4 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
6 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com>
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * $Id: ssar.c,v 1.4 2004/01/12 22:54:31 max Exp $
34 #include <sys/queue.h>
35 #define L2CAP_SOCKET_CHECKED
36 #include <bluetooth.h>
42 #include "uuid-private.h"
45 int32_t server_prepare_attr_list(provider_p const provider,
46 uint8_t const *req, uint8_t const * const req_end,
47 uint8_t *rsp, uint8_t const * const rsp_end);
50 * Scan an attribute for matching UUID.
53 server_search_uuid_sub(uint8_t *buf, uint8_t const * const eob, const uint128_t *uuid)
67 SDP_GET16(value, buf);
69 memcpy(&duuid, &uuid_base, sizeof(duuid));
70 duuid.b[2] = value >> 8 & 0xff;
71 duuid.b[3] = value & 0xff;
73 if (memcmp(&duuid, uuid, sizeof(duuid)) == 0)
79 SDP_GET32(value, buf);
80 memcpy(&duuid, &uuid_base, sizeof(duuid));
81 duuid.b[0] = value >> 24 & 0xff;
82 duuid.b[1] = value >> 16 & 0xff;
83 duuid.b[2] = value >> 8 & 0xff;
84 duuid.b[3] = value & 0xff;
86 if (memcmp(&duuid, uuid, sizeof(duuid)) == 0)
89 case SDP_DATA_UUID128:
92 SDP_GET_UUID128(&duuid, buf);
94 if (memcmp(&duuid, uuid, sizeof(duuid)) == 0)
102 case SDP_DATA_UINT16:
107 case SDP_DATA_UINT32:
112 case SDP_DATA_UINT64:
116 case SDP_DATA_UINT128:
117 case SDP_DATA_INT128:
123 SDP_GET8(value, buf);
129 SDP_GET16(value, buf);
130 if (value > (eob - buf))
137 SDP_GET32(value, buf);
138 if (value > (eob - buf))
153 * Search a provider for matching UUID in its attributes.
156 server_search_uuid(provider_p const provider, const uint128_t *uuid)
162 for (attr = provider->profile->attrs; attr->create != NULL; attr++) {
164 len = attr->create(buffer, buffer + sizeof(buffer),
165 (const uint8_t *)provider->profile, sizeof(*provider->profile));
168 if (server_search_uuid_sub(buffer, buffer + len, uuid) == 0)
175 * Prepare SDP Service Search Attribute Response
179 server_prepare_service_search_attribute_response(server_p srv, int32_t fd)
181 uint8_t const *req = srv->req + sizeof(sdp_pdu_t);
182 uint8_t const *req_end = req + ((sdp_pdu_p)(srv->req))->len;
183 uint8_t *rsp = srv->fdidx[fd].rsp;
184 uint8_t const *rsp_end = rsp + NG_L2CAP_MTU_MAXIMUM;
186 uint8_t const *sspptr = NULL, *aidptr = NULL;
189 provider_t *provider = NULL;
190 int32_t type, rsp_limit, ssplen, aidlen, cslen, cs;
191 uint128_t uuid, puuid;
194 * Minimal Service Search Attribute Request request
196 * seq8 len8 - 2 bytes
197 * uuid16 value16 - 3 bytes ServiceSearchPattern
198 * value16 - 2 bytes MaximumAttributeByteCount
199 * seq8 len8 - 2 bytes
200 * uint16 value16 - 3 bytes AttributeIDList
201 * value8 - 1 byte ContinuationState
204 if (req_end - req < 13)
205 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
207 /* Get size of ServiceSearchPattern */
212 SDP_GET8(ssplen, req);
216 SDP_GET16(ssplen, req);
220 SDP_GET32(ssplen, req);
224 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
229 /* Get MaximumAttributeByteCount */
230 if (req + 2 > req_end)
231 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
233 SDP_GET16(rsp_limit, req);
235 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
237 /* Get size of AttributeIDList */
238 if (req + 1 > req_end)
239 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
245 if (req + 1 > req_end)
246 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
248 SDP_GET8(aidlen, req);
252 if (req + 2 > req_end)
253 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
255 SDP_GET16(aidlen, req);
259 if (req + 4 > req_end)
260 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
262 SDP_GET32(aidlen, req);
266 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
271 /* Get ContinuationState */
272 if (req + 1 > req_end)
273 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
275 SDP_GET8(cslen, req);
277 if (cslen != 2 || req_end - req != 2)
278 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
284 /* Process the request. First, check continuation state */
285 if (srv->fdidx[fd].rsp_cs != cs)
286 return (SDP_ERROR_CODE_INVALID_CONTINUATION_STATE);
287 if (srv->fdidx[fd].rsp_size > 0)
291 * Service Search Attribute Response format
293 * value16 - 2 bytes AttributeListByteCount (not incl.)
294 * seq8 len16 - 3 bytes
295 * attr list - 3+ bytes AttributeLists
302 SDP_GET8(type, sspptr);
306 case SDP_DATA_UUID16:
308 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
310 memcpy(&uuid, &uuid_base, sizeof(uuid));
311 uuid.b[2] = *sspptr ++;
312 uuid.b[3] = *sspptr ++;
316 case SDP_DATA_UUID32:
318 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
320 memcpy(&uuid, &uuid_base, sizeof(uuid));
321 uuid.b[0] = *sspptr ++;
322 uuid.b[1] = *sspptr ++;
323 uuid.b[2] = *sspptr ++;
324 uuid.b[3] = *sspptr ++;
328 case SDP_DATA_UUID128:
330 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
332 memcpy(uuid.b, sspptr, 16);
338 return (SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX);
342 for (provider = provider_get_first();
344 provider = provider_get_next(provider)) {
345 if (!provider_match_bdaddr(provider, &srv->req_sa.l2cap_bdaddr))
348 memcpy(&puuid, &uuid_base, sizeof(puuid));
349 puuid.b[2] = provider->profile->uuid >> 8;
350 puuid.b[3] = provider->profile->uuid;
352 if (memcmp(&uuid, &puuid, sizeof(uuid)) != 0 &&
353 memcmp(&uuid, &uuid_public_browse_group, sizeof(uuid)) != 0 &&
354 server_search_uuid(provider, &uuid) != 0)
357 cs = server_prepare_attr_list(provider,
358 aidptr, aidptr + aidlen, ptr, rsp_end);
360 return (SDP_ERROR_CODE_INSUFFICIENT_RESOURCES);
366 /* Set reply size (not counting PDU header and continuation state) */
367 srv->fdidx[fd].rsp_limit = srv->fdidx[fd].omtu - sizeof(sdp_pdu_t) - 2;
368 if (srv->fdidx[fd].rsp_limit > rsp_limit)
369 srv->fdidx[fd].rsp_limit = rsp_limit;
371 srv->fdidx[fd].rsp_size = ptr - rsp;
372 srv->fdidx[fd].rsp_cs = 0;
374 /* Fix AttributeLists sequence header */
376 SDP_PUT8(SDP_DATA_SEQ16, ptr);
377 SDP_PUT16(srv->fdidx[fd].rsp_size - 3, ptr);