3 * BlueZ - Bluetooth protocol stack for Linux
5 * Copyright (C) 2003-2010 Marcel Holtmann <marcel@holtmann.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
39 #include <sys/ioctl.h>
40 #include <sys/socket.h>
42 #include <bluetooth/bluetooth.h>
43 #include <bluetooth/hci.h>
44 #include <bluetooth/hci_lib.h>
45 #include <bluetooth/l2cap.h>
46 #include <bluetooth/sdp.h>
47 #include <bluetooth/hidp.h>
65 static volatile sig_atomic_t __io_canceled = 0;
67 static void sig_hup(int sig)
71 static void sig_term(int sig)
76 static int l2cap_connect(bdaddr_t *src, bdaddr_t *dst, unsigned short psm)
78 struct sockaddr_l2 addr;
79 struct l2cap_options opts;
82 if ((sk = socket(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP)) < 0)
85 memset(&addr, 0, sizeof(addr));
86 addr.l2_family = AF_BLUETOOTH;
87 bacpy(&addr.l2_bdaddr, src);
89 if (bind(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
94 memset(&opts, 0, sizeof(opts));
95 opts.imtu = HIDP_DEFAULT_MTU;
96 opts.omtu = HIDP_DEFAULT_MTU;
97 opts.flush_to = 0xffff;
99 setsockopt(sk, SOL_L2CAP, L2CAP_OPTIONS, &opts, sizeof(opts));
101 memset(&addr, 0, sizeof(addr));
102 addr.l2_family = AF_BLUETOOTH;
103 bacpy(&addr.l2_bdaddr, dst);
104 addr.l2_psm = htobs(psm);
106 if (connect(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
114 static int l2cap_listen(const bdaddr_t *bdaddr, unsigned short psm, int lm, int backlog)
116 struct sockaddr_l2 addr;
117 struct l2cap_options opts;
120 if ((sk = socket(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP)) < 0)
123 memset(&addr, 0, sizeof(addr));
124 addr.l2_family = AF_BLUETOOTH;
125 bacpy(&addr.l2_bdaddr, bdaddr);
126 addr.l2_psm = htobs(psm);
128 if (bind(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
133 setsockopt(sk, SOL_L2CAP, L2CAP_LM, &lm, sizeof(lm));
135 memset(&opts, 0, sizeof(opts));
136 opts.imtu = HIDP_DEFAULT_MTU;
137 opts.omtu = HIDP_DEFAULT_MTU;
138 opts.flush_to = 0xffff;
140 setsockopt(sk, SOL_L2CAP, L2CAP_OPTIONS, &opts, sizeof(opts));
142 if (listen(sk, backlog) < 0) {
150 static int l2cap_accept(int sk, bdaddr_t *bdaddr)
152 struct sockaddr_l2 addr;
156 memset(&addr, 0, sizeof(addr));
157 addrlen = sizeof(addr);
159 if ((nsk = accept(sk, (struct sockaddr *) &addr, &addrlen)) < 0)
163 bacpy(bdaddr, &addr.l2_bdaddr);
168 static int request_authentication(bdaddr_t *src, bdaddr_t *dst)
170 struct hci_conn_info_req *cr;
175 dev_id = hci_devid(addr);
179 dd = hci_open_dev(dev_id);
183 cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
187 bacpy(&cr->bdaddr, dst);
189 err = ioctl(dd, HCIGETCONNINFO, (unsigned long) cr);
196 err = hci_authenticate_link(dd, htobs(cr->conn_info->handle), 25000);
204 static int request_encryption(bdaddr_t *src, bdaddr_t *dst)
206 struct hci_conn_info_req *cr;
211 dev_id = hci_devid(addr);
215 dd = hci_open_dev(dev_id);
219 cr = malloc(sizeof(*cr) + sizeof(struct hci_conn_info));
223 bacpy(&cr->bdaddr, dst);
225 err = ioctl(dd, HCIGETCONNINFO, (unsigned long) cr);
232 err = hci_encrypt_link(dd, htobs(cr->conn_info->handle), 1, 25000);
240 static int create_device(int ctl, int csk, int isk, uint8_t subclass, int nosdp, int nocheck, int bootonly, int encrypt, int timeout)
242 struct hidp_connadd_req req;
243 struct sockaddr_l2 addr;
249 memset(&addr, 0, sizeof(addr));
250 addrlen = sizeof(addr);
252 if (getsockname(csk, (struct sockaddr *) &addr, &addrlen) < 0)
255 bacpy(&src, &addr.l2_bdaddr);
257 memset(&addr, 0, sizeof(addr));
258 addrlen = sizeof(addr);
260 if (getpeername(csk, (struct sockaddr *) &addr, &addrlen) < 0)
263 bacpy(&dst, &addr.l2_bdaddr);
265 memset(&req, 0, sizeof(req));
269 req.idle_to = timeout * 60;
271 err = get_stored_device_info(&src, &dst, &req);
277 syslog(LOG_ERR, "Rejected connection from unknown device %s", bda);
278 /* Return no error to avoid run_server() complaining too */
283 err = get_sdp_device_info(&src, &dst, &req);
287 struct l2cap_conninfo conn;
291 memset(&conn, 0, sizeof(conn));
293 if (getsockopt(csk, SOL_L2CAP, L2CAP_CONNINFO, &conn, &size) < 0)
296 memcpy(class, conn.dev_class, 3);
298 if (class[1] == 0x25 && (class[2] == 0x00 || class[2] == 0x01))
299 req.subclass = class[0];
305 if (subclass != 0x00)
306 req.subclass = subclass;
309 syslog(LOG_INFO, "New HID device %s (%s)", bda, req.name);
311 if (encrypt && (req.subclass & 0x40)) {
312 err = request_authentication(&src, &dst);
314 syslog(LOG_ERR, "Authentication for %s failed", bda);
318 err = request_encryption(&src, &dst);
320 syslog(LOG_ERR, "Encryption for %s failed", bda);
325 req.flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
328 err = ioctl(ctl, HIDPCONNADD, &req);
336 static void run_server(int ctl, int csk, int isk, uint8_t subclass, int nosdp, int nocheck, int bootonly, int encrypt, int timeout)
344 sigdelset(&sigs, SIGCHLD);
345 sigdelset(&sigs, SIGPIPE);
346 sigdelset(&sigs, SIGTERM);
347 sigdelset(&sigs, SIGINT);
348 sigdelset(&sigs, SIGHUP);
351 p[0].events = POLLIN | POLLERR | POLLHUP;
354 p[1].events = POLLIN | POLLERR | POLLHUP;
356 while (!__io_canceled) {
360 if (ppoll(p, 2, NULL, &sigs) < 1)
363 events = p[0].revents | p[1].revents;
365 if (events & POLLIN) {
366 ncsk = l2cap_accept(csk, NULL);
367 nisk = l2cap_accept(isk, NULL);
369 err = create_device(ctl, ncsk, nisk, subclass, nosdp, nocheck, bootonly, encrypt, timeout);
371 syslog(LOG_ERR, "HID create error %d (%s)",
372 errno, strerror(errno));
381 static char *hidp_state[] = {
394 static char *hidp_flagstostr(uint32_t flags)
396 static char str[100];
401 if (flags & (1 << HIDP_BOOT_PROTOCOL_MODE))
402 strcat(str, "boot-protocol");
409 static void do_show(int ctl)
411 struct hidp_connlist_req req;
412 struct hidp_conninfo ci[16];
419 if (ioctl(ctl, HIDPGETCONNLIST, &req) < 0) {
420 perror("Can't get connection list");
425 for (i = 0; i < req.cnum; i++) {
426 ba2str(&ci[i].bdaddr, addr);
427 printf("%s %s [%04x:%04x] %s %s\n", addr, ci[i].name,
428 ci[i].vendor, ci[i].product, hidp_state[ci[i].state],
429 ci[i].flags ? hidp_flagstostr(ci[i].flags) : "");
433 static void do_connect(int ctl, bdaddr_t *src, bdaddr_t *dst, uint8_t subclass, int fakehid, int bootonly, int encrypt, int timeout)
435 struct hidp_connadd_req req;
436 uint16_t uuid = HID_SVCLASS_ID;
441 memset(&req, 0, sizeof(req));
444 err = get_sdp_device_info(src, dst, &req);
445 if (err < 0 && fakehid)
446 err = get_alternate_device_info(src, dst,
447 &uuid, &channel, name, sizeof(name) - 1);
450 perror("Can't get device information");
459 case SERIAL_PORT_SVCLASS_ID:
460 if (subclass == 0x40 || !strcmp(name, "Cable Replacement")) {
461 if (epox_presenter(src, dst, channel) < 0) {
467 if (subclass == 0x1f || !strcmp(name, "SPP slave")) {
468 if (jthree_keyboard(src, dst, channel) < 0) {
474 if (subclass == 0x02 || !strcmp(name, "Serial Port")) {
475 if (celluon_keyboard(src, dst, channel) < 0) {
483 case HEADSET_SVCLASS_ID:
484 case HANDSFREE_SVCLASS_ID:
485 if (headset_presenter(src, dst, channel) < 0) {
495 csk = l2cap_connect(src, dst, L2CAP_PSM_HIDP_CTRL);
497 perror("Can't create HID control channel");
502 isk = l2cap_connect(src, dst, L2CAP_PSM_HIDP_INTR);
504 perror("Can't create HID interrupt channel");
510 err = create_device(ctl, csk, isk, subclass, 1, 1, bootonly, encrypt, timeout);
512 fprintf(stderr, "HID create error %d (%s)\n",
513 errno, strerror(errno));
522 static void do_search(int ctl, bdaddr_t *bdaddr, uint8_t subclass, int fakehid, int bootonly, int encrypt, int timeout)
524 inquiry_info *info = NULL;
526 int i, dev_id, num_rsp, length, flags;
530 ba2str(bdaddr, addr);
531 dev_id = hci_devid(addr);
533 dev_id = hci_get_route(NULL);
534 hci_devba(dev_id, &src);
538 length = 8; /* ~10 seconds */
540 flags = IREQ_CACHE_FLUSH;
542 printf("Searching ...\n");
544 num_rsp = hci_inquiry(dev_id, length, num_rsp, NULL, &info, flags);
546 for (i = 0; i < num_rsp; i++) {
547 memcpy(class, (info+i)->dev_class, 3);
548 if (class[1] == 0x25 && (class[2] == 0x00 || class[2] == 0x01)) {
549 bacpy(&dst, &(info+i)->bdaddr);
552 printf("\tConnecting to device %s\n", addr);
553 do_connect(ctl, &src, &dst, subclass, fakehid, bootonly, encrypt, timeout);
560 for (i = 0; i < num_rsp; i++) {
561 memcpy(class, (info+i)->dev_class, 3);
562 if ((class[0] == 0x00 && class[2] == 0x00 &&
563 (class[1] == 0x40 || class[1] == 0x1f)) ||
564 (class[0] == 0x10 && class[1] == 0x02 && class[2] == 0x40)) {
565 bacpy(&dst, &(info+i)->bdaddr);
568 printf("\tConnecting to device %s\n", addr);
569 do_connect(ctl, &src, &dst, subclass, 1, bootonly, 0, timeout);
577 fprintf(stderr, "\tNo devices in range or visible\n");
583 static void do_kill(int ctl, bdaddr_t *bdaddr, uint32_t flags)
585 struct hidp_conndel_req req;
586 struct hidp_connlist_req cl;
587 struct hidp_conninfo ci[16];
590 if (!bacmp(bdaddr, BDADDR_ALL)) {
594 if (ioctl(ctl, HIDPGETCONNLIST, &cl) < 0) {
595 perror("Can't get connection list");
600 for (i = 0; i < cl.cnum; i++) {
601 bacpy(&req.bdaddr, &ci[i].bdaddr);
604 if (ioctl(ctl, HIDPCONNDEL, &req) < 0) {
605 perror("Can't release connection");
612 bacpy(&req.bdaddr, bdaddr);
615 if (ioctl(ctl, HIDPCONNDEL, &req) < 0) {
616 perror("Can't release connection");
623 static void usage(void)
625 printf("hidd - Bluetooth HID daemon version %s\n\n", VERSION);
628 "\thidd [options] [commands]\n"
632 "\t-i <hciX|bdaddr> Local HCI device or BD Address\n"
633 "\t-t <timeout> Set idle timeout (in minutes)\n"
634 "\t-b <subclass> Overwrite the boot mode subclass\n"
635 "\t-n, --nodaemon Don't fork daemon to background\n"
636 "\t-h, --help Display help\n"
640 "\t--server Start HID server\n"
641 "\t--search Search for HID devices\n"
642 "\t--connect <bdaddr> Connect remote HID device\n"
643 "\t--unplug <bdaddr> Unplug the HID connection\n"
644 "\t--kill <bdaddr> Terminate HID connection\n"
645 "\t--killall Terminate all connections\n"
646 "\t--show List current HID connections\n"
650 static struct option main_options[] = {
651 { "help", 0, 0, 'h' },
652 { "nodaemon", 0, 0, 'n' },
653 { "subclass", 1, 0, 'b' },
654 { "timeout", 1, 0, 't' },
655 { "device", 1, 0, 'i' },
656 { "master", 0, 0, 'M' },
657 { "encrypt", 0, 0, 'E' },
658 { "nosdp", 0, 0, 'D' },
659 { "nocheck", 0, 0, 'Z' },
660 { "bootonly", 0, 0, 'B' },
661 { "hidonly", 0, 0, 'H' },
662 { "show", 0, 0, 'l' },
663 { "list", 0, 0, 'l' },
664 { "server", 0, 0, 'd' },
665 { "listen", 0, 0, 'd' },
666 { "search", 0, 0, 's' },
667 { "create", 1, 0, 'c' },
668 { "connect", 1, 0, 'c' },
669 { "disconnect", 1, 0, 'k' },
670 { "terminate", 1, 0, 'k' },
671 { "release", 1, 0, 'k' },
672 { "kill", 1, 0, 'k' },
673 { "killall", 0, 0, 'K' },
674 { "unplug", 1, 0, 'u' },
678 int main(int argc, char *argv[])
681 bdaddr_t bdaddr, dev;
683 uint8_t subclass = 0x00;
685 int log_option = LOG_NDELAY | LOG_PID;
686 int opt, ctl, csk, isk;
687 int mode = SHOW, detach = 1, nosdp = 0, nocheck = 0, bootonly = 0;
688 int fakehid = 1, encrypt = 0, timeout = 30, lm = 0;
690 bacpy(&bdaddr, BDADDR_ANY);
692 while ((opt = getopt_long(argc, argv, "+i:nt:b:MEDZBHldsc:k:Ku:h", main_options, NULL)) != -1) {
695 if (!strncasecmp(optarg, "hci", 3))
696 hci_devba(atoi(optarg + 3), &bdaddr);
698 str2ba(optarg, &bdaddr);
704 timeout = atoi(optarg);
707 if (!strncasecmp(optarg, "0x", 2))
708 subclass = (uint8_t) strtol(optarg, NULL, 16);
710 subclass = atoi(optarg);
713 lm |= L2CAP_LM_MASTER;
740 str2ba(optarg, &dev);
744 str2ba(optarg, &dev);
748 bacpy(&dev, BDADDR_ALL);
752 str2ba(optarg, &dev);
753 flags = (1 << HIDP_VIRTUAL_CABLE_UNPLUG);
764 ba2str(&bdaddr, addr);
766 ctl = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HIDP);
768 perror("Can't open HIDP control socket");
774 csk = l2cap_listen(&bdaddr, L2CAP_PSM_HIDP_CTRL, lm, 10);
776 perror("Can't listen on HID control channel");
781 isk = l2cap_listen(&bdaddr, L2CAP_PSM_HIDP_INTR, lm, 10);
783 perror("Can't listen on HID interrupt channel");
791 do_search(ctl, &bdaddr, subclass, fakehid, bootonly, encrypt, timeout);
796 do_connect(ctl, &bdaddr, &dev, subclass, fakehid, bootonly, encrypt, timeout);
801 do_kill(ctl, &dev, flags);
813 perror("Can't start daemon");
817 log_option |= LOG_PERROR;
819 openlog("hidd", log_option, LOG_DAEMON);
821 if (bacmp(&bdaddr, BDADDR_ANY))
822 syslog(LOG_INFO, "Bluetooth HID daemon (%s)", addr);
824 syslog(LOG_INFO, "Bluetooth HID daemon");
826 memset(&sa, 0, sizeof(sa));
827 sa.sa_flags = SA_NOCLDSTOP;
829 sa.sa_handler = sig_term;
830 sigaction(SIGTERM, &sa, NULL);
831 sigaction(SIGINT, &sa, NULL);
832 sa.sa_handler = sig_hup;
833 sigaction(SIGHUP, &sa, NULL);
835 sa.sa_handler = SIG_IGN;
836 sigaction(SIGCHLD, &sa, NULL);
837 sigaction(SIGPIPE, &sa, NULL);
839 run_server(ctl, csk, isk, subclass, nosdp, nocheck, bootonly, encrypt, timeout);
841 syslog(LOG_INFO, "Exit");