1 /* 2 * 3 * BlueZ - Bluetooth protocol stack for Linux 4 * 5 * Copyright (C) 2006-2010 Nokia Corporation 6 * Copyright (C) 2004-2010 Marcel Holtmann <marcel (at) holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 22 * 23 */ 24 25 #ifdef HAVE_CONFIG_H 26 #include <config.h> 27 #endif 28 29 #define _GNU_SOURCE 30 #include <stdio.h> 31 #include <errno.h> 32 #include <unistd.h> 33 #include <stdlib.h> 34 #include <string.h> 35 #include <sys/param.h> 36 #include <sys/ioctl.h> 37 #include <sys/socket.h> 38 39 #include <bluetooth/bluetooth.h> 40 #include <bluetooth/hci.h> 41 #include <bluetooth/hci_lib.h> 42 #include <bluetooth/sdp.h> 43 44 #include <glib.h> 45 #include <dbus/dbus.h> 46 #include <gdbus.h> 47 48 #include "log.h" 49 #include "textfile.h" 50 51 #include "hcid.h" 52 #include "manager.h" 53 #include "adapter.h" 54 #include "device.h" 55 #include "error.h" 56 #include "glib-helper.h" 57 #include "dbus-common.h" 58 #include "agent.h" 59 #include "storage.h" 60 #include "dbus-hci.h" 61 62 struct oob_availability_req { 63 struct btd_device *device; 64 uint8_t auth; 65 uint8_t capa; 66 }; 67 68 static DBusConnection *connection = NULL; 69 70 gboolean get_adapter_and_device(bdaddr_t *src, bdaddr_t *dst, 71 struct btd_adapter **adapter, 72 struct btd_device **device, 73 gboolean create) 74 { 75 char peer_addr[18]; 76 77 *adapter = manager_find_adapter(src); 78 if (!*adapter) { 79 error("Unable to find matching adapter"); 80 return FALSE; 81 } 82 83 ba2str(dst, peer_addr); 84 85 if (create) 86 *device = adapter_get_device(connection, *adapter, peer_addr); 87 else 88 *device = adapter_find_device(*adapter, peer_addr); 89 90 if (create && !*device) { 91 error("Unable to get device object!"); 92 return FALSE; 93 } 94 95 return TRUE; 96 } 97 98 const char *class_to_icon(uint32_t class) 99 { 100 switch ((class & 0x1f00) >> 8) { 101 case 0x01: 102 return "computer"; 103 case 0x02: 104 switch ((class & 0xfc) >> 2) { 105 case 0x01: 106 case 0x02: 107 case 0x03: 108 case 0x05: 109 return "phone"; 110 case 0x04: 111 return "modem"; 112 } 113 break; 114 case 0x03: 115 return "network-wireless"; 116 case 0x04: 117 switch ((class & 0xfc) >> 2) { 118 case 0x01: 119 case 0x02: 120 return "audio-card"; /* Headset */ 121 case 0x06: 122 return "audio-card"; /* Headphone */ 123 case 0x0b: /* VCR */ 124 case 0x0c: /* Video Camera */ 125 case 0x0d: /* Camcorder */ 126 return "camera-video"; 127 default: 128 return "audio-card"; /* Other audio device */ 129 } 130 break; 131 case 0x05: 132 switch ((class & 0xc0) >> 6) { 133 case 0x00: 134 switch ((class & 0x1e) >> 2) { 135 case 0x01: 136 case 0x02: 137 return "input-gaming"; 138 } 139 break; 140 case 0x01: 141 return "input-keyboard"; 142 case 0x02: 143 switch ((class & 0x1e) >> 2) { 144 case 0x05: 145 return "input-tablet"; 146 default: 147 return "input-mouse"; 148 } 149 } 150 break; 151 case 0x06: 152 if (class & 0x80) 153 return "printer"; 154 if (class & 0x20) 155 return "camera-photo"; 156 break; 157 } 158 159 return NULL; 160 } 161 162 /***************************************************************** 163 * 164 * Section reserved to HCI commands confirmation handling and low 165 * level events(eg: device attached/dettached. 166 * 167 *****************************************************************/ 168 169 static void pincode_cb(struct agent *agent, DBusError *err, 170 const char *pincode, struct btd_device *device) 171 { 172 struct btd_adapter *adapter = device_get_adapter(device); 173 pin_code_reply_cp pr; 174 bdaddr_t sba, dba; 175 size_t len; 176 int dev; 177 uint16_t dev_id = adapter_get_dev_id(adapter); 178 179 dev = hci_open_dev(dev_id); 180 if (dev < 0) { 181 error("hci_open_dev(%d): %s (%d)", dev_id, 182 strerror(errno), errno); 183 return; 184 } 185 186 adapter_get_address(adapter, &sba); 187 device_get_address(device, &dba); 188 189 if (err) { 190 hci_send_cmd(dev, OGF_LINK_CTL, 191 OCF_PIN_CODE_NEG_REPLY, 6, &dba); 192 goto done; 193 } 194 195 len = strlen(pincode); 196 197 set_pin_length(&sba, len); 198 199 memset(&pr, 0, sizeof(pr)); 200 bacpy(&pr.bdaddr, &dba); 201 memcpy(pr.pin_code, pincode, len); 202 pr.pin_len = len; 203 hci_send_cmd(dev, OGF_LINK_CTL, OCF_PIN_CODE_REPLY, 204 PIN_CODE_REPLY_CP_SIZE, &pr); 205 206 done: 207 hci_close_dev(dev); 208 } 209 210 int hcid_dbus_request_pin(int dev, bdaddr_t *sba, struct hci_conn_info *ci) 211 { 212 struct btd_adapter *adapter; 213 struct btd_device *device; 214 215 if (!get_adapter_and_device(sba, &ci->bdaddr, &adapter, &device, TRUE)) 216 return -ENODEV; 217 218 /* Check if the adapter is not pairable and if there isn't a bonding in 219 * progress */ 220 if (!adapter_is_pairable(adapter) && !device_is_bonding(device, NULL)) 221 return -EPERM; 222 223 return device_request_authentication(device, AUTH_TYPE_PINCODE, 0, 224 pincode_cb); 225 } 226 227 static int confirm_reply(struct btd_adapter *adapter, 228 struct btd_device *device, gboolean success) 229 { 230 int dd; 231 user_confirm_reply_cp cp; 232 uint16_t dev_id = adapter_get_dev_id(adapter); 233 234 dd = hci_open_dev(dev_id); 235 if (dd < 0) { 236 error("Unable to open hci%d", dev_id); 237 return dd; 238 } 239 240 memset(&cp, 0, sizeof(cp)); 241 device_get_address(device, &cp.bdaddr); 242 243 if (success) 244 hci_send_cmd(dd, OGF_LINK_CTL, OCF_USER_CONFIRM_REPLY, 245 USER_CONFIRM_REPLY_CP_SIZE, &cp); 246 else 247 hci_send_cmd(dd, OGF_LINK_CTL, OCF_USER_CONFIRM_NEG_REPLY, 248 USER_CONFIRM_REPLY_CP_SIZE, &cp); 249 250 hci_close_dev(dd); 251 252 return 0; 253 } 254 255 static void confirm_cb(struct agent *agent, DBusError *err, void *user_data) 256 { 257 struct btd_device *device = user_data; 258 struct btd_adapter *adapter = device_get_adapter(device); 259 gboolean success = (err == NULL) ? TRUE : FALSE; 260 261 confirm_reply(adapter, device, success); 262 } 263 264 static void passkey_cb(struct agent *agent, DBusError *err, uint32_t passkey, 265 void *user_data) 266 { 267 struct btd_device *device = user_data; 268 struct btd_adapter *adapter = device_get_adapter(device); 269 user_passkey_reply_cp cp; 270 bdaddr_t dba; 271 int dd; 272 uint16_t dev_id = adapter_get_dev_id(adapter); 273 274 dd = hci_open_dev(dev_id); 275 if (dd < 0) { 276 error("Unable to open hci%d", dev_id); 277 return; 278 } 279 280 device_get_address(device, &dba); 281 282 memset(&cp, 0, sizeof(cp)); 283 bacpy(&cp.bdaddr, &dba); 284 cp.passkey = passkey; 285 286 if (err) 287 hci_send_cmd(dd, OGF_LINK_CTL, 288 OCF_USER_PASSKEY_NEG_REPLY, 6, &dba); 289 else 290 hci_send_cmd(dd, OGF_LINK_CTL, OCF_USER_PASSKEY_REPLY, 291 USER_PASSKEY_REPLY_CP_SIZE, &cp); 292 293 hci_close_dev(dd); 294 } 295 296 static void oob_data_cb(struct agent *agent, DBusError *err, uint8_t *hash, 297 uint8_t *randomizer, void *user_data) 298 { 299 struct btd_device *device = user_data; 300 struct btd_adapter *adapter = device_get_adapter(device); 301 remote_oob_data_reply_cp cp; 302 bdaddr_t dba; 303 int dd; 304 uint16_t dev_id = adapter_get_dev_id(adapter); 305 306 dd = hci_open_dev(dev_id); 307 if (dd < 0) { 308 error("Unable to open hci%d", dev_id); 309 return; 310 } 311 312 device_get_address(device, &dba); 313 memset(&cp, 0, sizeof(cp)); 314 bacpy(&cp.bdaddr, &dba); 315 316 memcpy(&cp.hash, hash, 16); 317 memcpy(&cp.randomizer, randomizer, 16); 318 319 if (err) 320 hci_send_cmd(dd, OGF_LINK_CTL, OCF_REMOTE_OOB_DATA_NEG_REPLY, 321 6, &dba); 322 323 else 324 hci_send_cmd(dd, OGF_LINK_CTL, OCF_REMOTE_OOB_DATA_REPLY, 325 REMOTE_OOB_DATA_REPLY_CP_SIZE, &cp); 326 327 hci_close_dev(dd); 328 } 329 330 static void io_capa_oob_response(struct btd_adapter *adapter, struct btd_device *device, 331 uint8_t cap, uint8_t auth, gboolean oob) 332 { 333 io_capability_reply_cp cp; 334 int dd; 335 uint16_t dev_id = adapter_get_dev_id(adapter); 336 337 dd = hci_open_dev(dev_id); 338 if (dd < 0) { 339 error("Unable to open hci%d", dev_id); 340 return; 341 } 342 memset(&cp, 0, sizeof(cp)); 343 device_get_address(device, &cp.bdaddr); 344 345 cp.capability = cap; 346 if (oob) 347 cp.oob_data = 0x01; 348 else 349 cp.oob_data = 0x00; 350 cp.authentication = auth; 351 352 hci_send_cmd(dd, OGF_LINK_CTL, OCF_IO_CAPABILITY_REPLY, 353 IO_CAPABILITY_REPLY_CP_SIZE, &cp); 354 hci_close_dev(dd); 355 } 356 357 static void oob_availability_cb(struct agent *agent, DBusError *err, 358 void *user_data) 359 { 360 struct oob_availability_req *oob = user_data; 361 struct btd_device *device = oob->device; 362 struct btd_adapter *adapter = device_get_adapter(device); 363 364 if (err) { 365 io_capa_oob_response(adapter, device, oob->capa, oob->auth, FALSE); 366 } else { 367 io_capa_oob_response(adapter, device, oob->capa, oob->auth, TRUE); 368 } 369 } 370 371 372 static void pairing_consent_cb(struct agent *agent, DBusError *err, 373 void *user_data) 374 { 375 struct btd_device *device = user_data; 376 struct btd_adapter *adapter = device_get_adapter(device); 377 user_confirm_reply_cp cp; 378 int dd; 379 uint16_t dev_id = adapter_get_dev_id(adapter); 380 381 dd = hci_open_dev(dev_id); 382 if (dd < 0) { 383 error("Unable to open hci%d", dev_id); 384 return; 385 } 386 387 memset(&cp, 0, sizeof(cp)); 388 device_get_address(device, &cp.bdaddr); 389 390 if (err) 391 hci_send_cmd(dd, OGF_LINK_CTL, OCF_USER_CONFIRM_NEG_REPLY, 392 USER_CONFIRM_REPLY_CP_SIZE, &cp); 393 else 394 hci_send_cmd(dd, OGF_LINK_CTL, OCF_USER_CONFIRM_REPLY, 395 USER_CONFIRM_REPLY_CP_SIZE, &cp); 396 397 hci_close_dev(dd); 398 } 399 400 static int get_auth_requirements(bdaddr_t *local, bdaddr_t *remote, 401 uint8_t *auth) 402 { 403 struct hci_auth_info_req req; 404 char addr[18]; 405 int err, dd, dev_id; 406 407 ba2str(local, addr); 408 409 dev_id = hci_devid(addr); 410 if (dev_id < 0) 411 return dev_id; 412 413 dd = hci_open_dev(dev_id); 414 if (dd < 0) 415 return dd; 416 417 memset(&req, 0, sizeof(req)); 418 bacpy(&req.bdaddr, remote); 419 420 err = ioctl(dd, HCIGETAUTHINFO, (unsigned long) &req); 421 if (err < 0) { 422 DBG("HCIGETAUTHINFO failed: %s (%d)", 423 strerror(errno), errno); 424 hci_close_dev(dd); 425 return err; 426 } 427 428 hci_close_dev(dd); 429 430 if (auth) 431 *auth = req.type; 432 433 return 0; 434 } 435 436 int hcid_dbus_user_confirm(bdaddr_t *sba, bdaddr_t *dba, uint32_t passkey) 437 { 438 struct btd_adapter *adapter; 439 struct btd_device *device; 440 struct agent *agent; 441 uint8_t rem_cap, rem_auth, loc_cap, loc_auth; 442 gboolean bonding_initiator; 443 444 if (!get_adapter_and_device(sba, dba, &adapter, &device, TRUE)) 445 return -ENODEV; 446 447 if (get_auth_requirements(sba, dba, &loc_auth) < 0) { 448 error("Unable to get local authentication requirements"); 449 goto fail; 450 } 451 452 agent = device_get_agent(device); 453 if (agent == NULL) { 454 error("No agent available for user confirmation"); 455 goto fail; 456 } 457 458 loc_cap = agent_get_io_capability(agent); 459 460 DBG("confirm IO capabilities are 0x%02x", loc_cap); 461 DBG("confirm authentication requirement is 0x%02x", loc_auth); 462 463 rem_cap = device_get_cap(device); 464 rem_auth = device_get_auth(device); 465 466 DBG("remote IO capabilities are 0x%02x", rem_cap); 467 DBG("remote authentication requirement is 0x%02x", rem_auth); 468 469 /* If we require MITM but the remote device can't provide that 470 * (it has NoInputNoOutput) then reject the confirmation 471 * request. The only exception is when we're dedicated bonding 472 * initiators since then we always have the MITM bit set. */ 473 bonding_initiator = device_is_bonding(device, NULL); 474 if (!bonding_initiator && (loc_auth & 0x01) && rem_cap == 0x03) { 475 error("Rejecting request: remote device can't provide MITM"); 476 goto fail; 477 } 478 479 /* If local IO capabilities are DisplayYesNo and remote IO 480 * capabiltiies are DisplayOnly or NoInputNoOutput; 481 * call PairingConsent callback for incoming requests. */ 482 agent = device_get_agent(device); 483 if (!agent) { 484 agent = adapter_get_agent(adapter); 485 if ((agent_get_io_capability(agent) & 0x01) && 486 (rem_cap == 0x00 || rem_cap == 0x03)) 487 return device_request_authentication(device, 488 AUTH_TYPE_PAIRING_CONSENT, 0, 489 pairing_consent_cb); 490 } 491 492 /* If no side requires MITM protection; auto-accept */ 493 if ((loc_auth == 0xff || !(loc_auth & 0x01) || rem_cap == 0x03) && 494 (!(rem_auth & 0x01) || loc_cap == 0x03)) { 495 DBG("auto accept of confirmation"); 496 497 /* Wait 5 milliseconds before doing auto-accept */ 498 usleep(5000); 499 500 if (confirm_reply(adapter, device, TRUE) < 0) 501 return -EIO; 502 503 return device_request_authentication(device, AUTH_TYPE_AUTO, 504 0, NULL); 505 } 506 507 return device_request_authentication(device, AUTH_TYPE_CONFIRM, 508 passkey, confirm_cb); 509 510 fail: 511 return confirm_reply(adapter, device, FALSE); 512 } 513 514 int hcid_dbus_user_passkey(bdaddr_t *sba, bdaddr_t *dba) 515 { 516 struct btd_adapter *adapter; 517 struct btd_device *device; 518 519 if (!get_adapter_and_device(sba, dba, &adapter, &device, TRUE)) 520 return -ENODEV; 521 522 return device_request_authentication(device, AUTH_TYPE_PASSKEY, 0, 523 passkey_cb); 524 } 525 526 int hcid_dbus_user_notify(bdaddr_t *sba, bdaddr_t *dba, uint32_t passkey) 527 { 528 struct btd_adapter *adapter; 529 struct btd_device *device; 530 531 if (!get_adapter_and_device(sba, dba, &adapter, &device, TRUE)) 532 return -ENODEV; 533 534 return device_request_authentication(device, AUTH_TYPE_NOTIFY, 535 passkey, NULL); 536 } 537 538 void hcid_dbus_bonding_process_complete(bdaddr_t *local, bdaddr_t *peer, 539 uint8_t status) 540 { 541 struct btd_adapter *adapter; 542 struct btd_device *device; 543 544 DBG("status=%02x", status); 545 546 if (!get_adapter_and_device(local, peer, &adapter, &device, TRUE)) 547 return; 548 549 if (!device_is_authenticating(device)) { 550 /* This means that there was no pending PIN or SSP token 551 * request from the controller, i.e. this is not a new 552 * pairing */ 553 DBG("no pending auth request"); 554 return; 555 } 556 557 /* If this is a new pairing send the appropriate reply and signal for 558 * it and proceed with service discovery */ 559 device_bonding_complete(device, status); 560 } 561 562 void hcid_dbus_simple_pairing_complete(bdaddr_t *local, bdaddr_t *peer, 563 uint8_t status) 564 { 565 struct btd_adapter *adapter; 566 struct btd_device *device; 567 568 DBG("status=%02x", status); 569 570 if (!get_adapter_and_device(local, peer, &adapter, &device, TRUE)) 571 return; 572 573 device_simple_pairing_complete(device, status); 574 } 575 576 static char *extract_eir_name(uint8_t *data, uint8_t *type) 577 { 578 if (!data || !type) 579 return NULL; 580 581 if (data[0] == 0) 582 return NULL; 583 584 *type = data[1]; 585 586 switch (*type) { 587 case 0x08: 588 case 0x09: 589 return strndup((char *) (data + 2), data[0] - 1); 590 } 591 592 return NULL; 593 } 594 595 void hcid_dbus_inquiry_result(bdaddr_t *local, bdaddr_t *peer, uint32_t class, 596 int8_t rssi, uint8_t *data) 597 { 598 char filename[PATH_MAX + 1]; 599 struct btd_adapter *adapter; 600 struct btd_device *device; 601 char local_addr[18], peer_addr[18], *alias, *name, *tmp_name; 602 struct remote_dev_info *dev, match; 603 uint8_t name_type = 0x00; 604 name_status_t name_status; 605 int state; 606 dbus_bool_t legacy; 607 unsigned char features[8]; 608 609 ba2str(local, local_addr); 610 ba2str(peer, peer_addr); 611 612 if (!get_adapter_and_device(local, peer, &adapter, &device, FALSE)) { 613 error("No matching adapter found"); 614 return; 615 } 616 617 write_remote_class(local, peer, class); 618 619 if (data) 620 write_remote_eir(local, peer, data); 621 622 /* 623 * workaround to identify situation when the daemon started and 624 * a standard inquiry or periodic inquiry was already running 625 */ 626 if (!(adapter_get_state(adapter) & STD_INQUIRY) && 627 !(adapter_get_state(adapter) & PERIODIC_INQUIRY)) { 628 state = adapter_get_state(adapter); 629 state |= PERIODIC_INQUIRY; 630 adapter_set_state(adapter, state); 631 } 632 633 memset(&match, 0, sizeof(struct remote_dev_info)); 634 bacpy(&match.bdaddr, peer); 635 match.name_status = NAME_SENT; 636 /* if found: don't send the name again */ 637 dev = adapter_search_found_devices(adapter, &match); 638 if (dev) { 639 adapter_update_found_devices(adapter, peer, rssi, class, 640 NULL, NULL, dev->legacy, 641 NAME_NOT_REQUIRED); 642 return; 643 } 644 645 /* the inquiry result can be triggered by NON D-Bus client */ 646 if (adapter_get_state(adapter) & RESOLVE_NAME) 647 name_status = NAME_REQUIRED; 648 else 649 name_status = NAME_NOT_REQUIRED; 650 651 create_name(filename, PATH_MAX, STORAGEDIR, local_addr, "aliases"); 652 alias = textfile_get(filename, peer_addr); 653 654 create_name(filename, PATH_MAX, STORAGEDIR, local_addr, "names"); 655 name = textfile_get(filename, peer_addr); 656 657 if (data) 658 legacy = FALSE; 659 else if (name == NULL) 660 legacy = TRUE; 661 else if (read_remote_features(local, peer, NULL, features) == 0) { 662 if (features[0] & 0x01) 663 legacy = FALSE; 664 else 665 legacy = TRUE; 666 } else 667 legacy = TRUE; 668 669 tmp_name = extract_eir_name(data, &name_type); 670 if (tmp_name) { 671 if (name_type == 0x09) { 672 write_device_name(local, peer, tmp_name); 673 name_status = NAME_NOT_REQUIRED; 674 675 if (name) 676 g_free(name); 677 678 name = tmp_name; 679 } else { 680 if (name) 681 free(tmp_name); 682 else 683 name = tmp_name; 684 } 685 } 686 687 if (name && name_type != 0x08) 688 name_status = NAME_SENT; 689 690 /* add in the list to track name sent/pending */ 691 adapter_update_found_devices(adapter, peer, rssi, class, name, alias, 692 legacy, name_status); 693 694 g_free(name); 695 g_free(alias); 696 } 697 698 void hcid_dbus_set_legacy_pairing(bdaddr_t *local, bdaddr_t *peer, 699 gboolean legacy) 700 { 701 struct btd_adapter *adapter; 702 struct btd_device *device; 703 struct remote_dev_info *dev, match; 704 705 if (!get_adapter_and_device(local, peer, &adapter, &device, FALSE)) { 706 error("No matching adapter found"); 707 return; 708 } 709 710 memset(&match, 0, sizeof(struct remote_dev_info)); 711 bacpy(&match.bdaddr, peer); 712 match.name_status = NAME_ANY; 713 714 dev = adapter_search_found_devices(adapter, &match); 715 if (dev) 716 dev->legacy = legacy; 717 } 718 719 void hcid_dbus_remote_class(bdaddr_t *local, bdaddr_t *peer, uint32_t class) 720 { 721 uint32_t old_class = 0; 722 struct btd_adapter *adapter; 723 struct btd_device *device; 724 const gchar *dev_path; 725 726 read_remote_class(local, peer, &old_class); 727 728 if (old_class == class) 729 return; 730 731 if (!get_adapter_and_device(local, peer, &adapter, &device, FALSE)) 732 return; 733 734 if (!device) 735 return; 736 737 dev_path = device_get_path(device); 738 739 emit_property_changed(connection, dev_path, DEVICE_INTERFACE, "Class", 740 DBUS_TYPE_UINT32, &class); 741 } 742 743 void hcid_dbus_remote_name(bdaddr_t *local, bdaddr_t *peer, uint8_t status, 744 char *name) 745 { 746 struct btd_adapter *adapter; 747 char srcaddr[18], dstaddr[18]; 748 int state; 749 struct btd_device *device; 750 struct remote_dev_info match, *dev_info; 751 752 if (!get_adapter_and_device(local, peer, &adapter, &device, FALSE)) 753 return; 754 755 ba2str(local, srcaddr); 756 ba2str(peer, dstaddr); 757 758 if (status != 0) 759 goto proceed; 760 761 bacpy(&match.bdaddr, peer); 762 match.name_status = NAME_ANY; 763 764 dev_info = adapter_search_found_devices(adapter, &match); 765 if (dev_info) { 766 g_free(dev_info->name); 767 dev_info->name = g_strdup(name); 768 adapter_emit_device_found(adapter, dev_info); 769 } 770 771 if (device) 772 device_set_name(device, name); 773 774 proceed: 775 /* remove from remote name request list */ 776 adapter_remove_found_device(adapter, peer); 777 778 /* check if there is more devices to request names */ 779 if (adapter_resolve_names(adapter) == 0) 780 return; 781 782 state = adapter_get_state(adapter); 783 state &= ~PERIODIC_INQUIRY; 784 state &= ~STD_INQUIRY; 785 adapter_set_state(adapter, state); 786 } 787 788 int hcid_dbus_link_key_notify(bdaddr_t *local, bdaddr_t *peer, 789 uint8_t *key, uint8_t key_type, 790 int pin_length, uint8_t old_key_type) 791 { 792 struct btd_device *device; 793 struct btd_adapter *adapter; 794 uint8_t local_auth = 0xff, remote_auth, new_key_type; 795 gboolean bonding, temporary = FALSE; 796 797 if (!get_adapter_and_device(local, peer, &adapter, &device, TRUE)) 798 return -ENODEV; 799 800 new_key_type = key_type; 801 802 if (key_type == 0x06) { 803 if (device_get_debug_key(device, NULL)) 804 old_key_type = 0x03; 805 if (old_key_type != 0xff) 806 new_key_type = old_key_type; 807 else 808 /* This is Changed Combination Link Key for 809 * a temporary link key.*/ 810 return 0; 811 } 812 813 get_auth_requirements(local, peer, &local_auth); 814 remote_auth = device_get_auth(device); 815 bonding = device_is_bonding(device, NULL); 816 817 DBG("key type 0x%02x old key type 0x%02x new key type 0x%02x", 818 key_type, old_key_type, new_key_type); 819 820 DBG("local auth 0x%02x and remote auth 0x%02x", 821 local_auth, remote_auth); 822 823 /* Clear any previous debug key */ 824 device_set_debug_key(device, NULL); 825 826 /* If this is not the first link key set a flag so a subsequent auth 827 * complete event doesn't trigger SDP and remove any stored key */ 828 if (old_key_type != 0xff) { 829 device_set_renewed_key(device, TRUE); 830 device_remove_bonding(device); 831 } 832 833 /* Store the link key only in runtime memory if it's a debug 834 * key, else store the link key persistently if one of the 835 * following is true: 836 * 1. this is a legacy link key 837 * 2. this is a changed combination key and there was a previously 838 * stored one 839 * 3. neither local nor remote side had no-bonding as a requirement 840 * 4. the local side had dedicated bonding as a requirement 841 * 5. the remote side is using dedicated bonding since in that case 842 * also the local requirements are set to dedicated bonding 843 * If none of the above match only keep the link key around for 844 * this connection and set the temporary flag for the device. 845 */ 846 if (new_key_type == 0x03) { 847 DBG("Storing debug key in runtime memory"); 848 device_set_debug_key(device, key); 849 } else if (key_type < 0x03 || 850 (key_type == 0x06 && old_key_type != 0xff) || 851 (local_auth > 0x01 && remote_auth > 0x01) || 852 (local_auth == 0x02 || local_auth == 0x03) || 853 (remote_auth == 0x02 || remote_auth == 0x03)) { 854 int err; 855 856 DBG("storing link key of type 0x%02x", key_type); 857 858 err = write_link_key(local, peer, key, new_key_type, 859 pin_length); 860 if (err < 0) { 861 error("write_link_key: %s (%d)", strerror(-err), -err); 862 return err; 863 } 864 } else 865 temporary = TRUE; 866 867 if (!device_is_connected(device)) 868 device_set_secmode3_conn(device, TRUE); 869 else if (!bonding && old_key_type == 0xff) 870 hcid_dbus_bonding_process_complete(local, peer, 0); 871 872 device_set_temporary(device, temporary); 873 874 return 0; 875 } 876 877 int hcid_dbus_get_oob_data(bdaddr_t *sba, bdaddr_t * dba) 878 { 879 struct btd_adapter *adapter; 880 struct btd_device *device; 881 struct agent *agent = NULL; 882 883 if (!get_adapter_and_device(sba, dba, &adapter, &device, TRUE)) 884 return -ENODEV; 885 886 agent = device_get_agent(device); 887 if (agent == NULL) { 888 error("No agent available for device"); 889 return -1; 890 } 891 892 return device_request_authentication(device, AUTH_TYPE_OOB, 0, 893 oob_data_cb); 894 } 895 896 void hcid_dbus_conn_complete(bdaddr_t *local, uint8_t status, uint16_t handle, 897 bdaddr_t *peer) 898 { 899 struct btd_adapter *adapter; 900 struct btd_device *device; 901 902 if (!get_adapter_and_device(local, peer, &adapter, &device, TRUE)) 903 return; 904 905 if (status) { 906 gboolean secmode3 = device_get_secmode3_conn(device); 907 908 device_set_secmode3_conn(device, FALSE); 909 910 if (device_is_bonding(device, NULL)) 911 device_bonding_complete(device, status); 912 if (device_is_temporary(device)) 913 adapter_remove_device(connection, adapter, device, 914 secmode3); 915 return; 916 } 917 918 /* add in the device connetions list */ 919 adapter_add_connection(adapter, device, handle); 920 } 921 922 void hcid_dbus_disconn_complete(bdaddr_t *local, uint8_t status, 923 uint16_t handle, uint8_t reason) 924 { 925 struct btd_adapter *adapter; 926 struct btd_device *device; 927 928 if (status) { 929 error("Disconnection failed: 0x%02x", status); 930 return; 931 } 932 933 adapter = manager_find_adapter(local); 934 if (!adapter) { 935 error("No matching adapter found"); 936 return; 937 } 938 939 device = adapter_find_connection(adapter, handle); 940 if (!device) { 941 DBG("No matching connection found for handle %u", handle); 942 return; 943 } 944 945 adapter_remove_connection(adapter, device, handle); 946 } 947 948 /* Section reserved to device HCI callbacks */ 949 950 void hcid_dbus_setscan_enable_complete(bdaddr_t *local) 951 { 952 struct btd_adapter *adapter; 953 read_scan_enable_rp rp; 954 struct hci_request rq; 955 int dd = -1; 956 uint16_t dev_id; 957 958 adapter = manager_find_adapter(local); 959 if (!adapter) { 960 error("No matching adapter found"); 961 return; 962 } 963 964 if (adapter_powering_down(adapter)) 965 return; 966 967 dev_id = adapter_get_dev_id(adapter); 968 969 dd = hci_open_dev(dev_id); 970 if (dd < 0) { 971 error("HCI device open failed: hci%d", dev_id); 972 return; 973 } 974 975 memset(&rq, 0, sizeof(rq)); 976 rq.ogf = OGF_HOST_CTL; 977 rq.ocf = OCF_READ_SCAN_ENABLE; 978 rq.rparam = &rp; 979 rq.rlen = READ_SCAN_ENABLE_RP_SIZE; 980 rq.event = EVT_CMD_COMPLETE; 981 982 if (hci_send_req(dd, &rq, HCI_REQ_TIMEOUT) < 0) { 983 error("Sending read scan enable command failed: %s (%d)", 984 strerror(errno), errno); 985 goto failed; 986 } 987 988 if (rp.status) { 989 error("Getting scan enable failed with status 0x%02x", 990 rp.status); 991 goto failed; 992 } 993 994 adapter_mode_changed(adapter, rp.enable); 995 996 failed: 997 if (dd >= 0) 998 hci_close_dev(dd); 999 } 1000 1001 void hcid_dbus_write_simple_pairing_mode_complete(bdaddr_t *local) 1002 { 1003 struct btd_adapter *adapter; 1004 int dd; 1005 uint8_t mode; 1006 uint16_t dev_id; 1007 const gchar *path; 1008 1009 adapter = manager_find_adapter(local); 1010 if (!adapter) { 1011 error("No matching adapter found"); 1012 return; 1013 } 1014 1015 dev_id = adapter_get_dev_id(adapter); 1016 path = adapter_get_path(adapter); 1017 1018 dd = hci_open_dev(dev_id); 1019 if (dd < 0) { 1020 error("HCI adapter open failed: %s", path); 1021 return; 1022 } 1023 1024 if (hci_read_simple_pairing_mode(dd, &mode, 1025 HCI_REQ_TIMEOUT) < 0) { 1026 error("Can't read simple pairing mode for %s: %s(%d)", 1027 path, strerror(errno), errno); 1028 hci_close_dev(dd); 1029 return; 1030 } 1031 1032 hci_close_dev(dd); 1033 1034 adapter_update_ssp_mode(adapter, mode); 1035 } 1036 1037 void hcid_dbus_returned_link_key(bdaddr_t *local, bdaddr_t *peer) 1038 { 1039 struct btd_adapter *adapter; 1040 struct btd_device *device; 1041 1042 if (!get_adapter_and_device(local, peer, &adapter, &device, TRUE)) 1043 return; 1044 1045 device_set_paired(device, TRUE); 1046 } 1047 1048 int hcid_dbus_get_io_cap(bdaddr_t *local, bdaddr_t *remote) 1049 { 1050 struct btd_adapter *adapter; 1051 struct btd_device *device; 1052 struct oob_availability_req *oob_req; 1053 struct agent *agent = NULL; 1054 uint8_t agent_cap, auth, cap; 1055 gboolean oob = FALSE; 1056 int ret; 1057 1058 if (!get_adapter_and_device(local, remote, &adapter, &device, TRUE)) 1059 return -ENODEV; 1060 1061 if (get_auth_requirements(local, remote, &auth) < 0) 1062 return -1; 1063 1064 DBG("initial authentication requirement is 0x%02x", auth); 1065 1066 if (auth == 0xff) 1067 auth = device_get_auth(device); 1068 1069 /* Check if the adapter is not pairable and if there isn't a bonding 1070 * in progress */ 1071 if (!adapter_is_pairable(adapter) && 1072 !device_is_bonding(device, NULL)) { 1073 if (device_get_auth(device) < 0x02) { 1074 DBG("Allowing no bonding in non-bondable mode"); 1075 /* No input, no output */ 1076 cap = 0x03; 1077 /* Kernel defaults to general bonding and so 1078 * overwrite for this special case. Otherwise 1079 * non-pairable test cases will fail. */ 1080 auth = 0x00; 1081 goto done; 1082 } 1083 return -EPERM; 1084 } 1085 1086 /* For CreatePairedDevice use dedicated bonding */ 1087 agent = device_get_agent(device); 1088 if (!agent) { 1089 /* This is the non bondable mode case */ 1090 if (device_get_auth(device) > 0x01) { 1091 DBG("Bonding request, but no agent present"); 1092 return -1; 1093 } 1094 1095 /* No agent available, and no bonding case */ 1096 if (auth == 0x00 || auth == 0x04) { 1097 DBG("Allowing no bonding without agent"); 1098 /* No input, no output */ 1099 cap = 0x03; 1100 /* If kernel defaults to general bonding, set it 1101 * back to no bonding */ 1102 auth = 0x00; 1103 goto done; 1104 } 1105 1106 error("No agent available for IO capability"); 1107 return -1; 1108 } 1109 1110 agent_cap = agent_get_io_capability(agent); 1111 1112 if (auth == 0x00 || auth == 0x04) { 1113 /* If remote requests dedicated bonding follow that lead */ 1114 if (device_get_auth(device) == 0x02 || 1115 device_get_auth(device) == 0x03) { 1116 1117 /* If both remote and local IO capabilities allow MITM 1118 * then require it, otherwise don't */ 1119 if (device_get_cap(device) == 0x03 || 1120 agent_cap == 0x03) 1121 auth = 0x02; 1122 else 1123 auth = 0x03; 1124 } 1125 1126 /* If remote indicates no bonding then follow that. This 1127 * is important since the kernel might give general bonding 1128 * as default. */ 1129 if (device_get_auth(device) == 0x00 || 1130 device_get_auth(device) == 0x01) 1131 auth = 0x00; 1132 1133 /* If remote requires MITM then also require it, unless 1134 * our IO capability is NoInputNoOutput (so some 1135 * just-works security cases can be tested) */ 1136 if (device_get_auth(device) != 0xff && 1137 (device_get_auth(device) & 0x01) && 1138 agent_cap != 0x03) 1139 auth |= 0x01; 1140 } 1141 1142 DBG("final authentication requirement is 0x%02x", auth); 1143 cap = agent_get_io_capability(agent); 1144 oob = agent_get_oob_capability(agent); 1145 1146 // if pairing is not locally initiated 1147 if (oob && agent == adapter_get_agent(adapter)) { 1148 oob_req = g_new0(struct oob_availability_req, 1); 1149 oob_req->device = device; 1150 oob_req->auth = auth; 1151 oob_req->capa = cap; 1152 1153 ret = device_request_oob_availability(device, oob_availability_cb, 1154 oob_req); 1155 if (ret < 0) { 1156 g_free(oob_req); 1157 oob = FALSE; 1158 goto done; 1159 } 1160 return ret; 1161 } 1162 1163 done: 1164 io_capa_oob_response(adapter, device, cap, auth, oob); 1165 return 0; 1166 } 1167 1168 int hcid_dbus_set_io_cap(bdaddr_t *local, bdaddr_t *remote, 1169 uint8_t cap, uint8_t auth) 1170 { 1171 struct btd_adapter *adapter; 1172 struct btd_device *device; 1173 1174 if (!get_adapter_and_device(local, remote, &adapter, &device, TRUE)) 1175 return -ENODEV; 1176 1177 device_set_cap(device, cap); 1178 device_set_auth(device, auth); 1179 1180 return 0; 1181 } 1182 1183 /* Most of the functions in this module require easy access to a connection so 1184 * we keep it global here and provide these access functions the other (few) 1185 * modules that require access to it */ 1186 1187 void set_dbus_connection(DBusConnection *conn) 1188 { 1189 connection = conn; 1190 } 1191 1192 DBusConnection *get_dbus_connection(void) 1193 { 1194 return connection; 1195 } 1196
