1 /****************************************************************************** 2 * 3 * Copyright (C) 2009-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /************************************************************************************ 20 * 21 * Filename: btif_dm.c 22 * 23 * Description: Contains Device Management (DM) related functionality 24 * 25 * 26 ***********************************************************************************/ 27 #include <stdio.h> 28 #include <stdlib.h> 29 #include <unistd.h> 30 31 #include <hardware/bluetooth.h> 32 33 #include <utils/Log.h> 34 #include <cutils/properties.h> 35 #include "gki.h" 36 #include "btu.h" 37 #include "bd.h" 38 #include "bta_api.h" 39 #include "btif_api.h" 40 #include "btif_util.h" 41 #include "btif_storage.h" 42 #include "btif_hh.h" 43 #include "btif_config.h" 44 45 /****************************************************************************** 46 ** Constants & Macros 47 ******************************************************************************/ 48 49 #define COD_UNCLASSIFIED ((0x1F) << 8) 50 #define COD_HID_KEYBOARD 0x0540 51 #define COD_HID_POINTING 0x0580 52 #define COD_HID_COMBO 0x05C0 53 #define COD_AV_HEADSETS 0x0404 54 #define COD_AV_HANDSFREE 0x0408 55 #define COD_AV_HEADPHONES 0x0418 56 #define COD_AV_PORTABLE_AUDIO 0x041C 57 #define COD_AV_HIFI_AUDIO 0x0428 58 59 60 #define BTIF_DM_DEFAULT_INQ_MAX_RESULTS 0 61 #define BTIF_DM_DEFAULT_INQ_MAX_DURATION 10 62 63 typedef struct { 64 bt_bond_state_t state; 65 BD_ADDR bd_addr; 66 UINT8 is_temp; 67 UINT8 pin_code_len; 68 UINT8 is_ssp; 69 UINT8 autopair_attempts; 70 UINT8 is_local_initiated; 71 UINT8 bonded_pending_sdp; 72 } btif_dm_pairing_cb_t; 73 74 typedef struct { 75 BD_ADDR bd_addr; 76 BD_NAME bd_name; 77 } btif_dm_remote_name_t; 78 79 typedef struct 80 { 81 BT_OCTET16 sp_c; 82 BT_OCTET16 sp_r; 83 BD_ADDR oob_bdaddr; /* peer bdaddr*/ 84 } btif_dm_oob_cb_t; 85 #define BTA_SERVICE_ID_TO_SERVICE_MASK(id) (1 << (id)) 86 87 /* This flag will be true if HCI_Inquiry is in progress */ 88 static BOOLEAN btif_dm_inquiry_in_progress = FALSE; 89 90 /****************************************************************************** 91 ** Static functions 92 ******************************************************************************/ 93 static btif_dm_pairing_cb_t pairing_cb; 94 static btif_dm_oob_cb_t oob_cb; 95 static void btif_dm_generic_evt(UINT16 event, char* p_param); 96 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr); 97 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name); 98 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 99 DEV_CLASS dev_class, tBT_DEVICE_TYPE dev_type); 100 101 /****************************************************************************** 102 ** Externs 103 ******************************************************************************/ 104 extern UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID]; 105 extern bt_status_t btif_hf_execute_service(BOOLEAN b_enable); 106 extern bt_status_t btif_av_execute_service(BOOLEAN b_enable); 107 extern bt_status_t btif_hh_execute_service(BOOLEAN b_enable); 108 extern int btif_hh_connect(bt_bdaddr_t *bd_addr); 109 110 111 /****************************************************************************** 112 ** Functions 113 ******************************************************************************/ 114 115 bt_status_t btif_in_execute_service_request(tBTA_SERVICE_ID service_id, 116 BOOLEAN b_enable) 117 { 118 /* Check the service_ID and invoke the profile's BT state changed API */ 119 switch (service_id) 120 { 121 case BTA_HFP_SERVICE_ID: 122 case BTA_HSP_SERVICE_ID: 123 { 124 btif_hf_execute_service(b_enable); 125 }break; 126 case BTA_A2DP_SERVICE_ID: 127 { 128 btif_av_execute_service(b_enable); 129 }break; 130 case BTA_HID_SERVICE_ID: 131 { 132 btif_hh_execute_service(b_enable); 133 }break; 134 135 default: 136 BTIF_TRACE_ERROR1("%s: Unknown service being enabled", __FUNCTION__); 137 return BT_STATUS_FAIL; 138 } 139 return BT_STATUS_SUCCESS; 140 } 141 142 /******************************************************************************* 143 ** 144 ** Function check_eir_remote_name 145 ** 146 ** Description Check if remote name is in the EIR data 147 ** 148 ** Returns TRUE if remote name found 149 ** Populate p_remote_name, if provided and remote name found 150 ** 151 *******************************************************************************/ 152 static BOOLEAN check_eir_remote_name(tBTA_DM_SEARCH *p_search_data, 153 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 154 { 155 UINT8 *p_eir_remote_name = NULL; 156 UINT8 remote_name_len = 0; 157 158 /* Check EIR for remote name and services */ 159 if (p_search_data->inq_res.p_eir) 160 { 161 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 162 BTM_EIR_COMPLETE_LOCAL_NAME_TYPE, &remote_name_len); 163 if (!p_eir_remote_name) 164 { 165 p_eir_remote_name = BTA_CheckEirData(p_search_data->inq_res.p_eir, 166 BTM_EIR_SHORTENED_LOCAL_NAME_TYPE, &remote_name_len); 167 } 168 169 if (p_eir_remote_name) 170 { 171 if (remote_name_len > BD_NAME_LEN) 172 remote_name_len = BD_NAME_LEN; 173 174 if (p_remote_name && p_remote_name_len) 175 { 176 memcpy(p_remote_name, p_eir_remote_name, remote_name_len); 177 *(p_remote_name + remote_name_len) = 0; 178 *p_remote_name_len = remote_name_len; 179 } 180 181 return TRUE; 182 } 183 } 184 185 return FALSE; 186 187 } 188 189 /******************************************************************************* 190 ** 191 ** Function check_cached_remote_name 192 ** 193 ** Description Check if remote name is in the NVRAM cache 194 ** 195 ** Returns TRUE if remote name found 196 ** Populate p_remote_name, if provided and remote name found 197 ** 198 *******************************************************************************/ 199 static BOOLEAN check_cached_remote_name(tBTA_DM_SEARCH *p_search_data, 200 UINT8 *p_remote_name, UINT8 *p_remote_name_len) 201 { 202 bt_bdname_t bdname; 203 bt_bdaddr_t remote_bdaddr; 204 bt_property_t prop_name; 205 206 /* check if we already have it in our btif_storage cache */ 207 bdcpy(remote_bdaddr.address, p_search_data->inq_res.bd_addr); 208 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_BDNAME, 209 sizeof(bt_bdname_t), &bdname); 210 if (btif_storage_get_remote_device_property( 211 &remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 212 { 213 if (p_remote_name && p_remote_name_len) 214 { 215 strcpy((char *)p_remote_name, (char *)bdname.name); 216 *p_remote_name_len = strlen((char *)p_remote_name); 217 } 218 return TRUE; 219 } 220 221 return FALSE; 222 } 223 224 BOOLEAN check_cod(const bt_bdaddr_t *remote_bdaddr, uint32_t cod) 225 { 226 uint32_t remote_cod; 227 bt_property_t prop_name; 228 229 /* check if we already have it in our btif_storage cache */ 230 BTIF_STORAGE_FILL_PROPERTY(&prop_name, BT_PROPERTY_CLASS_OF_DEVICE, 231 sizeof(uint32_t), &remote_cod); 232 if (btif_storage_get_remote_device_property((bt_bdaddr_t *)remote_bdaddr, &prop_name) == BT_STATUS_SUCCESS) 233 { 234 if ((remote_cod & 0x7ff) == cod) 235 return TRUE; 236 } 237 238 return FALSE; 239 } 240 241 static void bond_state_changed(bt_status_t status, bt_bdaddr_t *bd_addr, bt_bond_state_t state) 242 { 243 /* Send bonding state only once - based on outgoing/incoming we may receive duplicates */ 244 if ( (pairing_cb.state == state) && (state == BT_BOND_STATE_BONDING) ) 245 return; 246 247 if (pairing_cb.is_temp) 248 { 249 state = BT_BOND_STATE_NONE; 250 } 251 BTIF_TRACE_DEBUG3("%s: state=%d prev_state=%d", __FUNCTION__, state, pairing_cb.state); 252 253 HAL_CBACK(bt_hal_cbacks, bond_state_changed_cb, status, bd_addr, state); 254 255 if (state == BT_BOND_STATE_BONDING) 256 { 257 pairing_cb.state = state; 258 bdcpy(pairing_cb.bd_addr, bd_addr->address); 259 } 260 else 261 { 262 memset(&pairing_cb, 0, sizeof(pairing_cb)); 263 } 264 265 } 266 267 268 static void btif_update_remote_properties(BD_ADDR bd_addr, BD_NAME bd_name, 269 DEV_CLASS dev_class, tBT_DEVICE_TYPE device_type) 270 { 271 int num_properties = 0; 272 bt_property_t properties[3]; 273 bt_bdaddr_t bdaddr; 274 bt_status_t status; 275 UINT32 cod; 276 bt_device_type_t dev_type; 277 278 memset(properties, 0, sizeof(properties)); 279 bdcpy(bdaddr.address, bd_addr); 280 281 /* remote name */ 282 if (strlen((const char *) bd_name)) 283 { 284 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 285 BT_PROPERTY_BDNAME, strlen((char *)bd_name), bd_name); 286 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 287 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device name", status); 288 num_properties++; 289 } 290 291 /* class of device */ 292 cod = devclass2uint(dev_class); 293 if ( cod == 0) { 294 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__); 295 cod = COD_UNCLASSIFIED; 296 } 297 298 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 299 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 300 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 301 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device class", status); 302 num_properties++; 303 304 /* device type */ 305 dev_type = device_type; 306 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 307 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 308 status = btif_storage_set_remote_device_property(&bdaddr, &properties[num_properties]); 309 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device type", status); 310 num_properties++; 311 312 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 313 status, &bdaddr, num_properties, properties); 314 } 315 /******************************************************************************* 316 ** 317 ** Function hid_remote_name_cback 318 ** 319 ** Description Remote name callback for HID device. Called in stack context 320 ** Special handling for HID devices 321 ** 322 ** Returns void 323 ** 324 *******************************************************************************/ 325 static void hid_remote_name_cback(void *p_param) 326 { 327 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 328 329 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_HID_REMOTE_NAME, 330 (char *)p_param, sizeof(tBTM_REMOTE_DEV_NAME), NULL); 331 } 332 333 /******************************************************************************* 334 ** 335 ** Function btif_dm_cb_hid_remote_name 336 ** 337 ** Description Remote name callback for HID device. Called in btif context 338 ** Special handling for HID devices 339 ** 340 ** Returns void 341 ** 342 *******************************************************************************/ 343 static void btif_dm_cb_hid_remote_name(tBTM_REMOTE_DEV_NAME *p_remote_name) 344 { 345 BTIF_TRACE_DEBUG3("%s: status=%d pairing_cb.state=%d", __FUNCTION__, p_remote_name->status, pairing_cb.state); 346 if (pairing_cb.state == BT_BOND_STATE_BONDING) 347 { 348 bt_bdaddr_t remote_bd; 349 350 bdcpy(remote_bd.address, pairing_cb.bd_addr); 351 352 if (p_remote_name->status == BTM_SUCCESS) 353 { 354 bond_state_changed(BT_STATUS_SUCCESS, &remote_bd, BT_BOND_STATE_BONDED); 355 } 356 else 357 bond_state_changed(BT_STATUS_FAIL, &remote_bd, BT_BOND_STATE_NONE); 358 } 359 } 360 361 int remove_hid_bond(bt_bdaddr_t *bd_addr) 362 { 363 /* For HID device, inorder to avoid the HID device from re-connecting again after unpairing, 364 * we need to do virtual unplug 365 */ 366 bdstr_t bdstr; 367 BTIF_TRACE_DEBUG2("%s---Removing HID bond--%s", __FUNCTION__,bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 368 return btif_hh_virtual_unplug(bd_addr); 369 } 370 /******************************************************************************* 371 ** 372 ** Function btif_dm_cb_create_bond 373 ** 374 ** Description Create bond initiated from the BTIF thread context 375 ** Special handling for HID devices 376 ** 377 ** Returns void 378 ** 379 *******************************************************************************/ 380 static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr) 381 { 382 bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); 383 if (check_cod(bd_addr, COD_HID_POINTING)){ 384 int status; 385 status = btif_hh_connect(bd_addr); 386 if(status != BT_STATUS_SUCCESS) 387 bond_state_changed(status, bd_addr, BT_BOND_STATE_NONE); 388 } 389 else 390 BTA_DmBond ((UINT8 *)bd_addr->address); 391 392 /* Track originator of bond creation */ 393 pairing_cb.is_local_initiated = TRUE; 394 395 } 396 397 /******************************************************************************* 398 ** 399 ** Function btif_dm_cb_remove_bond 400 ** 401 ** Description remove bond initiated from the BTIF thread context 402 ** Special handling for HID devices 403 ** 404 ** Returns void 405 ** 406 *******************************************************************************/ 407 void btif_dm_cb_remove_bond(bt_bdaddr_t *bd_addr) 408 { 409 bdstr_t bdstr; 410 /*special handling for HID devices */ 411 if (check_cod(bd_addr, COD_HID_POINTING) || 412 check_cod(bd_addr, COD_HID_KEYBOARD) || 413 check_cod(bd_addr, COD_HID_COMBO)) 414 { 415 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 416 if(remove_hid_bond(bd_addr) != BTA_SUCCESS) 417 BTA_DmRemoveDevice((UINT8 *)bd_addr->address); 418 #endif 419 } 420 else 421 { 422 if (BTA_DmRemoveDevice((UINT8 *)bd_addr->address) == BTA_SUCCESS) 423 { 424 BTIF_TRACE_DEBUG1("Successfully removed bonding with device: %s", 425 bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 426 } 427 else 428 BTIF_TRACE_DEBUG1("Removed bonding with device failed: %s", 429 bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 430 } 431 } 432 433 /******************************************************************************* 434 ** 435 ** Function search_devices_copy_cb 436 ** 437 ** Description Deep copy callback for search devices event 438 ** 439 ** Returns void 440 ** 441 *******************************************************************************/ 442 static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src) 443 { 444 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 445 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 446 447 if (!p_src) 448 return; 449 450 BTIF_TRACE_DEBUG2("%s: event=%s", __FUNCTION__, dump_dm_search_event(event)); 451 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 452 switch (event) 453 { 454 case BTA_DM_INQ_RES_EVT: 455 { 456 if (p_src_data->inq_res.p_eir) 457 { 458 p_dest_data->inq_res.p_eir = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 459 memcpy(p_dest_data->inq_res.p_eir, p_src_data->inq_res.p_eir, HCI_EXT_INQ_RESPONSE_LEN); 460 } 461 } 462 break; 463 464 case BTA_DM_DISC_RES_EVT: 465 { 466 if (p_src_data->disc_res.raw_data_size && p_src_data->disc_res.p_raw_data) 467 { 468 p_dest_data->disc_res.p_raw_data = (UINT8 *)(p_dest + sizeof(tBTA_DM_SEARCH)); 469 memcpy(p_dest_data->disc_res.p_raw_data, 470 p_src_data->disc_res.p_raw_data, p_src_data->disc_res.raw_data_size); 471 } 472 } 473 break; 474 } 475 } 476 477 static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) 478 { 479 tBTA_DM_SEARCH *p_dest_data = (tBTA_DM_SEARCH *) p_dest; 480 tBTA_DM_SEARCH *p_src_data = (tBTA_DM_SEARCH *) p_src; 481 482 if (!p_src) 483 return; 484 memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); 485 switch (event) 486 { 487 case BTA_DM_DISC_RES_EVT: 488 { 489 if ((p_src_data->disc_res.result == BTA_SUCCESS) && 490 (p_src_data->disc_res.num_uuids > 0)) 491 { 492 p_dest_data->disc_res.p_uuid_list = (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH)); 493 memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list, 494 p_src_data->disc_res.num_uuids*MAX_UUID_SIZE); 495 } 496 } break; 497 } 498 } 499 /****************************************************************************** 500 ** 501 ** BTIF DM callback events 502 ** 503 *****************************************************************************/ 504 505 /******************************************************************************* 506 ** 507 ** Function btif_dm_pin_req_evt 508 ** 509 ** Description Executes pin request event in btif context 510 ** 511 ** Returns void 512 ** 513 *******************************************************************************/ 514 static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req) 515 { 516 bt_bdaddr_t bd_addr; 517 bt_bdname_t bd_name; 518 UINT32 cod; 519 bt_pin_code_t pin_code; 520 521 /* Remote properties update */ 522 btif_update_remote_properties(p_pin_req->bd_addr, p_pin_req->bd_name, 523 p_pin_req->dev_class, BT_DEVICE_TYPE_BREDR); 524 525 bdcpy(bd_addr.address, p_pin_req->bd_addr); 526 memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); 527 528 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 529 530 cod = devclass2uint(p_pin_req->dev_class); 531 532 if ( cod == 0) { 533 BTIF_TRACE_DEBUG1("%s():cod is 0, set as unclassified", __FUNCTION__); 534 cod = COD_UNCLASSIFIED; 535 } 536 537 /* check for auto pair possiblity only if bond was initiated by local device */ 538 if (pairing_cb.is_local_initiated) 539 { 540 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 541 check_cod(&bd_addr, COD_AV_HANDSFREE) || 542 check_cod(&bd_addr, COD_AV_HEADPHONES) || 543 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 544 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 545 check_cod(&bd_addr, COD_HID_POINTING)) 546 { 547 BTIF_TRACE_DEBUG1("%s()cod matches for auto pair", __FUNCTION__); 548 /* Check if this device can be auto paired */ 549 if ((btif_storage_is_device_autopair_blacklisted(&bd_addr) == FALSE) && 550 (pairing_cb.autopair_attempts == 0)) 551 { 552 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 553 pin_code.pin[0] = 0x30; 554 pin_code.pin[1] = 0x30; 555 pin_code.pin[2] = 0x30; 556 pin_code.pin[3] = 0x30; 557 558 pairing_cb.autopair_attempts++; 559 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 560 return; 561 } 562 } 563 else if (check_cod(&bd_addr, COD_HID_KEYBOARD) || 564 check_cod(&bd_addr, COD_HID_COMBO)) 565 { 566 if(( btif_storage_is_fixed_pin_zeros_keyboard (&bd_addr) == TRUE) && 567 (pairing_cb.autopair_attempts == 0)) 568 { 569 BTIF_TRACE_DEBUG1("%s() Attempting auto pair", __FUNCTION__); 570 pin_code.pin[0] = 0x30; 571 pin_code.pin[1] = 0x30; 572 pin_code.pin[2] = 0x30; 573 pin_code.pin[3] = 0x30; 574 575 pairing_cb.autopair_attempts++; 576 BTA_DmPinReply( (UINT8*)bd_addr.address, TRUE, 4, pin_code.pin); 577 return; 578 } 579 } 580 } 581 HAL_CBACK(bt_hal_cbacks, pin_request_cb, 582 &bd_addr, &bd_name, cod); 583 } 584 585 /******************************************************************************* 586 ** 587 ** Function btif_dm_ssp_cfm_req_evt 588 ** 589 ** Description Executes SSP confirm request event in btif context 590 ** 591 ** Returns void 592 ** 593 *******************************************************************************/ 594 static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req) 595 { 596 bt_bdaddr_t bd_addr; 597 bt_bdname_t bd_name; 598 UINT32 cod; 599 BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING); 600 601 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 602 603 /* Remote properties update */ 604 btif_update_remote_properties(p_ssp_cfm_req->bd_addr, p_ssp_cfm_req->bd_name, 605 p_ssp_cfm_req->dev_class, BT_DEVICE_TYPE_BREDR); 606 607 bdcpy(bd_addr.address, p_ssp_cfm_req->bd_addr); 608 memcpy(bd_name.name, p_ssp_cfm_req->bd_name, BD_NAME_LEN); 609 610 /* Set the pairing_cb based on the local & remote authentication requirements */ 611 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 612 613 /* if just_works and bonding bit is not set treat this as temporary */ 614 if (p_ssp_cfm_req->just_works && !(p_ssp_cfm_req->loc_auth_req & BTM_AUTH_BONDS) && 615 !(p_ssp_cfm_req->rmt_auth_req & BTM_AUTH_BONDS)) 616 pairing_cb.is_temp = TRUE; 617 else 618 pairing_cb.is_temp = FALSE; 619 620 pairing_cb.is_ssp = TRUE; 621 622 /* If JustWorks auto-accept */ 623 if (p_ssp_cfm_req->just_works) 624 { 625 /* Pairing consent for JustWorks needed if: 626 * 1. Incoming pairing is detected AND 627 * 2. local IO capabilities are DisplayYesNo AND 628 * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput; 629 */ 630 if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) && 631 (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03))) 632 { 633 BTIF_TRACE_EVENT3("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d", 634 __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps); 635 } 636 else 637 { 638 BTIF_TRACE_EVENT1("%s: Auto-accept JustWorks pairing", __FUNCTION__); 639 btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0); 640 return; 641 } 642 } 643 644 cod = devclass2uint(p_ssp_cfm_req->dev_class); 645 646 if ( cod == 0) { 647 ALOGD("cod is 0, set as unclassified"); 648 cod = COD_UNCLASSIFIED; 649 } 650 651 pairing_cb.bonded_pending_sdp = FALSE; 652 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, cod, 653 (p_ssp_cfm_req->just_works ? BT_SSP_VARIANT_CONSENT : BT_SSP_VARIANT_PASSKEY_CONFIRMATION), 654 p_ssp_cfm_req->num_val); 655 } 656 657 static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF *p_ssp_key_notif) 658 { 659 bt_bdaddr_t bd_addr; 660 bt_bdname_t bd_name; 661 UINT32 cod; 662 663 BTIF_TRACE_DEBUG1("%s", __FUNCTION__); 664 665 /* Remote properties update */ 666 btif_update_remote_properties(p_ssp_key_notif->bd_addr, p_ssp_key_notif->bd_name, 667 p_ssp_key_notif->dev_class, BT_DEVICE_TYPE_BREDR); 668 669 bdcpy(bd_addr.address, p_ssp_key_notif->bd_addr); 670 memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); 671 672 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING); 673 pairing_cb.is_ssp = TRUE; 674 cod = devclass2uint(p_ssp_key_notif->dev_class); 675 676 if ( cod == 0) { 677 ALOGD("cod is 0, set as unclassified"); 678 cod = COD_UNCLASSIFIED; 679 } 680 681 HAL_CBACK(bt_hal_cbacks, ssp_request_cb, &bd_addr, &bd_name, 682 cod, BT_SSP_VARIANT_PASSKEY_NOTIFICATION, 683 p_ssp_key_notif->passkey); 684 } 685 /******************************************************************************* 686 ** 687 ** Function btif_dm_auth_cmpl_evt 688 ** 689 ** Description Executes authentication complete event in btif context 690 ** 691 ** Returns void 692 ** 693 *******************************************************************************/ 694 static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) 695 { 696 /* Save link key, if not temporary */ 697 bt_bdaddr_t bd_addr; 698 bt_status_t status = BT_STATUS_FAIL; 699 bt_bond_state_t state = BT_BOND_STATE_NONE; 700 701 bdcpy(bd_addr.address, p_auth_cmpl->bd_addr); 702 if ( (p_auth_cmpl->success == TRUE) && (p_auth_cmpl->key_present) ) 703 { 704 if ((p_auth_cmpl->key_type < HCI_LKEY_TYPE_DEBUG_COMB) || (p_auth_cmpl->key_type == HCI_LKEY_TYPE_AUTH_COMB) || 705 (p_auth_cmpl->key_type == HCI_LKEY_TYPE_CHANGED_COMB) || (!pairing_cb.is_temp)) 706 { 707 bt_status_t ret; 708 BTIF_TRACE_DEBUG3("%s: Storing link key. key_type=0x%x, is_temp=%d", 709 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 710 ret = btif_storage_add_bonded_device(&bd_addr, 711 p_auth_cmpl->key, p_auth_cmpl->key_type, 712 pairing_cb.pin_code_len); 713 ASSERTC(ret == BT_STATUS_SUCCESS, "storing link key failed", ret); 714 } 715 else 716 { 717 BTIF_TRACE_DEBUG3("%s: Temporary key. Not storing. key_type=0x%x, is_temp=%d", 718 __FUNCTION__, p_auth_cmpl->key_type, pairing_cb.is_temp); 719 } 720 } 721 if (p_auth_cmpl->success) 722 { 723 status = BT_STATUS_SUCCESS; 724 state = BT_BOND_STATE_BONDED; 725 726 /* Trigger SDP on the device */ 727 pairing_cb.bonded_pending_sdp = TRUE; 728 btif_dm_get_remote_services(&bd_addr); 729 /* Do not call bond_state_changed_cb yet. Wait till fetch remote service is complete */ 730 } 731 else 732 { 733 /*Map the HCI fail reason to bt status */ 734 switch(p_auth_cmpl->fail_reason) 735 { 736 case HCI_ERR_PAGE_TIMEOUT: 737 case HCI_ERR_CONNECTION_TOUT: 738 status = BT_STATUS_RMT_DEV_DOWN; 739 break; 740 741 /* map the auth failure codes, so we can retry pairing if necessary */ 742 case HCI_ERR_AUTH_FAILURE: 743 case HCI_ERR_HOST_REJECT_SECURITY: 744 case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE: 745 case HCI_ERR_UNIT_KEY_USED: 746 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED: 747 case HCI_ERR_INSUFFCIENT_SECURITY: 748 BTIF_TRACE_DEBUG1(" %s() Authentication fail ", __FUNCTION__); 749 if (pairing_cb.autopair_attempts == 1) 750 { 751 BTIF_TRACE_DEBUG1("%s(): Adding device to blacklist ", __FUNCTION__); 752 753 /* Add the device to dynamic black list only if this device belongs to Audio/pointing dev class */ 754 if (check_cod(&bd_addr, COD_AV_HEADSETS) || 755 check_cod(&bd_addr, COD_AV_HANDSFREE) || 756 check_cod(&bd_addr, COD_AV_HEADPHONES) || 757 check_cod(&bd_addr, COD_AV_PORTABLE_AUDIO) || 758 check_cod(&bd_addr, COD_AV_HIFI_AUDIO) || 759 check_cod(&bd_addr, COD_HID_POINTING)) 760 { 761 btif_storage_add_device_to_autopair_blacklist (&bd_addr); 762 } 763 pairing_cb.autopair_attempts++; 764 765 /* Create the Bond once again */ 766 BTIF_TRACE_DEBUG1("%s() auto pair failed. Reinitiate Bond", __FUNCTION__); 767 btif_dm_cb_create_bond (&bd_addr); 768 return; 769 } 770 else 771 { 772 /* if autopair attempts are more than 1, or not attempted */ 773 status = BT_STATUS_AUTH_FAILURE; 774 } 775 break; 776 777 default: 778 status = BT_STATUS_FAIL; 779 } 780 bond_state_changed(status, &bd_addr, state); 781 } 782 } 783 784 /****************************************************************************** 785 ** 786 ** Function btif_dm_search_devices_evt 787 ** 788 ** Description Executes search devices callback events in btif context 789 ** 790 ** Returns void 791 ** 792 ******************************************************************************/ 793 static void btif_dm_search_devices_evt (UINT16 event, char *p_param) 794 { 795 tBTA_DM_SEARCH *p_search_data; 796 BTIF_TRACE_EVENT2("%s event=%s", __FUNCTION__, dump_dm_search_event(event)); 797 798 switch (event) 799 { 800 case BTA_DM_DISC_RES_EVT: 801 { 802 p_search_data = (tBTA_DM_SEARCH *)p_param; 803 /* Remote name update */ 804 if (strlen((const char *) p_search_data->disc_res.bd_name)) 805 { 806 bt_property_t properties[1]; 807 bt_bdaddr_t bdaddr; 808 bt_status_t status; 809 810 properties[0].type = BT_PROPERTY_BDNAME; 811 properties[0].val = p_search_data->disc_res.bd_name; 812 properties[0].len = strlen((char *)p_search_data->disc_res.bd_name); 813 bdcpy(bdaddr.address, p_search_data->disc_res.bd_addr); 814 815 status = btif_storage_set_remote_device_property(&bdaddr, &properties[0]); 816 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device property", status); 817 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 818 status, &bdaddr, 1, properties); 819 } 820 /* TODO: Services? */ 821 } 822 break; 823 824 case BTA_DM_INQ_RES_EVT: 825 { 826 /* inquiry result */ 827 UINT32 cod; 828 UINT8 *p_eir_remote_name = NULL; 829 bt_bdname_t bdname; 830 bt_bdaddr_t bdaddr; 831 UINT8 remote_name_len; 832 UINT8 *p_cached_name = NULL; 833 tBTA_SERVICE_MASK services = 0; 834 bdstr_t bdstr; 835 836 p_search_data = (tBTA_DM_SEARCH *)p_param; 837 bdcpy(bdaddr.address, p_search_data->inq_res.bd_addr); 838 839 BTIF_TRACE_DEBUG3("%s() %s device_type = 0x%x\n", __FUNCTION__, bd2str(&bdaddr, &bdstr), 840 #if (BLE_INCLUDED == TRUE) 841 p_search_data->inq_res.device_type); 842 #else 843 BT_DEVICE_TYPE_BREDR); 844 #endif 845 bdname.name[0] = 0; 846 847 cod = devclass2uint (p_search_data->inq_res.dev_class); 848 849 if ( cod == 0) { 850 ALOGD("cod is 0, set as unclassified"); 851 cod = COD_UNCLASSIFIED; 852 } 853 854 if (!check_eir_remote_name(p_search_data, bdname.name, &remote_name_len)) 855 check_cached_remote_name(p_search_data, bdname.name, &remote_name_len); 856 857 /* Check EIR for remote name and services */ 858 if (p_search_data->inq_res.p_eir) 859 { 860 BTA_GetEirService(p_search_data->inq_res.p_eir, &services); 861 BTIF_TRACE_DEBUG2("%s()EIR BTA services = %08X", __FUNCTION__, (UINT32)services); 862 /* TODO: Get the service list and check to see which uuids we got and send it back to the client. */ 863 } 864 865 866 { 867 bt_property_t properties[5]; 868 bt_device_type_t dev_type; 869 uint32_t num_properties = 0; 870 bt_status_t status; 871 872 memset(properties, 0, sizeof(properties)); 873 /* BD_ADDR */ 874 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 875 BT_PROPERTY_BDADDR, sizeof(bdaddr), &bdaddr); 876 num_properties++; 877 /* BD_NAME */ 878 /* Don't send BDNAME if it is empty */ 879 if (bdname.name[0]) { 880 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 881 BT_PROPERTY_BDNAME, 882 strlen((char *)bdname.name), &bdname); 883 num_properties++; 884 } 885 886 /* DEV_CLASS */ 887 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 888 BT_PROPERTY_CLASS_OF_DEVICE, sizeof(cod), &cod); 889 num_properties++; 890 /* DEV_TYPE */ 891 #if (BLE_INCLUDED == TRUE) 892 /* FixMe: Assumption is that bluetooth.h and BTE enums match */ 893 dev_type = p_search_data->inq_res.device_type; 894 #else 895 dev_type = BT_DEVICE_TYPE_BREDR; 896 #endif 897 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 898 BT_PROPERTY_TYPE_OF_DEVICE, sizeof(dev_type), &dev_type); 899 num_properties++; 900 /* RSSI */ 901 BTIF_STORAGE_FILL_PROPERTY(&properties[num_properties], 902 BT_PROPERTY_REMOTE_RSSI, sizeof(int8_t), 903 &(p_search_data->inq_res.rssi)); 904 num_properties++; 905 906 status = btif_storage_add_remote_device(&bdaddr, num_properties, properties); 907 ASSERTC(status == BT_STATUS_SUCCESS, "failed to save remote device (inquiry)", status); 908 909 /* Callback to notify upper layer of device */ 910 HAL_CBACK(bt_hal_cbacks, device_found_cb, 911 num_properties, properties); 912 } 913 } 914 break; 915 916 case BTA_DM_INQ_CMPL_EVT: 917 { 918 } 919 break; 920 case BTA_DM_DISC_CMPL_EVT: 921 { 922 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 923 } 924 break; 925 case BTA_DM_SEARCH_CANCEL_CMPL_EVT: 926 { 927 /* if inquiry is not in progress and we get a cancel event, then 928 * it means we are done with inquiry, but remote_name fetches are in 929 * progress 930 * 931 * if inquiry is in progress, then we don't want to act on this cancel_cmpl_evt 932 * but instead wait for the cancel_cmpl_evt via the Busy Level 933 * 934 */ 935 if (btif_dm_inquiry_in_progress == FALSE) 936 { 937 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STOPPED); 938 } 939 } 940 break; 941 } 942 } 943 944 /******************************************************************************* 945 ** 946 ** Function btif_dm_search_services_evt 947 ** 948 ** Description Executes search services event in btif context 949 ** 950 ** Returns void 951 ** 952 *******************************************************************************/ 953 static void btif_dm_search_services_evt(UINT16 event, char *p_param) 954 { 955 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 956 957 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 958 switch (event) 959 { 960 case BTA_DM_DISC_RES_EVT: 961 { 962 bt_uuid_t uuid_arr[BT_MAX_NUM_UUIDS]; /* Max 32 services */ 963 bt_property_t prop; 964 uint32_t i = 0, j = 0; 965 bt_bdaddr_t bd_addr; 966 bt_status_t ret; 967 968 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 969 970 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 971 p_data->disc_res.result, p_data->disc_res.services); 972 prop.type = BT_PROPERTY_UUIDS; 973 prop.len = 0; 974 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) 975 { 976 prop.val = p_data->disc_res.p_uuid_list; 977 prop.len = p_data->disc_res.num_uuids * MAX_UUID_SIZE; 978 for (i=0; i < p_data->disc_res.num_uuids; i++) 979 { 980 char temp[256]; 981 uuid_to_string((bt_uuid_t*)(p_data->disc_res.p_uuid_list + (i*MAX_UUID_SIZE)), temp); 982 BTIF_TRACE_ERROR2("Index: %d uuid:%s", i, temp); 983 } 984 } 985 986 /* onUuidChanged requires getBondedDevices to be populated. 987 ** bond_state_changed needs to be sent prior to remote_device_property 988 */ 989 if ((pairing_cb.state == BT_BOND_STATE_BONDING) && 990 (bdcmp(p_data->disc_res.bd_addr, pairing_cb.bd_addr) == 0)&& 991 pairing_cb.bonded_pending_sdp == TRUE) 992 { 993 BTIF_TRACE_DEBUG1("%s Remote Service SDP done. Call bond_state_changed_cb BONDED", 994 __FUNCTION__); 995 pairing_cb.bonded_pending_sdp = FALSE; 996 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDED); 997 } 998 999 /* Also write this to the NVRAM */ 1000 ret = btif_storage_set_remote_device_property(&bd_addr, &prop); 1001 ASSERTC(ret == BT_STATUS_SUCCESS, "storing remote services failed", ret); 1002 /* Send the event to the BTIF */ 1003 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1004 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1005 } 1006 break; 1007 1008 case BTA_DM_DISC_CMPL_EVT: 1009 /* fixme */ 1010 break; 1011 1012 default: 1013 { 1014 ASSERTC(0, "unhandled search services event", event); 1015 } 1016 break; 1017 } 1018 } 1019 1020 /******************************************************************************* 1021 ** 1022 ** Function btif_dm_remote_service_record_evt 1023 ** 1024 ** Description Executes search service record event in btif context 1025 ** 1026 ** Returns void 1027 ** 1028 *******************************************************************************/ 1029 static void btif_dm_remote_service_record_evt(UINT16 event, char *p_param) 1030 { 1031 tBTA_DM_SEARCH *p_data = (tBTA_DM_SEARCH*)p_param; 1032 1033 BTIF_TRACE_EVENT2("%s: event = %d", __FUNCTION__, event); 1034 switch (event) 1035 { 1036 case BTA_DM_DISC_RES_EVT: 1037 { 1038 bt_service_record_t rec; 1039 bt_property_t prop; 1040 uint32_t i = 0; 1041 bt_bdaddr_t bd_addr; 1042 1043 memset(&rec, 0, sizeof(bt_service_record_t)); 1044 bdcpy(bd_addr.address, p_data->disc_res.bd_addr); 1045 1046 BTIF_TRACE_DEBUG3("%s:(result=0x%x, services 0x%x)", __FUNCTION__, 1047 p_data->disc_res.result, p_data->disc_res.services); 1048 prop.type = BT_PROPERTY_SERVICE_RECORD; 1049 prop.val = (void*)&rec; 1050 prop.len = sizeof(rec); 1051 1052 /* disc_res.result is overloaded with SCN. Cannot check result */ 1053 p_data->disc_res.services &= ~BTA_USER_SERVICE_MASK; 1054 /* TODO: Get the UUID as well */ 1055 rec.channel = p_data->disc_res.result - 3; 1056 /* TODO: Need to get the service name using p_raw_data */ 1057 rec.name[0] = 0; 1058 1059 HAL_CBACK(bt_hal_cbacks, remote_device_properties_cb, 1060 BT_STATUS_SUCCESS, &bd_addr, 1, &prop); 1061 } 1062 break; 1063 1064 default: 1065 { 1066 ASSERTC(0, "unhandled remote service record event", event); 1067 } 1068 break; 1069 } 1070 } 1071 1072 /******************************************************************************* 1073 ** 1074 ** Function btif_dm_upstreams_cback 1075 ** 1076 ** Description Executes UPSTREAMS events in btif context 1077 ** 1078 ** Returns void 1079 ** 1080 *******************************************************************************/ 1081 static void btif_dm_upstreams_evt(UINT16 event, char* p_param) 1082 { 1083 tBTA_DM_SEC_EVT dm_event = (tBTA_DM_SEC_EVT)event; 1084 tBTA_DM_SEC *p_data = (tBTA_DM_SEC*)p_param; 1085 tBTA_SERVICE_MASK service_mask; 1086 uint32_t i; 1087 bt_bdaddr_t bd_addr; 1088 1089 BTIF_TRACE_EVENT1("btif_dm_upstreams_cback ev: %s", dump_dm_event(event)); 1090 1091 switch (event) 1092 { 1093 case BTA_DM_ENABLE_EVT: 1094 { 1095 BD_NAME bdname; 1096 bt_status_t status; 1097 bt_property_t prop; 1098 prop.type = BT_PROPERTY_BDNAME; 1099 prop.len = BD_NAME_LEN; 1100 prop.val = (void*)bdname; 1101 1102 status = btif_storage_get_adapter_property(&prop); 1103 /* Storage does not have a name yet. 1104 ** Use the default name and write it to the chip 1105 */ 1106 if (status != BT_STATUS_SUCCESS) 1107 { 1108 BTA_DmSetDeviceName((char *)BTM_DEF_LOCAL_NAME); 1109 /* Hmmm...Should we store this too??? */ 1110 } 1111 else 1112 { 1113 /* A name exists in the storage. Make this the device name */ 1114 BTA_DmSetDeviceName((char*)prop.val); 1115 } 1116 1117 /* for each of the enabled services in the mask, trigger the profile 1118 * enable */ 1119 service_mask = btif_get_enabled_services_mask(); 1120 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1121 { 1122 if (service_mask & 1123 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1124 { 1125 btif_in_execute_service_request(i, TRUE); 1126 } 1127 } 1128 /* clear control blocks */ 1129 memset(&pairing_cb, 0, sizeof(btif_dm_pairing_cb_t)); 1130 1131 /* This function will also trigger the adapter_properties_cb 1132 ** and bonded_devices_info_cb 1133 */ 1134 btif_storage_load_bonded_devices(); 1135 1136 btif_storage_load_autopair_device_list(); 1137 1138 btif_enable_bluetooth_evt(p_data->enable.status, p_data->enable.bd_addr); 1139 } 1140 break; 1141 1142 case BTA_DM_DISABLE_EVT: 1143 /* for each of the enabled services in the mask, trigger the profile 1144 * disable */ 1145 service_mask = btif_get_enabled_services_mask(); 1146 for (i=0; i <= BTA_MAX_SERVICE_ID; i++) 1147 { 1148 if (service_mask & 1149 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(i))) 1150 { 1151 btif_in_execute_service_request(i, FALSE); 1152 } 1153 } 1154 btif_disable_bluetooth_evt(); 1155 break; 1156 1157 case BTA_DM_PIN_REQ_EVT: 1158 btif_dm_pin_req_evt(&p_data->pin_req); 1159 break; 1160 1161 case BTA_DM_AUTH_CMPL_EVT: 1162 btif_dm_auth_cmpl_evt(&p_data->auth_cmpl); 1163 break; 1164 1165 case BTA_DM_BOND_CANCEL_CMPL_EVT: 1166 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1167 { 1168 bdcpy(bd_addr.address, pairing_cb.bd_addr); 1169 bond_state_changed(p_data->bond_cancel_cmpl.result, &bd_addr, BT_BOND_STATE_NONE); 1170 } 1171 break; 1172 1173 case BTA_DM_SP_CFM_REQ_EVT: 1174 btif_dm_ssp_cfm_req_evt(&p_data->cfm_req); 1175 break; 1176 case BTA_DM_SP_KEY_NOTIF_EVT: 1177 btif_dm_ssp_key_notif_evt(&p_data->key_notif); 1178 break; 1179 1180 case BTA_DM_DEV_UNPAIRED_EVT: 1181 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1182 1183 /*special handling for HID devices */ 1184 #if (defined(BTA_HH_INCLUDED) && (BTA_HH_INCLUDED == TRUE)) 1185 if (check_cod(&bd_addr, COD_HID_KEYBOARD )|| check_cod(&bd_addr, COD_HID_COMBO) || check_cod(&bd_addr, COD_HID_POINTING)) { 1186 btif_hh_remove_device(bd_addr); 1187 } 1188 #endif 1189 btif_storage_remove_bonded_device(&bd_addr); 1190 bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_NONE); 1191 break; 1192 1193 case BTA_DM_BUSY_LEVEL_EVT: 1194 { 1195 UINT8 busy_level; 1196 busy_level = p_data->busy_level.level; 1197 if (busy_level & BTM_BL_INQUIRY_PAGING_MASK) 1198 { 1199 if (busy_level == BTM_BL_INQUIRY_STARTED) 1200 { 1201 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1202 BT_DISCOVERY_STARTED); 1203 btif_dm_inquiry_in_progress = TRUE; 1204 } 1205 else if (busy_level == BTM_BL_INQUIRY_CANCELLED) 1206 { 1207 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, 1208 BT_DISCOVERY_STOPPED); 1209 btif_dm_inquiry_in_progress = FALSE; 1210 } 1211 else if (busy_level == BTM_BL_INQUIRY_COMPLETE) 1212 { 1213 btif_dm_inquiry_in_progress = FALSE; 1214 } 1215 } 1216 }break; 1217 1218 case BTA_DM_LINK_UP_EVT: 1219 bdcpy(bd_addr.address, p_data->link_up.bd_addr); 1220 BTIF_TRACE_DEBUG0("BTA_DM_LINK_UP_EVT. Sending BT_ACL_STATE_CONNECTED"); 1221 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1222 &bd_addr, BT_ACL_STATE_CONNECTED); 1223 break; 1224 1225 case BTA_DM_LINK_DOWN_EVT: 1226 bdcpy(bd_addr.address, p_data->link_down.bd_addr); 1227 BTIF_TRACE_DEBUG0("BTA_DM_LINK_DOWN_EVT. Sending BT_ACL_STATE_DISCONNECTED"); 1228 HAL_CBACK(bt_hal_cbacks, acl_state_changed_cb, BT_STATUS_SUCCESS, 1229 &bd_addr, BT_ACL_STATE_DISCONNECTED); 1230 break; 1231 1232 case BTA_DM_HW_ERROR_EVT: 1233 BTIF_TRACE_ERROR0("Received H/W Error. "); 1234 /* Flush storage data */ 1235 btif_config_flush(); 1236 usleep(100000); /* 100milliseconds */ 1237 /* Killing the process to force a restart as part of fault tolerance */ 1238 kill(getpid(), SIGKILL); 1239 break; 1240 1241 case BTA_DM_AUTHORIZE_EVT: 1242 case BTA_DM_SIG_STRENGTH_EVT: 1243 case BTA_DM_SP_RMT_OOB_EVT: 1244 case BTA_DM_SP_KEYPRESS_EVT: 1245 case BTA_DM_ROLE_CHG_EVT: 1246 case BTA_DM_BLE_KEY_EVT: 1247 case BTA_DM_BLE_SEC_REQ_EVT: 1248 case BTA_DM_BLE_PASSKEY_NOTIF_EVT: 1249 case BTA_DM_BLE_PASSKEY_REQ_EVT: 1250 case BTA_DM_BLE_OOB_REQ_EVT: 1251 case BTA_DM_BLE_LOCAL_IR_EVT: 1252 case BTA_DM_BLE_LOCAL_ER_EVT: 1253 case BTA_DM_BLE_AUTH_CMPL_EVT: 1254 default: 1255 BTIF_TRACE_WARNING1( "btif_dm_cback : unhandled event (%d)", event ); 1256 break; 1257 } 1258 } /* btui_security_cback() */ 1259 1260 1261 /******************************************************************************* 1262 ** 1263 ** Function btif_dm_generic_evt 1264 ** 1265 ** Description Executes non-BTA upstream events in BTIF context 1266 ** 1267 ** Returns void 1268 ** 1269 *******************************************************************************/ 1270 static void btif_dm_generic_evt(UINT16 event, char* p_param) 1271 { 1272 BTIF_TRACE_EVENT2("%s: event=%d", __FUNCTION__, event); 1273 switch(event) 1274 { 1275 case BTIF_DM_CB_DISCOVERY_STARTED: 1276 { 1277 HAL_CBACK(bt_hal_cbacks, discovery_state_changed_cb, BT_DISCOVERY_STARTED); 1278 } 1279 break; 1280 1281 case BTIF_DM_CB_CREATE_BOND: 1282 { 1283 btif_dm_cb_create_bond((bt_bdaddr_t *)p_param); 1284 } 1285 break; 1286 1287 case BTIF_DM_CB_REMOVE_BOND: 1288 { 1289 btif_dm_cb_remove_bond((bt_bdaddr_t *)p_param); 1290 } 1291 break; 1292 1293 case BTIF_DM_CB_HID_REMOTE_NAME: 1294 { 1295 btif_dm_cb_hid_remote_name((tBTM_REMOTE_DEV_NAME *)p_param); 1296 } 1297 break; 1298 1299 case BTIF_DM_CB_BOND_STATE_BONDING: 1300 { 1301 bond_state_changed(BT_STATUS_SUCCESS, (bt_bdaddr_t *)p_param, BT_BOND_STATE_BONDING); 1302 } 1303 break; 1304 default: 1305 { 1306 BTIF_TRACE_WARNING2("%s : Unknown event 0x%x", __FUNCTION__, event); 1307 } 1308 break; 1309 } 1310 } 1311 1312 /******************************************************************************* 1313 ** 1314 ** Function bte_dm_evt 1315 ** 1316 ** Description Switches context from BTE to BTIF for all DM events 1317 ** 1318 ** Returns void 1319 ** 1320 *******************************************************************************/ 1321 1322 void bte_dm_evt(tBTA_DM_SEC_EVT event, tBTA_DM_SEC *p_data) 1323 { 1324 bt_status_t status; 1325 1326 /* switch context to btif task context (copy full union size for convenience) */ 1327 status = btif_transfer_context(btif_dm_upstreams_evt, (uint16_t)event, (void*)p_data, sizeof(tBTA_DM_SEC), NULL); 1328 1329 /* catch any failed context transfers */ 1330 ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status); 1331 } 1332 1333 /******************************************************************************* 1334 ** 1335 ** Function bte_search_devices_evt 1336 ** 1337 ** Description Switches context from BTE to BTIF for DM search events 1338 ** 1339 ** Returns void 1340 ** 1341 *******************************************************************************/ 1342 static void bte_search_devices_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1343 { 1344 UINT16 param_len = 0; 1345 1346 if (p_data) 1347 param_len += sizeof(tBTA_DM_SEARCH); 1348 /* Allocate buffer to hold the pointers (deep copy). The pointers will point to the end of the tBTA_DM_SEARCH */ 1349 switch (event) 1350 { 1351 case BTA_DM_INQ_RES_EVT: 1352 { 1353 if (p_data->inq_res.p_eir) 1354 param_len += HCI_EXT_INQ_RESPONSE_LEN; 1355 } 1356 break; 1357 1358 case BTA_DM_DISC_RES_EVT: 1359 { 1360 if (p_data->disc_res.raw_data_size && p_data->disc_res.p_raw_data) 1361 param_len += p_data->disc_res.raw_data_size; 1362 } 1363 break; 1364 } 1365 BTIF_TRACE_DEBUG3("%s event=%s param_len=%d", __FUNCTION__, dump_dm_search_event(event), param_len); 1366 1367 /* if remote name is available in EIR, set teh flag so that stack doesnt trigger RNR */ 1368 if (event == BTA_DM_INQ_RES_EVT) 1369 p_data->inq_res.remt_name_not_required = check_eir_remote_name(p_data, NULL, NULL); 1370 1371 btif_transfer_context (btif_dm_search_devices_evt , (UINT16) event, (void *)p_data, param_len, 1372 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_devices_copy_cb : NULL); 1373 } 1374 1375 /******************************************************************************* 1376 ** 1377 ** Function bte_dm_search_services_evt 1378 ** 1379 ** Description Switches context from BTE to BTIF for DM search services 1380 ** event 1381 ** 1382 ** Returns void 1383 ** 1384 *******************************************************************************/ 1385 static void bte_dm_search_services_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1386 { 1387 UINT16 param_len = 0; 1388 if (p_data) 1389 param_len += sizeof(tBTA_DM_SEARCH); 1390 switch (event) 1391 { 1392 case BTA_DM_DISC_RES_EVT: 1393 { 1394 if ((p_data->disc_res.result == BTA_SUCCESS) && (p_data->disc_res.num_uuids > 0)) { 1395 param_len += (p_data->disc_res.num_uuids * MAX_UUID_SIZE); 1396 } 1397 } break; 1398 } 1399 /* TODO: The only other member that needs a deep copy is the p_raw_data. But not sure 1400 * if raw_data is needed. */ 1401 btif_transfer_context(btif_dm_search_services_evt, event, (char*)p_data, param_len, 1402 (param_len > sizeof(tBTA_DM_SEARCH)) ? search_services_copy_cb : NULL); 1403 } 1404 1405 /******************************************************************************* 1406 ** 1407 ** Function bte_dm_remote_service_record_evt 1408 ** 1409 ** Description Switches context from BTE to BTIF for DM search service 1410 ** record event 1411 ** 1412 ** Returns void 1413 ** 1414 *******************************************************************************/ 1415 static void bte_dm_remote_service_record_evt(tBTA_DM_SEARCH_EVT event, tBTA_DM_SEARCH *p_data) 1416 { 1417 /* TODO: The only member that needs a deep copy is the p_raw_data. But not sure yet if this is needed. */ 1418 btif_transfer_context(btif_dm_remote_service_record_evt, event, (char*)p_data, sizeof(tBTA_DM_SEARCH), NULL); 1419 } 1420 1421 /***************************************************************************** 1422 ** 1423 ** btif api functions (no context switch) 1424 ** 1425 *****************************************************************************/ 1426 1427 /******************************************************************************* 1428 ** 1429 ** Function btif_dm_start_discovery 1430 ** 1431 ** Description Start device discovery/inquiry 1432 ** 1433 ** Returns bt_status_t 1434 ** 1435 *******************************************************************************/ 1436 bt_status_t btif_dm_start_discovery(void) 1437 { 1438 tBTA_DM_INQ inq_params; 1439 tBTA_SERVICE_MASK services = 0; 1440 1441 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1442 /* TODO: Do we need to handle multiple inquiries at the same time? */ 1443 1444 /* Set inquiry params and call API */ 1445 #if (BLE_INCLUDED == TRUE) 1446 inq_params.mode = BTA_DM_GENERAL_INQUIRY|BTA_BLE_GENERAL_INQUIRY; 1447 #else 1448 inq_params.mode = BTA_DM_GENERAL_INQUIRY; 1449 #endif 1450 inq_params.duration = BTIF_DM_DEFAULT_INQ_MAX_DURATION; 1451 1452 inq_params.max_resps = BTIF_DM_DEFAULT_INQ_MAX_RESULTS; 1453 inq_params.report_dup = TRUE; 1454 1455 inq_params.filter_type = BTA_DM_INQ_CLR; 1456 /* TODO: Filter device by BDA needs to be implemented here */ 1457 1458 /* Will be enabled to TRUE once inquiry busy level has been received */ 1459 btif_dm_inquiry_in_progress = FALSE; 1460 /* find nearby devices */ 1461 BTA_DmSearch(&inq_params, services, bte_search_devices_evt); 1462 1463 return BT_STATUS_SUCCESS; 1464 } 1465 1466 /******************************************************************************* 1467 ** 1468 ** Function btif_dm_cancel_discovery 1469 ** 1470 ** Description Cancels search 1471 ** 1472 ** Returns bt_status_t 1473 ** 1474 *******************************************************************************/ 1475 bt_status_t btif_dm_cancel_discovery(void) 1476 { 1477 BTIF_TRACE_EVENT1("%s", __FUNCTION__); 1478 BTA_DmSearchCancel(); 1479 return BT_STATUS_SUCCESS; 1480 } 1481 1482 /******************************************************************************* 1483 ** 1484 ** Function btif_dm_create_bond 1485 ** 1486 ** Description Initiate bonding with the specified device 1487 ** 1488 ** Returns bt_status_t 1489 ** 1490 *******************************************************************************/ 1491 bt_status_t btif_dm_create_bond(const bt_bdaddr_t *bd_addr) 1492 { 1493 bdstr_t bdstr; 1494 1495 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *) bd_addr, &bdstr)); 1496 if (pairing_cb.state != BT_BOND_STATE_NONE) 1497 return BT_STATUS_BUSY; 1498 1499 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_CREATE_BOND, 1500 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1501 1502 return BT_STATUS_SUCCESS; 1503 } 1504 1505 /******************************************************************************* 1506 ** 1507 ** Function btif_dm_cancel_bond 1508 ** 1509 ** Description Initiate bonding with the specified device 1510 ** 1511 ** Returns bt_status_t 1512 ** 1513 *******************************************************************************/ 1514 1515 bt_status_t btif_dm_cancel_bond(const bt_bdaddr_t *bd_addr) 1516 { 1517 bdstr_t bdstr; 1518 1519 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1520 1521 /* TODO: 1522 ** 1. Restore scan modes 1523 ** 2. special handling for HID devices 1524 */ 1525 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1526 { 1527 if (pairing_cb.is_ssp) 1528 { 1529 BTA_DmConfirm( (UINT8 *)bd_addr->address, FALSE); 1530 } 1531 else 1532 { 1533 BTA_DmPinReply( (UINT8 *)bd_addr->address, FALSE, 0, NULL); 1534 } 1535 /* Cancel bonding, in case it is in ACL connection setup state */ 1536 BTA_DmBondCancel ((UINT8 *)bd_addr->address); 1537 btif_storage_remove_bonded_device((bt_bdaddr_t *)bd_addr); 1538 } 1539 1540 return BT_STATUS_SUCCESS; 1541 } 1542 1543 /******************************************************************************* 1544 ** 1545 ** Function btif_dm_remove_bond 1546 ** 1547 ** Description Removes bonding with the specified device 1548 ** 1549 ** Returns bt_status_t 1550 ** 1551 *******************************************************************************/ 1552 1553 bt_status_t btif_dm_remove_bond(const bt_bdaddr_t *bd_addr) 1554 { 1555 bdstr_t bdstr; 1556 1557 BTIF_TRACE_EVENT2("%s: bd_addr=%s", __FUNCTION__, bd2str((bt_bdaddr_t *)bd_addr, &bdstr)); 1558 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_REMOVE_BOND, 1559 (char *)bd_addr, sizeof(bt_bdaddr_t), NULL); 1560 1561 return BT_STATUS_SUCCESS; 1562 } 1563 1564 /******************************************************************************* 1565 ** 1566 ** Function btif_dm_pin_reply 1567 ** 1568 ** Description BT legacy pairing - PIN code reply 1569 ** 1570 ** Returns bt_status_t 1571 ** 1572 *******************************************************************************/ 1573 1574 bt_status_t btif_dm_pin_reply( const bt_bdaddr_t *bd_addr, uint8_t accept, 1575 uint8_t pin_len, bt_pin_code_t *pin_code) 1576 { 1577 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 1578 1579 BTA_DmPinReply( (UINT8 *)bd_addr->address, accept, pin_len, pin_code->pin); 1580 1581 if (accept) 1582 pairing_cb.pin_code_len = pin_len; 1583 1584 return BT_STATUS_SUCCESS; 1585 } 1586 1587 /******************************************************************************* 1588 ** 1589 ** Function btif_dm_ssp_reply 1590 ** 1591 ** Description BT SSP Reply - Just Works, Numeric Comparison & Passkey Entry 1592 ** 1593 ** Returns bt_status_t 1594 ** 1595 *******************************************************************************/ 1596 1597 bt_status_t btif_dm_ssp_reply(const bt_bdaddr_t *bd_addr, 1598 bt_ssp_variant_t variant, uint8_t accept, 1599 uint32_t passkey) 1600 { 1601 if (variant == BT_SSP_VARIANT_PASSKEY_ENTRY) 1602 { 1603 /* This is not implemented in the stack. 1604 * For devices with display, this is not needed 1605 */ 1606 BTIF_TRACE_WARNING1("%s: Not implemented", __FUNCTION__); 1607 return BT_STATUS_FAIL; 1608 } 1609 /* BT_SSP_VARIANT_CONSENT & BT_SSP_VARIANT_PASSKEY_CONFIRMATION supported */ 1610 BTIF_TRACE_EVENT2("%s: accept=%d", __FUNCTION__, accept); 1611 BTA_DmConfirm( (UINT8 *)bd_addr->address, accept); 1612 1613 return BT_STATUS_SUCCESS; 1614 } 1615 1616 /******************************************************************************* 1617 ** 1618 ** Function btif_dm_get_adapter_property 1619 ** 1620 ** Description Queries the BTA for the adapter property 1621 ** 1622 ** Returns bt_status_t 1623 ** 1624 *******************************************************************************/ 1625 bt_status_t btif_dm_get_adapter_property(bt_property_t *prop) 1626 { 1627 bt_status_t status; 1628 1629 BTIF_TRACE_EVENT2("%s: type=0x%x", __FUNCTION__, prop->type); 1630 switch (prop->type) 1631 { 1632 case BT_PROPERTY_BDNAME: 1633 { 1634 bt_bdname_t *bd_name = (bt_bdname_t*)prop->val; 1635 strcpy((char *)bd_name->name, (char *)BTM_DEF_LOCAL_NAME); 1636 prop->len = strlen((char *)bd_name->name); 1637 } 1638 break; 1639 1640 case BT_PROPERTY_ADAPTER_SCAN_MODE: 1641 { 1642 /* if the storage does not have it. Most likely app never set it. Default is NONE */ 1643 bt_scan_mode_t *mode = (bt_scan_mode_t*)prop->val; 1644 *mode = BT_SCAN_MODE_NONE; 1645 prop->len = sizeof(bt_scan_mode_t); 1646 } 1647 break; 1648 1649 case BT_PROPERTY_ADAPTER_DISCOVERY_TIMEOUT: 1650 { 1651 uint32_t *tmt = (uint32_t*)prop->val; 1652 *tmt = 120; /* default to 120s, if not found in NV */ 1653 prop->len = sizeof(uint32_t); 1654 } 1655 break; 1656 1657 default: 1658 prop->len = 0; 1659 return BT_STATUS_FAIL; 1660 } 1661 return BT_STATUS_SUCCESS; 1662 } 1663 1664 /******************************************************************************* 1665 ** 1666 ** Function btif_dm_get_remote_services 1667 ** 1668 ** Description Start SDP to get remote services 1669 ** 1670 ** Returns bt_status_t 1671 ** 1672 *******************************************************************************/ 1673 bt_status_t btif_dm_get_remote_services(bt_bdaddr_t *remote_addr) 1674 { 1675 bdstr_t bdstr; 1676 1677 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 1678 1679 BTA_DmDiscover(remote_addr->address, BTA_ALL_SERVICE_MASK, 1680 bte_dm_search_services_evt, TRUE); 1681 1682 return BT_STATUS_SUCCESS; 1683 } 1684 1685 /******************************************************************************* 1686 ** 1687 ** Function btif_dm_get_remote_service_record 1688 ** 1689 ** Description Start SDP to get remote service record 1690 ** 1691 ** 1692 ** Returns bt_status_t 1693 *******************************************************************************/ 1694 bt_status_t btif_dm_get_remote_service_record(bt_bdaddr_t *remote_addr, 1695 bt_uuid_t *uuid) 1696 { 1697 tSDP_UUID sdp_uuid; 1698 bdstr_t bdstr; 1699 1700 BTIF_TRACE_EVENT2("%s: remote_addr=%s", __FUNCTION__, bd2str(remote_addr, &bdstr)); 1701 1702 sdp_uuid.len = MAX_UUID_SIZE; 1703 memcpy(sdp_uuid.uu.uuid128, uuid->uu, MAX_UUID_SIZE); 1704 1705 BTA_DmDiscoverUUID(remote_addr->address, &sdp_uuid, 1706 bte_dm_remote_service_record_evt, TRUE); 1707 1708 return BT_STATUS_SUCCESS; 1709 } 1710 1711 void btif_dm_execute_service_request(UINT16 event, char *p_param) 1712 { 1713 BOOLEAN b_enable = FALSE; 1714 bt_status_t status; 1715 if (event == BTIF_DM_ENABLE_SERVICE) 1716 { 1717 b_enable = TRUE; 1718 } 1719 status = btif_in_execute_service_request(*((tBTA_SERVICE_ID*)p_param), b_enable); 1720 if (status == BT_STATUS_SUCCESS) 1721 { 1722 bt_property_t property; 1723 bt_uuid_t local_uuids[BT_MAX_NUM_UUIDS]; 1724 1725 /* Now send the UUID_PROPERTY_CHANGED event to the upper layer */ 1726 BTIF_STORAGE_FILL_PROPERTY(&property, BT_PROPERTY_UUIDS, 1727 sizeof(local_uuids), local_uuids); 1728 btif_storage_get_adapter_property(&property); 1729 HAL_CBACK(bt_hal_cbacks, adapter_properties_cb, 1730 BT_STATUS_SUCCESS, 1, &property); 1731 } 1732 return; 1733 } 1734 1735 #if (BTM_OOB_INCLUDED == TRUE) 1736 void btif_dm_set_oob_for_io_req(tBTA_OOB_DATA *p_oob_data) 1737 { 1738 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 1739 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 1740 { 1741 *p_oob_data = FALSE; 1742 } 1743 else 1744 { 1745 *p_oob_data = TRUE; 1746 } 1747 BTIF_TRACE_DEBUG1("btif_dm_set_oob_for_io_req *p_oob_data=%d", *p_oob_data); 1748 } 1749 #endif /* BTM_OOB_INCLUDED */ 1750 1751 #ifdef BTIF_DM_OOB_TEST 1752 void btif_dm_load_local_oob(void) 1753 { 1754 char prop_oob[32]; 1755 property_get("service.brcm.bt.oob", prop_oob, "3"); 1756 BTIF_TRACE_DEBUG1("btif_dm_load_local_oob prop_oob = %s",prop_oob); 1757 if (prop_oob[0] != '3') 1758 { 1759 #if (BTM_OOB_INCLUDED == TRUE) 1760 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 1761 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 ) 1762 { 1763 BTIF_TRACE_DEBUG0("btif_dm_load_local_oob: read OOB, call BTA_DmLocalOob()"); 1764 BTA_DmLocalOob(); 1765 } 1766 #else 1767 BTIF_TRACE_ERROR0("BTM_OOB_INCLUDED is FALSE!!(btif_dm_load_local_oob)"); 1768 #endif 1769 } 1770 } 1771 1772 void btif_dm_proc_loc_oob(BOOLEAN valid, BT_OCTET16 c, BT_OCTET16 r) 1773 { 1774 FILE *fp; 1775 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 1776 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 1777 char *path = NULL; 1778 char prop_oob[32]; 1779 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: valid=%d", valid); 1780 if (oob_cb.sp_c[0] == 0 && oob_cb.sp_c[1] == 0 && 1781 oob_cb.sp_c[2] == 0 && oob_cb.sp_c[3] == 0 && 1782 valid) 1783 { 1784 BTIF_TRACE_DEBUG0("save local OOB data in memory"); 1785 memcpy(oob_cb.sp_c, c, BT_OCTET16_LEN); 1786 memcpy(oob_cb.sp_r, r, BT_OCTET16_LEN); 1787 property_get("service.brcm.bt.oob", prop_oob, "3"); 1788 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob prop_oob = %s",prop_oob); 1789 if (prop_oob[0] == '1') 1790 path = path_a; 1791 else if (prop_oob[0] == '2') 1792 path = path_b; 1793 if (path) 1794 { 1795 fp = fopen(path, "wb+"); 1796 if (fp == NULL) 1797 { 1798 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: failed to save local OOB data to %s", path); 1799 } 1800 else 1801 { 1802 BTIF_TRACE_DEBUG1("btif_dm_proc_loc_oob: save local OOB data into file %s",path); 1803 fwrite (c , 1 , BT_OCTET16_LEN , fp ); 1804 fwrite (r , 1 , BT_OCTET16_LEN , fp ); 1805 fclose(fp); 1806 } 1807 } 1808 } 1809 } 1810 BOOLEAN btif_dm_proc_rmt_oob(BD_ADDR bd_addr, BT_OCTET16 p_c, BT_OCTET16 p_r) 1811 { 1812 char t[128]; 1813 FILE *fp; 1814 char *path_a = "/data/misc/bluedroid/LOCAL/a.key"; 1815 char *path_b = "/data/misc/bluedroid/LOCAL/b.key"; 1816 char *path = NULL; 1817 char prop_oob[32]; 1818 BOOLEAN result = FALSE; 1819 bt_bdaddr_t bt_bd_addr; 1820 bdcpy(oob_cb.oob_bdaddr, bd_addr); 1821 property_get("service.brcm.bt.oob", prop_oob, "3"); 1822 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob prop_oob = %s",prop_oob); 1823 if (prop_oob[0] == '1') 1824 path = path_b; 1825 else if (prop_oob[0] == '2') 1826 path = path_a; 1827 if (path) 1828 { 1829 fp = fopen(path, "rb"); 1830 if (fp == NULL) 1831 { 1832 BTIF_TRACE_DEBUG1("btapp_dm_rmt_oob_reply: failed to read OOB keys from %s",path); 1833 return FALSE; 1834 } 1835 else 1836 { 1837 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob: read OOB data from %s",path); 1838 fread (p_c , 1 , BT_OCTET16_LEN , fp ); 1839 fread (p_r , 1 , BT_OCTET16_LEN , fp ); 1840 fclose(fp); 1841 } 1842 BTIF_TRACE_DEBUG0("----btif_dm_proc_rmt_oob: TRUE"); 1843 sprintf(t, "%02x:%02x:%02x:%02x:%02x:%02x", 1844 oob_cb.oob_bdaddr[0], oob_cb.oob_bdaddr[1], oob_cb.oob_bdaddr[2], 1845 oob_cb.oob_bdaddr[3], oob_cb.oob_bdaddr[4], oob_cb.oob_bdaddr[5]); 1846 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: peer_bdaddr = %s", t); 1847 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 1848 p_c[0], p_c[1], p_c[2], p_c[3], p_c[4], p_c[5], p_c[6], p_c[7], 1849 p_c[8], p_c[9], p_c[10], p_c[11], p_c[12], p_c[13], p_c[14], p_c[15]); 1850 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: c = %s",t); 1851 sprintf(t, "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x", 1852 p_r[0], p_r[1], p_r[2], p_r[3], p_r[4], p_r[5], p_r[6], p_r[7], 1853 p_r[8], p_r[9], p_r[10], p_r[11], p_r[12], p_r[13], p_r[14], p_r[15]); 1854 BTIF_TRACE_DEBUG1("----btif_dm_proc_rmt_oob: r = %s",t); 1855 bdcpy(bt_bd_addr.address, bd_addr); 1856 btif_transfer_context(btif_dm_generic_evt, BTIF_DM_CB_BOND_STATE_BONDING, 1857 (char *)&bt_bd_addr, sizeof(bt_bdaddr_t), NULL); 1858 result = TRUE; 1859 } 1860 BTIF_TRACE_DEBUG1("btif_dm_proc_rmt_oob result=%d",result); 1861 return result; 1862 } 1863 #endif /* BTIF_DM_OOB_TEST */ 1864 1865 void btif_dm_on_disable() 1866 { 1867 /* cancel any pending pairing requests */ 1868 if (pairing_cb.state == BT_BOND_STATE_BONDING) 1869 { 1870 bt_bdaddr_t bd_addr; 1871 1872 BTIF_TRACE_DEBUG1("%s: Cancel pending pairing request", __FUNCTION__); 1873 bdcpy(bd_addr.address, pairing_cb.bd_addr); 1874 btif_dm_cancel_bond(&bd_addr); 1875 } 1876 } 1877