2 * BlueZ - Bluetooth protocol stack for Linux
4 * Copyright (C) 2010 Instituto Nokia de Tecnologia - INdT
5 * Copyright (C) 2010 ST-Ericsson SA
6 * Copyright (C) 2011 Tieto Poland
8 * Author: Marek Skowron <marek.skowron@tieto.com> for ST-Ericsson.
9 * Author: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 #include <bluetooth/sdp.h>
34 #include <bluetooth/sdp_lib.h>
35 #include <bluetooth/uuid.h>
42 #include "dbus-common.h"
46 #define SAP_SERVER_INTERFACE "org.bluez.SimAccess"
47 #define SAP_SERVER_CHANNEL 8
49 #define PADDING4(x) ((4 - ((x) & 0x03)) & 0x03)
50 #define PARAMETER_SIZE(x) (sizeof(struct sap_parameter) + x + PADDING4(x))
52 #define SAP_NO_REQ 0xFF
54 #define SAP_TIMER_GRACEFUL_DISCONNECT 30
55 #define SAP_TIMER_NO_ACTIVITY 30
58 SAP_STATE_DISCONNECTED,
59 SAP_STATE_CONNECT_IN_PROGRESS,
60 SAP_STATE_CONNECT_MODEM_BUSY,
62 SAP_STATE_GRACEFUL_DISCONNECT,
63 SAP_STATE_IMMEDIATE_DISCONNECT,
64 SAP_STATE_CLIENT_DISCONNECT
67 struct sap_connection {
70 uint8_t processing_req;
77 GIOChannel *listen_io;
78 struct sap_connection *conn;
81 static DBusConnection *connection;
82 static struct sap_server *server;
84 static void start_guard_timer(struct sap_connection *conn, guint interval);
85 static void stop_guard_timer(struct sap_connection *conn);
86 static gboolean guard_timeout(gpointer data);
88 static size_t add_result_parameter(uint8_t result,
89 struct sap_parameter *param)
91 param->id = SAP_PARAM_ID_RESULT_CODE;
92 param->len = htons(SAP_PARAM_ID_RESULT_CODE_LEN);
95 return PARAMETER_SIZE(SAP_PARAM_ID_RESULT_CODE_LEN);
98 static int is_power_sim_off_req_allowed(uint8_t processing_req)
100 switch (processing_req) {
102 case SAP_TRANSFER_APDU_REQ:
103 case SAP_TRANSFER_ATR_REQ:
104 case SAP_POWER_SIM_ON_REQ:
105 case SAP_RESET_SIM_REQ:
106 case SAP_TRANSFER_CARD_READER_STATUS_REQ:
113 static int is_reset_sim_req_allowed(uint8_t processing_req)
115 switch (processing_req) {
117 case SAP_TRANSFER_APDU_REQ:
118 case SAP_TRANSFER_ATR_REQ:
119 case SAP_TRANSFER_CARD_READER_STATUS_REQ:
126 static int check_msg(struct sap_message *msg)
129 case SAP_CONNECT_REQ:
130 if (msg->nparam != 0x01)
133 if (msg->param->id != SAP_PARAM_ID_MAX_MSG_SIZE)
136 if (ntohs(msg->param->len) != SAP_PARAM_ID_MAX_MSG_SIZE_LEN)
141 case SAP_TRANSFER_APDU_REQ:
142 if (msg->nparam != 0x01)
145 if (msg->param->id != SAP_PARAM_ID_COMMAND_APDU)
146 if (msg->param->id != SAP_PARAM_ID_COMMAND_APDU7816)
149 if (msg->param->len == 0x00)
154 case SAP_SET_TRANSPORT_PROTOCOL_REQ:
155 if (msg->nparam != 0x01)
158 if (msg->param->id != SAP_PARAM_ID_TRANSPORT_PROTOCOL)
161 if (ntohs(msg->param->len) != SAP_PARAM_ID_TRANSPORT_PROTO_LEN)
164 if (*msg->param->val != SAP_TRANSPORT_PROTOCOL_T0)
165 if (*msg->param->val != SAP_TRANSPORT_PROTOCOL_T1)
170 case SAP_DISCONNECT_REQ:
171 case SAP_TRANSFER_ATR_REQ:
172 case SAP_POWER_SIM_OFF_REQ:
173 case SAP_POWER_SIM_ON_REQ:
174 case SAP_RESET_SIM_REQ:
175 case SAP_TRANSFER_CARD_READER_STATUS_REQ:
176 if (msg->nparam != 0x00)
185 static sdp_record_t *create_sap_record(uint8_t channel)
187 sdp_list_t *apseq, *aproto, *profiles, *proto[2], *root, *svclass_id;
188 uuid_t sap_uuid, gt_uuid, root_uuid, l2cap, rfcomm;
189 sdp_profile_desc_t profile;
190 sdp_record_t *record;
193 record = sdp_record_alloc();
197 sdp_uuid16_create(&root_uuid, PUBLIC_BROWSE_GROUP);
198 root = sdp_list_append(NULL, &root_uuid);
199 sdp_set_browse_groups(record, root);
200 sdp_list_free(root, NULL);
202 sdp_uuid16_create(&sap_uuid, SAP_SVCLASS_ID);
203 svclass_id = sdp_list_append(NULL, &sap_uuid);
204 sdp_uuid16_create(>_uuid, GENERIC_TELEPHONY_SVCLASS_ID);
205 svclass_id = sdp_list_append(svclass_id, >_uuid);
207 sdp_set_service_classes(record, svclass_id);
208 sdp_list_free(svclass_id, NULL);
210 sdp_uuid16_create(&profile.uuid, SAP_PROFILE_ID);
211 profile.version = SAP_VERSION;
212 profiles = sdp_list_append(NULL, &profile);
213 sdp_set_profile_descs(record, profiles);
214 sdp_list_free(profiles, NULL);
216 sdp_uuid16_create(&l2cap, L2CAP_UUID);
217 proto[0] = sdp_list_append(NULL, &l2cap);
218 apseq = sdp_list_append(NULL, proto[0]);
220 sdp_uuid16_create(&rfcomm, RFCOMM_UUID);
221 proto[1] = sdp_list_append(NULL, &rfcomm);
222 ch = sdp_data_alloc(SDP_UINT8, &channel);
223 proto[1] = sdp_list_append(proto[1], ch);
224 apseq = sdp_list_append(apseq, proto[1]);
226 aproto = sdp_list_append(NULL, apseq);
227 sdp_set_access_protos(record, aproto);
229 sdp_set_info_attr(record, "SIM Access Server", NULL, NULL);
232 sdp_list_free(proto[0], NULL);
233 sdp_list_free(proto[1], NULL);
234 sdp_list_free(apseq, NULL);
235 sdp_list_free(aproto, NULL);
240 static int send_message(struct sap_connection *conn, void *buf, size_t size)
249 DBG("conn %p, size %zu", conn, size);
251 gstatus = g_io_channel_write_chars(conn->io, buf, size, &written,
253 if (gstatus != G_IO_STATUS_NORMAL) {
257 error("write error (0x%02x).", gstatus);
261 if (written != size) {
262 error("written %zu bytes out of %zu", written, size);
269 static int disconnect_ind(void *sap_device, uint8_t disc_type)
271 struct sap_connection *conn = sap_device;
272 char buf[SAP_BUF_SIZE];
273 struct sap_message *msg = (struct sap_message *) buf;
274 struct sap_parameter *param = (struct sap_parameter *) msg->param;
275 size_t size = sizeof(struct sap_message);
277 DBG("data %p state %d disc_type 0x%02x", conn, conn->state, disc_type);
279 memset(buf, 0, sizeof(buf));
280 msg->id = SAP_DISCONNECT_IND;
283 /* Add disconnection type param. */
284 param->id = SAP_PARAM_ID_DISCONNECT_IND;
285 param->len = htons(SAP_PARAM_ID_DISCONNECT_IND_LEN);
286 *param->val = disc_type;
287 size += PARAMETER_SIZE(SAP_PARAM_ID_DISCONNECT_IND_LEN);
289 return send_message(sap_device, buf, size);
292 static void connect_req(struct sap_connection *conn,
293 struct sap_parameter *param)
295 uint16_t maxmsgsize, *val;
297 DBG("conn %p state %d", conn, conn->state);
302 if (conn->state != SAP_STATE_DISCONNECTED)
305 stop_guard_timer(conn);
307 val = (uint16_t *) ¶m->val;
308 maxmsgsize = ntohs(*val);
310 DBG("Connect MaxMsgSize: 0x%04x", maxmsgsize);
312 conn->state = SAP_STATE_CONNECT_IN_PROGRESS;
314 if (maxmsgsize <= SAP_BUF_SIZE) {
315 conn->processing_req = SAP_CONNECT_REQ;
316 sap_connect_req(conn, maxmsgsize);
318 sap_connect_rsp(conn, SAP_STATUS_MAX_MSG_SIZE_NOT_SUPPORTED,
328 static int disconnect_req(struct sap_connection *conn, uint8_t disc_type)
330 DBG("conn %p state %d disc_type 0x%02x", conn, conn->state, disc_type);
333 case SAP_DISCONNECTION_TYPE_GRACEFUL:
334 if (conn->state == SAP_STATE_DISCONNECTED ||
335 conn->state == SAP_STATE_CONNECT_IN_PROGRESS ||
336 conn->state == SAP_STATE_CONNECT_MODEM_BUSY)
339 if (conn->state == SAP_STATE_CONNECTED) {
340 conn->state = SAP_STATE_GRACEFUL_DISCONNECT;
341 conn->processing_req = SAP_NO_REQ;
343 disconnect_ind(conn, disc_type);
344 /* Timer will disconnect if client won't do.*/
345 start_guard_timer(conn, SAP_TIMER_GRACEFUL_DISCONNECT);
350 case SAP_DISCONNECTION_TYPE_IMMEDIATE:
351 if (conn->state == SAP_STATE_DISCONNECTED ||
352 conn->state == SAP_STATE_CONNECT_IN_PROGRESS ||
353 conn->state == SAP_STATE_CONNECT_MODEM_BUSY)
356 if (conn->state == SAP_STATE_CONNECTED ||
357 conn->state == SAP_STATE_GRACEFUL_DISCONNECT) {
358 conn->state = SAP_STATE_IMMEDIATE_DISCONNECT;
359 conn->processing_req = SAP_NO_REQ;
361 stop_guard_timer(conn);
362 disconnect_ind(conn, disc_type);
363 sap_disconnect_req(conn, 0);
368 case SAP_DISCONNECTION_TYPE_CLIENT:
369 if (conn->state != SAP_STATE_CONNECTED &&
370 conn->state != SAP_STATE_GRACEFUL_DISCONNECT) {
375 conn->state = SAP_STATE_CLIENT_DISCONNECT;
376 conn->processing_req = SAP_NO_REQ;
378 stop_guard_timer(conn);
379 sap_disconnect_req(conn, 0);
384 error("Unknown disconnection type (0x%02x).", disc_type);
389 static void transfer_apdu_req(struct sap_connection *conn,
390 struct sap_parameter *param)
392 DBG("conn %p state %d", conn, conn->state);
397 param->len = ntohs(param->len);
399 if (conn->state != SAP_STATE_CONNECTED &&
400 conn->state != SAP_STATE_GRACEFUL_DISCONNECT)
403 if (conn->processing_req != SAP_NO_REQ)
406 conn->processing_req = SAP_TRANSFER_APDU_REQ;
407 sap_transfer_apdu_req(conn, param);
415 static void transfer_atr_req(struct sap_connection *conn)
417 DBG("conn %p state %d", conn, conn->state);
419 if (conn->state != SAP_STATE_CONNECTED)
422 if (conn->processing_req != SAP_NO_REQ)
425 conn->processing_req = SAP_TRANSFER_ATR_REQ;
426 sap_transfer_atr_req(conn);
434 static void power_sim_off_req(struct sap_connection *conn)
436 DBG("conn %p state %d", conn, conn->state);
438 if (conn->state != SAP_STATE_CONNECTED)
441 if (!is_power_sim_off_req_allowed(conn->processing_req))
444 conn->processing_req = SAP_POWER_SIM_OFF_REQ;
445 sap_power_sim_off_req(conn);
453 static void power_sim_on_req(struct sap_connection *conn)
455 DBG("conn %p state %d", conn, conn->state);
457 if (conn->state != SAP_STATE_CONNECTED)
460 if (conn->processing_req != SAP_NO_REQ)
463 conn->processing_req = SAP_POWER_SIM_ON_REQ;
464 sap_power_sim_on_req(conn);
472 static void reset_sim_req(struct sap_connection *conn)
474 DBG("conn %p state %d", conn, conn->state);
476 if (conn->state != SAP_STATE_CONNECTED)
479 if (!is_reset_sim_req_allowed(conn->processing_req))
482 conn->processing_req = SAP_RESET_SIM_REQ;
483 sap_reset_sim_req(conn);
491 static void transfer_card_reader_status_req(struct sap_connection *conn)
493 DBG("conn %p state %d", conn, conn->state);
495 if (conn->state != SAP_STATE_CONNECTED)
498 if (conn->processing_req != SAP_NO_REQ)
501 conn->processing_req = SAP_TRANSFER_CARD_READER_STATUS_REQ;
502 sap_transfer_card_reader_status_req(conn);
510 static void set_transport_protocol_req(struct sap_connection *conn,
511 struct sap_parameter *param)
516 DBG("conn %p state %d param %p", conn, conn->state, param);
518 if (conn->state != SAP_STATE_CONNECTED)
521 if (conn->processing_req != SAP_NO_REQ)
524 conn->processing_req = SAP_SET_TRANSPORT_PROTOCOL_REQ;
525 sap_set_transport_protocol_req(conn, param);
533 static void start_guard_timer(struct sap_connection *conn, guint interval)
539 conn->timer_id = g_timeout_add_seconds(interval, guard_timeout,
542 error("Timer is already active.");
545 static void stop_guard_timer(struct sap_connection *conn)
547 if (conn && conn->timer_id) {
548 g_source_remove(conn->timer_id);
553 static gboolean guard_timeout(gpointer data)
555 struct sap_connection *conn = data;
560 DBG("conn %p state %d pr 0x%02x", conn, conn->state,
561 conn->processing_req);
565 switch (conn->state) {
566 case SAP_STATE_DISCONNECTED:
567 /* Client opened RFCOMM channel but didn't send CONNECT_REQ,
568 * in fixed time or client disconnected SAP connection but
569 * didn't closed RFCOMM channel in fixed time.*/
571 g_io_channel_shutdown(conn->io, TRUE, NULL);
572 g_io_channel_unref(conn->io);
576 case SAP_STATE_GRACEFUL_DISCONNECT:
577 /* Client didn't disconnect SAP connection in fixed time,
578 * so close SAP connection immediately. */
579 disconnect_req(conn, SAP_DISCONNECTION_TYPE_IMMEDIATE);
583 error("Unexpected state (%d).", conn->state);
590 static void sap_set_connected(struct sap_connection *conn)
592 gboolean connected = TRUE;
594 emit_property_changed(connection, server->path,
595 SAP_SERVER_INTERFACE,
596 "Connected", DBUS_TYPE_BOOLEAN, &connected);
598 conn->state = SAP_STATE_CONNECTED;
601 int sap_connect_rsp(void *sap_device, uint8_t status, uint16_t maxmsgsize)
603 struct sap_connection *conn = sap_device;
604 char buf[SAP_BUF_SIZE];
605 struct sap_message *msg = (struct sap_message *) buf;
606 struct sap_parameter *param = (struct sap_parameter *) msg->param;
607 size_t size = sizeof(struct sap_message);
612 DBG("state %d pr 0x%02x status 0x%02x", conn->state,
613 conn->processing_req, status);
615 if (conn->state != SAP_STATE_CONNECT_IN_PROGRESS)
618 memset(buf, 0, sizeof(buf));
619 msg->id = SAP_CONNECT_RESP;
622 /* Add connection status */
623 param->id = SAP_PARAM_ID_CONN_STATUS;
624 param->len = htons(SAP_PARAM_ID_CONN_STATUS_LEN);
625 *param->val = status;
626 size += PARAMETER_SIZE(SAP_PARAM_ID_CONN_STATUS_LEN);
633 param = (struct sap_parameter *) &buf[size];
634 param->id = SAP_PARAM_ID_MAX_MSG_SIZE;
635 param->len = htons(SAP_PARAM_ID_MAX_MSG_SIZE_LEN);
636 len = (uint16_t *) ¶m->val;
637 *len = htons(maxmsgsize);
638 size += PARAMETER_SIZE(SAP_PARAM_ID_MAX_MSG_SIZE_LEN);
641 if (status == SAP_STATUS_OK) {
642 sap_set_connected(conn);
643 } else if (status == SAP_STATUS_OK_ONGOING_CALL) {
644 DBG("ongoing call. Wait for reset indication!");
645 conn->state = SAP_STATE_CONNECT_MODEM_BUSY;
647 conn->state = SAP_STATE_DISCONNECTED;
649 /* Timer will shutdown channel if client doesn't send
650 * CONNECT_REQ or doesn't shutdown channel itself.*/
651 start_guard_timer(conn, SAP_TIMER_NO_ACTIVITY);
654 conn->processing_req = SAP_NO_REQ;
656 return send_message(sap_device, buf, size);
659 int sap_disconnect_rsp(void *sap_device)
661 struct sap_connection *conn = sap_device;
662 struct sap_message msg;
667 DBG("state %d pr 0x%02x", conn->state, conn->processing_req);
669 switch (conn->state) {
670 case SAP_STATE_CLIENT_DISCONNECT:
671 memset(&msg, 0, sizeof(msg));
672 msg.id = SAP_DISCONNECT_RESP;
674 conn->state = SAP_STATE_DISCONNECTED;
675 conn->processing_req = SAP_NO_REQ;
677 /* Timer will close channel if client doesn't do it.*/
678 start_guard_timer(conn, SAP_TIMER_NO_ACTIVITY);
680 return send_message(sap_device, &msg, sizeof(msg));
682 case SAP_STATE_IMMEDIATE_DISCONNECT:
683 conn->state = SAP_STATE_DISCONNECTED;
684 conn->processing_req = SAP_NO_REQ;
687 g_io_channel_shutdown(conn->io, TRUE, NULL);
688 g_io_channel_unref(conn->io);
700 int sap_transfer_apdu_rsp(void *sap_device, uint8_t result, uint8_t *apdu,
703 struct sap_connection *conn = sap_device;
704 char buf[SAP_BUF_SIZE];
705 struct sap_message *msg = (struct sap_message *) buf;
706 struct sap_parameter *param = (struct sap_parameter *) msg->param;
707 size_t size = sizeof(struct sap_message);
712 DBG("state %d pr 0x%02x", conn->state, conn->processing_req);
714 if (conn->processing_req != SAP_TRANSFER_APDU_REQ)
717 if (result == SAP_RESULT_OK && (!apdu || (apdu && length == 0x00)))
720 memset(buf, 0, sizeof(buf));
721 msg->id = SAP_TRANSFER_APDU_RESP;
723 size += add_result_parameter(result, param);
725 /* Add APDU response. */
726 if (result == SAP_RESULT_OK) {
728 param = (struct sap_parameter *) &buf[size];
729 param->id = SAP_PARAM_ID_RESPONSE_APDU;
730 param->len = htons(length);
732 size += PARAMETER_SIZE(length);
734 if (size > SAP_BUF_SIZE)
737 memcpy(param->val, apdu, length);
740 conn->processing_req = SAP_NO_REQ;
742 return send_message(sap_device, buf, size);
745 int sap_transfer_atr_rsp(void *sap_device, uint8_t result, uint8_t *atr,
748 struct sap_connection *conn = sap_device;
749 char buf[SAP_BUF_SIZE];
750 struct sap_message *msg = (struct sap_message *) buf;
751 struct sap_parameter *param = (struct sap_parameter *) msg->param;
752 size_t size = sizeof(struct sap_message);
757 DBG("result 0x%02x state %d pr 0x%02x len %d", result, conn->state,
758 conn->processing_req, length);
760 if (conn->processing_req != SAP_TRANSFER_ATR_REQ)
763 if (result == SAP_RESULT_OK && (!atr || (atr && length == 0x00)))
766 memset(buf, 0, sizeof(buf));
767 msg->id = SAP_TRANSFER_ATR_RESP;
769 size += add_result_parameter(result, param);
771 /* Add ATR response */
772 if (result == SAP_RESULT_OK) {
774 param = (struct sap_parameter *) &buf[size];
775 param->id = SAP_PARAM_ID_ATR;
776 param->len = htons(length);
777 size += PARAMETER_SIZE(length);
779 if (size > SAP_BUF_SIZE)
782 memcpy(param->val, atr, length);
785 conn->processing_req = SAP_NO_REQ;
787 return send_message(sap_device, buf, size);
790 int sap_power_sim_off_rsp(void *sap_device, uint8_t result)
792 struct sap_connection *conn = sap_device;
793 char buf[SAP_BUF_SIZE];
794 struct sap_message *msg = (struct sap_message *) buf;
795 size_t size = sizeof(struct sap_message);
800 DBG("state %d pr 0x%02x", conn->state, conn->processing_req);
802 if (conn->processing_req != SAP_POWER_SIM_OFF_REQ)
805 memset(buf, 0, sizeof(buf));
806 msg->id = SAP_POWER_SIM_OFF_RESP;
808 size += add_result_parameter(result, msg->param);
810 conn->processing_req = SAP_NO_REQ;
812 return send_message(sap_device, buf, size);
815 int sap_power_sim_on_rsp(void *sap_device, uint8_t result)
817 struct sap_connection *conn = sap_device;
818 char buf[SAP_BUF_SIZE];
819 struct sap_message *msg = (struct sap_message *) buf;
820 size_t size = sizeof(struct sap_message);
825 DBG("state %d pr 0x%02x", conn->state, conn->processing_req);
827 if (conn->processing_req != SAP_POWER_SIM_ON_REQ)
830 memset(buf, 0, sizeof(buf));
831 msg->id = SAP_POWER_SIM_ON_RESP;
833 size += add_result_parameter(result, msg->param);
835 conn->processing_req = SAP_NO_REQ;
837 return send_message(sap_device, buf, size);
840 int sap_reset_sim_rsp(void *sap_device, uint8_t result)
842 struct sap_connection *conn = sap_device;
843 char buf[SAP_BUF_SIZE];
844 struct sap_message *msg = (struct sap_message *) buf;
845 size_t size = sizeof(struct sap_message);
850 DBG("state %d pr 0x%02x result 0x%02x", conn->state,
851 conn->processing_req, result);
853 if (conn->processing_req != SAP_RESET_SIM_REQ)
856 memset(buf, 0, sizeof(buf));
857 msg->id = SAP_RESET_SIM_RESP;
859 size += add_result_parameter(result, msg->param);
861 conn->processing_req = SAP_NO_REQ;
863 return send_message(sap_device, buf, size);
866 int sap_transfer_card_reader_status_rsp(void *sap_device, uint8_t result,
869 struct sap_connection *conn = sap_device;
870 char buf[SAP_BUF_SIZE];
871 struct sap_message *msg = (struct sap_message *) buf;
872 struct sap_parameter *param = (struct sap_parameter *) msg->param;
873 size_t size = sizeof(struct sap_message);
878 DBG("state %d pr 0x%02x result 0x%02x", conn->state,
879 conn->processing_req, result);
881 if (conn->processing_req != SAP_TRANSFER_CARD_READER_STATUS_REQ)
884 memset(buf, 0, sizeof(buf));
885 msg->id = SAP_TRANSFER_CARD_READER_STATUS_RESP;
887 size += add_result_parameter(result, param);
889 /* Add card reader status. */
890 if (result == SAP_RESULT_OK) {
892 param = (struct sap_parameter *) &buf[size];
893 param->id = SAP_PARAM_ID_CARD_READER_STATUS;
894 param->len = htons(SAP_PARAM_ID_CARD_READER_STATUS_LEN);
895 *param->val = status;
896 size += PARAMETER_SIZE(SAP_PARAM_ID_CARD_READER_STATUS_LEN);
899 conn->processing_req = SAP_NO_REQ;
901 return send_message(sap_device, buf, size);
904 int sap_transport_protocol_rsp(void *sap_device, uint8_t result)
906 struct sap_connection *conn = sap_device;
907 char buf[SAP_BUF_SIZE];
908 struct sap_message *msg = (struct sap_message *) buf;
909 size_t size = sizeof(struct sap_message);
914 DBG("state %d pr 0x%02x result 0x%02x", conn->state,
915 conn->processing_req, result);
917 if (conn->processing_req != SAP_SET_TRANSPORT_PROTOCOL_REQ)
920 memset(buf, 0, sizeof(buf));
921 msg->id = SAP_SET_TRANSPORT_PROTOCOL_RESP;
923 size += add_result_parameter(result, msg->param);
925 conn->processing_req = SAP_NO_REQ;
927 return send_message(sap_device, buf, size);
930 int sap_error_rsp(void *sap_device)
932 struct sap_message msg;
933 struct sap_connection *conn = sap_device;
935 memset(&msg, 0, sizeof(msg));
936 msg.id = SAP_ERROR_RESP;
938 error("SAP error (state %d pr 0x%02x).", conn->state,
939 conn->processing_req);
941 return send_message(conn, &msg, sizeof(msg));
944 int sap_status_ind(void *sap_device, uint8_t status_change)
946 struct sap_connection *conn = sap_device;
947 char buf[SAP_BUF_SIZE];
948 struct sap_message *msg = (struct sap_message *) buf;
949 struct sap_parameter *param = (struct sap_parameter *) msg->param;
950 size_t size = sizeof(struct sap_message);
955 DBG("state %d pr 0x%02x sc 0x%02x", conn->state, conn->processing_req,
958 /* Might be need to change state to connected after ongoing call.*/
959 if (conn->state == SAP_STATE_CONNECT_MODEM_BUSY &&
960 status_change == SAP_STATUS_CHANGE_CARD_RESET)
961 sap_set_connected(conn);
963 if (conn->state != SAP_STATE_CONNECTED &&
964 conn->state != SAP_STATE_GRACEFUL_DISCONNECT)
967 memset(buf, 0, sizeof(buf));
968 msg->id = SAP_STATUS_IND;
971 /* Add status change. */
972 param->id = SAP_PARAM_ID_STATUS_CHANGE;
973 param->len = htons(SAP_PARAM_ID_STATUS_CHANGE_LEN);
974 *param->val = status_change;
975 size += PARAMETER_SIZE(SAP_PARAM_ID_STATUS_CHANGE_LEN);
977 return send_message(sap_device, buf, size);
980 int sap_disconnect_ind(void *sap_device, uint8_t disc_type)
982 struct sap_connection *conn = sap_device;
984 return disconnect_req(conn, SAP_DISCONNECTION_TYPE_IMMEDIATE);
987 static int handle_cmd(struct sap_connection *conn, void *buf, size_t size)
989 struct sap_message *msg = buf;
994 if (size < sizeof(struct sap_message))
997 if (msg->nparam != 0 && size < (sizeof(struct sap_message) +
998 sizeof(struct sap_parameter) + 4))
1001 if (check_msg(msg) < 0)
1005 case SAP_CONNECT_REQ:
1006 connect_req(conn, msg->param);
1008 case SAP_DISCONNECT_REQ:
1009 disconnect_req(conn, SAP_DISCONNECTION_TYPE_CLIENT);
1011 case SAP_TRANSFER_APDU_REQ:
1012 transfer_apdu_req(conn, msg->param);
1014 case SAP_TRANSFER_ATR_REQ:
1015 transfer_atr_req(conn);
1017 case SAP_POWER_SIM_OFF_REQ:
1018 power_sim_off_req(conn);
1020 case SAP_POWER_SIM_ON_REQ:
1021 power_sim_on_req(conn);
1023 case SAP_RESET_SIM_REQ:
1024 reset_sim_req(conn);
1026 case SAP_TRANSFER_CARD_READER_STATUS_REQ:
1027 transfer_card_reader_status_req(conn);
1029 case SAP_SET_TRANSPORT_PROTOCOL_REQ:
1030 set_transport_protocol_req(conn, msg->param);
1033 DBG("Unknown SAP message id 0x%02x.", msg->id);
1038 DBG("Invalid SAP message format.");
1039 sap_error_rsp(conn);
1043 static void sap_conn_remove(struct sap_connection *conn)
1045 DBG("conn %p", conn);
1051 g_io_channel_shutdown(conn->io, TRUE, NULL);
1052 g_io_channel_unref(conn->io);
1057 server->conn = NULL;
1060 static gboolean sap_io_cb(GIOChannel *io, GIOCondition cond, gpointer data)
1062 struct sap_connection *conn = data;
1064 char buf[SAP_BUF_SIZE];
1065 size_t bytes_read = 0;
1066 GError *gerr = NULL;
1069 DBG("conn %p io %p", conn, io);
1071 if (cond & G_IO_NVAL) {
1072 DBG("ERR (G_IO_NVAL) on rfcomm socket.");
1076 if (cond & G_IO_ERR) {
1077 DBG("ERR (G_IO_ERR) on rfcomm socket.");
1081 if (cond & G_IO_HUP) {
1082 DBG("HUP on rfcomm socket.");
1086 gstatus = g_io_channel_read_chars(io, buf, sizeof(buf) - 1,
1087 &bytes_read, &gerr);
1088 if (gstatus != G_IO_STATUS_NORMAL) {
1095 if (handle_cmd(conn, buf, bytes_read) < 0)
1096 error("SAP protocol processing failure.");
1101 static void sap_io_destroy(void *data)
1103 struct sap_connection *conn = data;
1104 gboolean connected = FALSE;
1106 DBG("conn %p", conn);
1108 if (!conn || !conn->io)
1111 stop_guard_timer(conn);
1113 if (conn->state != SAP_STATE_CONNECT_IN_PROGRESS &&
1114 conn->state != SAP_STATE_CONNECT_MODEM_BUSY)
1115 emit_property_changed(connection, server->path,
1116 SAP_SERVER_INTERFACE, "Connected",
1117 DBUS_TYPE_BOOLEAN, &connected);
1119 if (conn->state == SAP_STATE_CONNECT_IN_PROGRESS ||
1120 conn->state == SAP_STATE_CONNECT_MODEM_BUSY ||
1121 conn->state == SAP_STATE_CONNECTED ||
1122 conn->state == SAP_STATE_GRACEFUL_DISCONNECT)
1123 sap_disconnect_req(NULL, 1);
1125 sap_conn_remove(conn);
1128 static void sap_connect_cb(GIOChannel *io, GError *gerr, gpointer data)
1130 struct sap_connection *conn = data;
1132 DBG("conn %p, io %p", conn, io);
1137 /* Timer will shutdown the channel in case of lack of client
1139 start_guard_timer(conn, SAP_TIMER_NO_ACTIVITY);
1141 g_io_add_watch_full(io, G_PRIORITY_DEFAULT,
1142 G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL,
1143 sap_io_cb, conn, sap_io_destroy);
1146 static void connect_auth_cb(DBusError *derr, void *data)
1148 struct sap_connection *conn = data;
1149 GError *gerr = NULL;
1151 DBG("conn %p", conn);
1156 if (derr && dbus_error_is_set(derr)) {
1157 error("Access has been denied (%s)", derr->message);
1158 sap_conn_remove(conn);
1162 if (!bt_io_accept(conn->io, sap_connect_cb, conn, NULL, &gerr)) {
1163 error("bt_io_accept: %s", gerr->message);
1165 sap_conn_remove(conn);
1169 DBG("Access has been granted.");
1172 static void connect_confirm_cb(GIOChannel *io, gpointer data)
1174 struct sap_connection *conn = server->conn;
1175 GError *gerr = NULL;
1180 DBG("conn %p io %p", conn, io);
1186 DBG("Another SAP connection already exists.");
1187 g_io_channel_shutdown(io, TRUE, NULL);
1191 conn = g_try_new0(struct sap_connection, 1);
1193 error("Can't allocate memory for incoming SAP connection.");
1194 g_io_channel_shutdown(io, TRUE, NULL);
1198 g_io_channel_set_encoding(io, NULL, NULL);
1199 g_io_channel_set_buffered(io, FALSE);
1201 server->conn = conn;
1202 conn->io = g_io_channel_ref(io);
1203 conn->state = SAP_STATE_DISCONNECTED;
1205 bt_io_get(io, BT_IO_RFCOMM, &gerr,
1206 BT_IO_OPT_SOURCE_BDADDR, &src,
1207 BT_IO_OPT_DEST_BDADDR, &dst,
1210 error("%s", gerr->message);
1212 sap_conn_remove(conn);
1216 ba2str(&dst, dstaddr);
1218 err = btd_request_authorization(&src, &dst, SAP_UUID, connect_auth_cb,
1221 error("Authorization failure (err %d)", err);
1222 sap_conn_remove(conn);
1226 DBG("Authorizing incoming SAP connection from %s", dstaddr);
1229 static inline DBusMessage *message_failed(DBusMessage *msg,
1230 const char *description)
1232 return g_dbus_create_error(msg, ERROR_INTERFACE ".Failed", "%s",
1236 static DBusMessage *disconnect(DBusConnection *conn, DBusMessage *msg,
1239 struct sap_server *server = data;
1242 return message_failed(msg, "Server internal error.");
1244 DBG("conn %p", server->conn);
1247 return message_failed(msg, "Client already disconnected");
1249 if (disconnect_req(server->conn, SAP_DISCONNECTION_TYPE_GRACEFUL) < 0)
1250 return g_dbus_create_error(msg, ERROR_INTERFACE ".Failed",
1251 "There is no active connection");
1253 return dbus_message_new_method_return(msg);
1256 static DBusMessage *get_properties(DBusConnection *c,
1257 DBusMessage *msg, void *data)
1259 struct sap_connection *conn = data;
1261 DBusMessageIter iter;
1262 DBusMessageIter dict;
1263 dbus_bool_t connected;
1266 return message_failed(msg, "Server internal error.");
1268 reply = dbus_message_new_method_return(msg);
1272 dbus_message_iter_init_append(reply, &iter);
1274 dbus_message_iter_open_container(&iter, DBUS_TYPE_ARRAY,
1275 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
1276 DBUS_TYPE_STRING_AS_STRING DBUS_TYPE_VARIANT_AS_STRING
1277 DBUS_DICT_ENTRY_END_CHAR_AS_STRING, &dict);
1279 connected = (conn->state == SAP_STATE_CONNECTED ||
1280 conn->state == SAP_STATE_GRACEFUL_DISCONNECT);
1281 dict_append_entry(&dict, "Connected", DBUS_TYPE_BOOLEAN, &connected);
1283 dbus_message_iter_close_container(&iter, &dict);
1288 static const GDBusMethodTable server_methods[] = {
1289 { GDBUS_METHOD("GetProperties",
1290 NULL, GDBUS_ARGS({ "properties", "a{sv}" }),
1292 { GDBUS_METHOD("Disconnect", NULL, NULL, disconnect) },
1296 static const GDBusSignalTable server_signals[] = {
1297 { GDBUS_SIGNAL("PropertyChanged",
1298 GDBUS_ARGS({ "name", "s" }, { "value", "v" })) },
1302 static void server_free(struct sap_server *server)
1307 sap_conn_remove(server->conn);
1308 g_free(server->path);
1313 static void destroy_sap_interface(void *data)
1315 struct sap_server *server = data;
1317 DBG("Unregistered interface %s on path %s", SAP_SERVER_INTERFACE,
1320 server_free(server);
1323 int sap_server_register(const char *path, bdaddr_t *src)
1325 sdp_record_t *record = NULL;
1326 GError *gerr = NULL;
1329 if (sap_init() < 0) {
1330 error("Sap driver initialization failed.");
1334 server = g_try_new0(struct sap_server, 1);
1340 server->path = g_strdup(path);
1342 record = create_sap_record(SAP_SERVER_CHANNEL);
1344 error("Creating SAP SDP record failed.");
1348 if (add_record_to_server(src, record) < 0) {
1349 error("Adding SAP SDP record to the SDP server failed.");
1350 sdp_record_free(record);
1354 server->record_id = record->handle;
1356 io = bt_io_listen(BT_IO_RFCOMM, NULL, connect_confirm_cb, server,
1358 BT_IO_OPT_SOURCE_BDADDR, src,
1359 BT_IO_OPT_CHANNEL, SAP_SERVER_CHANNEL,
1360 BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_HIGH,
1361 BT_IO_OPT_MASTER, TRUE,
1364 error("Can't listen at channel %d.", SAP_SERVER_CHANNEL);
1369 DBG("Listen socket 0x%02x", g_io_channel_unix_get_fd(io));
1371 server->listen_io = io;
1372 server->conn = NULL;
1374 if (!g_dbus_register_interface(connection, path, SAP_SERVER_INTERFACE,
1375 server_methods, server_signals, NULL,
1376 server, destroy_sap_interface)) {
1377 error("D-Bus failed to register %s interface",
1378 SAP_SERVER_INTERFACE);
1385 remove_record_from_server(server->record_id);
1387 server_free(server);
1393 int sap_server_unregister(const char *path)
1398 remove_record_from_server(server->record_id);
1401 sap_conn_remove(server->conn);
1403 if (server->listen_io) {
1404 g_io_channel_shutdown(server->listen_io, TRUE, NULL);
1405 g_io_channel_unref(server->listen_io);
1406 server->listen_io = NULL;
1409 g_dbus_unregister_interface(connection, path, SAP_SERVER_INTERFACE);
1416 int sap_server_init(DBusConnection *conn)
1418 connection = dbus_connection_ref(conn);
1422 void sap_server_exit(void)
1424 dbus_connection_unref(connection);