3
* BlueZ - Bluetooth protocol stack for Linux
5
* Copyright (C) 2003-2008 Marcel Holtmann <marcel@holtmann.org>
8
* This program is free software; you can redistribute it and/or modify
9
* it under the terms of the GNU General Public License as published by
10
* the Free Software Foundation; either version 2 of the License, or
11
* (at your option) any later version.
13
* This program is distributed in the hope that it will be useful,
14
* but WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
* GNU General Public License for more details.
18
* You should have received a copy of the GNU General Public License
19
* along with this program; if not, write to the Free Software
20
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
39
#include <sys/ioctl.h>
40
#include <sys/socket.h>
42
#include <bluetooth/bluetooth.h>
43
#include <bluetooth/hci.h>
44
#include <bluetooth/hci_lib.h>
45
#include <bluetooth/l2cap.h>
46
#include <bluetooth/sdp.h>
47
#include <bluetooth/hidp.h>
65
static volatile sig_atomic_t __io_canceled = 0;
67
static void sig_hup(int sig)
71
static void sig_term(int sig)
76
static int l2cap_connect(bdaddr_t *src, bdaddr_t *dst, unsigned short psm)
78
struct sockaddr_l2 addr;
79
struct l2cap_options opts;
82
if ((sk = socket(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP)) < 0)
85
memset(&addr, 0, sizeof(addr));
86
addr.l2_family = AF_BLUETOOTH;
87
bacpy(&addr.l2_bdaddr, src);
89
if (bind(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
94
memset(&opts, 0, sizeof(opts));
95
opts.imtu = HIDP_DEFAULT_MTU;
96
opts.omtu = HIDP_DEFAULT_MTU;
97
opts.flush_to = 0xffff;
99
setsockopt(sk, SOL_L2CAP, L2CAP_OPTIONS, &opts, sizeof(opts));
101
memset(&addr, 0, sizeof(addr));
102
addr.l2_family = AF_BLUETOOTH;
103
bacpy(&addr.l2_bdaddr, dst);
104
addr.l2_psm = htobs(psm);
106
if (connect(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
114
static int l2cap_listen(const bdaddr_t *bdaddr, unsigned short psm, int lm, int backlog)
116
struct sockaddr_l2 addr;
117
struct l2cap_options opts;
120
if ((sk = socket(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP)) < 0)
123
memset(&addr, 0, sizeof(addr));
124
addr.l2_family = AF_BLUETOOTH;
125
bacpy(&addr.l2_bdaddr, bdaddr);
126
addr.l2_psm = htobs(psm);
128
if (bind(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
133
setsockopt(sk, SOL_L2CAP, L2CAP_LM, &lm, sizeof(lm));
135
memset(&opts, 0, sizeof(opts));
136
opts.imtu = HIDP_DEFAULT_MTU;
137
opts.omtu = HIDP_DEFAULT_MTU;
138
opts.flush_to = 0xffff;
140
setsockopt(sk, SOL_L2CAP, L2CAP_OPTIONS, &opts, sizeof(opts));
142
if (listen(sk, backlog) < 0) {
150
static int l2cap_accept(int sk, bdaddr_t *bdaddr)
152
struct sockaddr_l2 addr;
156
memset(&addr, 0, sizeof(addr));
157
addrlen = sizeof(addr);
159
if ((nsk = accept(sk, (struct sockaddr *) &addr, &addrlen)) < 0)
163
bacpy(bdaddr, &addr.l2_bdaddr);
168
static int request_authentication(bdaddr_t *src, bdaddr_t *dst)
170
struct hci_conn_info_req *cr;
175
dev_id = hci_devid(addr);
179
dd = hci_open_dev(dev_id);
183
cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
187
bacpy(&cr->bdaddr, dst);
189
err = ioctl(dd, HCIGETCONNINFO, (unsigned long) cr);
196
err = hci_authenticate_link(dd, htobs(cr->conn_info->handle), 25000);
204
static int request_encryption(bdaddr_t *src, bdaddr_t *dst)
206
struct hci_conn_info_req *cr;
211
dev_id = hci_devid(addr);
215
dd = hci_open_dev(dev_id);
219
cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
223
bacpy(&cr->bdaddr, dst);
225
err = ioctl(dd, HCIGETCONNINFO, (unsigned long) cr);
232
err = hci_encrypt_link(dd, htobs(cr->conn_info->handle), 1, 25000);
240
static void enable_sixaxis(int csk)
242
const unsigned char buf[] = {
243
0x53 /*HIDP_TRANS_SET_REPORT | HIDP_DATA_RTYPE_FEATURE*/,
244
0xf4, 0x42, 0x03, 0x00, 0x00 };
247
err = write(csk, buf, sizeof(buf));
250
static int create_device(int ctl, int csk, int isk, uint8_t subclass, int nosdp, int nocheck, int bootonly, int encrypt, int timeout)
252
struct hidp_connadd_req req;
253
struct sockaddr_l2 addr;
259
memset(&addr, 0, sizeof(addr));
260
addrlen = sizeof(addr);
262
if (getsockname(csk, (struct sockaddr *) &addr, &addrlen) < 0)
265
bacpy(&src, &addr.l2_bdaddr);
267
memset(&addr, 0, sizeof(addr));
268
addrlen = sizeof(addr);
270
if (getpeername(csk, (struct sockaddr *) &addr, &addrlen) < 0)
273
bacpy(&dst, &addr.l2_bdaddr);
275
memset(&req, 0, sizeof(req));
279
req.idle_to = timeout * 60;
281
err = get_stored_device_info(&src, &dst, &req);
287
syslog(LOG_ERR, "Rejected connection from unknown device %s", bda);
288
/* Return no error to avoid run_server() complaining too */
293
err = get_sdp_device_info(&src, &dst, &req);
297
struct l2cap_conninfo conn;
301
memset(&conn, 0, sizeof(conn));
303
if (getsockopt(csk, SOL_L2CAP, L2CAP_CONNINFO, &conn, &size) < 0)
306
memcpy(class, conn.dev_class, 3);
308
if (class[1] == 0x25 && (class[2] == 0x00 || class[2] == 0x01))
309
req.subclass = class[0];
315
if (subclass != 0x00)
316
req.subclass = subclass;
319
syslog(LOG_INFO, "New HID device %s (%s)", bda, req.name);
321
if (encrypt && (req.subclass & 0x40)) {
322
err = request_authentication(&src, &dst);
324
syslog(LOG_ERR, "Authentication for %s failed", bda);
328
err = request_encryption(&src, &dst);
330
syslog(LOG_ERR, "Encryption for %s failed", bda);
335
req.flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
338
if (req.vendor == 0x054c && req.product == 0x0268)
341
err = ioctl(ctl, HIDPCONNADD, &req);
350
static void run_server(int ctl, int csk, int isk, uint8_t subclass, int nosdp, int nocheck, int bootonly, int encrypt, int timeout)
358
sigdelset(&sigs, SIGCHLD);
359
sigdelset(&sigs, SIGPIPE);
360
sigdelset(&sigs, SIGTERM);
361
sigdelset(&sigs, SIGINT);
362
sigdelset(&sigs, SIGHUP);
365
p[0].events = POLLIN | POLLERR | POLLHUP;
368
p[1].events = POLLIN | POLLERR | POLLHUP;
370
while (!__io_canceled) {
374
if (ppoll(p, 2, NULL, &sigs) < 1)
377
events = p[0].revents | p[1].revents;
379
if (events & POLLIN) {
380
ncsk = l2cap_accept(csk, NULL);
381
nisk = l2cap_accept(isk, NULL);
383
err = create_device(ctl, ncsk, nisk, subclass, nosdp, nocheck, bootonly, encrypt, timeout);
385
syslog(LOG_ERR, "HID create error %d (%s)",
386
errno, strerror(errno));
395
static char *hidp_state[] = {
408
static char *hidp_flagstostr(uint32_t flags)
410
static char str[100];
415
if (flags & (1 << HIDP_BOOT_PROTOCOL_MODE))
416
strcat(str, "boot-protocol");
423
static void do_show(int ctl)
425
struct hidp_connlist_req req;
426
struct hidp_conninfo ci[16];
433
if (ioctl(ctl, HIDPGETCONNLIST, &req) < 0) {
434
perror("Can't get connection list");
439
for (i = 0; i < req.cnum; i++) {
440
ba2str(&ci[i].bdaddr, addr);
441
printf("%s %s [%04x:%04x] %s %s\n", addr, ci[i].name,
442
ci[i].vendor, ci[i].product, hidp_state[ci[i].state],
443
ci[i].flags ? hidp_flagstostr(ci[i].flags) : "");
447
static void do_connect(int ctl, bdaddr_t *src, bdaddr_t *dst, uint8_t subclass, int fakehid, int bootonly, int encrypt, int timeout)
449
struct hidp_connadd_req req;
450
uint16_t uuid = HID_SVCLASS_ID;
455
memset(&req, 0, sizeof(req));
457
err = get_sdp_device_info(src, dst, &req);
458
if (err < 0 && fakehid)
459
err = get_alternate_device_info(src, dst,
460
&uuid, &channel, name, sizeof(name) - 1);
463
perror("Can't get device information");
472
case SERIAL_PORT_SVCLASS_ID:
473
if (subclass == 0x40 || !strcmp(name, "Cable Replacement")) {
474
if (epox_presenter(src, dst, channel) < 0) {
480
if (subclass == 0x1f || !strcmp(name, "SPP slave")) {
481
if (jthree_keyboard(src, dst, channel) < 0) {
487
if (subclass == 0x02 || !strcmp(name, "Serial Port")) {
488
if (celluon_keyboard(src, dst, channel) < 0) {
496
case HEADSET_SVCLASS_ID:
497
case HANDSFREE_SVCLASS_ID:
498
if (headset_presenter(src, dst, channel) < 0) {
508
csk = l2cap_connect(src, dst, L2CAP_PSM_HIDP_CTRL);
510
perror("Can't create HID control channel");
515
isk = l2cap_connect(src, dst, L2CAP_PSM_HIDP_INTR);
517
perror("Can't create HID interrupt channel");
523
err = create_device(ctl, csk, isk, subclass, 1, 1, bootonly, encrypt, timeout);
525
fprintf(stderr, "HID create error %d (%s)\n",
526
errno, strerror(errno));
535
static void do_search(int ctl, bdaddr_t *bdaddr, uint8_t subclass, int fakehid, int bootonly, int encrypt, int timeout)
537
inquiry_info *info = NULL;
539
int i, dev_id, num_rsp, length, flags;
543
ba2str(bdaddr, addr);
544
dev_id = hci_devid(addr);
546
dev_id = hci_get_route(NULL);
547
hci_devba(dev_id, &src);
551
length = 8; /* ~10 seconds */
553
flags = IREQ_CACHE_FLUSH;
555
printf("Searching ...\n");
557
num_rsp = hci_inquiry(dev_id, length, num_rsp, NULL, &info, flags);
559
for (i = 0; i < num_rsp; i++) {
560
memcpy(class, (info+i)->dev_class, 3);
561
if (class[1] == 0x25 && (class[2] == 0x00 || class[2] == 0x01)) {
562
bacpy(&dst, &(info+i)->bdaddr);
565
printf("\tConnecting to device %s\n", addr);
566
do_connect(ctl, &src, &dst, subclass, fakehid, bootonly, encrypt, timeout);
573
for (i = 0; i < num_rsp; i++) {
574
memcpy(class, (info+i)->dev_class, 3);
575
if ((class[0] == 0x00 && class[2] == 0x00 &&
576
(class[1] == 0x40 || class[1] == 0x1f)) ||
577
(class[0] == 0x10 && class[1] == 0x02 && class[2] == 0x40)) {
578
bacpy(&dst, &(info+i)->bdaddr);
581
printf("\tConnecting to device %s\n", addr);
582
do_connect(ctl, &src, &dst, subclass, 1, bootonly, 0, timeout);
590
fprintf(stderr, "\tNo devices in range or visible\n");
596
static void do_kill(int ctl, bdaddr_t *bdaddr, uint32_t flags)
598
struct hidp_conndel_req req;
599
struct hidp_connlist_req cl;
600
struct hidp_conninfo ci[16];
603
if (!bacmp(bdaddr, BDADDR_ALL)) {
607
if (ioctl(ctl, HIDPGETCONNLIST, &cl) < 0) {
608
perror("Can't get connection list");
613
for (i = 0; i < cl.cnum; i++) {
614
bacpy(&req.bdaddr, &ci[i].bdaddr);
617
if (ioctl(ctl, HIDPCONNDEL, &req) < 0) {
618
perror("Can't release connection");
625
bacpy(&req.bdaddr, bdaddr);
628
if (ioctl(ctl, HIDPCONNDEL, &req) < 0) {
629
perror("Can't release connection");
636
static void usage(void)
638
printf("hidd - Bluetooth HID daemon version %s\n\n", VERSION);
641
"\thidd [options] [commands]\n"
645
"\t-i <hciX|bdaddr> Local HCI device or BD Address\n"
646
"\t-t <timeout> Set idle timeout (in minutes)\n"
647
"\t-b <subclass> Overwrite the boot mode subclass\n"
648
"\t-n, --nodaemon Don't fork daemon to background\n"
649
"\t-h, --help Display help\n"
653
"\t--server Start HID server\n"
654
"\t--search Search for HID devices\n"
655
"\t--connect <bdaddr> Connect remote HID device\n"
656
"\t--unplug <bdaddr> Unplug the HID connection\n"
657
"\t--kill <bdaddr> Terminate HID connection\n"
658
"\t--killall Terminate all connections\n"
659
"\t--show List current HID connections\n"
663
static struct option main_options[] = {
664
{ "help", 0, 0, 'h' },
665
{ "nodaemon", 0, 0, 'n' },
666
{ "subclass", 1, 0, 'b' },
667
{ "timeout", 1, 0, 't' },
668
{ "device", 1, 0, 'i' },
669
{ "master", 0, 0, 'M' },
670
{ "encrypt", 0, 0, 'E' },
671
{ "nosdp", 0, 0, 'D' },
672
{ "nocheck", 0, 0, 'Z' },
673
{ "bootonly", 0, 0, 'B' },
674
{ "hidonly", 0, 0, 'H' },
675
{ "show", 0, 0, 'l' },
676
{ "list", 0, 0, 'l' },
677
{ "server", 0, 0, 'd' },
678
{ "listen", 0, 0, 'd' },
679
{ "search", 0, 0, 's' },
680
{ "create", 1, 0, 'c' },
681
{ "connect", 1, 0, 'c' },
682
{ "disconnect", 1, 0, 'k' },
683
{ "terminate", 1, 0, 'k' },
684
{ "release", 1, 0, 'k' },
685
{ "kill", 1, 0, 'k' },
686
{ "killall", 0, 0, 'K' },
687
{ "unplug", 1, 0, 'u' },
691
int main(int argc, char *argv[])
694
bdaddr_t bdaddr, dev;
696
uint8_t subclass = 0x00;
698
int log_option = LOG_NDELAY | LOG_PID;
699
int opt, ctl, csk, isk;
700
int mode = SHOW, detach = 1, nosdp = 0, nocheck = 0, bootonly = 0;
701
int fakehid = 1, encrypt = 0, timeout = 30, lm = 0;
703
bacpy(&bdaddr, BDADDR_ANY);
705
while ((opt = getopt_long(argc, argv, "+i:nt:b:MEDZBHldsc:k:Ku:h", main_options, NULL)) != -1) {
708
if (!strncasecmp(optarg, "hci", 3))
709
hci_devba(atoi(optarg + 3), &bdaddr);
711
str2ba(optarg, &bdaddr);
717
timeout = atoi(optarg);
720
if (!strncasecmp(optarg, "0x", 2))
721
subclass = (uint8_t) strtol(optarg, NULL, 16);
723
subclass = atoi(optarg);
726
lm |= L2CAP_LM_MASTER;
753
str2ba(optarg, &dev);
757
str2ba(optarg, &dev);
761
bacpy(&dev, BDADDR_ALL);
765
str2ba(optarg, &dev);
766
flags = (1 << HIDP_VIRTUAL_CABLE_UNPLUG);
777
ba2str(&bdaddr, addr);
779
ctl = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HIDP);
781
perror("Can't open HIDP control socket");
787
csk = l2cap_listen(&bdaddr, L2CAP_PSM_HIDP_CTRL, lm, 10);
789
perror("Can't listen on HID control channel");
794
isk = l2cap_listen(&bdaddr, L2CAP_PSM_HIDP_INTR, lm, 10);
796
perror("Can't listen on HID interrupt channel");
804
do_search(ctl, &bdaddr, subclass, fakehid, bootonly, encrypt, timeout);
809
do_connect(ctl, &bdaddr, &dev, subclass, fakehid, bootonly, encrypt, timeout);
814
do_kill(ctl, &dev, flags);
826
perror("Can't start daemon");
830
log_option |= LOG_PERROR;
832
openlog("hidd", log_option, LOG_DAEMON);
834
if (bacmp(&bdaddr, BDADDR_ANY))
835
syslog(LOG_INFO, "Bluetooth HID daemon (%s)", addr);
837
syslog(LOG_INFO, "Bluetooth HID daemon");
839
memset(&sa, 0, sizeof(sa));
840
sa.sa_flags = SA_NOCLDSTOP;
842
sa.sa_handler = sig_term;
843
sigaction(SIGTERM, &sa, NULL);
844
sigaction(SIGINT, &sa, NULL);
845
sa.sa_handler = sig_hup;
846
sigaction(SIGHUP, &sa, NULL);
848
sa.sa_handler = SIG_IGN;
849
sigaction(SIGCHLD, &sa, NULL);
850
sigaction(SIGPIPE, &sa, NULL);
852
run_server(ctl, csk, isk, subclass, nosdp, nocheck, bootonly, encrypt, timeout);
854
syslog(LOG_INFO, "Exit");