 Maksim Yevmenkin <[email protected]>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * $Id: rfcomm_sdp.c,v 1.1 2003/09/07 18:15:55 max Exp $
31 * $FreeBSD$
32 */
33 #define L2CAP_SOCKET_CHECKED
34 #include <bluetooth.h>
35 #include <errno.h>
36 #include <sdp.h>
37 #include <stdio.h>
38
39 #undef PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE
40 #define PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE 256
41
42 #undef PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE
43 #define PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE 12
44
45 static int rfcomm_proto_list_parse (uint8_t const *start, uint8_t const *end,
46 int *channel, int *error);
47
48 /*
49 * Lookup RFCOMM channel number in the Protocol Descriptor List
50 */
51
52 #undef rfcomm_channel_lookup_exit
53 #define rfcomm_channel_lookup_exit(e) { \
54 if (error != NULL) \
55 *error = (e); \
56 if (ss != NULL) { \
57 sdp_close(ss); \
58 ss = NULL; \
59 } \
60 return (((e) == 0)? 0 : -1); \
61 }
62
63 int
rfcomm_channel_lookup(bdaddr_t const * local,bdaddr_t const * remote,int service,int * channel,int * error)64 rfcomm_channel_lookup(bdaddr_t const *local, bdaddr_t const *remote,
65 int service, int *channel, int *error)
66 {
67 uint8_t buffer[PROTOCOL_DESCRIPTOR_LIST_BUFFER_SIZE];
68 void *ss = NULL;
69 uint16_t serv = (uint16_t) service;
70 uint32_t attr = SDP_ATTR_RANGE(
71 SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST,
72 SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST);
73 sdp_attr_t proto = { SDP_ATTR_INVALID,0,sizeof(buffer),buffer };
74 uint32_t type, len;
75
76 if (local == NULL)
77 local = NG_HCI_BDADDR_ANY;
78 if (remote == NULL || channel == NULL)
79 rfcomm_channel_lookup_exit(EINVAL);
80
81 if ((ss = sdp_open(local, remote)) == NULL)
82 rfcomm_channel_lookup_exit(ENOMEM);
83 if (sdp_error(ss) != 0)
84 rfcomm_channel_lookup_exit(sdp_error(ss));
85
86 if (sdp_search(ss, 1, &serv, 1, &attr, 1, &proto) != 0)
87 rfcomm_channel_lookup_exit(sdp_error(ss));
88 if (proto.flags != SDP_ATTR_OK)
89 rfcomm_channel_lookup_exit(ENOATTR);
90
91 sdp_close(ss);
92 ss = NULL;
93
94 /*
95 * If it is possible for more than one kind of protocol stack to be
96 * used to gain access to the service, the ProtocolDescriptorList
97 * takes the form of a data element alternative. We always use the
98 * first protocol stack.
99 *
100 * A minimal Protocol Descriptor List for RFCOMM based service would
101 * look like
102 *
103 * seq8 len8 - 2 bytes
104 * seq8 len8 - 2 bytes
105 * uuid16 value16 - 3 bytes L2CAP
106 * seq8 len8 - 2 bytes
107 * uuid16 value16 - 3 bytes RFCOMM
108 * uint8 value8 - 2 bytes RFCOMM param #1
109 * =========
110 * 14 bytes
111 *
112 * Lets not count first [seq8 len8] wrapper, so the minimal size of
113 * the Protocol Descriptor List (the data we are actually interested
114 * in) for RFCOMM based service would be 12 bytes.
115 */
116
117 if (proto.vlen < PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE)
118 rfcomm_channel_lookup_exit(EINVAL);
119
120 SDP_GET8(type, proto.value);
121
122 if (type == SDP_DATA_ALT8) {
123 SDP_GET8(len, proto.value);
124 } else if (type == SDP_DATA_ALT16) {
125 SDP_GET16(len, proto.value);
126 } else if (type == SDP_DATA_ALT32) {
127 SDP_GET32(len, proto.value);
128 } else
129 len = 0;
130
131 if (len > 0)
132 SDP_GET8(type, proto.value);
133
134 switch (type) {
135 case SDP_DATA_SEQ8:
136 SDP_GET8(len, proto.value);
137 break;
138
139 case SDP_DATA_SEQ16:
140 SDP_GET16(len, proto.value);
141 break;
142
143 case SDP_DATA_SEQ32:
144 SDP_GET32(len, proto.value);
145 break;
146
147 default:
148 rfcomm_channel_lookup_exit(ENOATTR);
149 /* NOT REACHED */
150 }
151
152 if (len < PROTOCOL_DESCRIPTOR_LIST_MINIMAL_SIZE)
153 rfcomm_channel_lookup_exit(EINVAL);
154
155 return (rfcomm_proto_list_parse(proto.value,
156 buffer + proto.vlen, channel, error));
157 }
158
159 /*
160 * Parse protocol descriptor list
161 *
162 * The ProtocolDescriptorList attribute describes one or more protocol
163 * stacks that may be used to gain access to the service described by
164 * the service record. If the ProtocolDescriptorList describes a single
165 * stack, it takes the form of a data element sequence in which each
166 * element of the sequence is a protocol descriptor.
167 */
168
169 #undef rfcomm_proto_list_parse_exit
170 #define rfcomm_proto_list_parse_exit(e) { \
171 if (error != NULL) \
172 *error = (e); \
173 return (((e) == 0)? 0 : -1); \
174 }
175
176 static int
rfcomm_proto_list_parse(uint8_t const * start,uint8_t const * end,int * channel,int * error)177 rfcomm_proto_list_parse(uint8_t const *start, uint8_t const *end,
178 int *channel, int *error)
179 {
180 int type, len, value;
181
182 while (start < end) {
183
184 /*
185 * Parse protocol descriptor
186 *
187 * A protocol descriptor identifies a communications protocol
188 * and provides protocol specific parameters. A protocol
189 * descriptor is represented as a data element sequence. The
190 * first data element in the sequence must be the UUID that
191 * identifies the protocol. Additional data elements optionally
192 * provide protocol specific information, such as the L2CAP
193 * protocol/service multiplexer (PSM) and the RFCOMM server
194 * channel number (CN).
195 */
196
197 /* We must have at least one byte (type) */
198 if (end - start < 1)
199 rfcomm_proto_list_parse_exit(EINVAL)
200
201 SDP_GET8(type, start);
202 switch (type) {
203 case SDP_DATA_SEQ8:
204 SDP_GET8(len, start);
205 break;
206
207 case SDP_DATA_SEQ16:
208 SDP_GET16(len, start);
209 break;
210
211 case SDP_DATA_SEQ32:
212 SDP_GET32(len, start);
213 break;
214
215 default:
216 rfcomm_proto_list_parse_exit(ENOATTR)
217 /* NOT REACHED */
218 }
219
220 /* We must have at least 3 bytes (type + UUID16) */
221 if (end - start < 3)
222 rfcomm_proto_list_parse_exit(EINVAL);
223
224 /* Get protocol UUID */
225 SDP_GET8(type, start); len -= sizeof(uint8_t);
226 switch (type) {
227 case SDP_DATA_UUID16:
228 SDP_GET16(value, start); len -= sizeof(uint16_t);
229 if (value != SDP_UUID_PROTOCOL_RFCOMM)
230 goto next_protocol;
231 break;
232
233 case SDP_DATA_UUID32: /* XXX FIXME can we have 32-bit UUID */
234 case SDP_DATA_UUID128: /* XXX FIXME can we have 128-bit UUID */
235 default:
236 rfcomm_proto_list_parse_exit(ENOATTR);
237 /* NOT REACHED */
238 }
239
240 /*
241 * First protocol specific parameter for RFCOMM procotol must
242 * be uint8 that represents RFCOMM channel number. So we must
243 * have at least two bytes.
244 */
245
246 if (end - start < 2)
247 rfcomm_proto_list_parse_exit(EINVAL);
248
249 SDP_GET8(type, start);
250 if (type != SDP_DATA_UINT8)
251 rfcomm_proto_list_parse_exit(ENOATTR);
252
253 SDP_GET8(*channel, start);
254
255 rfcomm_proto_list_parse_exit(0);
256 /* NOT REACHED */
257 next_protocol:
258 start += len;
259 }
260
261 /*
262 * If we got here then it means we could not find RFCOMM protocol
263 * descriptor, but the reply format was actually valid.
264 */
265
266 rfcomm_proto_list_parse_exit(ENOATTR);
267 }
268
269