NetBSD/usr.sbin/sdpd/record.c
2010-03-07 10:58:40 +00:00

248 lines
6.1 KiB
C

/* $NetBSD: record.c,v 1.2 2010/03/07 10:58:40 plunky Exp $ */
/*-
* Copyright (c) 2009 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Iain Hibbert.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__RCSID("$NetBSD: record.c,v 1.2 2010/03/07 10:58:40 plunky Exp $");
#include <bluetooth.h>
#include <sdp.h>
#include <string.h>
#include "sdpd.h"
static bool sdpd_valid_record(sdp_data_t *);
/*
* These record manipulation requests are not part of the SDP
* specification, they are a private extension and valid only
* for privileged clients on the control socket.
*/
uint16_t
record_insert_request(server_t *srv, int fd)
{
sdp_data_t seq;
bdaddr_t bdaddr;
log_debug("RecordInsertRequest by client on fd#%d", fd);
seq.next = srv->ibuf;
seq.end = srv->ibuf + srv->pdu.len;
if (!srv->fdidx[fd].control
|| !srv->fdidx[fd].priv)
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
srv->fdidx[fd].offset = 0;
db_unselect(srv, fd);
/*
* extract BluetoothDeviceAddress
*/
if (seq.next + sizeof(bdaddr_t) > seq.end)
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
memcpy(&bdaddr, seq.next, sizeof(bdaddr_t));
seq.next += sizeof(bdaddr_t);
/*
* extract ServiceRecord and add to database
*/
if (!sdp_get_seq(&seq, &seq)
|| !sdpd_valid_record(&seq))
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
/* (ignores any additional data) */
if (!db_create(srv, fd, &bdaddr, srv->handle, &seq))
return SDP_ERROR_CODE_INSUFFICIENT_RESOURCES;
/*
* encode 'success' ErrorCode and ServiceRecordHandle and
* bump server handle
*/
be16enc(srv->obuf, 0x0000);
be32enc(srv->obuf + sizeof(uint16_t), srv->handle++);
/*
* fill in PDU header and we are done
*/
srv->pdu.pid = SDP_PDU_ERROR_RESPONSE;
srv->pdu.len = sizeof(uint16_t) + sizeof(uint32_t);
return 0;
}
uint16_t
record_update_request(server_t *srv, int fd)
{
record_t *rec;
sdp_data_t seq;
log_debug("RecordUpdateRequest by client on fd#%d", fd);
seq.next = srv->ibuf;
seq.end = srv->ibuf + srv->pdu.len;
if (!srv->fdidx[fd].control
|| !srv->fdidx[fd].priv)
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
srv->fdidx[fd].offset = 0;
db_unselect(srv, fd);
/*
* extract ServiceRecordHandle and select record
*/
if (seq.next + sizeof(uint32_t) > seq.end)
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
db_select_handle(srv, fd, be32dec(seq.next));
seq.next += sizeof(uint32_t);
rec = NULL;
db_next(srv, fd, &rec);
if (rec == NULL || rec->fd != fd)
return SDP_ERROR_CODE_INVALID_SERVICE_RECORD_HANDLE;
db_unselect(srv, fd);
/*
* extract ServiceRecord and add to database
*/
if (!sdp_get_seq(&seq, &seq)
|| !sdpd_valid_record(&seq))
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
/* (ignores any additional data) */
if (!db_create(srv, fd, &rec->bdaddr, rec->handle, &seq))
return SDP_ERROR_CODE_INSUFFICIENT_RESOURCES;
/*
* encode 'success' ErrorCode
*/
be16enc(srv->obuf, 0x0000);
/*
* fill in PDU header and we are done
*/
srv->pdu.pid = SDP_PDU_ERROR_RESPONSE;
srv->pdu.len = sizeof(uint16_t);
return 0;
}
uint16_t
record_remove_request(server_t *srv, int fd)
{
record_t *rec;
log_debug("RecordRemoveRequest by client on fd#%d", fd);
if (!srv->fdidx[fd].control
|| !srv->fdidx[fd].priv)
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
srv->fdidx[fd].offset = 0;
db_unselect(srv, fd);
/*
* extract ServiceRecordHandle
*/
if (srv->pdu.len != sizeof(uint32_t))
return SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
db_select_handle(srv, fd, be32dec(srv->ibuf));
rec = NULL;
db_next(srv, fd, &rec);
if (rec == NULL || rec->fd != fd)
return SDP_ERROR_CODE_INVALID_SERVICE_RECORD_HANDLE;
/*
* expire the record
*/
rec->refcnt--;
rec->valid = false;
rec->fd = -1;
db_unselect(srv, fd);
/*
* encode 'success' ErrorCode
*/
be16enc(srv->obuf, 0x0000);
/*
* fill in PDU header and we are done
*/
srv->pdu.pid = SDP_PDU_ERROR_RESPONSE;
srv->pdu.len = sizeof(uint16_t);
return 0;
}
/*
* validate ServiceRecord data element list
*
* The record must contain a list of attribute/value pairs where the
* attributes are unsigned 16-bit integer values in ascending order.
*/
static bool
sdpd_valid_record(sdp_data_t *data)
{
sdp_data_t d, s;
uintmax_t a0, a;
s = *data;
if (!sdp_data_valid(&s))
return false;
/* The first attribute must be ServiceRecordHandle */
if (!sdp_get_data(&s, &d)
|| sdp_data_type(&d) != SDP_DATA_UINT16
|| !sdp_get_uint(&d, &a0)
|| a0 != SDP_ATTR_SERVICE_RECORD_HANDLE
|| !sdp_get_data(&s, &d)
|| sdp_data_type(&d) != SDP_DATA_UINT32)
return false;
/* and remaining attribute IDs must be in ascending order */
while (sdp_get_data(&s, &d)
&& sdp_data_type(&d) == SDP_DATA_UINT16
&& sdp_get_uint(&d, &a)
&& a > a0
&& sdp_get_data(&s, &d))
a0 = a;
if (s.next != s.end)
return false;
return true;
}