1 /* $NetBSD: client.c,v 1.4 2006/09/29 20:06:11 plunky Exp $ */
2 /* $DragonFly: src/usr.sbin/bthcid/client.c,v 1.1 2008/01/30 14:10:19 hasso Exp $ */
3
4 /*-
5 * Copyright (c) 2006 Itronix Inc.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of Itronix Inc. may not be used to endorse
17 * or promote products derived from this software without specific
18 * prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY
24 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27 * ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 #include <sys/ioctl.h>
34 #include <sys/queue.h>
35 #include <sys/stat.h>
36 #include <sys/types.h>
37 #include <sys/event.h>
38 #include <sys/time.h>
39 #include <sys/un.h>
40 #include <bluetooth.h>
41 #include <errno.h>
42 #include <fcntl.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <syslog.h>
46 #include <unistd.h>
47
48 #include "bthcid.h"
49
50 /*
51 * A client is anybody who connects to our control socket to
52 * receive PIN requests.
53 */
54 struct client {
55 int fd; /* client descriptor */
56 LIST_ENTRY(client) next;
57 };
58
59 /*
60 * PIN cache items are made when we have sent a client pin
61 * request. The event is used to expire the item.
62 */
63 struct item {
64 bdaddr_t laddr; /* local device BDADDR */
65 bdaddr_t raddr; /* remote device BDADDR */
66 uint8_t pin[HCI_PIN_SIZE]; /* PIN */
67 int hci; /* HCI socket */
68 LIST_ENTRY(item) next;
69 };
70
71 static LIST_HEAD(,client) client_list;
72 static LIST_HEAD(,item) item_list;
73
74 #define PIN_REQUEST_TIMEOUT 30 /* Request is valid */
75 #define PIN_TIMEOUT 300 /* PIN is valid */
76
77 int
init_control(const char * name,mode_t mode)78 init_control(const char *name, mode_t mode)
79 {
80 struct sockaddr_un un;
81 struct kevent change;
82 struct timespec timeout = { 0, 0 };
83 int ctl;
84
85 LIST_INIT(&client_list);
86 LIST_INIT(&item_list);
87
88 if (name == NULL)
89 return 0;
90
91 if (unlink(name) < 0 && errno != ENOENT)
92 return -1;
93
94 ctl = socket(PF_LOCAL, SOCK_STREAM, 0);
95 if (ctl < 0)
96 return -1;
97
98 memset(&un, 0, sizeof(un));
99 un.sun_len = sizeof(un);
100 un.sun_family = AF_LOCAL;
101 strlcpy(un.sun_path, name, sizeof(un.sun_path));
102 if (bind(ctl, (struct sockaddr *)&un, sizeof(un)) < 0) {
103 close(ctl);
104 return -1;
105 }
106
107 if (chmod(name, mode) < 0) {
108 close(ctl);
109 unlink(name);
110 return -1;
111 }
112
113 if (listen(ctl, 10) < 0) {
114 close(ctl);
115 unlink(name);
116 return -1;
117 }
118
119 EV_SET(&change, ctl, EVFILT_READ, EV_ADD, 0, 0, NULL);
120 if (kevent(hci_kq, &change, 1, NULL, 0, &timeout) == -1) {
121 close(ctl);
122 unlink(name);
123 return -1;
124 }
125
126 return ctl;
127 }
128
129 /* Process control socket event */
130 void
process_control(int sock)131 process_control(int sock)
132 {
133 struct sockaddr_un un;
134 socklen_t n;
135 struct kevent change;
136 struct timespec timeout = { 0, 0 };
137 int fd;
138 struct client *cl;
139
140 n = sizeof(un);
141 fd = accept(sock, (struct sockaddr *)&un, &n);
142 if (fd < 0) {
143 syslog(LOG_ERR, "Could not accept PIN client connection");
144 return;
145 }
146
147 n = 1;
148 if (ioctl(fd, FIONBIO, &n) < 0) {
149 syslog(LOG_ERR, "Could not set non blocking IO for client");
150 close(fd);
151 return;
152 }
153
154 cl = malloc(sizeof(struct client));
155 if (cl == NULL) {
156 syslog(LOG_ERR, "Could not malloc client");
157 close(fd);
158 return;
159 }
160
161 memset(cl, 0, sizeof(struct client));
162 cl->fd = fd;
163
164 EV_SET(&change, cl->fd, EVFILT_READ, EV_ADD, 0, 0, cl);
165 if (kevent(hci_kq, &change, 1, NULL, 0, &timeout) == -1) {
166 syslog(LOG_ERR, "Could not add client event");
167 free(cl);
168 close(fd);
169 return;
170 }
171
172 syslog(LOG_DEBUG, "New Client");
173 LIST_INSERT_HEAD(&client_list, cl, next);
174 }
175
176 /* Process client response packet */
177 void
process_client(int sock,void * arg)178 process_client(int sock, void *arg)
179 {
180 bthcid_pin_response_t rp;
181 struct sockaddr_bt sa;
182 struct client *cl = arg;
183 struct item *item;
184 struct kevent change;
185 struct timespec timeout = { 0, 0 };
186 int n;
187
188 n = recv(sock, &rp, sizeof(rp), 0);
189 if (n != sizeof(rp)) {
190 if (n != 0)
191 syslog(LOG_ERR, "Bad Client");
192
193 close(sock);
194 LIST_REMOVE(cl, next);
195 free(cl);
196
197 syslog(LOG_DEBUG, "Client Closed");
198 return;
199 }
200
201 syslog(LOG_DEBUG, "Received PIN for %s", bt_ntoa(&rp.raddr, NULL));
202
203 LIST_FOREACH(item, &item_list, next) {
204 if (bdaddr_same(&rp.laddr, &item->laddr) == 0
205 || bdaddr_same(&rp.raddr, &item->raddr) == 0)
206 continue;
207
208 EV_SET(&change, sock, EVFILT_TIMER, EV_DELETE, 0, 0, NULL);
209 kevent(hci_kq, &change, 1, NULL, 0, &timeout);
210 if (item->hci != -1) {
211 memset(&sa, 0, sizeof(sa));
212 sa.bt_len = sizeof(sa);
213 sa.bt_family = AF_BLUETOOTH;
214 bdaddr_copy(&sa.bt_bdaddr, &item->laddr);
215
216 send_pin_code_reply(item->hci, &sa, &item->raddr, rp.pin);
217 LIST_REMOVE(item, next);
218 free(item);
219 return;
220 }
221 goto newpin;
222 }
223
224 item = malloc(sizeof(struct item));
225 if (item == NULL) {
226 syslog(LOG_ERR, "Item allocation failed");
227 return;
228 }
229
230 memset(item, 0, sizeof(struct item));
231 bdaddr_copy(&item->laddr, &rp.laddr);
232 bdaddr_copy(&item->raddr, &rp.raddr);
233 LIST_INSERT_HEAD(&item_list, item, next);
234
235 newpin:
236 syslog(LOG_DEBUG, "Caching PIN for %s", bt_ntoa(&rp.raddr, NULL));
237
238 memcpy(item->pin, rp.pin, HCI_PIN_SIZE);
239 item->hci = -1;
240
241 EV_SET(&change, sock, EVFILT_TIMER, EV_ADD, 0, PIN_TIMEOUT * 1000, NULL);
242 if (kevent(hci_kq, &change, 1, NULL, 0, &timeout) == -1) {
243 syslog(LOG_ERR, "Cannot add event timer for item");
244 LIST_REMOVE(item, next);
245 free(item);
246 }
247 }
248
249 /* Send PIN request to client */
250 int
send_client_request(bdaddr_t * laddr,bdaddr_t * raddr,int hci)251 send_client_request(bdaddr_t *laddr, bdaddr_t *raddr, int hci)
252 {
253 bthcid_pin_request_t cp;
254 struct client *cl;
255 struct item *item;
256 struct kevent change;
257 struct timespec timeout = { 0, 0 };
258 int n = 0;
259
260 memset(&cp, 0, sizeof(cp));
261 bdaddr_copy(&cp.laddr, laddr);
262 bdaddr_copy(&cp.raddr, raddr);
263 cp.time = PIN_REQUEST_TIMEOUT;
264
265 LIST_FOREACH(cl, &client_list, next) {
266 if (send(cl->fd, &cp, sizeof(cp), 0) != sizeof(cp))
267 syslog(LOG_ERR, "send PIN request failed");
268 else
269 n++;
270 }
271
272 if (n == 0)
273 return 0;
274
275 syslog(LOG_DEBUG, "Sent PIN requests to %d client%s.",
276 n, (n == 1 ? "" : "s"));
277
278 item = malloc(sizeof(struct item));
279 if (item == NULL) {
280 syslog(LOG_ERR, "Cannot allocate PIN request item");
281 return 0;
282 }
283
284 memset(item, 0, sizeof(struct item));
285 bdaddr_copy(&item->laddr, laddr);
286 bdaddr_copy(&item->raddr, raddr);
287 item->hci = hci;
288 EV_SET(&change, item->hci, EVFILT_TIMER, EV_ADD, 0, cp.time * 1000, item);
289 if (kevent(hci_kq, &change, 1, NULL, 0, &timeout) == -1) {
290 syslog(LOG_ERR, "Cannot add request timer");
291 free(item);
292 return 0;
293 }
294
295 LIST_INSERT_HEAD(&item_list, item, next);
296 return 1;
297 }
298
299 /* Process item event (by expiring it) */
300 void
process_item(void * arg)301 process_item(void *arg)
302 {
303 struct item *item = arg;
304 struct kevent change;
305 struct timespec timeout = { 0, 0 };
306
307 syslog(LOG_DEBUG, "PIN for %s expired", bt_ntoa(&item->raddr, NULL));
308 LIST_REMOVE(item, next);
309 EV_SET(&change, item->hci, EVFILT_TIMER, EV_DELETE, 0, 0, 0);
310 kevent(hci_kq, &change, 1, NULL, 0, &timeout);
311 free(item);
312 }
313
314 /* lookup PIN in item cache */
315 uint8_t *
lookup_pin(bdaddr_t * laddr,bdaddr_t * raddr)316 lookup_pin(bdaddr_t *laddr, bdaddr_t *raddr)
317 {
318 static uint8_t pin[HCI_PIN_SIZE];
319 struct item *item;
320 struct kevent change;
321 struct timespec timeout = { 0, 0 };
322
323 LIST_FOREACH(item, &item_list, next) {
324 if (bdaddr_same(raddr, &item->raddr) == 0)
325 continue;
326
327 if (bdaddr_same(laddr, &item->laddr) == 0
328 && bdaddr_any(&item->laddr) == 0)
329 continue;
330
331 if (item->hci >= 0)
332 break;
333
334 syslog(LOG_DEBUG, "Matched PIN from cache");
335 memcpy(pin, item->pin, sizeof(pin));
336
337 LIST_REMOVE(item, next);
338 EV_SET(&change, item->hci, EVFILT_TIMER, EV_DELETE, 0, 0, 0);
339 kevent(hci_kq, &change, 1, NULL, 0, &timeout);
340 free(item);
341
342 return pin;
343 }
344
345 return NULL;
346 }
347