1 /* 2 * Copyright (C) 2016 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BLUEKITCHEN 24 * GMBH OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 #define BTSTACK_FILE__ "avrcp.c" 39 40 #include <stdint.h> 41 #include <string.h> 42 // snprintf 43 #include <stdio.h> 44 45 #include "bluetooth_psm.h" 46 #include "bluetooth_sdp.h" 47 #include "btstack_debug.h" 48 #include "btstack_event.h" 49 #include "btstack_memory.h" 50 #include "classic/sdp_client.h" 51 #include "classic/sdp_util.h" 52 #include "classic/avrcp.h" 53 54 55 typedef struct { 56 uint8_t parse_sdp_record; 57 uint32_t record_id; 58 uint16_t avrcp_cid; 59 uint16_t avrcp_l2cap_psm; 60 uint16_t avrcp_version; 61 62 uint16_t browsing_l2cap_psm; 63 uint16_t browsing_version; 64 } avrcp_sdp_query_context_t; 65 66 static void avrcp_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size); 67 68 static const char * avrcp_default_controller_service_name = "BTstack AVRCP Controller Service"; 69 static const char * avrcp_default_controller_service_provider_name = "BTstack AVRCP Controller Service Provider"; 70 static const char * avrcp_defaul_target_service_name = "BTstack AVRCP Target Service"; 71 static const char * avrcp_default_target_service_provider_name = "BTstack AVRCP Target Service Provider"; 72 73 static const char * avrcp_subunit_type_name[] = { 74 "MONITOR", "AUDIO", "PRINTER", "DISC", "TAPE_RECORDER_PLAYER", "TUNER", 75 "CA", "CAMERA", "RESERVED", "PANEL", "BULLETIN_BOARD", "CAMERA_STORAGE", 76 "VENDOR_UNIQUE", "RESERVED_FOR_ALL_SUBUNIT_TYPES", 77 "EXTENDED_TO_NEXT_BYTE", "UNIT", "ERROR" 78 }; 79 80 // default subunit info: single PANEL subunit 81 static const uint8_t avrcp_default_subunit_info[] = { AVRCP_SUBUNIT_TYPE_PANEL << 3}; 82 83 // globals 84 static bool avrcp_l2cap_service_registered = false; 85 86 // connections 87 static uint16_t avrcp_cid_counter; 88 static btstack_linked_list_t avrcp_connections; 89 90 // higher layer callbacks 91 static btstack_packet_handler_t avrcp_callback; 92 static btstack_packet_handler_t avrcp_controller_packet_handler; 93 static btstack_packet_handler_t avrcp_target_packet_handler; 94 95 // sdp query 96 static btstack_context_callback_registration_t avrcp_sdp_query_registration; 97 static avrcp_sdp_query_context_t avrcp_sdp_query_context; 98 static uint8_t avrcp_sdp_query_attribute_value[45]; 99 static const unsigned int avrcp_sdp_query_attribute_value_buffer_size = sizeof(avrcp_sdp_query_attribute_value); 100 101 102 const char * avrcp_subunit2str(uint16_t index){ 103 if (index <= 11) return avrcp_subunit_type_name[index]; 104 if ((index >= 0x1C) && (index <= 0x1F)) return avrcp_subunit_type_name[index - 0x10]; 105 return avrcp_subunit_type_name[16]; 106 } 107 108 static const char * avrcp_event_name[] = { 109 "ERROR", "PLAYBACK_STATUS_CHANGED", 110 "TRACK_CHANGED", "TRACK_REACHED_END", "TRACK_REACHED_START", 111 "PLAYBACK_POS_CHANGED", "BATT_STATUS_CHANGED", "SYSTEM_STATUS_CHANGED", 112 "PLAYER_APPLICATION_SETTING_CHANGED", "NOW_PLAYING_CONTENT_CHANGED", 113 "AVAILABLE_PLAYERS_CHANGED", "ADDRESSED_PLAYER_CHANGED", "UIDS_CHANGED", "VOLUME_CHANGED" 114 }; 115 const char * avrcp_event2str(uint16_t index){ 116 if (index <= 0x0d) return avrcp_event_name[index]; 117 return avrcp_event_name[0]; 118 } 119 120 static const char * avrcp_operation_name[] = { 121 "SKIP", NULL, NULL, NULL, NULL, 122 "VOLUME_UP", "VOLUME_DOWN", "MUTE", "PLAY", "STOP", "PAUSE", NULL, 123 "REWIND", "FAST_FORWARD", NULL, "FORWARD", "BACKWARD" // 0x4C 124 }; 125 126 const char * avrcp_operation2str(uint8_t operation_id){ 127 char * name = NULL; 128 if ((operation_id >= AVRCP_OPERATION_ID_SKIP) && (operation_id <= AVRCP_OPERATION_ID_BACKWARD)){ 129 name = (char *)avrcp_operation_name[operation_id - AVRCP_OPERATION_ID_SKIP]; 130 } 131 if (name == NULL){ 132 static char buffer[13]; 133 snprintf(buffer, sizeof(buffer), "Unknown 0x%02x", operation_id); 134 buffer[sizeof(buffer)-1] = 0; 135 return buffer; 136 } else { 137 return name; 138 } 139 } 140 141 static const char * avrcp_media_attribute_id_name[] = { 142 "NONE", "TITLE", "ARTIST", "ALBUM", "TRACK", "TOTAL TRACKS", "GENRE", "SONG LENGTH" 143 }; 144 const char * avrcp_attribute2str(uint8_t index){ 145 if ((index >= 1) && (index <= 7)) return avrcp_media_attribute_id_name[index]; 146 return avrcp_media_attribute_id_name[0]; 147 } 148 149 static const char * avrcp_play_status_name[] = { 150 "STOPPED", "PLAYING", "PAUSED", "FORWARD SEEK", "REVERSE SEEK", 151 "ERROR" // 0xFF 152 }; 153 const char * avrcp_play_status2str(uint8_t index){ 154 if ((index >= 1) && (index <= 4)) return avrcp_play_status_name[index]; 155 return avrcp_play_status_name[5]; 156 } 157 158 static const char * avrcp_ctype_name[] = { 159 "CONTROL", 160 "STATUS", 161 "SPECIFIC_INQUIRY", 162 "NOTIFY", 163 "GENERAL_INQUIRY", 164 "RESERVED5", 165 "RESERVED6", 166 "RESERVED7", 167 "NOT IMPLEMENTED IN REMOTE", 168 "ACCEPTED BY REMOTE", 169 "REJECTED BY REMOTE", 170 "IN_TRANSITION", 171 "IMPLEMENTED_STABLE", 172 "CHANGED_STABLE", 173 "RESERVED", 174 "INTERIM" 175 }; 176 const char * avrcp_ctype2str(uint8_t index){ 177 if (index < sizeof(avrcp_ctype_name)){ 178 return avrcp_ctype_name[index]; 179 } 180 return "NONE"; 181 } 182 183 static const char * avrcp_shuffle_mode_name[] = { 184 "SHUFFLE OFF", 185 "SHUFFLE ALL TRACKS", 186 "SHUFFLE GROUP" 187 }; 188 189 const char * avrcp_shuffle2str(uint8_t index){ 190 if ((index >= 1) && (index <= 3)) return avrcp_shuffle_mode_name[index-1]; 191 return "NONE"; 192 } 193 194 static const char * avrcp_repeat_mode_name[] = { 195 "REPEAT OFF", 196 "REPEAT SINGLE TRACK", 197 "REPEAT ALL TRACKS", 198 "REPEAT GROUP" 199 }; 200 201 const char * avrcp_repeat2str(uint8_t index){ 202 if ((index >= 1) && (index <= 4)) return avrcp_repeat_mode_name[index-1]; 203 return "NONE"; 204 } 205 206 btstack_linked_list_t avrcp_get_connections(void){ 207 return avrcp_connections; 208 } 209 210 uint8_t avrcp_cmd_opcode(uint8_t *packet, uint16_t size){ 211 uint8_t cmd_opcode_index = 5; 212 if (cmd_opcode_index > size) return AVRCP_CMD_OPCODE_UNDEFINED; 213 return packet[cmd_opcode_index]; 214 } 215 216 void avrcp_create_sdp_record(uint8_t controller, uint8_t * service, uint32_t service_record_handle, uint8_t browsing, uint16_t supported_features, 217 const char * service_name, const char * service_provider_name){ 218 uint8_t* attribute; 219 de_create_sequence(service); 220 221 // 0x0000 "Service Record Handle" 222 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_SERVICE_RECORD_HANDLE); 223 de_add_number(service, DE_UINT, DE_SIZE_32, service_record_handle); 224 225 // 0x0001 "Service Class ID List" 226 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_SERVICE_CLASS_ID_LIST); 227 attribute = de_push_sequence(service); 228 { 229 if (controller){ 230 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL); 231 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_CONTROLLER); 232 } else { 233 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_TARGET); 234 } 235 } 236 de_pop_sequence(service, attribute); 237 238 // 0x0004 "Protocol Descriptor List" 239 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_PROTOCOL_DESCRIPTOR_LIST); 240 attribute = de_push_sequence(service); 241 { 242 uint8_t* l2cpProtocol = de_push_sequence(attribute); 243 { 244 de_add_number(l2cpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_L2CAP); 245 de_add_number(l2cpProtocol, DE_UINT, DE_SIZE_16, BLUETOOTH_PSM_AVCTP); 246 } 247 de_pop_sequence(attribute, l2cpProtocol); 248 249 uint8_t* avctpProtocol = de_push_sequence(attribute); 250 { 251 de_add_number(avctpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_AVCTP); // avctpProtocol_service 252 de_add_number(avctpProtocol, DE_UINT, DE_SIZE_16, 0x0104); // version 253 } 254 de_pop_sequence(attribute, avctpProtocol); 255 } 256 de_pop_sequence(service, attribute); 257 258 // 0x0005 "Public Browse Group" 259 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_BROWSE_GROUP_LIST); // public browse group 260 attribute = de_push_sequence(service); 261 { 262 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_PUBLIC_BROWSE_ROOT); 263 } 264 de_pop_sequence(service, attribute); 265 266 // 0x0009 "Bluetooth Profile Descriptor List" 267 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_BLUETOOTH_PROFILE_DESCRIPTOR_LIST); 268 attribute = de_push_sequence(service); 269 { 270 uint8_t *avrcProfile = de_push_sequence(attribute); 271 { 272 de_add_number(avrcProfile, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL); 273 de_add_number(avrcProfile, DE_UINT, DE_SIZE_16, 0x0106); 274 } 275 de_pop_sequence(attribute, avrcProfile); 276 } 277 de_pop_sequence(service, attribute); 278 279 // 0x000d "Additional Bluetooth Profile Descriptor List" 280 if (browsing){ 281 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS); 282 attribute = de_push_sequence(service); 283 { 284 uint8_t * des = de_push_sequence(attribute); 285 { 286 uint8_t* browsing_l2cpProtocol = de_push_sequence(des); 287 { 288 de_add_number(browsing_l2cpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_L2CAP); 289 de_add_number(browsing_l2cpProtocol, DE_UINT, DE_SIZE_16, BLUETOOTH_PSM_AVCTP_BROWSING); 290 } 291 de_pop_sequence(des, browsing_l2cpProtocol); 292 293 uint8_t* browsing_avctpProtocol = de_push_sequence(des); 294 { 295 de_add_number(browsing_avctpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_AVCTP); // browsing_avctpProtocol_service 296 de_add_number(browsing_avctpProtocol, DE_UINT, DE_SIZE_16, 0x0104); // version 297 } 298 de_pop_sequence(des, browsing_avctpProtocol); 299 } 300 de_pop_sequence(attribute, des); 301 } 302 de_pop_sequence(service, attribute); 303 } 304 305 306 // 0x0100 "Service Name" 307 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0100); 308 if (service_name){ 309 de_add_data(service, DE_STRING, strlen(service_name), (uint8_t *) service_name); 310 } else { 311 if (controller){ 312 de_add_data(service, DE_STRING, strlen(avrcp_default_controller_service_name), (uint8_t *) avrcp_default_controller_service_name); 313 } else { 314 de_add_data(service, DE_STRING, strlen(avrcp_defaul_target_service_name), (uint8_t *) avrcp_defaul_target_service_name); 315 } 316 } 317 318 // 0x0100 "Provider Name" 319 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0102); 320 if (service_provider_name){ 321 de_add_data(service, DE_STRING, strlen(service_provider_name), (uint8_t *) service_provider_name); 322 } else { 323 if (controller){ 324 de_add_data(service, DE_STRING, strlen(avrcp_default_controller_service_provider_name), (uint8_t *) avrcp_default_controller_service_provider_name); 325 } else { 326 de_add_data(service, DE_STRING, strlen(avrcp_default_target_service_provider_name), (uint8_t *) avrcp_default_target_service_provider_name); 327 } 328 } 329 330 // 0x0311 "Supported Features" 331 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0311); 332 de_add_number(service, DE_UINT, DE_SIZE_16, supported_features); 333 } 334 335 static uint16_t avrcp_get_max_payload_size_for_avctp_packet_type(avrcp_connection_t * connection, avctp_packet_type_t avctp_packet_type){ 336 uint16_t max_frame_size = btstack_min(l2cap_get_remote_mtu_for_local_cid(connection->l2cap_signaling_cid), AVRCP_MAX_AV_C_MESSAGE_FRAME_SIZE); 337 338 switch (avctp_packet_type){ 339 case AVCTP_SINGLE_PACKET: 340 return max_frame_size - 3; 341 case AVCTP_START_PACKET: 342 return max_frame_size - 4; 343 case AVCTP_CONTINUE_PACKET: 344 case AVCTP_END_PACKET: 345 return max_frame_size - 1; 346 default: 347 btstack_assert(false); 348 return 0; 349 } 350 } 351 352 avctp_packet_type_t avrcp_get_avctp_packet_type(avrcp_connection_t * connection){ 353 if (connection->data_offset == 0){ 354 if (avrcp_get_max_payload_size_for_avctp_packet_type(connection, AVCTP_SINGLE_PACKET) >= connection->data_len){ 355 return AVCTP_SINGLE_PACKET; 356 } else { 357 return AVCTP_START_PACKET; 358 } 359 360 } else { 361 if ((connection->data_len - connection->data_offset) > avrcp_get_max_payload_size_for_avctp_packet_type(connection, AVCTP_CONTINUE_PACKET)){ 362 return AVCTP_CONTINUE_PACKET; 363 } else { 364 return AVCTP_END_PACKET; 365 } 366 } 367 } 368 369 uint8_t avctp_get_num_packets(uint16_t max_frame_size, uint16_t data_len, avrcp_command_opcode_t command_opcode){ 370 if (command_opcode != AVRCP_CMD_OPCODE_VENDOR_DEPENDENT){ 371 return 1; 372 } 373 uint16_t header_offset = 4; // AVCTP message: header (1), num_packets (1), pid (2) 374 switch (command_opcode){ 375 case AVRCP_CMD_OPCODE_VENDOR_DEPENDENT: 376 header_offset += 10; // AVRCP message: cmd type (1), subunit (1), opcode (1), company (3), pdu id(1), AVRCP packet type (1), param_len (2) 377 break; 378 case AVRCP_CMD_OPCODE_PASS_THROUGH: 379 header_offset += 6; // AVRCP message: cmd type (1), subunit (1), opcode (1), operation id (1), param_len (2) 380 break; 381 default: 382 return 1; 383 } 384 uint16_t num_remaining_bytes_of_data = data_len - ( max_frame_size - header_offset ); 385 uint8_t num_packets = 1; 386 387 while (num_remaining_bytes_of_data > 0){ 388 uint8_t bytes_to_copy = btstack_min(max_frame_size, num_remaining_bytes_of_data + 1); // 1 byte for AVCTP header 389 num_remaining_bytes_of_data -= bytes_to_copy; 390 num_packets++; 391 } 392 return num_packets; 393 } 394 395 396 avrcp_connection_t * avrcp_get_connection_for_bd_addr_for_role(avrcp_role_t role, bd_addr_t addr){ 397 btstack_linked_list_iterator_t it; 398 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 399 while (btstack_linked_list_iterator_has_next(&it)){ 400 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 401 if (connection->role != role) continue; 402 if (memcmp(addr, connection->remote_addr, 6) != 0) continue; 403 return connection; 404 } 405 return NULL; 406 } 407 408 avrcp_connection_t * avrcp_get_connection_for_l2cap_signaling_cid_for_role(avrcp_role_t role, uint16_t l2cap_cid){ 409 btstack_linked_list_iterator_t it; 410 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 411 while (btstack_linked_list_iterator_has_next(&it)){ 412 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 413 if (connection->role != role) continue; 414 if (connection->l2cap_signaling_cid != l2cap_cid) continue; 415 return connection; 416 } 417 return NULL; 418 } 419 420 avrcp_connection_t * avrcp_get_connection_for_avrcp_cid_for_role(avrcp_role_t role, uint16_t avrcp_cid){ 421 btstack_linked_list_iterator_t it; 422 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 423 while (btstack_linked_list_iterator_has_next(&it)){ 424 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 425 if (connection->role != role) continue; 426 if (connection->avrcp_cid != avrcp_cid) continue; 427 return connection; 428 } 429 return NULL; 430 } 431 432 avrcp_connection_t * avrcp_get_connection_for_browsing_cid_for_role(avrcp_role_t role, uint16_t browsing_cid){ 433 btstack_linked_list_iterator_t it; 434 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 435 while (btstack_linked_list_iterator_has_next(&it)){ 436 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 437 if (connection->role != role) continue; 438 if (connection->avrcp_browsing_cid != browsing_cid) continue; 439 return connection; 440 } 441 return NULL; 442 } 443 444 avrcp_connection_t * avrcp_get_connection_for_browsing_l2cap_cid_for_role(avrcp_role_t role, uint16_t browsing_l2cap_cid){ 445 btstack_linked_list_iterator_t it; 446 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 447 while (btstack_linked_list_iterator_has_next(&it)){ 448 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 449 if (connection->role != role) continue; 450 if (connection->browsing_connection && (connection->browsing_connection->l2cap_browsing_cid != browsing_l2cap_cid)) continue; 451 return connection; 452 } 453 return NULL; 454 } 455 456 avrcp_browsing_connection_t * avrcp_get_browsing_connection_for_l2cap_cid_for_role(avrcp_role_t role, uint16_t l2cap_cid){ 457 btstack_linked_list_iterator_t it; 458 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 459 while (btstack_linked_list_iterator_has_next(&it)){ 460 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 461 if (connection->role != role) continue; 462 if (connection->browsing_connection && (connection->browsing_connection->l2cap_browsing_cid != l2cap_cid)) continue; 463 return connection->browsing_connection; 464 } 465 return NULL; 466 } 467 468 void avrcp_request_can_send_now(avrcp_connection_t * connection, uint16_t l2cap_cid){ 469 connection->wait_to_send = true; 470 l2cap_request_can_send_now_event(l2cap_cid); 471 } 472 473 uint16_t avrcp_get_next_cid(avrcp_role_t role){ 474 do { 475 if (avrcp_cid_counter == 0xffff) { 476 avrcp_cid_counter = 1; 477 } else { 478 avrcp_cid_counter++; 479 } 480 } while (avrcp_get_connection_for_avrcp_cid_for_role(role, avrcp_cid_counter) != NULL) ; 481 return avrcp_cid_counter; 482 } 483 484 static avrcp_connection_t * avrcp_create_connection(avrcp_role_t role, bd_addr_t remote_addr){ 485 avrcp_connection_t * connection = btstack_memory_avrcp_connection_get(); 486 if (!connection){ 487 log_error("Not enough memory to create connection for role %d", role); 488 return NULL; 489 } 490 491 connection->state = AVCTP_CONNECTION_IDLE; 492 connection->role = role; 493 494 connection->transaction_id = 0xFF; 495 connection->transaction_id_counter = 0; 496 497 connection->max_num_fragments = 0xFF; 498 499 // setup default unit / subunit info 500 connection->company_id = 0xffffff; 501 connection->unit_type = AVRCP_SUBUNIT_TYPE_PANEL; 502 connection->subunit_info_data_size = sizeof(avrcp_default_subunit_info); 503 connection->subunit_info_data = avrcp_default_subunit_info; 504 505 log_info("avrcp_create_connection, role %d", role); 506 (void)memcpy(connection->remote_addr, remote_addr, 6); 507 btstack_linked_list_add(&avrcp_connections, (btstack_linked_item_t *) connection); 508 return connection; 509 } 510 511 static void avrcp_finalize_connection(avrcp_connection_t * connection){ 512 btstack_run_loop_remove_timer(&connection->retry_timer); 513 btstack_linked_list_remove(&avrcp_connections, (btstack_linked_item_t*) connection); 514 btstack_memory_avrcp_connection_free(connection); 515 } 516 517 static void avrcp_emit_connection_established(uint16_t avrcp_cid, bd_addr_t addr, hci_con_handle_t con_handle, uint8_t status){ 518 btstack_assert(avrcp_callback != NULL); 519 520 uint8_t event[14]; 521 int pos = 0; 522 event[pos++] = HCI_EVENT_AVRCP_META; 523 event[pos++] = sizeof(event) - 2; 524 event[pos++] = AVRCP_SUBEVENT_CONNECTION_ESTABLISHED; 525 event[pos++] = status; 526 little_endian_store_16(event, pos, avrcp_cid); 527 pos += 2; 528 reverse_bd_addr(addr,&event[pos]); 529 pos += 6; 530 little_endian_store_16(event, pos, con_handle); 531 pos += 2; 532 (*avrcp_callback)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 533 } 534 535 static void avrcp_emit_connection_closed(uint16_t avrcp_cid){ 536 btstack_assert(avrcp_callback != NULL); 537 538 uint8_t event[5]; 539 int pos = 0; 540 event[pos++] = HCI_EVENT_AVRCP_META; 541 event[pos++] = sizeof(event) - 2; 542 event[pos++] = AVRCP_SUBEVENT_CONNECTION_RELEASED; 543 little_endian_store_16(event, pos, avrcp_cid); 544 pos += 2; 545 (*avrcp_callback)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 546 } 547 548 uint16_t avrcp_sdp_query_browsing_l2cap_psm(void){ 549 return avrcp_sdp_query_context.browsing_l2cap_psm; 550 } 551 552 void avrcp_handle_sdp_client_query_attribute_value(uint8_t *packet){ 553 des_iterator_t des_list_it; 554 des_iterator_t prot_it; 555 556 // Handle new SDP record 557 if (sdp_event_query_attribute_byte_get_record_id(packet) != avrcp_sdp_query_context.record_id) { 558 avrcp_sdp_query_context.record_id = sdp_event_query_attribute_byte_get_record_id(packet); 559 avrcp_sdp_query_context.parse_sdp_record = 0; 560 // log_info("SDP Record: Nr: %d", record_id); 561 } 562 563 if (sdp_event_query_attribute_byte_get_attribute_length(packet) <= avrcp_sdp_query_attribute_value_buffer_size) { 564 avrcp_sdp_query_attribute_value[sdp_event_query_attribute_byte_get_data_offset(packet)] = sdp_event_query_attribute_byte_get_data(packet); 565 566 if ((uint16_t)(sdp_event_query_attribute_byte_get_data_offset(packet)+1) == sdp_event_query_attribute_byte_get_attribute_length(packet)) { 567 switch(sdp_event_query_attribute_byte_get_attribute_id(packet)) { 568 case BLUETOOTH_ATTRIBUTE_SERVICE_CLASS_ID_LIST: 569 if (de_get_element_type(avrcp_sdp_query_attribute_value) != DE_DES) break; 570 for (des_iterator_init(&des_list_it, avrcp_sdp_query_attribute_value); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 571 uint8_t * element = des_iterator_get_element(&des_list_it); 572 if (de_get_element_type(element) != DE_UUID) continue; 573 uint32_t uuid = de_get_uuid32(element); 574 switch (uuid){ 575 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_TARGET: 576 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL: 577 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_CONTROLLER: 578 avrcp_sdp_query_context.parse_sdp_record = 1; 579 break; 580 default: 581 break; 582 } 583 } 584 break; 585 586 case BLUETOOTH_ATTRIBUTE_PROTOCOL_DESCRIPTOR_LIST: { 587 if (!avrcp_sdp_query_context.parse_sdp_record) break; 588 // log_info("SDP Attribute: 0x%04x", sdp_event_query_attribute_byte_get_attribute_id(packet)); 589 for (des_iterator_init(&des_list_it, avrcp_sdp_query_attribute_value); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 590 uint8_t *des_element; 591 uint8_t *element; 592 uint32_t uuid; 593 594 if (des_iterator_get_type(&des_list_it) != DE_DES) continue; 595 596 des_element = des_iterator_get_element(&des_list_it); 597 des_iterator_init(&prot_it, des_element); 598 element = des_iterator_get_element(&prot_it); 599 600 if (de_get_element_type(element) != DE_UUID) continue; 601 602 uuid = de_get_uuid32(element); 603 des_iterator_next(&prot_it); 604 switch (uuid){ 605 case BLUETOOTH_PROTOCOL_L2CAP: 606 if (!des_iterator_has_more(&prot_it)) continue; 607 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.avrcp_l2cap_psm); 608 break; 609 case BLUETOOTH_PROTOCOL_AVCTP: 610 if (!des_iterator_has_more(&prot_it)) continue; 611 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.avrcp_version); 612 break; 613 default: 614 break; 615 } 616 } 617 } 618 break; 619 case BLUETOOTH_ATTRIBUTE_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS: { 620 // log_info("SDP Attribute: 0x%04x", sdp_event_query_attribute_byte_get_attribute_id(packet)); 621 if (!avrcp_sdp_query_context.parse_sdp_record) break; 622 if (de_get_element_type(avrcp_sdp_query_attribute_value) != DE_DES) break; 623 624 des_iterator_t des_list_0_it; 625 uint8_t *element_0; 626 627 des_iterator_init(&des_list_0_it, avrcp_sdp_query_attribute_value); 628 element_0 = des_iterator_get_element(&des_list_0_it); 629 630 for (des_iterator_init(&des_list_it, element_0); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 631 uint8_t *des_element; 632 uint8_t *element; 633 uint32_t uuid; 634 635 if (des_iterator_get_type(&des_list_it) != DE_DES) continue; 636 637 des_element = des_iterator_get_element(&des_list_it); 638 des_iterator_init(&prot_it, des_element); 639 element = des_iterator_get_element(&prot_it); 640 641 if (de_get_element_type(element) != DE_UUID) continue; 642 643 uuid = de_get_uuid32(element); 644 des_iterator_next(&prot_it); 645 switch (uuid){ 646 case BLUETOOTH_PROTOCOL_L2CAP: 647 if (!des_iterator_has_more(&prot_it)) continue; 648 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.browsing_l2cap_psm); 649 break; 650 case BLUETOOTH_PROTOCOL_AVCTP: 651 if (!des_iterator_has_more(&prot_it)) continue; 652 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.browsing_version); 653 break; 654 default: 655 break; 656 } 657 } 658 } 659 break; 660 default: 661 break; 662 } 663 } 664 } else { 665 log_error("SDP attribute value buffer size exceeded: available %d, required %d", avrcp_sdp_query_attribute_value_buffer_size, sdp_event_query_attribute_byte_get_attribute_length(packet)); 666 } 667 } 668 669 static void avrcp_handle_sdp_query_failed(avrcp_connection_t * connection, uint8_t status){ 670 if (connection == NULL) return; 671 log_info("AVRCP: SDP query failed with status 0x%02x.", status); 672 avrcp_emit_connection_established(connection->avrcp_cid, connection->remote_addr, connection->con_handle, status); 673 avrcp_finalize_connection(connection); 674 } 675 676 static void avrcp_handle_sdp_query_succeeded(avrcp_connection_t * connection){ 677 if (connection == NULL) return; 678 connection->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 679 connection->avrcp_l2cap_psm = avrcp_sdp_query_context.avrcp_l2cap_psm; 680 connection->browsing_version = avrcp_sdp_query_context.browsing_version; 681 connection->browsing_l2cap_psm = avrcp_sdp_query_context.browsing_l2cap_psm; 682 } 683 684 static void avrcp_handle_sdp_client_query_result(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 685 UNUSED(packet_type); 686 UNUSED(channel); 687 UNUSED(size); 688 689 bool state_ok = true; 690 avrcp_connection_t * avrcp_target_connection = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_sdp_query_context.avrcp_cid); 691 if (!avrcp_target_connection || avrcp_target_connection->state != AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE) { 692 state_ok = false; 693 } 694 avrcp_connection_t * avrcp_controller_connection = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_sdp_query_context.avrcp_cid); 695 if (!avrcp_controller_connection || avrcp_controller_connection->state != AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE) { 696 state_ok = false; 697 } 698 if (!state_ok){ 699 // something wrong, nevertheless, start next sdp query if this one is complete 700 if (hci_event_packet_get_type(packet) == SDP_EVENT_QUERY_COMPLETE){ 701 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 702 } 703 return; 704 } 705 706 uint8_t status; 707 708 switch (hci_event_packet_get_type(packet)){ 709 case SDP_EVENT_QUERY_ATTRIBUTE_VALUE: 710 avrcp_handle_sdp_client_query_attribute_value(packet); 711 return; 712 713 case SDP_EVENT_QUERY_COMPLETE: 714 status = sdp_event_query_complete_get_status(packet); 715 716 if (status != ERROR_CODE_SUCCESS){ 717 avrcp_handle_sdp_query_failed(avrcp_controller_connection, status); 718 avrcp_handle_sdp_query_failed(avrcp_target_connection, status); 719 break; 720 } 721 722 if (!avrcp_sdp_query_context.avrcp_l2cap_psm){ 723 avrcp_handle_sdp_query_failed(avrcp_controller_connection, SDP_SERVICE_NOT_FOUND); 724 avrcp_handle_sdp_query_failed(avrcp_target_connection, SDP_SERVICE_NOT_FOUND); 725 break; 726 } 727 728 avrcp_handle_sdp_query_succeeded(avrcp_controller_connection); 729 avrcp_handle_sdp_query_succeeded(avrcp_target_connection); 730 731 l2cap_create_channel(&avrcp_packet_handler, avrcp_target_connection->remote_addr, avrcp_sdp_query_context.avrcp_l2cap_psm, l2cap_max_mtu(), NULL); 732 break; 733 734 default: 735 return; 736 } 737 738 // register the SDP Query request to check if there is another connection waiting for the query 739 // ignore ERROR_CODE_COMMAND_DISALLOWED because in that case, we already have requested an SDP callback 740 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 741 } 742 743 744 static avrcp_connection_t * avrcp_handle_incoming_connection_for_role(avrcp_role_t role, avrcp_connection_t * connection, bd_addr_t event_addr, hci_con_handle_t con_handle, uint16_t local_cid, uint16_t avrcp_cid){ 745 if (connection == NULL){ 746 connection = avrcp_create_connection(role, event_addr); 747 } 748 if (connection) { 749 connection->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 750 connection->l2cap_signaling_cid = local_cid; 751 connection->avrcp_cid = avrcp_cid; 752 connection->con_handle = con_handle; 753 btstack_run_loop_remove_timer(&connection->retry_timer); 754 } 755 return connection; 756 } 757 758 static void avrcp_handle_open_connection(avrcp_connection_t * connection, hci_con_handle_t con_handle, uint16_t local_cid, uint16_t l2cap_mtu){ 759 connection->l2cap_signaling_cid = local_cid; 760 connection->l2cap_mtu = l2cap_mtu; 761 connection->con_handle = con_handle; 762 connection->incoming_declined = false; 763 connection->song_length_ms = 0xFFFFFFFF; 764 connection->song_position_ms = 0xFFFFFFFF; 765 connection->playback_status = AVRCP_PLAYBACK_STATUS_STOPPED; 766 connection->state = AVCTP_CONNECTION_OPENED; 767 768 log_info("L2CAP_EVENT_CHANNEL_OPENED avrcp_cid 0x%02x, l2cap_signaling_cid 0x%02x, role %d, state %d", connection->avrcp_cid, connection->l2cap_signaling_cid, connection->role, connection->state); 769 } 770 771 static void avrcp_retry_timer_timeout_handler(btstack_timer_source_t * timer){ 772 uint16_t avrcp_cid = (uint16_t)(uintptr_t) btstack_run_loop_get_timer_context(timer); 773 avrcp_connection_t * connection_controller = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_cid); 774 if (connection_controller == NULL) return; 775 avrcp_connection_t * connection_target = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_cid); 776 if (connection_target == NULL) return; 777 778 if (connection_controller->state == AVCTP_CONNECTION_W2_L2CAP_RETRY){ 779 connection_controller->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 780 connection_target->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 781 l2cap_create_channel(&avrcp_packet_handler, connection_controller->remote_addr, connection_controller->avrcp_l2cap_psm, l2cap_max_mtu(), NULL); 782 } 783 } 784 785 static void avrcp_retry_timer_start(avrcp_connection_t * connection){ 786 btstack_run_loop_set_timer_handler(&connection->retry_timer, avrcp_retry_timer_timeout_handler); 787 btstack_run_loop_set_timer_context(&connection->retry_timer, (void *)(uintptr_t)connection->avrcp_cid); 788 789 // add some jitter/randomness to reconnect delay 790 uint32_t timeout = 100 + (btstack_run_loop_get_time_ms() & 0x7F); 791 btstack_run_loop_set_timer(&connection->retry_timer, timeout); 792 793 btstack_run_loop_add_timer(&connection->retry_timer); 794 } 795 796 static avrcp_frame_type_t avrcp_get_frame_type(uint8_t header){ 797 return (avrcp_frame_type_t)((header & 0x02) >> 1); 798 } 799 800 static void avrcp_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 801 UNUSED(channel); 802 UNUSED(size); 803 bd_addr_t event_addr; 804 uint16_t local_cid; 805 uint16_t l2cap_mtu; 806 uint8_t status; 807 bool decline_connection; 808 bool outoing_active; 809 hci_con_handle_t con_handle; 810 811 avrcp_connection_t * connection_controller; 812 avrcp_connection_t * connection_target; 813 bool can_send; 814 815 switch (packet_type) { 816 case HCI_EVENT_PACKET: 817 switch (hci_event_packet_get_type(packet)) { 818 819 case L2CAP_EVENT_INCOMING_CONNECTION: 820 btstack_assert(avrcp_controller_packet_handler != NULL); 821 btstack_assert(avrcp_target_packet_handler != NULL); 822 823 l2cap_event_incoming_connection_get_address(packet, event_addr); 824 local_cid = l2cap_event_incoming_connection_get_local_cid(packet); 825 con_handle = l2cap_event_incoming_connection_get_handle(packet); 826 827 outoing_active = false; 828 connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, event_addr); 829 if (connection_target != NULL){ 830 if (connection_target->state == AVCTP_CONNECTION_W4_L2CAP_CONNECTED){ 831 outoing_active = true; 832 connection_target->incoming_declined = true; 833 } 834 } 835 836 connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, event_addr); 837 if (connection_controller != NULL){ 838 if (connection_controller->state == AVCTP_CONNECTION_W4_L2CAP_CONNECTED) { 839 outoing_active = true; 840 connection_controller->incoming_declined = true; 841 } 842 } 843 844 decline_connection = outoing_active; 845 if (decline_connection == false){ 846 uint16_t avrcp_cid; 847 if ((connection_controller == NULL) || (connection_target == NULL)){ 848 avrcp_cid = avrcp_get_next_cid(AVRCP_CONTROLLER); 849 } else { 850 avrcp_cid = connection_controller->avrcp_cid; 851 } 852 // create two connection objects (both) 853 connection_target = avrcp_handle_incoming_connection_for_role(AVRCP_TARGET, connection_target, event_addr, con_handle, local_cid, avrcp_cid); 854 connection_controller = avrcp_handle_incoming_connection_for_role(AVRCP_CONTROLLER, connection_controller, event_addr, con_handle, local_cid, avrcp_cid); 855 if ((connection_target == NULL) || (connection_controller == NULL)){ 856 decline_connection = true; 857 if (connection_target) { 858 avrcp_finalize_connection(connection_target); 859 } 860 if (connection_controller) { 861 avrcp_finalize_connection(connection_controller); 862 } 863 } 864 } 865 if (decline_connection){ 866 l2cap_decline_connection(local_cid); 867 } else { 868 log_info("AVRCP: L2CAP_EVENT_INCOMING_CONNECTION local cid 0x%02x, state %d", local_cid, connection_controller->state); 869 l2cap_accept_connection(local_cid); 870 } 871 break; 872 873 case L2CAP_EVENT_CHANNEL_OPENED: 874 l2cap_event_channel_opened_get_address(packet, event_addr); 875 status = l2cap_event_channel_opened_get_status(packet); 876 local_cid = l2cap_event_channel_opened_get_local_cid(packet); 877 l2cap_mtu = l2cap_event_channel_opened_get_remote_mtu(packet); 878 con_handle = l2cap_event_channel_opened_get_handle(packet); 879 880 connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, event_addr); 881 connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, event_addr); 882 883 // incoming: structs are already created in L2CAP_EVENT_INCOMING_CONNECTION 884 // outgoing: structs are cteated in avrcp_connect() 885 if ((connection_controller == NULL) || (connection_target == NULL)) { 886 break; 887 } 888 889 switch (status){ 890 case ERROR_CODE_SUCCESS: 891 avrcp_handle_open_connection(connection_target, con_handle, local_cid, l2cap_mtu); 892 avrcp_handle_open_connection(connection_controller, con_handle, local_cid, l2cap_mtu); 893 avrcp_emit_connection_established(connection_controller->avrcp_cid, event_addr, con_handle, status); 894 return; 895 case L2CAP_CONNECTION_RESPONSE_RESULT_REFUSED_RESOURCES: 896 if (connection_controller->incoming_declined == true){ 897 log_info("Incoming connection was declined, and the outgoing failed"); 898 connection_controller->state = AVCTP_CONNECTION_W2_L2CAP_RETRY; 899 connection_controller->incoming_declined = false; 900 connection_target->state = AVCTP_CONNECTION_W2_L2CAP_RETRY; 901 connection_target->incoming_declined = false; 902 avrcp_retry_timer_start(connection_controller); 903 return; 904 } 905 break; 906 default: 907 break; 908 } 909 log_info("L2CAP connection to connection %s failed. status code 0x%02x", bd_addr_to_str(event_addr), status); 910 avrcp_emit_connection_established(connection_controller->avrcp_cid, event_addr, con_handle, status); 911 avrcp_finalize_connection(connection_controller); 912 avrcp_finalize_connection(connection_target); 913 914 break; 915 916 case L2CAP_EVENT_CHANNEL_CLOSED: 917 local_cid = l2cap_event_channel_closed_get_local_cid(packet); 918 919 connection_controller = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_CONTROLLER, local_cid); 920 connection_target = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_TARGET, local_cid); 921 if ((connection_controller == NULL) || (connection_target == NULL)) { 922 break; 923 } 924 avrcp_emit_connection_closed(connection_controller->avrcp_cid); 925 avrcp_finalize_connection(connection_controller); 926 avrcp_finalize_connection(connection_target); 927 break; 928 929 case L2CAP_EVENT_CAN_SEND_NOW: 930 local_cid = l2cap_event_can_send_now_get_local_cid(packet); 931 can_send = true; 932 933 connection_target = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_TARGET, local_cid); 934 if ((connection_target != NULL) && connection_target->wait_to_send){ 935 connection_target->wait_to_send = false; 936 (*avrcp_target_packet_handler)(HCI_EVENT_PACKET, channel, packet, size); 937 can_send = false; 938 } 939 940 connection_controller = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_CONTROLLER, local_cid); 941 if ((connection_controller != NULL) && connection_controller->wait_to_send){ 942 if (can_send){ 943 connection_controller->wait_to_send = false; 944 (*avrcp_controller_packet_handler)(HCI_EVENT_PACKET, channel, packet, size); 945 } else { 946 l2cap_request_can_send_now_event(local_cid); 947 } 948 } 949 break; 950 951 default: 952 break; 953 } 954 break; 955 956 case L2CAP_DATA_PACKET: 957 switch (avrcp_get_frame_type(packet[0])){ 958 case AVRCP_RESPONSE_FRAME: 959 (*avrcp_controller_packet_handler)(packet_type, channel, packet, size); 960 break; 961 case AVRCP_COMMAND_FRAME: 962 default: // make compiler happy 963 (*avrcp_target_packet_handler)(packet_type, channel, packet, size); 964 break; 965 } 966 break; 967 968 default: 969 break; 970 } 971 } 972 973 uint8_t avrcp_disconnect(uint16_t avrcp_cid){ 974 avrcp_connection_t * connection_controller = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_cid); 975 if (!connection_controller){ 976 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 977 } 978 avrcp_connection_t * connection_target = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_cid); 979 if (!connection_target){ 980 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 981 } 982 if (connection_controller->browsing_connection){ 983 l2cap_disconnect(connection_controller->browsing_connection->l2cap_browsing_cid); 984 } 985 l2cap_disconnect(connection_controller->l2cap_signaling_cid); 986 return ERROR_CODE_SUCCESS; 987 } 988 989 static void avrcp_handle_start_sdp_client_query(void * context){ 990 UNUSED(context); 991 992 btstack_linked_list_iterator_t it; 993 btstack_linked_list_iterator_init(&it, &avrcp_connections); 994 while (btstack_linked_list_iterator_has_next(&it)){ 995 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 996 997 if (connection->state != AVCTP_CONNECTION_W2_SEND_SDP_QUERY) continue; 998 connection->state = AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE; 999 1000 // prevent triggering SDP query twice (for each role once) 1001 avrcp_connection_t * connection_with_opposite_role; 1002 switch (connection->role){ 1003 case AVRCP_CONTROLLER: 1004 connection_with_opposite_role = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, connection->avrcp_cid); 1005 break; 1006 case AVRCP_TARGET: 1007 connection_with_opposite_role = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, connection->avrcp_cid); 1008 break; 1009 default: 1010 btstack_assert(false); 1011 return; 1012 } 1013 connection_with_opposite_role->state = AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE; 1014 1015 avrcp_sdp_query_context.avrcp_l2cap_psm = 0; 1016 avrcp_sdp_query_context.avrcp_version = 0; 1017 avrcp_sdp_query_context.avrcp_cid = connection->avrcp_cid; 1018 sdp_client_query_uuid16(&avrcp_handle_sdp_client_query_result, (uint8_t *) connection->remote_addr, BLUETOOTH_PROTOCOL_AVCTP); 1019 return; 1020 } 1021 } 1022 1023 uint8_t avrcp_connect(bd_addr_t remote_addr, uint16_t * avrcp_cid){ 1024 btstack_assert(avrcp_controller_packet_handler != NULL); 1025 btstack_assert(avrcp_target_packet_handler != NULL); 1026 1027 avrcp_connection_t * connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, remote_addr); 1028 if (connection_controller){ 1029 return ERROR_CODE_COMMAND_DISALLOWED; 1030 } 1031 avrcp_connection_t * connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, remote_addr); 1032 if (connection_target){ 1033 return ERROR_CODE_COMMAND_DISALLOWED; 1034 } 1035 1036 uint16_t cid = avrcp_get_next_cid(AVRCP_CONTROLLER); 1037 1038 connection_controller = avrcp_create_connection(AVRCP_CONTROLLER, remote_addr); 1039 if (!connection_controller) return BTSTACK_MEMORY_ALLOC_FAILED; 1040 1041 connection_target = avrcp_create_connection(AVRCP_TARGET, remote_addr); 1042 if (!connection_target){ 1043 avrcp_finalize_connection(connection_controller); 1044 return BTSTACK_MEMORY_ALLOC_FAILED; 1045 } 1046 1047 if (avrcp_cid != NULL){ 1048 *avrcp_cid = cid; 1049 } 1050 1051 connection_controller->state = AVCTP_CONNECTION_W2_SEND_SDP_QUERY; 1052 connection_controller->avrcp_cid = cid; 1053 1054 connection_target->state = AVCTP_CONNECTION_W2_SEND_SDP_QUERY; 1055 connection_target->avrcp_cid = cid; 1056 1057 avrcp_sdp_query_registration.callback = &avrcp_handle_start_sdp_client_query; 1058 // ignore ERROR_CODE_COMMAND_DISALLOWED because in that case, we already have requested an SDP callback 1059 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 1060 return ERROR_CODE_SUCCESS; 1061 } 1062 1063 void avrcp_init(void){ 1064 avrcp_connections = NULL; 1065 if (avrcp_l2cap_service_registered) return; 1066 1067 int status = l2cap_register_service(&avrcp_packet_handler, BLUETOOTH_PSM_AVCTP, 0xffff, gap_get_security_level()); 1068 if (status != ERROR_CODE_SUCCESS) return; 1069 avrcp_l2cap_service_registered = true; 1070 } 1071 1072 void avrcp_deinit(void){ 1073 avrcp_l2cap_service_registered = false; 1074 1075 avrcp_cid_counter = 0; 1076 avrcp_connections = NULL; 1077 1078 avrcp_callback = NULL; 1079 avrcp_controller_packet_handler = NULL; 1080 avrcp_target_packet_handler = NULL; 1081 1082 (void) memset(&avrcp_sdp_query_registration, 0, sizeof(avrcp_sdp_query_registration)); 1083 (void) memset(&avrcp_sdp_query_context, 0, sizeof(avrcp_sdp_query_context_t)); 1084 (void) memset(avrcp_sdp_query_attribute_value, 0, sizeof(avrcp_sdp_query_attribute_value)); 1085 } 1086 1087 void avrcp_register_controller_packet_handler(btstack_packet_handler_t callback){ 1088 avrcp_controller_packet_handler = callback; 1089 } 1090 1091 void avrcp_register_target_packet_handler(btstack_packet_handler_t callback){ 1092 avrcp_target_packet_handler = callback; 1093 } 1094 1095 void avrcp_register_packet_handler(btstack_packet_handler_t callback){ 1096 btstack_assert(callback != NULL); 1097 avrcp_callback = callback; 1098 } 1099 1100 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 1101 #define FUZZ_CID 0x44 1102 #define FUZZ_CON_HANDLE 0x0001 1103 static bd_addr_t remote_addr = { 0x33, 0x33, 0x33, 0x33, 0x33, 0x33 }; 1104 void avrcp_init_fuzz(void){ 1105 // setup avrcp connections for cid 1106 avrcp_connection_t * connection_controller = avrcp_create_connection(AVRCP_CONTROLLER, remote_addr); 1107 avrcp_connection_t * connection_target = avrcp_create_connection(AVRCP_TARGET, remote_addr); 1108 avrcp_handle_open_connection(connection_controller, FUZZ_CON_HANDLE, FUZZ_CID, 999); 1109 avrcp_handle_open_connection(connection_target, FUZZ_CON_HANDLE, FUZZ_CID, 999); 1110 } 1111 void avrcp_packet_handler_fuzz(uint8_t *packet, uint16_t size){ 1112 avrcp_packet_handler(L2CAP_DATA_PACKET, FUZZ_CID, packet, size); 1113 } 1114 #endif