Suppress warnings about non-literal format strings
[hmcfgusb] / flash-ota.c
index 9ffdeb8..94e9372 100644 (file)
@@ -1,6 +1,7 @@
 /* flasher for HomeMatic-devices supporting OTA updates
  *
- * Copyright (c) 2014 Michael Gernoth <michael@gernoth.net>
+ * Copyright (c) 2014-17 Michael Gernoth <michael@gernoth.net>
+ * Copyright (c) 2017 noansi (TSCULFW-support)
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to
@@ -41,6 +42,7 @@
 #include "version.h"
 #include "hmcfgusb.h"
 #include "culfw.h"
+#include "hmuartlgw.h"
 #include "util.h"
 
 #define MAX_RETRIES            5
@@ -51,26 +53,25 @@ extern char *optarg;
 
 uint32_t hmid = 0;
 uint32_t my_hmid = 0;
-char key[16] = {0};
+uint8_t key[16] = {0};
 int32_t kNo = -1;
 
 /* Maximum payloadlen supported by IO */
 uint32_t max_payloadlen = NORMAL_MAX_PAYLOAD;
 
-enum device_type {
-       DEVICE_TYPE_HMCFGUSB,
-       DEVICE_TYPE_CULFW,
-};
-
-struct ota_dev {
-       int type;
-       struct hmcfgusb_dev *hmcfgusb;
-       struct culfw_dev *culfw;
-};
-
 enum message_type {
        MESSAGE_TYPE_E = 1,
        MESSAGE_TYPE_R = 2,
+       MESSAGE_TYPE_B = 3,
+};
+
+enum hmuartlgw_state {
+       HMUARTLGW_STATE_GET_HMID,
+       HMUARTLGW_STATE_GET_FIRMWARE,
+       HMUARTLGW_STATE_GET_CREDITS,
+       HMUARTLGW_STATE_DONE,
+       HMUARTLGW_STATE_WAIT_APP,
+       HMUARTLGW_STATE_ACK_APP,
 };
 
 struct recv_data {
@@ -80,6 +81,9 @@ struct recv_data {
        int speed;
        uint16_t version;
        uint8_t credits;
+       enum hmuartlgw_state uartlgw_state;
+       uint8_t uartlgw_version[3];
+       uint8_t is_TSCUL; // tsculfw
 };
 
 static int parse_hmcfgusb(uint8_t *buf, int buf_len, void *data)
@@ -128,8 +132,10 @@ static int parse_culfw(uint8_t *buf, int buf_len, void *data)
 {
        struct recv_data *rdata = data;
        int pos = 0;
+       int rpos = 0; // read index
 
-       memset(rdata, 0, sizeof(struct recv_data));
+       memset(rdata->message, 0, sizeof(rdata->message));
+       rdata->message_type = 0;
 
        if (buf_len <= 3)
                return 0;
@@ -139,15 +145,63 @@ static int parse_culfw(uint8_t *buf, int buf_len, void *data)
                        if (buf[1] == 's')
                                return 0;
 
-                       while(validate_nibble(buf[(pos * 2) + 1]) &&
-                             validate_nibble(buf[(pos * 2) + 2]) &&
-                             (pos + 1 < buf_len)) {
-                               rdata->message[pos] = ascii_to_nibble(buf[(pos * 2) + 1]) << 4;
-                               rdata->message[pos] |= ascii_to_nibble(buf[(pos * 2) + 2]);
+                       if ((buf[1] == 'p') || (buf[1] == 't')) // tsculfw: ping or set timestamp command echoed?
+                               return 0;
+
+                       if (buf[1] == '?') {// tsculfw: unknown command
+                               fprintf(stderr, "unknown ASKSIN command sent\n");
+                               return 0;
+                       }
+
+                       if (buf[1] == 'F') { // tsculfw: timestamp message?
+                               rdata->is_TSCUL = 1;
+                               if (buf_len <= (3+14)) // tsculfw: reasonable len?
+                                       return 0;
+                               if (!validate_nibble(buf[3]) || !validate_nibble(buf[4])) // tsculfw: hex?
+                                       return 0;
+
+                               rdata->credits = ascii_to_nibble(buf[3]); // tsculfw: coarse credits info, 0 = full credits (1800 x10ms) available
+
+                               //AFF1B000053A1010F0520CB1122334BD57110
+                               switch(ascii_to_nibble(buf[4]) & 0x7) { // tsculfw: message type?
+                                       case 0: // tsculfw: send fail message repeat fail or AES Auth error
+                                               fprintf(stderr, "send didn't complete, repeat fail or AES Auth error\n");
+                                               return 0;
+                                       case 1: // tsculfw: received message
+                                               rpos += 7; // tsculfw: ignore timestamp data for now
+                                               break;
+                                       case 2: // tsculfw: ping answer
+                                               return 0;
+                                       case 3: // tsculfw: send success
+                                               rdata->message_type = MESSAGE_TYPE_B;
+                                               return 0;
+                                       case 4: // tsculfw: send fail channel busy message
+                                               fprintf(stderr, "CCA didn't complete, too much traffic\n");
+                                               return 0;
+                                       case 5: // tsculfw: send fail credits message
+                                               fprintf(stderr, "send didn't complete, not enough credits left\n");
+                                               return 0;
+                                       case 6: // tsculfw: send timestamp fail message no buffer or send message length error
+                                               fprintf(stderr, "send didn't complete, not enough credits left -> wait 30 minutes with TSCUL powered and not reset\n");
+                                               return 0;
+                                       case 7: // tsculfw: send fail due to cc1101 TX-FIFO underflow error message
+                                               fprintf(stderr, "send didn't complete, cc1101 TX-FIFO underflow\n");
+                                               return 0;
+                                       default:
+                                               break;
+                               }
+                       }
+
+                       while(validate_nibble(buf[(rpos * 2) + 1]) &&
+                             validate_nibble(buf[(rpos * 2) + 2]) &&
+                             (rpos + 1 < buf_len)) {
+                               rdata->message[pos] = ascii_to_nibble(buf[(rpos * 2) + 1]) << 4;
+                               rdata->message[pos] |= ascii_to_nibble(buf[(rpos * 2) + 2]);
                                pos++;
+                               rpos++;
                        }
 
-                       if (hmid && (SRC(rdata->message) != hmid))
+                       if (hmid && (SRC(rdata->message) != (int)hmid))
                                return 0;
 
                        rdata->message_type = MESSAGE_TYPE_E;
@@ -158,6 +212,12 @@ static int parse_culfw(uint8_t *buf, int buf_len, void *data)
                                char *s;
                                char *e;
 
+                               if (!strncmp((char*)buf, "VTS", 3)) { // tsculfw: "VTS x.xx NNNNNN"
+                                       rdata->is_TSCUL = 1;
+                                       rdata->version = 0xffff;
+                                       break;
+                               }
+
                                s = ((char*)buf) + 2;
                                e = strchr(s, '.');
                                if (!e) {
@@ -177,8 +237,25 @@ static int parse_culfw(uint8_t *buf, int buf_len, void *data)
                                *e = '\0';
                                v = atoi(s);
                                rdata->version |= v;
+
+                               s = e + 1;
+                               e = strchr(s, ' ');
+                               if (!e) {
+                                       break;
+                               }
+                               *e = '\0';
+                               if (!strcmp(s, "a-culfw")) {
+                                       rdata->version = 0xffff;
+                               }
                        }
                        break;
+               case 'E':
+                       {
+                               if (!strncmp((char*)buf, "ERR:CCA", 7)) {
+                                       fprintf(stderr, "CCA didn't complete, too much traffic\n");
+                               }
+                               break;
+                       }
                default:
                        fprintf(stderr, "Unknown response from CUL: %s", buf);
                        return 0;
@@ -188,7 +265,87 @@ static int parse_culfw(uint8_t *buf, int buf_len, void *data)
        return 1;
 }
 
-int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
+static int parse_hmuartlgw(enum hmuartlgw_dst dst, uint8_t *buf, int buf_len, void *data)
+{
+       struct recv_data *rdata = data;
+
+       if (dst == HMUARTLGW_OS) {
+               switch (rdata->uartlgw_state) {
+                       case HMUARTLGW_STATE_GET_FIRMWARE:
+                               if (buf[0] == HMUARTLGW_OS_ACK) {
+                                       rdata->uartlgw_version[0] = buf[5];
+                                       rdata->uartlgw_version[1] = buf[6];
+                                       rdata->uartlgw_version[2] = buf[7];
+                                       rdata->uartlgw_state = HMUARTLGW_STATE_DONE;
+                               }
+                               break;
+                       case HMUARTLGW_STATE_GET_CREDITS:
+                               if (buf[0] == HMUARTLGW_OS_ACK) {
+                                       rdata->credits = buf[2] / 2;
+                                       rdata->uartlgw_state = HMUARTLGW_STATE_DONE;
+                               }
+                               break;
+                       default:
+                               break;
+               }
+               return 0;
+       }
+
+       switch(buf[0]) {
+               case HMUARTLGW_APP_ACK:
+                       if (rdata->uartlgw_state == HMUARTLGW_STATE_GET_HMID) {
+                               my_hmid = (buf[4] << 16) | (buf[5] << 8) | buf[6];
+                       }
+
+                       rdata->status = buf[1];
+                       rdata->message_type = MESSAGE_TYPE_R;
+                       rdata->uartlgw_state = HMUARTLGW_STATE_ACK_APP;
+#if 0
+                       hexdump(buf, buf_len, "ACK Status: ");
+#endif
+
+                       break;
+               case HMUARTLGW_APP_RECV:
+                       if ((!hmid) ||
+                           ((buf[7] == ((hmid >> 16) & 0xff)) &&
+                           (buf[8] == ((hmid >> 8) & 0xff)) &&
+                           (buf[9] == (hmid & 0xff)))) {
+                               memset(rdata->message, 0, sizeof(rdata->message));
+                               memcpy(rdata->message + 1, buf + 4, buf_len - 4);
+                               rdata->message[LEN] = buf_len - 4;
+                               rdata->message_type = MESSAGE_TYPE_E;
+                       }
+                       break;
+               default:
+                       break;
+       }
+
+       return 1;
+}
+
+int send_wait_hmuartlgw(struct hm_dev *dev, struct recv_data *rdata, uint8_t *data, int data_len,
+                        enum hmuartlgw_dst dst, enum hmuartlgw_state srcstate,
+                       enum hmuartlgw_state dststate)
+{
+       int cnt = 5;
+
+       do {
+               rdata->uartlgw_state = srcstate;
+               hmuartlgw_send(dev->hmuartlgw, data, data_len, dst);
+               do { hmuartlgw_poll(dev->hmuartlgw, 500); } while (rdata->uartlgw_state != dststate);
+               if (rdata->status != HMUARTLGW_ACK_EINPROGRESS)
+                       break;
+               usleep(200*1000);
+       } while (cnt--);
+       if (rdata->status == HMUARTLGW_ACK_EINPROGRESS) {
+               fprintf(stderr, "IO thinks it is busy, you might have to reset it!\n");
+               return 0;
+       }
+
+       return 1;
+}
+
+int send_hm_message(struct hm_dev *dev, struct recv_data *rdata, uint8_t *msg)
 {
        static uint32_t id = 1;
        struct timeval tv;
@@ -217,7 +374,8 @@ int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
 
                        memcpy(&out[0x0f], msg, msg[0] + 1);
 
-                       memset(rdata, 0, sizeof(struct recv_data));
+                       memset(rdata->message, 0, sizeof(rdata->message));
+                       rdata->message_type = 0;
                        hmcfgusb_send(dev->hmcfgusb, out, sizeof(out), 1);
 
                        while (1) {
@@ -263,14 +421,29 @@ int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
                                buf[2 + (i * 2) ] = '\r';
                                buf[2 + (i * 2) + 1] = '\n';
 
-                               memset(rdata, 0, sizeof(struct recv_data));
+                               memset(rdata->message, 0, sizeof(rdata->message));
+                               rdata->message_type = 0;
                                if (culfw_send(dev->culfw, buf, 2 + (i * 2) + 1) == 0) {
                                        fprintf(stderr, "culfw_send failed!\n");
                                        exit(EXIT_FAILURE);
                                }
 
+                               /* Wait for TSCUL to ACK send */
+                               if (rdata->is_TSCUL) {
+                                       do {
+                                               errno = 0;
+                                               pfd = culfw_poll(dev->culfw, 200);
+                                               if ((pfd < 0) && errno) {
+                                                       if (errno != ETIMEDOUT) {
+                                                               perror("\n\nculfw_poll");
+                                                               exit(EXIT_FAILURE);
+                                                       }
+                                               }
+                                       } while (rdata->message_type != MESSAGE_TYPE_B);
+                               }
+
                                if (msg[CTL] & 0x20) {
-                                       int cnt = 3;
+                                       int cnt = 5;
                                        int pfd;
                                        do {
                                                errno = 0;
@@ -284,18 +457,50 @@ int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
                                                if (rdata->message_type == MESSAGE_TYPE_E) {
                                                        if (rdata->message[TYPE] == 0x02) {
                                                                if (rdata->message[PAYLOAD] == 0x04) {
-                                                                       printf("AES request received but not implemented for culfw!\n");
+                                                                       int32_t req_kNo;
+                                                                       uint8_t challenge[6];
+                                                                       uint8_t respbuf[16];
+                                                                       uint8_t *resp;
+
+                                                                       if (rdata->is_TSCUL) {
+                                                                               printf("AES handled by TSCUL\n");
+                                                                               break;
+                                                                       }
+
+                                                                       req_kNo = rdata->message[rdata->message[LEN]] / 2;
+                                                                       memcpy(challenge, &(rdata->message[PAYLOAD+1]), 6);
+
+                                                                       if (req_kNo != kNo) {
+                                                                               fprintf(stderr, "AES request for unknown key %d!\n", req_kNo);
+                                                                       } else {
+                                                                               resp = hm_sign(key, challenge, msg, NULL, respbuf);
+                                                                               if (resp) {
+                                                                                       uint8_t rbuf[64];
+
+                                                                                       memset(rbuf, 0, sizeof(rbuf));
+                                                                                       rbuf[MSGID] = rdata->message[MSGID];
+                                                                                       rbuf[CTL] = rdata->message[CTL];
+                                                                                       rbuf[TYPE] = 0x03;
+                                                                                       SET_SRC(rbuf, DST(rdata->message));
+                                                                                       SET_DST(rbuf, SRC(rdata->message));
+                                                                                       memcpy(&(rbuf[PAYLOAD]), resp, 16);
+                                                                                       SET_LEN_FROM_PAYLOADLEN(rbuf, 16);
+
+                                                                                       usleep(110000); /* Determined by a fair dice roll */
+                                                                                       return send_hm_message(dev, rdata, rbuf);
+                                                                               }
+                                                                       }
                                                                } else if (rdata->message[PAYLOAD] >= 0x80 && rdata->message[PAYLOAD] <= 0x8f) {
-                                                                       printf("NACK\n");
+                                                                       fprintf(stderr, "NACK\n");
                                                                } else {        /* ACK or ACKinfo */
                                                                        break;
                                                                }
                                                        } else {
-                                                               printf("Unexpected message received: ");
+                                                               fprintf(stderr, "Unexpected message received: ");
                                                                for (i = 0; i < rdata->message[LEN]; i++) {
-                                                                       printf("%02x", rdata->message[i+1]);
+                                                                       fprintf(stderr, "%02x", rdata->message[i+1]);
                                                                }
-                                                               printf("\n");
+                                                               fprintf(stderr, "\n");
                                                        }
                                                }
                                        } while(cnt--);
@@ -305,6 +510,51 @@ int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
                                                return 0;
                                        }
                                }
+
+                               /* Delay for non-TSCUL */
+                               if (!rdata->is_TSCUL) {
+                                       usleep(50*1000);
+                               }
+                       }
+                       break;
+               case DEVICE_TYPE_HMUARTLGW:
+                       memset(out, 0, sizeof(out));
+
+                       out[0] = HMUARTLGW_APP_SEND;
+                       out[1] = 0x00;
+                       out[2] = 0x00;
+                       out[3] = (msg[CTL] & 0x10) ? 0x01 : 0x00; /* Burst?! */
+                       memcpy(&out[4], &msg[1], msg[0]);
+
+                       memset(rdata->message, 0, sizeof(rdata->message));
+                       rdata->message_type = 0;
+                       hmuartlgw_send(dev->hmuartlgw, out, msg[0] + 4, HMUARTLGW_APP);
+
+                       while (1) {
+                               if (rdata->message_type == MESSAGE_TYPE_R) {
+                                       if ((rdata->status == 0x02) ||
+                                           (rdata->status == 0x03) ||
+                                           (rdata->status == 0x0c)) {
+                                               break;
+                                       } else {
+                                               if (rdata->status == 0x0d) {
+                                                       fprintf(stderr, "\nAES handshake failed!\n");
+                                               } else if (rdata->status == 0x04 || rdata->status == 0x06) {
+                                                       fprintf(stderr, "\nMissing ACK!\n");
+                                               } else {
+                                                       fprintf(stderr, "\nInvalid status: %04x\n", rdata->status);
+                                               }
+                                               return 0;
+                                       }
+                               }
+                               errno = 0;
+                               pfd = hmuartlgw_poll(dev->hmuartlgw, 1000);
+                               if ((pfd < 0) && errno) {
+                                       if (errno != ETIMEDOUT) {
+                                               perror("\n\nhmcfgusb_poll");
+                                               exit(EXIT_FAILURE);
+                                       }
+                               }
                        }
                        break;
        }
@@ -313,7 +563,7 @@ int send_hm_message(struct ota_dev *dev, struct recv_data *rdata, uint8_t *msg)
        return 1;
 }
 
-static int switch_speed(struct ota_dev *dev, struct recv_data *rdata, uint8_t speed)
+static int switch_speed(struct hm_dev *dev, struct recv_data *rdata, uint8_t speed)
 {
        uint8_t out[0x40];
        int pfd;
@@ -348,6 +598,17 @@ static int switch_speed(struct ota_dev *dev, struct recv_data *rdata, uint8_t sp
                                return culfw_send(dev->culfw, "Ar\r\n", 4);
                        }
                        break;
+               case DEVICE_TYPE_HMUARTLGW:
+                       if (speed == 100) {
+                               out[0] = HMUARTLGW_OS_UPDATE_MODE;
+                               out[1] = 0xe9;
+                               out[2] = 0xca;
+                               hmuartlgw_send(dev->hmuartlgw, out, 3, HMUARTLGW_OS);
+                       } else {
+                               out[0] = HMUARTLGW_OS_NORMAL_MODE;
+                               hmuartlgw_send(dev->hmuartlgw, out, 1, HMUARTLGW_OS);
+                       }
+                       break;
        }
 
        return 1;
@@ -363,12 +624,13 @@ void flash_ota_syntax(char *prog)
        fprintf(stderr, "\t-c device\tenable CUL-mode with CUL at path \"device\"\n");
        fprintf(stderr, "\t-b bps\t\tuse CUL with speed \"bps\" (default: %u)\n", DEFAULT_CUL_BPS);
        fprintf(stderr, "\t-l\t\tlower payloadlen (required for devices with little RAM, e.g. CUL v2 and CUL v4)\n");
+       fprintf(stderr, "\t-S serial\tuse HM-CFG-USB with given serial\n");
+       fprintf(stderr, "\t-U device\tuse HM-MOD-UART on given device\n");
        fprintf(stderr, "\t-h\t\tthis help\n");
        fprintf(stderr, "\nOptional parameters for automatically sending device to bootloader\n");
        fprintf(stderr, "\t-C\t\tHMID of central (3 hex-bytes, no prefix, e.g. ABCDEF)\n");
        fprintf(stderr, "\t-D\t\tHMID of device (3 hex-bytes, no prefix, e.g. 123456)\n");
        fprintf(stderr, "\t-K\t\tKNO:KEY AES key-number and key (hex) separated by colon (Fhem hmKey attribute)\n");
-       fprintf(stderr, "\t\t\tAES is currently not supported when using a culfw-device!\n");
 }
 
 int main(int argc, char **argv)
@@ -380,13 +642,15 @@ int main(int argc, char **argv)
        char *culfw_dev = NULL;
        char *endptr = NULL;
        unsigned int bps = DEFAULT_CUL_BPS;
-       struct ota_dev dev;
+       struct hm_dev dev;
        struct recv_data rdata;
        uint8_t out[0x40];
        uint8_t *pos;
        uint8_t msgid = 0x1;
        uint16_t len;
        struct firmware *fw;
+       char *hmcfgusb_serial = NULL;
+       char *uart = NULL;
        int block;
        int pfd;
        int debug = 0;
@@ -398,7 +662,7 @@ int main(int argc, char **argv)
 
        printf("HomeMatic OTA flasher version " VERSION "\n\n");
 
-       while((opt = getopt(argc, argv, "b:c:f:hls:C:D:K:")) != -1) {
+       while((opt = getopt(argc, argv, "b:c:f:hls:C:D:K:S:U:")) != -1) {
                switch (opt) {
                        case 'b':
                                bps = atoi(optarg);
@@ -452,6 +716,12 @@ int main(int argc, char **argv)
                                        endptr += 2;
                                }
                                break;
+                       case 'S':
+                               hmcfgusb_serial = optarg;
+                               break;
+                       case 'U':
+                               uart = optarg;
+                               break;
                        case 'h':
                        case ':':
                        case '?':
@@ -473,15 +743,9 @@ int main(int argc, char **argv)
                exit(EXIT_FAILURE);
 
        memset(&rdata, 0, sizeof(rdata));
-       memset(&dev, 0, sizeof(struct ota_dev));
+       memset(&dev, 0, sizeof(struct hm_dev));
 
        if (culfw_dev) {
-               if (kNo != -1) {
-                       fprintf(stderr, "\nAES currently not supported with culfw-device!\n");
-                       flash_ota_syntax(argv[0]);
-                       exit(EXIT_FAILURE);
-               }
-
                printf("Opening culfw-device at path %s with speed %u\n", culfw_dev, bps);
                dev.culfw = culfw_init(culfw_dev, bps, parse_culfw, &rdata);
                if (!dev.culfw) {
@@ -509,20 +773,130 @@ int main(int argc, char **argv)
                                break;
                }
 
-               printf("culfw-device firmware version: %u.%02u\n", 
-                       (rdata.version >> 8) & 0xff,
-                       rdata.version & 0xff);
+               printf("culfw-device firmware version: ");
+               if (rdata.version != 0xffff) {
+                       printf("%u.%02u\n",
+                               (rdata.version >> 8) & 0xff,
+                               rdata.version & 0xff);
+               } else {
+                       if (rdata.is_TSCUL) {
+                               culfw_send(dev.culfw, "At1\r\n", 5); // tsculfw: try switch on timestamp protocol
+                               printf("tsculfw\n");
+                               culfw_flush(dev.culfw);
+                               culfw_send(dev.culfw, "ApTiMeStAmP\r\n", 13); // tsculfw: send ping to get credits info
+                               pfd = culfw_poll(dev.culfw, 1000);
+                               if ((pfd < 0) && errno) {
+                                       if (errno != ETIMEDOUT) {
+                                               perror("\n\nhmcfgusb_poll");
+                                               exit(EXIT_FAILURE);
+                                       }
+                               }
+                               if (rdata.credits) { // tsculfw: maximum credits available?
+                                       fprintf(stderr, "\n\ntsculfw does not report full credits, try again later\n");
+                                       exit(EXIT_FAILURE);
+                               }
+
+                               if (kNo > 0) {
+                                       char keybuf[64] = { 0 };
+                                       int i;
+
+                                       printf("Setting AES-key\n");
+                                       snprintf(keybuf, sizeof(keybuf) - 1, "Ak%02x", kNo - 1);
+
+                                       for (i = 0; i < 16; i++) {
+                                               keybuf[4 + (i * 2)] = nibble_to_ascii((key[i] >> 4) & 0xf);
+                                               keybuf[4 + (i * 2) + 1] = nibble_to_ascii(key[i] & 0xf);
+                                       }
+                                       keybuf[4 + (i * 2) ] = '\r';
+                                       keybuf[4 + (i * 2) + 1] = '\n';
+                                       culfw_send(dev.culfw, keybuf, strlen(keybuf)); // tsculfw: send ping to get credits info
+                                       pfd = culfw_poll(dev.culfw, 1000);
+                                       if ((pfd < 0) && errno) {
+                                               if (errno != ETIMEDOUT) {
+                                                       perror("\n\nhmcfgusb_poll");
+                                                       exit(EXIT_FAILURE);
+                                               }
+                                       }
+                               }
+                       }
+                       else {
+                               printf("a-culfw\n");
+                       }
+               }
 
                if (rdata.version < 0x013a) {
                        fprintf(stderr, "\nThis version does _not_ support firmware upgrade mode, you need at least 1.58!\n");
                        exit(EXIT_FAILURE);
                }
+       } else if (uart) {
+               uint32_t new_hmid = my_hmid;
+
+               hmuartlgw_set_debug(debug);
+
+               dev.hmuartlgw = hmuart_init(uart, parse_hmuartlgw, &rdata, 1);
+               if (!dev.hmuartlgw) {
+                       fprintf(stderr, "Can't initialize HM-MOD-UART\n");
+                       exit(EXIT_FAILURE);
+               }
+               dev.type = DEVICE_TYPE_HMUARTLGW;
+
+               out[0] = HMUARTLGW_APP_GET_HMID;
+               send_wait_hmuartlgw(&dev, &rdata, out, 1, HMUARTLGW_APP, HMUARTLGW_STATE_GET_HMID, HMUARTLGW_STATE_ACK_APP);
+
+               out[0] = HMUARTLGW_OS_GET_FIRMWARE;
+               send_wait_hmuartlgw(&dev, &rdata, out, 1, HMUARTLGW_OS, HMUARTLGW_STATE_GET_FIRMWARE, HMUARTLGW_STATE_DONE);
+
+               out[0] = HMUARTLGW_OS_GET_CREDITS;
+               send_wait_hmuartlgw(&dev, &rdata, out, 1, HMUARTLGW_OS, HMUARTLGW_STATE_GET_CREDITS, HMUARTLGW_STATE_DONE);
+
+               printf("HM-MOD-UART firmware version: %u.%u.%u, used credits: %u%%\n",
+                       rdata.uartlgw_version[0],
+                       rdata.uartlgw_version[1],
+                       rdata.uartlgw_version[2],
+                       rdata.credits);
+
+               if (rdata.credits >= 40) {
+                       printf("\nRebooting HM-MOD-UART to avoid running out of credits\n");
+
+                       hmuartlgw_enter_bootloader(dev.hmuartlgw);
+                       hmuartlgw_enter_app(dev.hmuartlgw);
+               }
+
+               printf("\nHM-MOD-UART opened\n\n");
+
+               if (new_hmid && (my_hmid != new_hmid)) {
+                       printf("Changing hmid from %06x to %06x\n", my_hmid, new_hmid);
+
+                       out[0] = HMUARTLGW_APP_SET_HMID;
+                       out[1] = (new_hmid >> 16) & 0xff;
+                       out[2] = (new_hmid >> 8) & 0xff;
+                       out[3] = new_hmid & 0xff;
+                       send_wait_hmuartlgw(&dev, &rdata, out, 4, HMUARTLGW_APP, HMUARTLGW_STATE_WAIT_APP, HMUARTLGW_STATE_ACK_APP);
+
+                       my_hmid = new_hmid;
+               }
+
+               if (kNo > 0) {
+                       printf("Setting AES-key\n");
+
+                       memset(out, 0, sizeof(out));
+                       out[0] = HMUARTLGW_APP_SET_CURRENT_KEY;
+                       memcpy(&(out[1]), key, 16);
+                       out[17] = kNo;
+                       send_wait_hmuartlgw(&dev, &rdata, out, 18, HMUARTLGW_APP, HMUARTLGW_STATE_WAIT_APP, HMUARTLGW_STATE_ACK_APP);
+
+                       memset(out, 0, sizeof(out));
+                       out[0] = HMUARTLGW_APP_SET_OLD_KEY;
+                       memcpy(&(out[1]), key, 16);
+                       out[17] = kNo;
+                       send_wait_hmuartlgw(&dev, &rdata, out, 18, HMUARTLGW_APP, HMUARTLGW_STATE_WAIT_APP, HMUARTLGW_STATE_ACK_APP);
+               }
        } else {
                uint32_t new_hmid = my_hmid;
 
                hmcfgusb_set_debug(debug);
 
-               dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata);
+               dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata, hmcfgusb_serial);
                if (!dev.hmcfgusb) {
                        fprintf(stderr, "Can't initialize HM-CFG-USB\n");
                        exit(EXIT_FAILURE);
@@ -567,7 +941,7 @@ int main(int argc, char **argv)
                                                hmcfgusb_close(dev.hmcfgusb);
                                        }
                                        sleep(1);
-                               } while (((dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata)) == NULL) || (!dev.hmcfgusb->bootloader));
+                               } while (((dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata, hmcfgusb_serial)) == NULL) || (!dev.hmcfgusb->bootloader));
                        }
 
                        if (dev.hmcfgusb->bootloader) {
@@ -580,7 +954,7 @@ int main(int argc, char **argv)
                                                hmcfgusb_close(dev.hmcfgusb);
                                        }
                                        sleep(1);
-                               } while (((dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata)) == NULL) || (dev.hmcfgusb->bootloader));
+                               } while (((dev.hmcfgusb = hmcfgusb_init(parse_hmcfgusb, &rdata, hmcfgusb_serial)) == NULL) || (dev.hmcfgusb->bootloader));
                        }
                }
 
@@ -633,8 +1007,35 @@ int main(int argc, char **argv)
        }
 
        if (hmid && my_hmid) {
+               switch (dev.type) {
+                       case DEVICE_TYPE_HMCFGUSB:
+                               printf("Adding HMID\n");
+
+                               memset(out, 0, sizeof(out));
+                               out[0] = '+';
+                               out[1] = (hmid >> 16) & 0xff;
+                               out[2] = (hmid >> 8) & 0xff;
+                               out[3] = hmid & 0xff;
+
+                               hmcfgusb_send(dev.hmcfgusb, out, sizeof(out), 1);
+                               break;
+                       case DEVICE_TYPE_HMUARTLGW:
+                               printf("Adding HMID\n");
+
+                               memset(out, 0, sizeof(out));
+                               out[0] = HMUARTLGW_APP_ADD_PEER;
+                               out[1] = (hmid >> 16) & 0xff;
+                               out[2] = (hmid >> 8) & 0xff;
+                               out[3] = hmid & 0xff;
+                               out[4] = (kNo > 0) ? kNo : 0x00; /* KeyIndex */
+                               out[5] = 0x00; /* WakeUp? */
+                               out[6] = 0x00; /* WakeUp? */
+
+                               send_wait_hmuartlgw(&dev, &rdata, out, 7, HMUARTLGW_APP, HMUARTLGW_STATE_WAIT_APP, HMUARTLGW_STATE_ACK_APP);
+
+                               break;
+               }
                printf("Sending device with hmid %06x to bootloader\n", hmid);
-               out[MSGID] = msgid++;
                out[CTL] = 0x30;
                out[TYPE] = 0x11;
                SET_SRC(out, my_hmid);
@@ -644,6 +1045,7 @@ int main(int argc, char **argv)
 
                cnt = 3;
                do {
+                       out[MSGID] = msgid++;
                        if (send_hm_message(&dev, &rdata, out)) {
                                break;
                        }
@@ -666,9 +1068,14 @@ int main(int argc, char **argv)
                                pfd = culfw_poll(dev.culfw, 1000);
                                break;
                        case DEVICE_TYPE_HMCFGUSB:
-                       default:
                                pfd = hmcfgusb_poll(dev.hmcfgusb, 1000);
                                break;
+                       case DEVICE_TYPE_HMUARTLGW:
+                               pfd = hmuartlgw_poll(dev.hmuartlgw, 1000);
+                               break;
+                       default:
+                               pfd = -1;
+                               break;
                }
 
                if ((pfd < 0) && errno) {
@@ -687,7 +1094,7 @@ int main(int argc, char **argv)
                        if (serial && !strncmp((char*)&(rdata.message[0x0b]), serial, 10)) {
                                hmid = SRC(rdata.message);
                                break;
-                       } else if (!serial && SRC(rdata.message) == hmid) {
+                       } else if (!serial && SRC(rdata.message) == (int)hmid) {
                                serial = (char*)&(rdata.message[0x0b]);
                                break;
                        }
@@ -696,16 +1103,33 @@ int main(int argc, char **argv)
 
        printf("Device with serial %s (HMID: %06x) entered firmware-update-mode\n", serial, hmid);
 
-       if (dev.type == DEVICE_TYPE_HMCFGUSB) {
-               printf("Adding HMID\n");
+       switch (dev.type) {
+               case DEVICE_TYPE_HMCFGUSB:
+                       printf("Adding HMID\n");
 
-               memset(out, 0, sizeof(out));
-               out[0] = '+';
-               out[1] = (hmid >> 16) & 0xff;
-               out[2] = (hmid >> 8) & 0xff;
-               out[3] = hmid & 0xff;
+                       memset(out, 0, sizeof(out));
+                       out[0] = '+';
+                       out[1] = (hmid >> 16) & 0xff;
+                       out[2] = (hmid >> 8) & 0xff;
+                       out[3] = hmid & 0xff;
 
-               hmcfgusb_send(dev.hmcfgusb, out, sizeof(out), 1);
+                       hmcfgusb_send(dev.hmcfgusb, out, sizeof(out), 1);
+                       break;
+               case DEVICE_TYPE_HMUARTLGW:
+                       printf("Adding HMID\n");
+
+                       memset(out, 0, sizeof(out));
+                       out[0] = HMUARTLGW_APP_ADD_PEER;
+                       out[1] = (hmid >> 16) & 0xff;
+                       out[2] = (hmid >> 8) & 0xff;
+                       out[3] = hmid & 0xff;
+                       out[4] = 0x00; /* KeyIndex */
+                       out[5] = 0x00; /* WakeUp? */
+                       out[6] = 0x00; /* WakeUp? */
+
+                       send_wait_hmuartlgw(&dev, &rdata, out, 7, HMUARTLGW_APP, HMUARTLGW_STATE_WAIT_APP, HMUARTLGW_STATE_ACK_APP);
+
+                       break;
        }
 
        switchcnt = 3;
@@ -809,7 +1233,8 @@ int main(int argc, char **argv)
                        if (((pos + payloadlen) - &(fw->fw[block][2])) == len)
                                ack = 1;
 
-                       memset(&rdata, 0, sizeof(rdata));
+                       memset(rdata.message, 0, sizeof(rdata.message));
+                       rdata.message_type = 0;
 
                        memset(out, 0, sizeof(out));
 
@@ -857,8 +1282,11 @@ int main(int argc, char **argv)
        }
 
        printf("Waiting for device to reboot\n");
+       rdata.message_type = MESSAGE_TYPE_R;
 
        cnt = 10;
+       if (dev.type == DEVICE_TYPE_HMUARTLGW)
+               cnt = 200; /* FIXME */
        do {
                errno = 0;
                switch(dev.type) {
@@ -866,9 +1294,14 @@ int main(int argc, char **argv)
                                pfd = culfw_poll(dev.culfw, 1000);
                                break;
                        case DEVICE_TYPE_HMCFGUSB:
-                       default:
                                pfd = hmcfgusb_poll(dev.hmcfgusb, 1000);
                                break;
+                       case DEVICE_TYPE_HMUARTLGW:
+                               pfd = hmuartlgw_poll(dev.hmuartlgw, 1000);
+                               break;
+                       default:
+                               pfd = -1;
+                               break;
                }
                if ((pfd < 0) && errno) {
                        if (errno != ETIMEDOUT) {
Impressum, Datenschutz