/*
*
* BlueZ - Bluetooth protocol stack for Linux
*
* Copyright (C) 2004-2010 Marcel Holtmann <marcel@holtmann.org>
*
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <errno.h>
#include <bluetooth/bluetooth.h>
#include <bluetooth/bnep.h>
#include <bluetooth/sdp.h>
#include <bluetooth/sdp_lib.h>
#include <netinet/in.h>
#include <glib.h>
#include <gdbus.h>
#include "../src/dbus-common.h"
#include "../src/adapter.h"
#include "log.h"
#include "error.h"
#include "sdpd.h"
#include "btio.h"
#include "glib-helper.h"
#include "common.h"
#include "server.h"
#define NETWORK_SERVER_INTERFACE "org.bluez.NetworkServer"
#define SETUP_TIMEOUT 1
/* Pending Authorization */
struct network_session {
bdaddr_t dst; /* Remote Bluetooth Address */
GIOChannel *io; /* Pending connect channel */
guint watch; /* BNEP socket watch */
guint io_watch;
};
struct network_adapter {
struct btd_adapter *adapter; /* Adapter pointer */
GIOChannel *io; /* Bnep socket */
struct network_session *setup; /* Setup in progress */
GSList *servers; /* Server register to adapter */
};
/* Main server structure */
struct network_server {
bdaddr_t src; /* Bluetooth Local Address */
char *iface; /* DBus interface */
char *name; /* Server service name */
char *bridge; /* Bridge name */
uint32_t record_id; /* Service record id */
uint16_t id; /* Service class identifier */
GSList *sessions; /* Active connections */
struct network_adapter *na; /* Adapter reference */
guint watch_id; /* Client service watch */
};
static DBusConnection *connection = NULL;
static GSList *adapters = NULL;
static gboolean security = TRUE;
static struct network_adapter *find_adapter(GSList *list,
struct btd_adapter *adapter)
{
for (; list; list = list->next) {
struct network_adapter *na = list->data;
if (na->adapter == adapter)
return na;
}
return NULL;
}
static struct network_server *find_server(GSList *list, uint16_t id)
{
for (; list; list = list->next) {
struct network_server *ns = list->data;
if (ns->id == id)
return ns;
}
return NULL;
}
static struct network_session *find_session(GSList *list, GIOChannel *chan)
{
GSList *l;
for (l = list; l; l = l->next) {
struct network_session *session = l->data;
if (session->io == chan) {
return session;
}
}
return NULL;
}
static struct network_session *find_session_by_addr(GSList *list, bdaddr_t dst_addr)
{
GSList *l;
for (l = list; l; l = l->next) {
struct network_session *session = l->data;
if (!bacmp(&session->dst, &dst_addr)) {
return session;
}
}
return NULL;
}
static void add_lang_attr(sdp_record_t *r)
{
sdp_lang_attr_t base_lang;
sdp_list_t *langs = 0;
/* UTF-8 MIBenum (http://www.iana.org/assignments/character-sets) */
base_lang.code_ISO639 = (0x65 << 8) | 0x6e;
base_lang.encoding = 106;
base_lang.base_offset = SDP_PRIMARY_LANG_BASE;
langs = sdp_list_append(0, &base_lang);
sdp_set_lang_attr(r, langs);
sdp_list_free(langs, 0);
}
static sdp_record_t *server_record_new(const char *name, uint16_t id)
{
sdp_list_t *svclass, *pfseq, *apseq, *root, *aproto;
uuid_t root_uuid, pan, l2cap, bnep;
sdp_profile_desc_t profile[1];
sdp_list_t *proto[2];
sdp_data_t *v, *p;
uint16_t psm = BNEP_PSM, version = 0x0100;
uint16_t security_desc = (security ? 0x0001 : 0x0000);
uint16_t net_access_type = 0xfffe;
uint32_t max_net_access_rate = 0;
const char *desc = "Network service";
sdp_record_t *record;
record = sdp_record_alloc();
if (!record)
return NULL;
record->attrlist = NULL;
record->pattern = NULL;
switch (id) {
case BNEP_SVC_NAP:
sdp_uuid16_create(&pan, NAP_SVCLASS_ID);
svclass = sdp_list_append(NULL, &pan);
sdp_set_service_classes(record, svclass);
sdp_uuid16_create(&profile[0].uuid, NAP_PROFILE_ID);
profile[0].version = 0x0100;
pfseq = sdp_list_append(NULL, &profile[0]);
sdp_set_profile_descs(record, pfseq);
sdp_set_info_attr(record, name, NULL, desc);
sdp_attr_add_new(record, SDP_ATTR_NET_ACCESS_TYPE,
SDP_UINT16, &net_access_type);
sdp_attr_add_new(record, SDP_ATTR_MAX_NET_ACCESSRATE,
SDP_UINT32, &max_net_access_rate);
break;
case BNEP_SVC_GN:
sdp_uuid16_create(&pan, GN_SVCLASS_ID);
svclass = sdp_list_append(NULL, &pan);
sdp_set_service_classes(record, svclass);
sdp_uuid16_create(&profile[0].uuid, GN_PROFILE_ID);
profile[0].version = 0x0100;
pfseq = sdp_list_append(NULL, &profile[0]);
sdp_set_profile_descs(record, pfseq);
sdp_set_info_attr(record, name, NULL, desc);
break;
case BNEP_SVC_PANU:
sdp_uuid16_create(&pan, PANU_SVCLASS_ID);
svclass = sdp_list_append(NULL, &pan);
sdp_set_service_classes(record, svclass);
sdp_uuid16_create(&profile[0].uuid, PANU_PROFILE_ID);
profile[0].version = 0x0100;
pfseq = sdp_list_append(NULL, &profile[0]);
sdp_set_profile_descs(record, pfseq);
sdp_set_info_attr(record, name, NULL, desc);
break;
default:
sdp_record_free(record);
return NULL;
}
sdp_uuid16_create(&root_uuid, PUBLIC_BROWSE_GROUP);
root = sdp_list_append(NULL, &root_uuid);
sdp_set_browse_groups(record, root);
sdp_uuid16_create(&l2cap, L2CAP_UUID);
proto[0] = sdp_list_append(NULL, &l2cap);
p = sdp_data_alloc(SDP_UINT16, &psm);
proto[0] = sdp_list_append(proto[0], p);
apseq = sdp_list_append(NULL, proto[0]);
sdp_uuid16_create(&bnep, BNEP_UUID);
proto[1] = sdp_list_append(NULL, &bnep);
v = sdp_data_alloc(SDP_UINT16, &version);
proto[1] = sdp_list_append(proto[1], v);
/* Supported protocols */
{
uint16_t ptype[] = {
0x0800, /* IPv4 */
0x0806, /* ARP */
};
sdp_data_t *head, *pseq;
int p;
for (p = 0, head = NULL; p < 2; p++) {
sdp_data_t *data = sdp_data_alloc(SDP_UINT16, &ptype[p]);
if (head)
sdp_seq_append(head, data);
else
head = data;
}
pseq = sdp_data_alloc(SDP_SEQ16, head);
proto[1] = sdp_list_append(proto[1], pseq);
}
apseq = sdp_list_append(apseq, proto[1]);
aproto = sdp_list_append(NULL, apseq);
sdp_set_access_protos(record, aproto);
add_lang_attr(record);
sdp_attr_add_new(record, SDP_ATTR_SECURITY_DESC,
SDP_UINT16, &security_desc);
sdp_data_free(p);
sdp_data_free(v);
sdp_list_free(apseq, NULL);
sdp_list_free(root, NULL);
sdp_list_free(aproto, NULL);
sdp_list_free(proto[0], NULL);
sdp_list_free(proto[1], NULL);
sdp_list_free(svclass, NULL);
sdp_list_free(pfseq, NULL);
return record;
}
static ssize_t send_bnep_ctrl_rsp(int sk, uint16_t val)
{
struct bnep_control_rsp rsp;
rsp.type = BNEP_CONTROL;
rsp.ctrl = BNEP_SETUP_CONN_RSP;
rsp.resp = htons(val);
return send(sk, &rsp, sizeof(rsp), 0);
}
static void session_free(void *data)
{
struct network_session *session = data;
if (session->watch)
g_source_remove(session->watch);
if (session->io_watch)
g_source_remove(session->io_watch);
if (session->io)
g_io_channel_unref(session->io);
g_free(session);
}
static void bnep_watchdog_cb(GIOChannel *chan, GIOCondition cond,
gpointer data)
{
struct network_server *ns = data;
struct network_session *session;
char address[18];
const char *paddr = address;
session = find_session(ns->sessions, chan);
if (!connection || !session) return;
ba2str(&session->dst, address);
g_dbus_emit_signal(connection, adapter_get_path(ns->na->adapter),
ns->iface, "DeviceDisconnected",
DBUS_TYPE_STRING, &paddr,
DBUS_TYPE_INVALID);
g_io_channel_shutdown(chan, TRUE, NULL);
g_io_channel_unref(session->io);
session->io = NULL;
session_free(session);
}
static int server_connadd(struct network_server *ns,
struct network_session *session,
uint16_t dst_role)
{
char devname[16];
char address[18];
const char *paddr = address;
const char *pdevname = devname;
int err, nsk;
memset(devname, 0, sizeof(devname));
strcpy(devname, "bnep%d");
nsk = g_io_channel_unix_get_fd(session->io);
err = bnep_connadd(nsk, dst_role, devname);
if (err < 0)
return err;
info("Added new connection: %s", devname);
#ifndef ANDROID_NO_BRIDGE
if (bnep_add_to_bridge(devname, ns->bridge) < 0) {
error("Can't add %s to the bridge %s: %s(%d)",
devname, ns->bridge, strerror(errno), errno);
return -EPERM;
}
#endif
bnep_if_up(devname);
ns->sessions = g_slist_append(ns->sessions, session);
ba2str(&session->dst, address);
gboolean result = g_dbus_emit_signal(connection, adapter_get_path(ns->na->adapter),
ns->iface, "DeviceConnected",
DBUS_TYPE_STRING, &paddr,
DBUS_TYPE_STRING, &pdevname,
DBUS_TYPE_UINT16, &dst_role,
DBUS_TYPE_INVALID);
session->io_watch = g_io_add_watch(session->io, G_IO_ERR | G_IO_HUP,
(GIOFunc) bnep_watchdog_cb, ns);
return 0;
}
static uint16_t bnep_setup_chk(uint16_t dst_role, uint16_t src_role)
{
/* Allowed PAN Profile scenarios */
switch (dst_role) {
case BNEP_SVC_NAP:
case BNEP_SVC_GN:
if (src_role == BNEP_SVC_PANU)
return 0;
return BNEP_CONN_INVALID_SRC;
case BNEP_SVC_PANU:
if (src_role == BNEP_SVC_PANU ||
src_role == BNEP_SVC_GN ||
src_role == BNEP_SVC_NAP)
return 0;
return BNEP_CONN_INVALID_SRC;
}
return BNEP_CONN_INVALID_DST;
}
static uint16_t bnep_setup_decode(struct bnep_setup_conn_req *req,
uint16_t *dst_role, uint16_t *src_role)
{
uint8_t *dest, *source;
dest = req->service;
source = req->service + req->uuid_size;
switch (req->uuid_size) {
case 2: /* UUID16 */
*dst_role = ntohs(bt_get_unaligned((uint16_t *) dest));
*src_role = ntohs(bt_get_unaligned((uint16_t *) source));
break;
case 4: /* UUID32 */
case 16: /* UUID128 */
*dst_role = ntohl(bt_get_unaligned((uint32_t *) dest));
*src_role = ntohl(bt_get_unaligned((uint32_t *) source));
break;
default:
return BNEP_CONN_INVALID_SVC;
}
return 0;
}
static void setup_destroy(void *user_data)
{
struct network_adapter *na = user_data;
struct network_session *setup = na->setup;
if (!setup)
return;
na->setup = NULL;
session_free(setup);
}
static gboolean bnep_setup(GIOChannel *chan,
GIOCondition cond, gpointer user_data)
{
struct network_adapter *na = user_data;
struct network_server *ns;
uint8_t packet[BNEP_MTU];
struct bnep_setup_conn_req *req = (void *) packet;
uint16_t src_role, dst_role, rsp = BNEP_CONN_NOT_ALLOWED;
int n, sk;
if (cond & G_IO_NVAL)
return FALSE;
if (cond & (G_IO_ERR | G_IO_HUP)) {
error("Hangup or error on BNEP socket");
return FALSE;
}
sk = g_io_channel_unix_get_fd(chan);
/* Reading BNEP_SETUP_CONNECTION_REQUEST_MSG */
n = read(sk, packet, sizeof(packet));
if (n < 0) {
error("read(): %s(%d)", strerror(errno), errno);
return FALSE;
}
/* Highest known Control command ID
* is BNEP_FILTER_MULT_ADDR_RSP = 0x06 */
if (req->type == BNEP_CONTROL &&
req->ctrl > BNEP_FILTER_MULT_ADDR_RSP) {
uint8_t pkt[3];
pkt[0] = BNEP_CONTROL;
pkt[1] = BNEP_CMD_NOT_UNDERSTOOD;
pkt[2] = req->ctrl;
send(sk, pkt, sizeof(pkt), 0);
return FALSE;
}
if (req->type != BNEP_CONTROL || req->ctrl != BNEP_SETUP_CONN_REQ)
return FALSE;
rsp = bnep_setup_decode(req, &dst_role, &src_role);
if (rsp)
goto reply;
rsp = bnep_setup_chk(dst_role, src_role);
if (rsp)
goto reply;
ns = find_server(na->servers, dst_role);
if (!ns) {
error("Server unavailable: (0x%x)", dst_role);
goto reply;
}
if (!ns->record_id) {
error("Service record not available");
goto reply;
}
if (!ns->bridge) {
error("Bridge interface not configured");
goto reply;
}
if (server_connadd(ns, na->setup, dst_role) < 0)
goto reply;
na->setup = NULL;
rsp = BNEP_SUCCESS;
reply:
send_bnep_ctrl_rsp(sk, rsp);
return FALSE;
}
static void connect_event(GIOChannel *chan, GError *err, gpointer user_data)
{
struct network_adapter *na = user_data;
if (err) {
error("%s", err->message);
setup_destroy(na);
return;
}
g_io_channel_set_close_on_unref(chan, TRUE);
na->setup->watch = g_io_add_watch_full(chan, G_PRIORITY_DEFAULT,
G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_NVAL,
bnep_setup, na, setup_destroy);
}
static void auth_cb(DBusError *derr, void *user_data)
{
struct network_adapter *na = user_data;
GError *err = NULL;
if (derr) {
error("Access denied: %s", derr->message);
goto reject;
}
if (!bt_io_accept(na->setup->io, connect_event, na, NULL,
&err)) {
error("bt_io_accept: %s", err->message);
g_error_free(err);
goto reject;
}
return;
reject:
g_io_channel_shutdown(na->setup->io, TRUE, NULL);
setup_destroy(na);
}
static void confirm_event(GIOChannel *chan, gpointer user_data)
{
struct network_adapter *na = user_data;
struct network_server *ns;
int perr;
bdaddr_t src, dst;
char address[18];
GError *err = NULL;
bt_io_get(chan, BT_IO_L2CAP, &err,
BT_IO_OPT_SOURCE_BDADDR, &src,
BT_IO_OPT_DEST_BDADDR, &dst,
BT_IO_OPT_DEST, address,
BT_IO_OPT_INVALID);
if (err) {
error("%s", err->message);
g_error_free(err);
goto drop;
}
DBG("BNEP: incoming connect from %s", address);
if (na->setup) {
error("Refusing connect from %s: setup in progress", address);
goto drop;
}
ns = find_server(na->servers, BNEP_SVC_NAP);
if (!ns)
goto drop;
if (!ns->record_id)
goto drop;
if (!ns->bridge)
goto drop;
na->setup = g_new0(struct network_session, 1);
bacpy(&na->setup->dst, &dst);
na->setup->io = g_io_channel_ref(chan);
perr = btd_request_authorization(&src, &dst, BNEP_SVC_UUID,
auth_cb, na);
if (perr < 0) {
error("Refusing connect from %s: %s (%d)", address,
strerror(-perr), -perr);
setup_destroy(na);
goto drop;
}
return;
drop:
g_io_channel_shutdown(chan, TRUE, NULL);
}
int server_init(DBusConnection *conn, gboolean secure)
{
security = secure;
connection = dbus_connection_ref(conn);
return 0;
}
void server_exit(void)
{
dbus_connection_unref(connection);
connection = NULL;
}
static uint32_t register_server_record(struct network_server *ns)
{
sdp_record_t *record;
record = server_record_new(ns->name, ns->id);
if (!record) {
error("Unable to allocate new service record");
return 0;
}
if (add_record_to_server(&ns->src, record) < 0) {
error("Failed to register service record");
sdp_record_free(record);
return 0;
}
DBG("got record id 0x%x", record->handle);
return record->handle;
}
static void server_disconnect(DBusConnection *conn, void *user_data)
{
struct network_server *ns = user_data;
ns->watch_id = 0;
if (ns->record_id) {
remove_record_from_server(ns->record_id);
ns->record_id = 0;
}
g_free(ns->bridge);
ns->bridge = NULL;
}
static DBusMessage *register_server(DBusConnection *conn,
DBusMessage *msg, void *data)
{
struct network_server *ns = data;
DBusMessage *reply;
const char *uuid, *bridge;
if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &uuid,
DBUS_TYPE_STRING, &bridge, DBUS_TYPE_INVALID))
return NULL;
if (g_strcmp0(uuid, "nap"))
return btd_error_failed(msg, "Invalid UUID");
if (ns->record_id)
return btd_error_already_exists(msg);
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
ns->record_id = register_server_record(ns);
if (!ns->record_id)
return btd_error_failed(msg, "SDP record registration failed");
g_free(ns->bridge);
ns->bridge = g_strdup(bridge);
ns->watch_id = g_dbus_add_disconnect_watch(conn,
dbus_message_get_sender(msg),
server_disconnect, ns, NULL);
return reply;
}
static DBusMessage *unregister_server(DBusConnection *conn,
DBusMessage *msg, void *data)
{
struct network_server *ns = data;
DBusMessage *reply;
const char *uuid;
if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &uuid,
DBUS_TYPE_INVALID))
return NULL;
if (g_strcmp0(uuid, "nap"))
return btd_error_failed(msg, "Invalid UUID");
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
g_dbus_remove_watch(conn, ns->watch_id);
server_disconnect(conn, ns);
return reply;
}
static DBusMessage *disconnect_device(DBusConnection *conn,
DBusMessage *msg, void *data)
{
DBusMessage *reply;
struct network_server *ns = data;
struct network_session *session;
const char *addr, *devname;
bdaddr_t dst_addr;
if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &addr,
DBUS_TYPE_STRING, &devname,
DBUS_TYPE_INVALID))
return NULL;
str2ba(addr, &dst_addr);
session = find_session_by_addr(ns->sessions, dst_addr);
if (!session)
return btd_error_failed(msg, "No active session");
if (session->io) {
bnep_if_down(devname);
bnep_kill_connection(&dst_addr);
} else
return btd_error_not_connected(msg);
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
return reply;
}
static void adapter_free(struct network_adapter *na)
{
if (na->io != NULL) {
g_io_channel_shutdown(na->io, TRUE, NULL);
g_io_channel_unref(na->io);
}
setup_destroy(na);
btd_adapter_unref(na->adapter);
g_free(na);
}
static void server_free(struct network_server *ns)
{
if (!ns)
return;
/* FIXME: Missing release/free all bnepX interfaces */
if (ns->record_id)
remove_record_from_server(ns->record_id);
g_free(ns->iface);
g_free(ns->name);
g_free(ns->bridge);
if (ns->sessions) {
g_slist_foreach(ns->sessions, (GFunc) session_free, NULL);
g_slist_free(ns->sessions);
}
g_free(ns);
}
static void path_unregister(void *data)
{
struct network_server *ns = data;
struct network_adapter *na = ns->na;
DBG("Unregistered interface %s on path %s",
ns->iface, adapter_get_path(na->adapter));
na->servers = g_slist_remove(na->servers, ns);
server_free(ns);
if (na->servers)
return;
adapters = g_slist_remove(adapters, na);
adapter_free(na);
}
static GDBusMethodTable server_methods[] = {
{ "Register", "ss", "", register_server },
{ "Unregister", "s", "", unregister_server },
{ "DisconnectDevice", "ss", "", disconnect_device },
{ }
};
static GDBusSignalTable server_signals[] = {
{ "DeviceConnected", "ssq" },
{ "DeviceDisconnected", "s" },
{ }
};
static struct network_adapter *create_adapter(struct btd_adapter *adapter)
{
struct network_adapter *na;
GError *err = NULL;
bdaddr_t src;
na = g_new0(struct network_adapter, 1);
na->adapter = btd_adapter_ref(adapter);
adapter_get_address(adapter, &src);
na->io = bt_io_listen(BT_IO_L2CAP, NULL, confirm_event, na,
NULL, &err,
BT_IO_OPT_SOURCE_BDADDR, &src,
BT_IO_OPT_PSM, BNEP_PSM,
BT_IO_OPT_OMTU, BNEP_MTU,
BT_IO_OPT_IMTU, BNEP_MTU,
BT_IO_OPT_SEC_LEVEL,
security ? BT_IO_SEC_MEDIUM : BT_IO_SEC_LOW,
BT_IO_OPT_INVALID);
if (!na->io) {
error("%s", err->message);
g_error_free(err);
adapter_free(na);
return NULL;
}
return na;
}
int server_register(struct btd_adapter *adapter)
{
struct network_adapter *na;
struct network_server *ns;
const char *path;
na = find_adapter(adapters, adapter);
if (!na) {
na = create_adapter(adapter);
if (!na)
return -EINVAL;
adapters = g_slist_append(adapters, na);
}
ns = find_server(na->servers, BNEP_SVC_NAP);
if (ns)
return 0;
ns = g_new0(struct network_server, 1);
ns->iface = g_strdup(NETWORK_SERVER_INTERFACE);
ns->name = g_strdup("Network service");
path = adapter_get_path(adapter);
if (!g_dbus_register_interface(connection, path, ns->iface,
server_methods, server_signals, NULL,
ns, path_unregister)) {
error("D-Bus failed to register %s interface",
ns->iface);
server_free(ns);
return -1;
}
adapter_get_address(adapter, &ns->src);
ns->id = BNEP_SVC_NAP;
ns->na = na;
ns->record_id = 0;
na->servers = g_slist_append(na->servers, ns);
DBG("Registered interface %s on path %s", ns->iface, path);
return 0;
}
int server_unregister(struct btd_adapter *adapter)
{
struct network_adapter *na;
struct network_server *ns;
uint16_t id = BNEP_SVC_NAP;
na = find_adapter(adapters, adapter);
if (!na)
return -EINVAL;
ns = find_server(na->servers, id);
if (!ns)
return -EINVAL;
g_dbus_unregister_interface(connection, adapter_get_path(adapter),
ns->iface);
return 0;
}