1 /* $NetBSD: sdp.c,v 1.9 2011/03/20 19:46:13 plunky Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 Itronix Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of Itronix Inc. may not be used to endorse 16 * or promote products derived from this software without specific 17 * prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY 23 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 26 * ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 /* 32 * Copyright (c) 2009 The NetBSD Foundation, Inc. 33 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com> 34 * All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58 #include <sys/cdefs.h> 59 __RCSID("$NetBSD: sdp.c,v 1.9 2011/03/20 19:46:13 plunky Exp $"); 60 61 #include <sys/types.h> 62 63 #include <dev/bluetooth/btdev.h> 64 #include <dev/bluetooth/bthidev.h> 65 #include <dev/bluetooth/btsco.h> 66 #include <dev/usb/usb.h> 67 #include <dev/usb/usbhid.h> 68 69 #include <prop/proplib.h> 70 71 #include <bluetooth.h> 72 #include <err.h> 73 #include <errno.h> 74 #include <sdp.h> 75 #include <stdlib.h> 76 #include <strings.h> 77 #include <usbhid.h> 78 79 #include "btdevctl.h" 80 81 static bool parse_hid_descriptor(sdp_data_t *); 82 static int32_t parse_boolean(sdp_data_t *); 83 static int32_t parse_pdl_param(sdp_data_t *, uint16_t); 84 static int32_t parse_pdl(sdp_data_t *, uint16_t); 85 static int32_t parse_apdl(sdp_data_t *, uint16_t); 86 87 static int config_pnp(prop_dictionary_t, sdp_data_t *); 88 static int config_hid(prop_dictionary_t, sdp_data_t *); 89 static int config_hset(prop_dictionary_t, sdp_data_t *); 90 static int config_hf(prop_dictionary_t, sdp_data_t *); 91 92 uint16_t pnp_services[] = { 93 SDP_SERVICE_CLASS_PNP_INFORMATION, 94 }; 95 96 uint16_t hid_services[] = { 97 SDP_SERVICE_CLASS_HUMAN_INTERFACE_DEVICE, 98 }; 99 100 uint16_t hset_services[] = { 101 SDP_SERVICE_CLASS_HEADSET, 102 }; 103 104 uint16_t hf_services[] = { 105 SDP_SERVICE_CLASS_HANDSFREE_AUDIO_GATEWAY, 106 }; 107 108 static struct { 109 const char *name; 110 int (*handler)(prop_dictionary_t, sdp_data_t *); 111 const char *description; 112 uint16_t *services; 113 size_t nservices; 114 } cfgtype[] = { 115 { 116 "HID", config_hid, "Human Interface Device", 117 hid_services, __arraycount(hid_services), 118 }, 119 { 120 "HSET", config_hset, "Headset", 121 hset_services, __arraycount(hset_services), 122 }, 123 { 124 "HF", config_hf, "Handsfree", 125 hf_services, __arraycount(hf_services), 126 }, 127 }; 128 129 #define MAX_SSP (2 + 1 * 3) /* largest nservices is 1 */ 130 131 static bool 132 cfg_ssa(sdp_session_t ss, uint16_t *services, size_t nservices, sdp_data_t *rsp) 133 { 134 uint8_t buf[MAX_SSP]; 135 sdp_data_t ssp; 136 size_t i; 137 138 ssp.next = buf; 139 ssp.end = buf + sizeof(buf); 140 141 for (i = 0; i < nservices; i++) 142 sdp_put_uuid16(&ssp, services[i]); 143 144 ssp.end = ssp.next; 145 ssp.next = buf; 146 147 return sdp_service_search_attribute(ss, &ssp, NULL, rsp); 148 } 149 150 static bool 151 cfg_search(sdp_session_t ss, int i, prop_dictionary_t dict) 152 { 153 sdp_data_t rsp, rec; 154 155 /* check PnP Information first */ 156 if (!cfg_ssa(ss, pnp_services, __arraycount(pnp_services), &rsp)) 157 return false; 158 159 while (sdp_get_seq(&rsp, &rec)) { 160 if (config_pnp(dict, &rec) == 0) 161 break; 162 } 163 164 /* then requested service */ 165 if (!cfg_ssa(ss, cfgtype[i].services, cfgtype[i].nservices, &rsp)) 166 return false; 167 168 while (sdp_get_seq(&rsp, &rec)) { 169 errno = (*cfgtype[i].handler)(dict, &rec); 170 if (errno == 0) 171 return true; 172 } 173 174 return false; 175 } 176 177 prop_dictionary_t 178 cfg_query(bdaddr_t *laddr, bdaddr_t *raddr, const char *service) 179 { 180 prop_dictionary_t dict; 181 sdp_session_t ss; 182 size_t i; 183 184 dict = prop_dictionary_create(); 185 if (dict == NULL) 186 err(EXIT_FAILURE, "prop_dictionary_create()"); 187 188 for (i = 0; i < __arraycount(cfgtype); i++) { 189 if (strcasecmp(service, cfgtype[i].name) == 0) { 190 ss = sdp_open(laddr, raddr); 191 if (ss == NULL) 192 err(EXIT_FAILURE, "SDP connection failed"); 193 194 if (!cfg_search(ss, i, dict)) 195 errx(EXIT_FAILURE, "service %s not found", service); 196 197 sdp_close(ss); 198 return dict; 199 } 200 } 201 202 printf("Known config types:\n"); 203 for (i = 0; i < __arraycount(cfgtype); i++) 204 printf("\t%s\t%s\n", cfgtype[i].name, cfgtype[i].description); 205 206 exit(EXIT_FAILURE); 207 } 208 209 /* 210 * Configure PnP Information results 211 */ 212 static int 213 config_pnp(prop_dictionary_t dict, sdp_data_t *rec) 214 { 215 sdp_data_t value; 216 uintmax_t v; 217 uint16_t attr; 218 int vendor, product, source; 219 220 vendor = -1; 221 product = -1; 222 source = -1; 223 224 while (sdp_get_attr(rec, &attr, &value)) { 225 switch (attr) { 226 case 0x0201: /* Vendor ID */ 227 if (sdp_get_uint(&value, &v) 228 && v <= UINT16_MAX) 229 vendor = (int)v; 230 231 break; 232 233 case 0x0202: /* Product ID */ 234 if (sdp_get_uint(&value, &v) 235 && v <= UINT16_MAX) 236 product = (int)v; 237 238 break; 239 240 case 0x0205: /* Vendor ID Source */ 241 if (sdp_get_uint(&value, &v) 242 && v <= UINT16_MAX) 243 source = (int)v; 244 245 break; 246 247 default: 248 break; 249 } 250 } 251 252 if (vendor == -1 || product == -1) 253 return ENOATTR; 254 255 if (source != 0x0002) /* "USB Implementers Forum" */ 256 return ENOATTR; 257 258 if (!prop_dictionary_set_uint16(dict, BTDEVvendor, (uint16_t)vendor)) 259 return errno; 260 261 if (!prop_dictionary_set_uint16(dict, BTDEVproduct, (uint16_t)product)) 262 return errno; 263 264 return 0; 265 } 266 267 /* 268 * Configure HID results 269 */ 270 static int 271 config_hid(prop_dictionary_t dict, sdp_data_t *rec) 272 { 273 prop_object_t obj; 274 int32_t control_psm, interrupt_psm, 275 reconnect_initiate, hid_length; 276 uint8_t *hid_descriptor; 277 sdp_data_t value; 278 const char *mode; 279 uint16_t attr; 280 281 control_psm = -1; 282 interrupt_psm = -1; 283 reconnect_initiate = -1; 284 hid_descriptor = NULL; 285 hid_length = -1; 286 287 while (sdp_get_attr(rec, &attr, &value)) { 288 switch (attr) { 289 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 290 control_psm = parse_pdl(&value, SDP_UUID_PROTOCOL_L2CAP); 291 break; 292 293 case SDP_ATTR_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS: 294 interrupt_psm = parse_apdl(&value, SDP_UUID_PROTOCOL_L2CAP); 295 break; 296 297 case 0x0205: /* HIDReconnectInitiate */ 298 reconnect_initiate = parse_boolean(&value); 299 break; 300 301 case 0x0206: /* HIDDescriptorList */ 302 if (parse_hid_descriptor(&value)) { 303 hid_descriptor = value.next; 304 hid_length = value.end - value.next; 305 } 306 break; 307 308 default: 309 break; 310 } 311 } 312 313 if (control_psm == -1 314 || interrupt_psm == -1 315 || reconnect_initiate == -1 316 || hid_descriptor == NULL 317 || hid_length == -1) 318 return ENOATTR; 319 320 obj = prop_string_create_cstring_nocopy("bthidev"); 321 if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj)) 322 return errno; 323 324 prop_object_release(obj); 325 326 obj = prop_number_create_integer(control_psm); 327 if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVcontrolpsm, obj)) 328 return errno; 329 330 prop_object_release(obj); 331 332 obj = prop_number_create_integer(interrupt_psm); 333 if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVinterruptpsm, obj)) 334 return errno; 335 336 prop_object_release(obj); 337 338 obj = prop_data_create_data(hid_descriptor, hid_length); 339 if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVdescriptor, obj)) 340 return errno; 341 342 mode = hid_mode(obj); 343 prop_object_release(obj); 344 345 obj = prop_string_create_cstring_nocopy(mode); 346 if (obj == NULL || !prop_dictionary_set(dict, BTDEVmode, obj)) 347 return errno; 348 349 prop_object_release(obj); 350 351 if (!reconnect_initiate) { 352 obj = prop_bool_create(true); 353 if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVreconnect, obj)) 354 return errno; 355 356 prop_object_release(obj); 357 } 358 359 return 0; 360 } 361 362 /* 363 * Configure HSET results 364 */ 365 static int 366 config_hset(prop_dictionary_t dict, sdp_data_t *rec) 367 { 368 prop_object_t obj; 369 sdp_data_t value; 370 int32_t channel; 371 uint16_t attr; 372 373 channel = -1; 374 375 while (sdp_get_attr(rec, &attr, &value)) { 376 switch (attr) { 377 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 378 channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM); 379 break; 380 381 default: 382 break; 383 } 384 } 385 386 if (channel == -1) 387 return ENOATTR; 388 389 obj = prop_string_create_cstring_nocopy("btsco"); 390 if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj)) 391 return errno; 392 393 prop_object_release(obj); 394 395 obj = prop_number_create_integer(channel); 396 if (obj == NULL || !prop_dictionary_set(dict, BTSCOchannel, obj)) 397 return errno; 398 399 prop_object_release(obj); 400 401 return 0; 402 } 403 404 /* 405 * Configure HF results 406 */ 407 static int 408 config_hf(prop_dictionary_t dict, sdp_data_t *rec) 409 { 410 prop_object_t obj; 411 sdp_data_t value; 412 int32_t channel; 413 uint16_t attr; 414 415 channel = -1; 416 417 while (sdp_get_attr(rec, &attr, &value)) { 418 switch (attr) { 419 case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST: 420 channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM); 421 break; 422 423 default: 424 break; 425 } 426 } 427 428 if (channel == -1) 429 return ENOATTR; 430 431 obj = prop_string_create_cstring_nocopy("btsco"); 432 if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj)) 433 return errno; 434 435 prop_object_release(obj); 436 437 obj = prop_bool_create(true); 438 if (obj == NULL || !prop_dictionary_set(dict, BTSCOlisten, obj)) 439 return errno; 440 441 prop_object_release(obj); 442 443 obj = prop_number_create_integer(channel); 444 if (obj == NULL || !prop_dictionary_set(dict, BTSCOchannel, obj)) 445 return errno; 446 447 prop_object_release(obj); 448 449 return 0; 450 } 451 452 /* 453 * Parse HIDDescriptorList . This is a sequence of HIDDescriptors, of which 454 * each is a data element sequence containing, minimally, a ClassDescriptorType 455 * and ClassDescriptorData containing a byte array of data. Any extra elements 456 * should be ignored. 457 * 458 * If a ClassDescriptorType "Report" is found, set SDP data value to the 459 * ClassDescriptorData content and return true. Note that we don't need to 460 * extract the actual length as the SDP data is guaranteed valid. 461 */ 462 463 static bool 464 parse_hid_descriptor(sdp_data_t *value) 465 { 466 sdp_data_t list, desc; 467 uintmax_t type; 468 char *str; 469 size_t len; 470 471 if (!sdp_get_seq(value, &list)) 472 return false; 473 474 while (sdp_get_seq(&list, &desc)) { 475 if (sdp_get_uint(&desc, &type) 476 && type == UDESC_REPORT 477 && sdp_get_str(&desc, &str, &len)) { 478 value->next = (uint8_t *)str; 479 value->end = (uint8_t *)(str + len); 480 return true; 481 } 482 } 483 484 return false; 485 } 486 487 static int32_t 488 parse_boolean(sdp_data_t *value) 489 { 490 bool bv; 491 492 if (!sdp_get_bool(value, &bv)) 493 return -1; 494 495 return bv; 496 } 497 498 /* 499 * The ProtocolDescriptorList attribute describes one or 500 * more protocol stacks that may be used to gain access to 501 * the service dscribed by the service record. 502 * 503 * If the ProtocolDescriptorList describes a single stack, 504 * the attribute value takes the form of a data element 505 * sequence in which each element of the sequence is a 506 * protocol descriptor. 507 * 508 * seq 509 * <list> 510 * 511 * If it is possible for more than one kind of protocol 512 * stack to be used to gain access to the service, the 513 * ProtocolDescriptorList takes the form of a data element 514 * alternative where each member is a data element sequence 515 * consisting of a list of sequences describing each protocol 516 * 517 * alt 518 * seq 519 * <list> 520 * seq 521 * <list> 522 * 523 * Each ProtocolDescriptorList is a list containing a sequence for 524 * each protocol, where each sequence contains the protocol UUUID 525 * and any protocol specific parameters. 526 * 527 * seq 528 * uuid L2CAP 529 * uint16 psm 530 * seq 531 * uuid RFCOMM 532 * uint8 channel 533 * 534 * We want to extract the ProtocolSpecificParameter#1 for the 535 * given protocol, which will be an unsigned int. 536 */ 537 static int32_t 538 parse_pdl_param(sdp_data_t *pdl, uint16_t proto) 539 { 540 sdp_data_t seq; 541 uintmax_t param; 542 543 while (sdp_get_seq(pdl, &seq)) { 544 if (!sdp_match_uuid16(&seq, proto)) 545 continue; 546 547 if (sdp_get_uint(&seq, ¶m)) 548 return param; 549 550 break; 551 } 552 553 return -1; 554 } 555 556 static int32_t 557 parse_pdl(sdp_data_t *value, uint16_t proto) 558 { 559 sdp_data_t seq; 560 int32_t param = -1; 561 562 sdp_get_alt(value, value); /* strip any alt header */ 563 564 while (param == -1 && sdp_get_seq(value, &seq)) 565 param = parse_pdl_param(&seq, proto); 566 567 return param; 568 } 569 570 /* 571 * Parse AdditionalProtocolDescriptorList 572 */ 573 static int32_t 574 parse_apdl(sdp_data_t *value, uint16_t proto) 575 { 576 sdp_data_t seq; 577 int32_t param = -1; 578 579 sdp_get_seq(value, value); /* strip seq header */ 580 581 while (param == -1 && sdp_get_seq(value, &seq)) 582 param = parse_pdl_param(&seq, proto); 583 584 return param; 585 } 586 587 /* 588 * return appropriate mode for HID descriptor 589 */ 590 const char * 591 hid_mode(prop_data_t desc) 592 { 593 report_desc_t r; 594 hid_data_t d; 595 struct hid_item h; 596 const char *mode; 597 598 hid_init(NULL); 599 600 mode = BTDEVauth; /* default */ 601 602 r = hid_use_report_desc(prop_data_data_nocopy(desc), 603 prop_data_size(desc)); 604 if (r == NULL) 605 err(EXIT_FAILURE, "hid_use_report_desc"); 606 607 d = hid_start_parse(r, ~0, -1); 608 while (hid_get_item(d, &h) > 0) { 609 if (h.kind == hid_collection 610 && HID_PAGE(h.usage) == HUP_GENERIC_DESKTOP 611 && HID_USAGE(h.usage) == HUG_KEYBOARD) 612 mode = BTDEVencrypt; 613 } 614 615 hid_end_parse(d); 616 hid_dispose_report_desc(r); 617 618 return mode; 619 } 620