1 /* 2 * Copyright (C) 2016 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BLUEKITCHEN 24 * GMBH OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 #define BTSTACK_FILE__ "avrcp.c" 39 40 #include <stdint.h> 41 #include <string.h> 42 // snprintf 43 #include <stdio.h> 44 45 #include "bluetooth_psm.h" 46 #include "bluetooth_sdp.h" 47 #include "btstack_debug.h" 48 #include "btstack_event.h" 49 #include "btstack_memory.h" 50 #include "classic/sdp_client.h" 51 #include "classic/sdp_util.h" 52 #include "classic/avrcp.h" 53 54 55 typedef struct { 56 uint8_t parse_sdp_record; 57 uint32_t record_id; 58 uint16_t avrcp_cid; 59 uint16_t avrcp_l2cap_psm; 60 uint16_t avrcp_version; 61 62 uint16_t browsing_l2cap_psm; 63 uint16_t browsing_version; 64 } avrcp_sdp_query_context_t; 65 66 static void avrcp_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size); 67 68 static const char * avrcp_default_controller_service_name = "BTstack AVRCP Controller Service"; 69 static const char * avrcp_default_controller_service_provider_name = "BTstack AVRCP Controller Service Provider"; 70 static const char * avrcp_defaul_target_service_name = "BTstack AVRCP Target Service"; 71 static const char * avrcp_default_target_service_provider_name = "BTstack AVRCP Target Service Provider"; 72 73 static const char * avrcp_subunit_type_name[] = { 74 "MONITOR", "AUDIO", "PRINTER", "DISC", "TAPE_RECORDER_PLAYER", "TUNER", 75 "CA", "CAMERA", "RESERVED", "PANEL", "BULLETIN_BOARD", "CAMERA_STORAGE", 76 "VENDOR_UNIQUE", "RESERVED_FOR_ALL_SUBUNIT_TYPES", 77 "EXTENDED_TO_NEXT_BYTE", "UNIT", "ERROR" 78 }; 79 80 // default subunit info: single PANEL subunit 81 static const uint8_t avrcp_default_subunit_info[] = { AVRCP_SUBUNIT_TYPE_PANEL << 3}; 82 83 // globals 84 static bool avrcp_l2cap_service_registered = false; 85 86 // connections 87 static uint16_t avrcp_cid_counter; 88 static btstack_linked_list_t avrcp_connections; 89 90 // higher layer callbacks 91 static btstack_packet_handler_t avrcp_callback; 92 static btstack_packet_handler_t avrcp_controller_packet_handler; 93 static btstack_packet_handler_t avrcp_target_packet_handler; 94 95 // sdp query 96 static btstack_context_callback_registration_t avrcp_sdp_query_registration; 97 static avrcp_sdp_query_context_t avrcp_sdp_query_context; 98 static uint8_t avrcp_sdp_query_attribute_value[45]; 99 static const unsigned int avrcp_sdp_query_attribute_value_buffer_size = sizeof(avrcp_sdp_query_attribute_value); 100 101 102 const char * avrcp_subunit2str(uint16_t index){ 103 if (index <= 11) return avrcp_subunit_type_name[index]; 104 if ((index >= 0x1C) && (index <= 0x1F)) return avrcp_subunit_type_name[index - 0x10]; 105 return avrcp_subunit_type_name[16]; 106 } 107 108 static const char * avrcp_event_name[] = { 109 "ERROR", "PLAYBACK_STATUS_CHANGED", 110 "TRACK_CHANGED", "TRACK_REACHED_END", "TRACK_REACHED_START", 111 "PLAYBACK_POS_CHANGED", "BATT_STATUS_CHANGED", "SYSTEM_STATUS_CHANGED", 112 "PLAYER_APPLICATION_SETTING_CHANGED", "NOW_PLAYING_CONTENT_CHANGED", 113 "AVAILABLE_PLAYERS_CHANGED", "ADDRESSED_PLAYER_CHANGED", "UIDS_CHANGED", "VOLUME_CHANGED" 114 }; 115 const char * avrcp_event2str(uint16_t index){ 116 if (index <= 0x0d) return avrcp_event_name[index]; 117 return avrcp_event_name[0]; 118 } 119 120 static const char * avrcp_operation_name[] = { 121 "SKIP", NULL, NULL, NULL, NULL, 122 "VOLUME_UP", "VOLUME_DOWN", "MUTE", "PLAY", "STOP", "PAUSE", NULL, 123 "REWIND", "FAST_FORWARD", NULL, "FORWARD", "BACKWARD" // 0x4C 124 }; 125 126 const char * avrcp_operation2str(uint8_t operation_id){ 127 char * name = NULL; 128 if ((operation_id >= AVRCP_OPERATION_ID_SKIP) && (operation_id <= AVRCP_OPERATION_ID_BACKWARD)){ 129 name = (char *)avrcp_operation_name[operation_id - AVRCP_OPERATION_ID_SKIP]; 130 } 131 if (name == NULL){ 132 static char buffer[13]; 133 snprintf(buffer, sizeof(buffer), "Unknown 0x%02x", operation_id); 134 buffer[sizeof(buffer)-1] = 0; 135 return buffer; 136 } else { 137 return name; 138 } 139 } 140 141 static const char * avrcp_media_attribute_id_name[] = { 142 "NONE", "TITLE", "ARTIST", "ALBUM", "TRACK", "TOTAL TRACKS", "GENRE", "SONG LENGTH" 143 }; 144 const char * avrcp_attribute2str(uint8_t index){ 145 if ((index >= 1) && (index <= 7)) return avrcp_media_attribute_id_name[index]; 146 return avrcp_media_attribute_id_name[0]; 147 } 148 149 static const char * avrcp_play_status_name[] = { 150 "STOPPED", "PLAYING", "PAUSED", "FORWARD SEEK", "REVERSE SEEK", 151 "ERROR" // 0xFF 152 }; 153 const char * avrcp_play_status2str(uint8_t index){ 154 if ((index >= 1) && (index <= 4)) return avrcp_play_status_name[index]; 155 return avrcp_play_status_name[5]; 156 } 157 158 static const char * avrcp_ctype_name[] = { 159 "CONTROL", 160 "STATUS", 161 "SPECIFIC_INQUIRY", 162 "NOTIFY", 163 "GENERAL_INQUIRY", 164 "RESERVED5", 165 "RESERVED6", 166 "RESERVED7", 167 "NOT IMPLEMENTED IN REMOTE", 168 "ACCEPTED BY REMOTE", 169 "REJECTED BY REMOTE", 170 "IN_TRANSITION", 171 "IMPLEMENTED_STABLE", 172 "CHANGED_STABLE", 173 "RESERVED", 174 "INTERIM" 175 }; 176 const char * avrcp_ctype2str(uint8_t index){ 177 if (index < sizeof(avrcp_ctype_name)){ 178 return avrcp_ctype_name[index]; 179 } 180 return "NONE"; 181 } 182 183 static const char * avrcp_shuffle_mode_name[] = { 184 "SHUFFLE OFF", 185 "SHUFFLE ALL TRACKS", 186 "SHUFFLE GROUP" 187 }; 188 189 const char * avrcp_shuffle2str(uint8_t index){ 190 if ((index >= 1) && (index <= 3)) return avrcp_shuffle_mode_name[index-1]; 191 return "NONE"; 192 } 193 194 static const char * avrcp_repeat_mode_name[] = { 195 "REPEAT OFF", 196 "REPEAT SINGLE TRACK", 197 "REPEAT ALL TRACKS", 198 "REPEAT GROUP" 199 }; 200 201 const char * avrcp_repeat2str(uint8_t index){ 202 if ((index >= 1) && (index <= 4)) return avrcp_repeat_mode_name[index-1]; 203 return "NONE"; 204 } 205 206 btstack_linked_list_t avrcp_get_connections(void){ 207 return avrcp_connections; 208 } 209 210 uint8_t avrcp_cmd_opcode(uint8_t *packet, uint16_t size){ 211 uint8_t cmd_opcode_index = 5; 212 if (cmd_opcode_index > size) return AVRCP_CMD_OPCODE_UNDEFINED; 213 return packet[cmd_opcode_index]; 214 } 215 216 void avrcp_create_sdp_record(uint8_t controller, uint8_t * service, uint32_t service_record_handle, uint8_t browsing, uint16_t supported_features, 217 const char * service_name, const char * service_provider_name){ 218 uint8_t* attribute; 219 de_create_sequence(service); 220 221 // 0x0000 "Service Record Handle" 222 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_SERVICE_RECORD_HANDLE); 223 de_add_number(service, DE_UINT, DE_SIZE_32, service_record_handle); 224 225 // 0x0001 "Service Class ID List" 226 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_SERVICE_CLASS_ID_LIST); 227 attribute = de_push_sequence(service); 228 { 229 if (controller){ 230 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL); 231 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_CONTROLLER); 232 } else { 233 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_TARGET); 234 } 235 } 236 de_pop_sequence(service, attribute); 237 238 // 0x0004 "Protocol Descriptor List" 239 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_PROTOCOL_DESCRIPTOR_LIST); 240 attribute = de_push_sequence(service); 241 { 242 uint8_t* l2cpProtocol = de_push_sequence(attribute); 243 { 244 de_add_number(l2cpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_L2CAP); 245 de_add_number(l2cpProtocol, DE_UINT, DE_SIZE_16, BLUETOOTH_PSM_AVCTP); 246 } 247 de_pop_sequence(attribute, l2cpProtocol); 248 249 uint8_t* avctpProtocol = de_push_sequence(attribute); 250 { 251 de_add_number(avctpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_AVCTP); // avctpProtocol_service 252 de_add_number(avctpProtocol, DE_UINT, DE_SIZE_16, 0x0104); // version 253 } 254 de_pop_sequence(attribute, avctpProtocol); 255 } 256 de_pop_sequence(service, attribute); 257 258 // 0x0005 "Public Browse Group" 259 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_BROWSE_GROUP_LIST); // public browse group 260 attribute = de_push_sequence(service); 261 { 262 de_add_number(attribute, DE_UUID, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_PUBLIC_BROWSE_ROOT); 263 } 264 de_pop_sequence(service, attribute); 265 266 // 0x0009 "Bluetooth Profile Descriptor List" 267 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_BLUETOOTH_PROFILE_DESCRIPTOR_LIST); 268 attribute = de_push_sequence(service); 269 { 270 uint8_t *avrcProfile = de_push_sequence(attribute); 271 { 272 de_add_number(avrcProfile, DE_UUID, DE_SIZE_16, BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL); 273 de_add_number(avrcProfile, DE_UINT, DE_SIZE_16, 0x0106); 274 } 275 de_pop_sequence(attribute, avrcProfile); 276 } 277 de_pop_sequence(service, attribute); 278 279 // 0x000d "Additional Bluetooth Profile Descriptor List" 280 if (browsing){ 281 de_add_number(service, DE_UINT, DE_SIZE_16, BLUETOOTH_ATTRIBUTE_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS); 282 attribute = de_push_sequence(service); 283 { 284 uint8_t * des = de_push_sequence(attribute); 285 { 286 uint8_t* browsing_l2cpProtocol = de_push_sequence(des); 287 { 288 de_add_number(browsing_l2cpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_L2CAP); 289 de_add_number(browsing_l2cpProtocol, DE_UINT, DE_SIZE_16, BLUETOOTH_PSM_AVCTP_BROWSING); 290 } 291 de_pop_sequence(des, browsing_l2cpProtocol); 292 293 uint8_t* browsing_avctpProtocol = de_push_sequence(des); 294 { 295 de_add_number(browsing_avctpProtocol, DE_UUID, DE_SIZE_16, BLUETOOTH_PROTOCOL_AVCTP); // browsing_avctpProtocol_service 296 de_add_number(browsing_avctpProtocol, DE_UINT, DE_SIZE_16, 0x0104); // version 297 } 298 de_pop_sequence(des, browsing_avctpProtocol); 299 } 300 de_pop_sequence(attribute, des); 301 } 302 de_pop_sequence(service, attribute); 303 } 304 305 306 // 0x0100 "Service Name" 307 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0100); 308 if (service_name){ 309 de_add_data(service, DE_STRING, strlen(service_name), (uint8_t *) service_name); 310 } else { 311 if (controller){ 312 de_add_data(service, DE_STRING, strlen(avrcp_default_controller_service_name), (uint8_t *) avrcp_default_controller_service_name); 313 } else { 314 de_add_data(service, DE_STRING, strlen(avrcp_defaul_target_service_name), (uint8_t *) avrcp_defaul_target_service_name); 315 } 316 } 317 318 // 0x0100 "Provider Name" 319 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0102); 320 if (service_provider_name){ 321 de_add_data(service, DE_STRING, strlen(service_provider_name), (uint8_t *) service_provider_name); 322 } else { 323 if (controller){ 324 de_add_data(service, DE_STRING, strlen(avrcp_default_controller_service_provider_name), (uint8_t *) avrcp_default_controller_service_provider_name); 325 } else { 326 de_add_data(service, DE_STRING, strlen(avrcp_default_target_service_provider_name), (uint8_t *) avrcp_default_target_service_provider_name); 327 } 328 } 329 330 // 0x0311 "Supported Features" 331 de_add_number(service, DE_UINT, DE_SIZE_16, 0x0311); 332 de_add_number(service, DE_UINT, DE_SIZE_16, supported_features); 333 } 334 335 uint16_t avctp_get_num_bytes_for_header(avctp_packet_type_t avctp_packet_type) { 336 switch (avctp_packet_type){ 337 case AVCTP_SINGLE_PACKET: 338 // AVCTP message: transport header (1), pid (2) 339 return 3; 340 case AVCTP_START_PACKET: 341 // AVCTP message: transport header (1), num_packets (1), pid (2) 342 return 4; 343 default: 344 // AVCTP message: transport header (1) 345 return 1; 346 } 347 } 348 349 uint16_t avrcp_get_num_bytes_for_header(avrcp_command_opcode_t command_opcode, avctp_packet_type_t avctp_packet_type) { 350 switch (avctp_packet_type){ 351 case AVCTP_SINGLE_PACKET: 352 case AVCTP_START_PACKET: 353 break; 354 default: 355 return 0; 356 } 357 358 uint16_t offset = 3; // AVRCP message: cmd type (1), subunit (1), opcode (1) 359 switch (command_opcode){ 360 case AVRCP_CMD_OPCODE_VENDOR_DEPENDENT: 361 offset += 7; // AVRCP message: company (3), pdu id(1), AVRCP packet type (1), param_len (2) 362 break; 363 case AVRCP_CMD_OPCODE_PASS_THROUGH: 364 offset += 3; // AVRCP message: operation id (1), param_len (2) 365 break; 366 default: 367 break; 368 } 369 return offset; 370 } 371 372 static uint16_t avrcp_get_num_free_bytes_for_payload(uint16_t l2cap_cid, avrcp_command_opcode_t command_opcode, avctp_packet_type_t avctp_packet_type){ 373 uint16_t max_frame_size = btstack_min(l2cap_get_remote_mtu_for_local_cid(l2cap_cid), AVRCP_MAX_AV_C_MESSAGE_FRAME_SIZE); 374 uint16_t payload_offset = avctp_get_num_bytes_for_header(avctp_packet_type) + 375 avrcp_get_num_bytes_for_header(command_opcode, avctp_packet_type); 376 377 btstack_assert(max_frame_size >= payload_offset); 378 return (max_frame_size - payload_offset); 379 } 380 381 382 avctp_packet_type_t avctp_get_packet_type(avrcp_connection_t * connection, uint16_t * max_payload_size){ 383 if (connection->data_offset == 0){ 384 uint16_t max_payload_size_for_single_packet = avrcp_get_num_free_bytes_for_payload(connection->l2cap_signaling_cid, 385 connection->command_opcode, 386 AVCTP_SINGLE_PACKET); 387 if (max_payload_size_for_single_packet >= connection->data_len){ 388 *max_payload_size = max_payload_size_for_single_packet; 389 return AVCTP_SINGLE_PACKET; 390 } else { 391 uint16_t max_payload_size_for_start_packet = max_payload_size_for_single_packet - 1; 392 *max_payload_size = max_payload_size_for_start_packet; 393 return AVCTP_START_PACKET; 394 } 395 } else { 396 // both packet types have the same single byte AVCTP header 397 *max_payload_size = avrcp_get_num_free_bytes_for_payload(connection->l2cap_signaling_cid, 398 connection->command_opcode, 399 AVCTP_CONTINUE_PACKET); 400 if ((connection->data_len - connection->data_offset) > *max_payload_size){ 401 return AVCTP_CONTINUE_PACKET; 402 } else { 403 return AVCTP_END_PACKET; 404 } 405 } 406 } 407 408 avrcp_packet_type_t avrcp_get_packet_type(avrcp_connection_t * connection){ 409 switch (connection->avctp_packet_type) { 410 case AVCTP_SINGLE_PACKET: 411 case AVCTP_START_PACKET: 412 break; 413 default: 414 return connection->avrcp_packet_type; 415 } 416 417 if (connection->data_offset == 0){ 418 if (AVRCP_MAX_AV_C_MESSAGE_FRAME_SIZE >= connection->data_len){ 419 return AVRCP_SINGLE_PACKET; 420 } else { 421 return AVRCP_START_PACKET; 422 } 423 } else { 424 if ((connection->data_len - connection->data_offset) > AVRCP_MAX_AV_C_MESSAGE_FRAME_SIZE){ 425 return AVRCP_CONTINUE_PACKET; 426 } else { 427 return AVRCP_END_PACKET; 428 } 429 } 430 } 431 432 avrcp_connection_t * avrcp_get_connection_for_bd_addr_for_role(avrcp_role_t role, bd_addr_t addr){ 433 btstack_linked_list_iterator_t it; 434 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 435 while (btstack_linked_list_iterator_has_next(&it)){ 436 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 437 if (connection->role != role) continue; 438 if (memcmp(addr, connection->remote_addr, 6) != 0) continue; 439 return connection; 440 } 441 return NULL; 442 } 443 444 avrcp_connection_t * avrcp_get_connection_for_l2cap_signaling_cid_for_role(avrcp_role_t role, uint16_t l2cap_cid){ 445 btstack_linked_list_iterator_t it; 446 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 447 while (btstack_linked_list_iterator_has_next(&it)){ 448 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 449 if (connection->role != role) continue; 450 if (connection->l2cap_signaling_cid != l2cap_cid) continue; 451 return connection; 452 } 453 return NULL; 454 } 455 456 avrcp_connection_t * avrcp_get_connection_for_avrcp_cid_for_role(avrcp_role_t role, uint16_t avrcp_cid){ 457 btstack_linked_list_iterator_t it; 458 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 459 while (btstack_linked_list_iterator_has_next(&it)){ 460 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 461 if (connection->role != role) continue; 462 if (connection->avrcp_cid != avrcp_cid) continue; 463 return connection; 464 } 465 return NULL; 466 } 467 468 avrcp_connection_t * avrcp_get_connection_for_browsing_cid_for_role(avrcp_role_t role, uint16_t browsing_cid){ 469 btstack_linked_list_iterator_t it; 470 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 471 while (btstack_linked_list_iterator_has_next(&it)){ 472 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 473 if (connection->role != role) continue; 474 if (connection->avrcp_browsing_cid != browsing_cid) continue; 475 return connection; 476 } 477 return NULL; 478 } 479 480 avrcp_connection_t * avrcp_get_connection_for_browsing_l2cap_cid_for_role(avrcp_role_t role, uint16_t browsing_l2cap_cid){ 481 btstack_linked_list_iterator_t it; 482 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 483 while (btstack_linked_list_iterator_has_next(&it)){ 484 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 485 if (connection->role != role) continue; 486 if (connection->browsing_connection && (connection->browsing_connection->l2cap_browsing_cid != browsing_l2cap_cid)) continue; 487 return connection; 488 } 489 return NULL; 490 } 491 492 avrcp_browsing_connection_t * avrcp_get_browsing_connection_for_l2cap_cid_for_role(avrcp_role_t role, uint16_t l2cap_cid){ 493 btstack_linked_list_iterator_t it; 494 btstack_linked_list_iterator_init(&it, (btstack_linked_list_t *) &avrcp_connections); 495 while (btstack_linked_list_iterator_has_next(&it)){ 496 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 497 if (connection->role != role) continue; 498 if (connection->browsing_connection && (connection->browsing_connection->l2cap_browsing_cid != l2cap_cid)) continue; 499 return connection->browsing_connection; 500 } 501 return NULL; 502 } 503 504 void avrcp_request_can_send_now(avrcp_connection_t * connection, uint16_t l2cap_cid){ 505 connection->wait_to_send = true; 506 l2cap_request_can_send_now_event(l2cap_cid); 507 } 508 509 uint16_t avrcp_get_next_cid(avrcp_role_t role){ 510 do { 511 if (avrcp_cid_counter == 0xffff) { 512 avrcp_cid_counter = 1; 513 } else { 514 avrcp_cid_counter++; 515 } 516 } while (avrcp_get_connection_for_avrcp_cid_for_role(role, avrcp_cid_counter) != NULL) ; 517 return avrcp_cid_counter; 518 } 519 520 static avrcp_connection_t * avrcp_create_connection(avrcp_role_t role, bd_addr_t remote_addr){ 521 avrcp_connection_t * connection = btstack_memory_avrcp_connection_get(); 522 if (!connection){ 523 log_error("Not enough memory to create connection for role %d", role); 524 return NULL; 525 } 526 527 connection->state = AVCTP_CONNECTION_IDLE; 528 connection->role = role; 529 530 connection->transaction_id = 0xFF; 531 connection->transaction_id_counter = 0; 532 533 connection->controller_max_num_fragments = 0xFF; 534 535 // setup default unit / subunit info 536 connection->company_id = 0xffffff; 537 connection->target_unit_type = AVRCP_SUBUNIT_TYPE_PANEL; 538 connection->target_subunit_info_data_size = sizeof(avrcp_default_subunit_info); 539 connection->target_subunit_info_data = avrcp_default_subunit_info; 540 541 log_info("avrcp_create_connection, role %d", role); 542 (void)memcpy(connection->remote_addr, remote_addr, 6); 543 btstack_linked_list_add(&avrcp_connections, (btstack_linked_item_t *) connection); 544 return connection; 545 } 546 547 static void avrcp_finalize_connection(avrcp_connection_t * connection){ 548 btstack_run_loop_remove_timer(&connection->retry_timer); 549 btstack_linked_list_remove(&avrcp_connections, (btstack_linked_item_t*) connection); 550 btstack_memory_avrcp_connection_free(connection); 551 } 552 553 static void avrcp_emit_connection_established(uint16_t avrcp_cid, bd_addr_t addr, hci_con_handle_t con_handle, uint8_t status){ 554 btstack_assert(avrcp_callback != NULL); 555 556 uint8_t event[14]; 557 int pos = 0; 558 event[pos++] = HCI_EVENT_AVRCP_META; 559 event[pos++] = sizeof(event) - 2; 560 event[pos++] = AVRCP_SUBEVENT_CONNECTION_ESTABLISHED; 561 event[pos++] = status; 562 little_endian_store_16(event, pos, avrcp_cid); 563 pos += 2; 564 reverse_bd_addr(addr,&event[pos]); 565 pos += 6; 566 little_endian_store_16(event, pos, con_handle); 567 pos += 2; 568 (*avrcp_callback)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 569 } 570 571 static void avrcp_emit_connection_closed(uint16_t avrcp_cid){ 572 btstack_assert(avrcp_callback != NULL); 573 574 uint8_t event[5]; 575 int pos = 0; 576 event[pos++] = HCI_EVENT_AVRCP_META; 577 event[pos++] = sizeof(event) - 2; 578 event[pos++] = AVRCP_SUBEVENT_CONNECTION_RELEASED; 579 little_endian_store_16(event, pos, avrcp_cid); 580 pos += 2; 581 (*avrcp_callback)(HCI_EVENT_PACKET, 0, event, sizeof(event)); 582 } 583 584 uint16_t avrcp_sdp_query_browsing_l2cap_psm(void){ 585 return avrcp_sdp_query_context.browsing_l2cap_psm; 586 } 587 588 void avrcp_handle_sdp_client_query_attribute_value(uint8_t *packet){ 589 des_iterator_t des_list_it; 590 des_iterator_t prot_it; 591 592 // Handle new SDP record 593 if (sdp_event_query_attribute_byte_get_record_id(packet) != avrcp_sdp_query_context.record_id) { 594 avrcp_sdp_query_context.record_id = sdp_event_query_attribute_byte_get_record_id(packet); 595 avrcp_sdp_query_context.parse_sdp_record = 0; 596 // log_info("SDP Record: Nr: %d", record_id); 597 } 598 599 if (sdp_event_query_attribute_byte_get_attribute_length(packet) <= avrcp_sdp_query_attribute_value_buffer_size) { 600 avrcp_sdp_query_attribute_value[sdp_event_query_attribute_byte_get_data_offset(packet)] = sdp_event_query_attribute_byte_get_data(packet); 601 602 if ((uint16_t)(sdp_event_query_attribute_byte_get_data_offset(packet)+1) == sdp_event_query_attribute_byte_get_attribute_length(packet)) { 603 switch(sdp_event_query_attribute_byte_get_attribute_id(packet)) { 604 case BLUETOOTH_ATTRIBUTE_SERVICE_CLASS_ID_LIST: 605 if (de_get_element_type(avrcp_sdp_query_attribute_value) != DE_DES) break; 606 for (des_iterator_init(&des_list_it, avrcp_sdp_query_attribute_value); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 607 uint8_t * element = des_iterator_get_element(&des_list_it); 608 if (de_get_element_type(element) != DE_UUID) continue; 609 uint32_t uuid = de_get_uuid32(element); 610 switch (uuid){ 611 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_TARGET: 612 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL: 613 case BLUETOOTH_SERVICE_CLASS_AV_REMOTE_CONTROL_CONTROLLER: 614 avrcp_sdp_query_context.parse_sdp_record = 1; 615 break; 616 default: 617 break; 618 } 619 } 620 break; 621 622 case BLUETOOTH_ATTRIBUTE_PROTOCOL_DESCRIPTOR_LIST: { 623 if (!avrcp_sdp_query_context.parse_sdp_record) break; 624 // log_info("SDP Attribute: 0x%04x", sdp_event_query_attribute_byte_get_attribute_id(packet)); 625 for (des_iterator_init(&des_list_it, avrcp_sdp_query_attribute_value); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 626 uint8_t *des_element; 627 uint8_t *element; 628 uint32_t uuid; 629 630 if (des_iterator_get_type(&des_list_it) != DE_DES) continue; 631 632 des_element = des_iterator_get_element(&des_list_it); 633 des_iterator_init(&prot_it, des_element); 634 element = des_iterator_get_element(&prot_it); 635 636 if (de_get_element_type(element) != DE_UUID) continue; 637 638 uuid = de_get_uuid32(element); 639 des_iterator_next(&prot_it); 640 switch (uuid){ 641 case BLUETOOTH_PROTOCOL_L2CAP: 642 if (!des_iterator_has_more(&prot_it)) continue; 643 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.avrcp_l2cap_psm); 644 break; 645 case BLUETOOTH_PROTOCOL_AVCTP: 646 if (!des_iterator_has_more(&prot_it)) continue; 647 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.avrcp_version); 648 break; 649 default: 650 break; 651 } 652 } 653 } 654 break; 655 case BLUETOOTH_ATTRIBUTE_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS: { 656 // log_info("SDP Attribute: 0x%04x", sdp_event_query_attribute_byte_get_attribute_id(packet)); 657 if (!avrcp_sdp_query_context.parse_sdp_record) break; 658 if (de_get_element_type(avrcp_sdp_query_attribute_value) != DE_DES) break; 659 660 des_iterator_t des_list_0_it; 661 uint8_t *element_0; 662 663 des_iterator_init(&des_list_0_it, avrcp_sdp_query_attribute_value); 664 element_0 = des_iterator_get_element(&des_list_0_it); 665 666 for (des_iterator_init(&des_list_it, element_0); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 667 uint8_t *des_element; 668 uint8_t *element; 669 uint32_t uuid; 670 671 if (des_iterator_get_type(&des_list_it) != DE_DES) continue; 672 673 des_element = des_iterator_get_element(&des_list_it); 674 des_iterator_init(&prot_it, des_element); 675 element = des_iterator_get_element(&prot_it); 676 677 if (de_get_element_type(element) != DE_UUID) continue; 678 679 uuid = de_get_uuid32(element); 680 des_iterator_next(&prot_it); 681 switch (uuid){ 682 case BLUETOOTH_PROTOCOL_L2CAP: 683 if (!des_iterator_has_more(&prot_it)) continue; 684 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.browsing_l2cap_psm); 685 break; 686 case BLUETOOTH_PROTOCOL_AVCTP: 687 if (!des_iterator_has_more(&prot_it)) continue; 688 de_element_get_uint16(des_iterator_get_element(&prot_it), &avrcp_sdp_query_context.browsing_version); 689 break; 690 default: 691 break; 692 } 693 } 694 } 695 break; 696 default: 697 break; 698 } 699 } 700 } else { 701 log_error("SDP attribute value buffer size exceeded: available %d, required %d", avrcp_sdp_query_attribute_value_buffer_size, sdp_event_query_attribute_byte_get_attribute_length(packet)); 702 } 703 } 704 705 static void avrcp_handle_sdp_query_failed(avrcp_connection_t * connection, uint8_t status){ 706 if (connection == NULL) return; 707 log_info("AVRCP: SDP query failed with status 0x%02x.", status); 708 avrcp_emit_connection_established(connection->avrcp_cid, connection->remote_addr, connection->con_handle, status); 709 avrcp_finalize_connection(connection); 710 } 711 712 static void avrcp_handle_sdp_query_succeeded(avrcp_connection_t * connection){ 713 if (connection == NULL) return; 714 connection->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 715 connection->avrcp_l2cap_psm = avrcp_sdp_query_context.avrcp_l2cap_psm; 716 connection->browsing_version = avrcp_sdp_query_context.browsing_version; 717 connection->browsing_l2cap_psm = avrcp_sdp_query_context.browsing_l2cap_psm; 718 } 719 720 static void avrcp_handle_sdp_client_query_result(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 721 UNUSED(packet_type); 722 UNUSED(channel); 723 UNUSED(size); 724 725 bool state_ok = true; 726 avrcp_connection_t * avrcp_target_connection = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_sdp_query_context.avrcp_cid); 727 if (!avrcp_target_connection || avrcp_target_connection->state != AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE) { 728 state_ok = false; 729 } 730 avrcp_connection_t * avrcp_controller_connection = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_sdp_query_context.avrcp_cid); 731 if (!avrcp_controller_connection || avrcp_controller_connection->state != AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE) { 732 state_ok = false; 733 } 734 if (!state_ok){ 735 // something wrong, nevertheless, start next sdp query if this one is complete 736 if (hci_event_packet_get_type(packet) == SDP_EVENT_QUERY_COMPLETE){ 737 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 738 } 739 return; 740 } 741 742 uint8_t status; 743 744 switch (hci_event_packet_get_type(packet)){ 745 case SDP_EVENT_QUERY_ATTRIBUTE_VALUE: 746 avrcp_handle_sdp_client_query_attribute_value(packet); 747 return; 748 749 case SDP_EVENT_QUERY_COMPLETE: 750 status = sdp_event_query_complete_get_status(packet); 751 752 if (status != ERROR_CODE_SUCCESS){ 753 avrcp_handle_sdp_query_failed(avrcp_controller_connection, status); 754 avrcp_handle_sdp_query_failed(avrcp_target_connection, status); 755 break; 756 } 757 758 if (!avrcp_sdp_query_context.avrcp_l2cap_psm){ 759 avrcp_handle_sdp_query_failed(avrcp_controller_connection, SDP_SERVICE_NOT_FOUND); 760 avrcp_handle_sdp_query_failed(avrcp_target_connection, SDP_SERVICE_NOT_FOUND); 761 break; 762 } 763 764 avrcp_handle_sdp_query_succeeded(avrcp_controller_connection); 765 avrcp_handle_sdp_query_succeeded(avrcp_target_connection); 766 767 l2cap_create_channel(&avrcp_packet_handler, avrcp_target_connection->remote_addr, avrcp_sdp_query_context.avrcp_l2cap_psm, l2cap_max_mtu(), NULL); 768 break; 769 770 default: 771 return; 772 } 773 774 // register the SDP Query request to check if there is another connection waiting for the query 775 // ignore ERROR_CODE_COMMAND_DISALLOWED because in that case, we already have requested an SDP callback 776 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 777 } 778 779 780 static avrcp_connection_t * avrcp_handle_incoming_connection_for_role(avrcp_role_t role, avrcp_connection_t * connection, bd_addr_t event_addr, hci_con_handle_t con_handle, uint16_t local_cid, uint16_t avrcp_cid){ 781 if (connection == NULL){ 782 connection = avrcp_create_connection(role, event_addr); 783 } 784 if (connection) { 785 connection->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 786 connection->l2cap_signaling_cid = local_cid; 787 connection->avrcp_cid = avrcp_cid; 788 connection->con_handle = con_handle; 789 btstack_run_loop_remove_timer(&connection->retry_timer); 790 } 791 return connection; 792 } 793 794 static void avrcp_handle_open_connection(avrcp_connection_t * connection, hci_con_handle_t con_handle, uint16_t local_cid, uint16_t l2cap_mtu){ 795 connection->l2cap_signaling_cid = local_cid; 796 connection->l2cap_mtu = l2cap_mtu; 797 connection->con_handle = con_handle; 798 connection->incoming_declined = false; 799 connection->target_song_length_ms = 0xFFFFFFFF; 800 connection->target_song_position_ms = 0xFFFFFFFF; 801 connection->target_playback_status = AVRCP_PLAYBACK_STATUS_STOPPED; 802 connection->state = AVCTP_CONNECTION_OPENED; 803 804 log_info("L2CAP_EVENT_CHANNEL_OPENED avrcp_cid 0x%02x, l2cap_signaling_cid 0x%02x, role %d, state %d", connection->avrcp_cid, connection->l2cap_signaling_cid, connection->role, connection->state); 805 } 806 807 static void avrcp_retry_timer_timeout_handler(btstack_timer_source_t * timer){ 808 uint16_t avrcp_cid = (uint16_t)(uintptr_t) btstack_run_loop_get_timer_context(timer); 809 avrcp_connection_t * connection_controller = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_cid); 810 if (connection_controller == NULL) return; 811 avrcp_connection_t * connection_target = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_cid); 812 if (connection_target == NULL) return; 813 814 if (connection_controller->state == AVCTP_CONNECTION_W2_L2CAP_RETRY){ 815 connection_controller->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 816 connection_target->state = AVCTP_CONNECTION_W4_L2CAP_CONNECTED; 817 l2cap_create_channel(&avrcp_packet_handler, connection_controller->remote_addr, connection_controller->avrcp_l2cap_psm, l2cap_max_mtu(), NULL); 818 } 819 } 820 821 static void avrcp_retry_timer_start(avrcp_connection_t * connection){ 822 btstack_run_loop_set_timer_handler(&connection->retry_timer, avrcp_retry_timer_timeout_handler); 823 btstack_run_loop_set_timer_context(&connection->retry_timer, (void *)(uintptr_t)connection->avrcp_cid); 824 825 // add some jitter/randomness to reconnect delay 826 uint32_t timeout = 100 + (btstack_run_loop_get_time_ms() & 0x7F); 827 btstack_run_loop_set_timer(&connection->retry_timer, timeout); 828 829 btstack_run_loop_add_timer(&connection->retry_timer); 830 } 831 832 static avrcp_frame_type_t avrcp_get_frame_type(uint8_t header){ 833 return (avrcp_frame_type_t)((header & 0x02) >> 1); 834 } 835 836 static void avrcp_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 837 UNUSED(channel); 838 UNUSED(size); 839 bd_addr_t event_addr; 840 uint16_t local_cid; 841 uint16_t l2cap_mtu; 842 uint8_t status; 843 bool decline_connection; 844 bool outoing_active; 845 hci_con_handle_t con_handle; 846 847 avrcp_connection_t * connection_controller; 848 avrcp_connection_t * connection_target; 849 bool can_send; 850 851 switch (packet_type) { 852 case HCI_EVENT_PACKET: 853 switch (hci_event_packet_get_type(packet)) { 854 855 case L2CAP_EVENT_INCOMING_CONNECTION: 856 btstack_assert(avrcp_controller_packet_handler != NULL); 857 btstack_assert(avrcp_target_packet_handler != NULL); 858 859 l2cap_event_incoming_connection_get_address(packet, event_addr); 860 local_cid = l2cap_event_incoming_connection_get_local_cid(packet); 861 con_handle = l2cap_event_incoming_connection_get_handle(packet); 862 863 outoing_active = false; 864 connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, event_addr); 865 if (connection_target != NULL){ 866 if (connection_target->state == AVCTP_CONNECTION_W4_L2CAP_CONNECTED){ 867 outoing_active = true; 868 connection_target->incoming_declined = true; 869 } 870 } 871 872 connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, event_addr); 873 if (connection_controller != NULL){ 874 if (connection_controller->state == AVCTP_CONNECTION_W4_L2CAP_CONNECTED) { 875 outoing_active = true; 876 connection_controller->incoming_declined = true; 877 } 878 } 879 880 decline_connection = outoing_active; 881 if (decline_connection == false){ 882 uint16_t avrcp_cid; 883 if ((connection_controller == NULL) || (connection_target == NULL)){ 884 avrcp_cid = avrcp_get_next_cid(AVRCP_CONTROLLER); 885 } else { 886 avrcp_cid = connection_controller->avrcp_cid; 887 } 888 // create two connection objects (both) 889 connection_target = avrcp_handle_incoming_connection_for_role(AVRCP_TARGET, connection_target, event_addr, con_handle, local_cid, avrcp_cid); 890 connection_controller = avrcp_handle_incoming_connection_for_role(AVRCP_CONTROLLER, connection_controller, event_addr, con_handle, local_cid, avrcp_cid); 891 if ((connection_target == NULL) || (connection_controller == NULL)){ 892 decline_connection = true; 893 if (connection_target) { 894 avrcp_finalize_connection(connection_target); 895 } 896 if (connection_controller) { 897 avrcp_finalize_connection(connection_controller); 898 } 899 } 900 } 901 if (decline_connection){ 902 l2cap_decline_connection(local_cid); 903 } else { 904 log_info("AVRCP: L2CAP_EVENT_INCOMING_CONNECTION local cid 0x%02x, state %d", local_cid, connection_controller->state); 905 l2cap_accept_connection(local_cid); 906 } 907 break; 908 909 case L2CAP_EVENT_CHANNEL_OPENED: 910 l2cap_event_channel_opened_get_address(packet, event_addr); 911 status = l2cap_event_channel_opened_get_status(packet); 912 local_cid = l2cap_event_channel_opened_get_local_cid(packet); 913 l2cap_mtu = l2cap_event_channel_opened_get_remote_mtu(packet); 914 con_handle = l2cap_event_channel_opened_get_handle(packet); 915 916 connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, event_addr); 917 connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, event_addr); 918 919 // incoming: structs are already created in L2CAP_EVENT_INCOMING_CONNECTION 920 // outgoing: structs are cteated in avrcp_connect() 921 if ((connection_controller == NULL) || (connection_target == NULL)) { 922 break; 923 } 924 925 switch (status){ 926 case ERROR_CODE_SUCCESS: 927 avrcp_handle_open_connection(connection_target, con_handle, local_cid, l2cap_mtu); 928 avrcp_handle_open_connection(connection_controller, con_handle, local_cid, l2cap_mtu); 929 avrcp_emit_connection_established(connection_controller->avrcp_cid, event_addr, con_handle, status); 930 return; 931 case L2CAP_CONNECTION_RESPONSE_RESULT_REFUSED_RESOURCES: 932 if (connection_controller->incoming_declined == true){ 933 log_info("Incoming connection was declined, and the outgoing failed"); 934 connection_controller->state = AVCTP_CONNECTION_W2_L2CAP_RETRY; 935 connection_controller->incoming_declined = false; 936 connection_target->state = AVCTP_CONNECTION_W2_L2CAP_RETRY; 937 connection_target->incoming_declined = false; 938 avrcp_retry_timer_start(connection_controller); 939 return; 940 } 941 break; 942 default: 943 break; 944 } 945 log_info("L2CAP connection to connection %s failed. status code 0x%02x", bd_addr_to_str(event_addr), status); 946 avrcp_emit_connection_established(connection_controller->avrcp_cid, event_addr, con_handle, status); 947 avrcp_finalize_connection(connection_controller); 948 avrcp_finalize_connection(connection_target); 949 950 break; 951 952 case L2CAP_EVENT_CHANNEL_CLOSED: 953 local_cid = l2cap_event_channel_closed_get_local_cid(packet); 954 955 connection_controller = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_CONTROLLER, local_cid); 956 connection_target = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_TARGET, local_cid); 957 if ((connection_controller == NULL) || (connection_target == NULL)) { 958 break; 959 } 960 avrcp_emit_connection_closed(connection_controller->avrcp_cid); 961 avrcp_finalize_connection(connection_controller); 962 avrcp_finalize_connection(connection_target); 963 break; 964 965 case L2CAP_EVENT_CAN_SEND_NOW: 966 local_cid = l2cap_event_can_send_now_get_local_cid(packet); 967 can_send = true; 968 969 connection_target = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_TARGET, local_cid); 970 if ((connection_target != NULL) && connection_target->wait_to_send){ 971 connection_target->wait_to_send = false; 972 (*avrcp_target_packet_handler)(HCI_EVENT_PACKET, channel, packet, size); 973 can_send = false; 974 } 975 976 connection_controller = avrcp_get_connection_for_l2cap_signaling_cid_for_role(AVRCP_CONTROLLER, local_cid); 977 if ((connection_controller != NULL) && connection_controller->wait_to_send){ 978 if (can_send){ 979 connection_controller->wait_to_send = false; 980 (*avrcp_controller_packet_handler)(HCI_EVENT_PACKET, channel, packet, size); 981 } else { 982 l2cap_request_can_send_now_event(local_cid); 983 } 984 } 985 break; 986 987 default: 988 break; 989 } 990 break; 991 992 case L2CAP_DATA_PACKET: 993 switch (avrcp_get_frame_type(packet[0])){ 994 case AVRCP_RESPONSE_FRAME: 995 (*avrcp_controller_packet_handler)(packet_type, channel, packet, size); 996 break; 997 case AVRCP_COMMAND_FRAME: 998 default: // make compiler happy 999 (*avrcp_target_packet_handler)(packet_type, channel, packet, size); 1000 break; 1001 } 1002 break; 1003 1004 default: 1005 break; 1006 } 1007 } 1008 1009 uint8_t avrcp_disconnect(uint16_t avrcp_cid){ 1010 avrcp_connection_t * connection_controller = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, avrcp_cid); 1011 if (!connection_controller){ 1012 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 1013 } 1014 avrcp_connection_t * connection_target = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, avrcp_cid); 1015 if (!connection_target){ 1016 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 1017 } 1018 if (connection_controller->browsing_connection){ 1019 l2cap_disconnect(connection_controller->browsing_connection->l2cap_browsing_cid); 1020 } 1021 l2cap_disconnect(connection_controller->l2cap_signaling_cid); 1022 return ERROR_CODE_SUCCESS; 1023 } 1024 1025 static void avrcp_handle_start_sdp_client_query(void * context){ 1026 UNUSED(context); 1027 1028 btstack_linked_list_iterator_t it; 1029 btstack_linked_list_iterator_init(&it, &avrcp_connections); 1030 while (btstack_linked_list_iterator_has_next(&it)){ 1031 avrcp_connection_t * connection = (avrcp_connection_t *)btstack_linked_list_iterator_next(&it); 1032 1033 if (connection->state != AVCTP_CONNECTION_W2_SEND_SDP_QUERY) continue; 1034 connection->state = AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE; 1035 1036 // prevent triggering SDP query twice (for each role once) 1037 avrcp_connection_t * connection_with_opposite_role; 1038 switch (connection->role){ 1039 case AVRCP_CONTROLLER: 1040 connection_with_opposite_role = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_TARGET, connection->avrcp_cid); 1041 break; 1042 case AVRCP_TARGET: 1043 connection_with_opposite_role = avrcp_get_connection_for_avrcp_cid_for_role(AVRCP_CONTROLLER, connection->avrcp_cid); 1044 break; 1045 default: 1046 btstack_assert(false); 1047 return; 1048 } 1049 connection_with_opposite_role->state = AVCTP_CONNECTION_W4_SDP_QUERY_COMPLETE; 1050 1051 avrcp_sdp_query_context.avrcp_l2cap_psm = 0; 1052 avrcp_sdp_query_context.avrcp_version = 0; 1053 avrcp_sdp_query_context.avrcp_cid = connection->avrcp_cid; 1054 sdp_client_query_uuid16(&avrcp_handle_sdp_client_query_result, (uint8_t *) connection->remote_addr, BLUETOOTH_PROTOCOL_AVCTP); 1055 return; 1056 } 1057 } 1058 1059 uint8_t avrcp_connect(bd_addr_t remote_addr, uint16_t * avrcp_cid){ 1060 btstack_assert(avrcp_controller_packet_handler != NULL); 1061 btstack_assert(avrcp_target_packet_handler != NULL); 1062 1063 avrcp_connection_t * connection_controller = avrcp_get_connection_for_bd_addr_for_role(AVRCP_CONTROLLER, remote_addr); 1064 if (connection_controller){ 1065 return ERROR_CODE_COMMAND_DISALLOWED; 1066 } 1067 avrcp_connection_t * connection_target = avrcp_get_connection_for_bd_addr_for_role(AVRCP_TARGET, remote_addr); 1068 if (connection_target){ 1069 return ERROR_CODE_COMMAND_DISALLOWED; 1070 } 1071 1072 uint16_t cid = avrcp_get_next_cid(AVRCP_CONTROLLER); 1073 1074 connection_controller = avrcp_create_connection(AVRCP_CONTROLLER, remote_addr); 1075 if (!connection_controller) return BTSTACK_MEMORY_ALLOC_FAILED; 1076 1077 connection_target = avrcp_create_connection(AVRCP_TARGET, remote_addr); 1078 if (!connection_target){ 1079 avrcp_finalize_connection(connection_controller); 1080 return BTSTACK_MEMORY_ALLOC_FAILED; 1081 } 1082 1083 if (avrcp_cid != NULL){ 1084 *avrcp_cid = cid; 1085 } 1086 1087 connection_controller->state = AVCTP_CONNECTION_W2_SEND_SDP_QUERY; 1088 connection_controller->avrcp_cid = cid; 1089 1090 connection_target->state = AVCTP_CONNECTION_W2_SEND_SDP_QUERY; 1091 connection_target->avrcp_cid = cid; 1092 1093 avrcp_sdp_query_registration.callback = &avrcp_handle_start_sdp_client_query; 1094 // ignore ERROR_CODE_COMMAND_DISALLOWED because in that case, we already have requested an SDP callback 1095 (void) sdp_client_register_query_callback(&avrcp_sdp_query_registration); 1096 return ERROR_CODE_SUCCESS; 1097 } 1098 1099 void avrcp_init(void){ 1100 avrcp_connections = NULL; 1101 if (avrcp_l2cap_service_registered) return; 1102 1103 int status = l2cap_register_service(&avrcp_packet_handler, BLUETOOTH_PSM_AVCTP, 0xffff, gap_get_security_level()); 1104 if (status != ERROR_CODE_SUCCESS) return; 1105 avrcp_l2cap_service_registered = true; 1106 } 1107 1108 void avrcp_deinit(void){ 1109 avrcp_l2cap_service_registered = false; 1110 1111 avrcp_cid_counter = 0; 1112 avrcp_connections = NULL; 1113 1114 avrcp_callback = NULL; 1115 avrcp_controller_packet_handler = NULL; 1116 avrcp_target_packet_handler = NULL; 1117 1118 (void) memset(&avrcp_sdp_query_registration, 0, sizeof(avrcp_sdp_query_registration)); 1119 (void) memset(&avrcp_sdp_query_context, 0, sizeof(avrcp_sdp_query_context_t)); 1120 (void) memset(avrcp_sdp_query_attribute_value, 0, sizeof(avrcp_sdp_query_attribute_value)); 1121 } 1122 1123 void avrcp_register_controller_packet_handler(btstack_packet_handler_t callback){ 1124 avrcp_controller_packet_handler = callback; 1125 } 1126 1127 void avrcp_register_target_packet_handler(btstack_packet_handler_t callback){ 1128 avrcp_target_packet_handler = callback; 1129 } 1130 1131 void avrcp_register_packet_handler(btstack_packet_handler_t callback){ 1132 btstack_assert(callback != NULL); 1133 avrcp_callback = callback; 1134 } 1135 1136 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 1137 #define FUZZ_CID 0x44 1138 #define FUZZ_CON_HANDLE 0x0001 1139 static bd_addr_t remote_addr = { 0x33, 0x33, 0x33, 0x33, 0x33, 0x33 }; 1140 void avrcp_init_fuzz(void){ 1141 // setup avrcp connections for cid 1142 avrcp_connection_t * connection_controller = avrcp_create_connection(AVRCP_CONTROLLER, remote_addr); 1143 avrcp_connection_t * connection_target = avrcp_create_connection(AVRCP_TARGET, remote_addr); 1144 avrcp_handle_open_connection(connection_controller, FUZZ_CON_HANDLE, FUZZ_CID, 999); 1145 avrcp_handle_open_connection(connection_target, FUZZ_CON_HANDLE, FUZZ_CID, 999); 1146 } 1147 void avrcp_packet_handler_fuzz(uint8_t *packet, uint16_t size){ 1148 avrcp_packet_handler(L2CAP_DATA_PACKET, FUZZ_CID, packet, size); 1149 } 1150 #endif