]> git.zerfleddert.de Git - hmcfgusb/blob - hmsniff.c
projects / hmcfgusb / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
flash-ota: delay sending AES response a bit
[hmcfgusb] / hmsniff.c
1 /* HM-sniffer for HM-CFG-USB
2 *
3 * Copyright (c) 2013-15 Michael Gernoth <michael@gernoth.net>
4 *
5 * Permission is hereby granted, free of charge, to any person obtaining a copy
6 * of this software and associated documentation files (the "Software"), to
7 * deal in the Software without restriction, including without limitation the
8 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
9 * sell copies of the Software, and to permit persons to whom the Software is
10 * furnished to do so, subject to the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be included in
13 * all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
21 * IN THE SOFTWARE.
22 */
23
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <unistd.h>
27 #include <stdint.h>
28 #include <string.h>
29 #include <strings.h>
30 #include <poll.h>
31 #include <errno.h>
32 #include <time.h>
33 #include <sys/time.h>
34 #include <libusb-1.0/libusb.h>
35
36 #include "version.h"
37 #include "hexdump.h"
38 #include "hmcfgusb.h"
39
40 static int verbose = 0;
41
42 /* See HMConfig.pm */
43 char *hm_message_types(uint8_t type, uint8_t subtype)
44 {
45 switch(type) {
46 case 0x00:
47 return "Device Info";
48 break;
49 case 0x01:
50 return "Configuration";
51 break;
52 case 0x02:
53 if (subtype >= 0x80 && subtype <= 0x8f) {
54 return "NACK";
55 } else if (subtype == 0x01) {
56 return "ACKinfo";
57 } else if (subtype == 0x04) {
58 return "AESrequest";
59 }
60 return "ACK";
61 break;
62 case 0x03:
63 return "AESreply";
64 break;
65 case 0x04:
66 return "AESkey";
67 break;
68 case 0x10:
69 return "Information";
70 break;
71 case 0x11:
72 return "SET";
73 break;
74 case 0x12:
75 return "HAVE_DATA";
76 break;
77 case 0x3e:
78 return "Switch";
79 break;
80 case 0x3f:
81 return "Timestamp";
82 break;
83 case 0x40:
84 return "Remote";
85 break;
86 case 0x41:
87 return "Sensor";
88 break;
89 case 0x53:
90 return "Water sensor";
91 break;
92 case 0x58:
93 return "Climate event";
94 break;
95 case 0x5a:
96 return "Thermal control";
97 break;
98 case 0x5e:
99 return "Power event";
100 break;
101 case 0x70:
102 return "Weather event";
103 break;
104 case 0xca:
105 return "Firmware";
106 break;
107 case 0xcb:
108 return "Rf configuration";
109 break;
110 default:
111 return "?";
112 break;
113 }
114 }
115
116 static void dissect_hm(uint8_t *buf, int len)
117 {
118 struct timeval tv;
119 struct tm *tmp;
120 char ts[32];
121 static int count = 0;
122 int i;
123
124 gettimeofday(&tv, NULL);
125 tmp = localtime(&tv.tv_sec);
126 memset(ts, 0, sizeof(ts));
127 strftime(ts, sizeof(ts)-1, "%Y-%m-%d %H:%M:%S", tmp);
128
129 if (verbose) {
130 printf("%s.%06ld: ", ts, tv.tv_usec);
131
132 for (i = 0; i < len; i++) {
133 printf("%02X", buf[i]);
134 }
135 printf("\n");
136 printf("Packet information:\n");
137 printf("\tLength: %u\n", buf[0]);
138 printf("\tMessage ID: %u\n", buf[1]);
139 printf("\tSender: %02x%02x%02x\n", buf[4], buf[5], buf[6]);
140 printf("\tReceiver: %02x%02x%02x\n", buf[7], buf[8], buf[9]);
141 printf("\tControl Byte: 0x%02x\n", buf[2]);
142 printf("\t\tFlags: ");
143 if (buf[2] & (1 << 0)) printf("WAKEUP ");
144 if (buf[2] & (1 << 1)) printf("WAKEMEUP ");
145 if (buf[2] & (1 << 2)) printf("CFG ");
146 if (buf[2] & (1 << 3)) printf("? ");
147 if (buf[2] & (1 << 4)) printf("BURST ");
148 if (buf[2] & (1 << 5)) printf("BIDI ");
149 if (buf[2] & (1 << 6)) printf("RPTED ");
150 if (buf[2] & (1 << 7)) printf("RPTEN ");
151 printf("\n");
152 printf("\tMessage type: %s (0x%02x 0x%02x)\n", hm_message_types(buf[3], buf[10]), buf[3], buf[10]);
153 printf("\tMessage: ");
154 for (i = 10; i < len; i++) {
155 printf("%02X", buf[i]);
156 }
157 printf("\n");
158
159 printf("\n");
160 } else {
161 if (!(count++ % 20))
162 printf(" LL NR FL CM sender recvr payload\n");
163
164 printf("%s.%03ld: %02X %02X %02X %02X %02X%02X%02X %02X%02X%02X ",
165 ts, tv.tv_usec/1000,
166 buf[0], buf[1], buf[2], buf[3],
167 buf[4], buf[5], buf[6],
168 buf[7], buf[8], buf[9]);
169
170 for (i = 10; i < len; i++) {
171 printf("%02X", buf[i]);
172 }
173 printf("%s(%s)\n", (i>10)?" ":"", hm_message_types(buf[3], buf[10]));
174 }
175 }
176
177 struct recv_data {
178 int wrong_hmid;
179 };
180
181 static int parse_hmcfgusb(uint8_t *buf, int buf_len, void *data)
182 {
183 struct recv_data *rdata = data;
184
185 if (buf_len < 1)
186 return 1;
187
188 switch(buf[0]) {
189 case 'E':
190 dissect_hm(buf + 13, buf[13] + 1);
191 break;
192 case 'H':
193 if ((buf[27] != 0x00) ||
194 (buf[28] != 0x00) ||
195 (buf[29] != 0x00)) {
196 printf("hmId is currently set to: %02x%02x%02x\n", buf[27], buf[28], buf[29]);
197 rdata->wrong_hmid = 1;
198 }
199 break;
200 case 'R':
201 case 'I':
202 case 'G':
203 break;
204 default:
205 hexdump(buf, buf_len, "Unknown> ");
206 break;
207 }
208
209 return 1;
210 }
211
212 void hmsniff_syntax(char *prog)
213 {
214 fprintf(stderr, "Syntax: %s options\n\n", prog);
215 fprintf(stderr, "Possible options:\n");
216 fprintf(stderr, "\t-f\t\tfast (100k/firmware update) mode\n");
217 fprintf(stderr, "\t-S serial\tuse HM-CFG-USB with given serial\n");
218 fprintf(stderr, "\t-v\t\tverbose mode\n");
219 fprintf(stderr, "\t-V\t\tshow version (" VERSION ")\n");
220
221 }
222
223 int main(int argc, char **argv)
224 {
225 struct hmcfgusb_dev *dev;
226 struct recv_data rdata;
227 char *serial = NULL;
228 int quit = 0;
229 int speed = 10;
230 uint8_t speed_buf[2];
231 int opt;
232
233 while((opt = getopt(argc, argv, "fS:vV")) != -1) {
234 switch (opt) {
235 case 'f':
236 speed = 100;
237 break;
238 case 'S':
239 serial = optarg;
240 break;
241 case 'v':
242 verbose = 1;
243 break;
244 case 'V':
245 printf("hmsniff " VERSION "\n");
246 printf("Copyright (c) 2013-15 Michael Gernoth\n\n");
247 exit(EXIT_SUCCESS);
248 case 'h':
249 case ':':
250 case '?':
251 default:
252 hmsniff_syntax(argv[0]);
253 exit(EXIT_FAILURE);
254 break;
255 }
256 }
257
258 hmcfgusb_set_debug(0);
259
260 do {
261 memset(&rdata, 0, sizeof(rdata));
262 rdata.wrong_hmid = 0;
263
264 dev = hmcfgusb_init(parse_hmcfgusb, &rdata, serial);
265 if (!dev) {
266 fprintf(stderr, "Can't initialize HM-CFG-USB, retrying in 1s...\n");
267 sleep(1);
268 continue;
269 }
270 printf("HM-CFG-USB opened!\n");
271
272 hmcfgusb_send_null_frame(dev, 1);
273 hmcfgusb_send(dev, (unsigned char*)"K", 1, 1);
274
275 hmcfgusb_send_null_frame(dev, 1);
276 speed_buf[0] = 'G';
277 speed_buf[1] = speed;
278 hmcfgusb_send(dev, speed_buf, 2, 1);
279
280 while(!quit) {
281 int fd;
282
283 if (rdata.wrong_hmid) {
284 printf("changing hmId to 000000, this might reboot the device!\n");
285 hmcfgusb_send(dev, (unsigned char*)"A\00\00\00", 4, 1);
286 rdata.wrong_hmid = 0;
287 hmcfgusb_send(dev, (unsigned char*)"K", 1, 1);
288 }
289 fd = hmcfgusb_poll(dev, 1000);
290 if (fd >= 0) {
291 fprintf(stderr, "activity on unknown fd %d!\n", fd);
292 continue;
293 } else if (fd == -1) {
294 if (errno) {
295 if (errno != ETIMEDOUT) {
296 perror("hmcfgusb_poll");
297 break;
298 } else {
299 /* periodically wakeup the device */
300 hmcfgusb_send_null_frame(dev, 1);
301 }
302 }
303 }
304 }
305
306 hmcfgusb_close(dev);
307 } while (!quit);
308
309 hmcfgusb_exit();
310
311 return EXIT_SUCCESS;
312 }
HM-CFG-USB{,2} linux utilities
Impressum, Datenschutz