From 64472d52af09d19f0f9153f6ed370a13e23ceafb Mon Sep 17 00:00:00 2001
From: "matthias.ringwald"
 <matthias.ringwald@1a0a8af8-31b5-11de-8e0c-53a27eea117e>
Date: Tue, 21 Jun 2011 20:28:09 +0000
Subject: [PATCH] fix some bugs in l2cap establishment

---
 src/hci.c   | 6 +++++-
 src/l2cap.c | 9 ++++++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/hci.c b/src/hci.c
index 946617ce7..76ef7430a 100644
--- a/src/hci.c
+++ b/src/hci.c
@@ -443,9 +443,11 @@ static void event_handler(uint8_t *packet, int size){
             break;
 
         case HCI_EVENT_LINK_KEY_REQUEST:
+            log_dbg("HCI_EVENT_LINK_KEY_REQUEST\n");
             hci_add_connection_flags_for_flipped_bd_addr(&packet[2], RECV_LINK_KEY_REQUEST);
             if (!hci_stack.remote_device_db) break;
             hci_add_connection_flags_for_flipped_bd_addr(&packet[2], HANDLE_LINK_KEY_REQUEST);
+            hci_run();
             // request already answered
             return;
             
@@ -839,10 +841,11 @@ void hci_run(){
     for (it = (linked_item_t *) hci_stack.connections; it ; it = it->next){
 
         connection = (hci_connection_t *) it;
-        
+
         if (!hci_can_send_packet_now(HCI_COMMAND_DATA_PACKET)) return;
         
         if (connection->state == RECEIVED_CONNECTION_REQUEST){
+            log_dbg("sending hci_accept_connection_request\n");
             hci_send_cmd(&hci_accept_connection_request, connection->address, 1);
             connection->state = ACCEPTED_CONNECTION_REQUEST;
         }
@@ -851,6 +854,7 @@ void hci_run(){
         
         if (connection->authentication_flags & HANDLE_LINK_KEY_REQUEST){
             link_key_t link_key;
+            log_dbg("responding to link key request\n");
             if ( hci_stack.remote_device_db->get_link_key( &connection->address, &link_key)){
                hci_send_cmd(&hci_link_key_request_reply, connection->address, &link_key);
             } else {
diff --git a/src/l2cap.c b/src/l2cap.c
index 1eb18f561..ae4a615e1 100644
--- a/src/l2cap.c
+++ b/src/l2cap.c
@@ -305,10 +305,10 @@ void l2cap_run(void){
         switch (channel->state){
 
             case L2CAP_STATE_WILL_SEND_CREATE_CONNECTION:
-                // send connection request
+                // send connection request - set state first
+                channel->state = L2CAP_STATE_WAIT_CONNECTION_COMPLETE;
                 // BD_ADDR, Packet_Type, Page_Scan_Repetition_Mode, Reserved, Clock_Offset, Allow_Role_Switch
                 hci_send_cmd(&hci_create_connection, channel->address, 0xcc18, 0, 0, 0, 1); 
-                channel->state = L2CAP_STATE_WAIT_CONNECTION_COMPLETE;
                 break;
                 
             case L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_DECLINE:
@@ -646,7 +646,7 @@ void l2cap_signaling_handler_channel(l2cap_channel_t *channel, uint8_t *command)
     uint8_t  identifier = command[L2CAP_SIGNALING_COMMAND_SIGID_OFFSET];
     uint16_t result = 0;
     
-    // log_dbg("signaling handler code %u\n", code);
+    log_dbg("signaling handler code %u, state %u\n", code, channel->state);
     
     // handle DISCONNECT REQUESTS seperately
     if (code == DISCONNECTION_REQUEST){
@@ -890,6 +890,9 @@ void l2cap_acl_handler( uint8_t *packet, uint16_t size ){
             // increment command_offset
             command_offset += L2CAP_SIGNALING_COMMAND_DATA_OFFSET + READ_BT_16(packet, command_offset + L2CAP_SIGNALING_COMMAND_LENGTH_OFFSET);
         }
+        
+        l2cap_run();
+        
         return;
     }