diff options
Diffstat (limited to 'host')
-rw-r--r-- | host/libubertooth/src/ubertooth.c | 6 | ||||
-rw-r--r-- | host/libubertooth/src/ubertooth_callback.c | 53 | ||||
-rw-r--r-- | host/libubertooth/src/ubertooth_callback.h | 1 | ||||
-rw-r--r-- | host/ubertooth-tools/src/ubertooth-scan.c | 43 |
4 files changed, 88 insertions, 15 deletions
diff --git a/host/libubertooth/src/ubertooth.c b/host/libubertooth/src/ubertooth.c index 028a887..bcc28e4 100644 --- a/host/libubertooth/src/ubertooth.c +++ b/host/libubertooth/src/ubertooth.c @@ -54,10 +54,8 @@ void print_version() { ubertooth_t* cleanup_devh = NULL; static void cleanup(int sig __attribute__((unused))) { - if (cleanup_devh) { - ubertooth_stop(cleanup_devh); - } - exit(0); + if (cleanup_devh) + cleanup_devh->stop_ubertooth = 1; } void register_cleanup_handler(ubertooth_t* ut) { diff --git a/host/libubertooth/src/ubertooth_callback.c b/host/libubertooth/src/ubertooth_callback.c index b38be28..53a9bf9 100644 --- a/host/libubertooth/src/ubertooth_callback.c +++ b/host/libubertooth/src/ubertooth_callback.c @@ -226,6 +226,59 @@ out: btbb_packet_unref(pkt); } +/* Sniff for LAPs. If a piconet is provided, use the given LAP to + * search for UAP. + */ +void cb_scan(ubertooth_t* ut, void* args __attribute__((unused))) +{ + btbb_packet* pkt = NULL; + int8_t signal_level; + int8_t noise_level; + int8_t snr; + int offset; + uint32_t clkn; + + /* Do analysis based on oldest packet */ + usb_pkt_rx* rx = ringbuffer_top_usb(ut->packets); + + /* Sanity check */ + if (rx->channel > (NUM_BREDR_CHANNELS-1)) + goto out; + + determine_signal_and_noise( rx, &signal_level, &noise_level ); + snr = signal_level - noise_level; + + /* Pass packet-pointer-pointer so that + * packet can be created in libbtbb. */ + offset = btbb_find_ac(ringbuffer_top_bt(ut->packets), BANK_LEN - 64, LAP_ANY, max_ac_errors, &pkt); + if (offset < 0) + goto out; + + /* Once offset is known for a valid packet, copy in symbols + * and other rx data. CLKN here is the 312.5us CLK27-0. The + * btbb library can shift it be CLK1 if needed. */ + clkn = (rx->clkn_high << 20) + (le32toh(rx->clk100ns) + offset*10) / 3125; + btbb_packet_set_data(pkt, ringbuffer_top_bt(ut->packets) + offset, NUM_BANKS * BANK_LEN - offset, + rx->channel, clkn); + + printf("systime=%u ch=%2d LAP=%06x err=%u clk100ns=%u clk1=%u s=%d n=%d snr=%d\n", + (int)time(NULL), + btbb_packet_get_channel(pkt), + btbb_packet_get_lap(pkt), + btbb_packet_get_ac_errors(pkt), + rx->clk100ns, + btbb_packet_get_clkn(pkt), + signal_level, + noise_level, + snr); + + btbb_process_packet(pkt, NULL); + +out: + if (pkt) + btbb_packet_unref(pkt); +} + void cb_afh_initial(ubertooth_t* ut, void* args) { btbb_piconet* pn = (btbb_piconet*)args; diff --git a/host/libubertooth/src/ubertooth_callback.h b/host/libubertooth/src/ubertooth_callback.h index ce9c435..d46c455 100644 --- a/host/libubertooth/src/ubertooth_callback.h +++ b/host/libubertooth/src/ubertooth_callback.h @@ -33,5 +33,6 @@ void cb_afh_r(ubertooth_t* ut, void* args); void cb_btle(ubertooth_t* ut, void* args); void cb_ego(ubertooth_t* ut, void* args __attribute__((unused))); void cb_rx(ubertooth_t* ut, void* args); +void cb_scan(ubertooth_t* ut, void* args); #endif /* __UBERTOOTH_CALLBACK_H__ */ diff --git a/host/ubertooth-tools/src/ubertooth-scan.c b/host/ubertooth-tools/src/ubertooth-scan.c index 544a9ae..23f6596 100644 --- a/host/ubertooth-tools/src/ubertooth-scan.c +++ b/host/ubertooth-tools/src/ubertooth-scan.c @@ -32,6 +32,7 @@ #include <sys/ioctl.h> #include "ubertooth.h" +#include "ubertooth_callback.h" #include <btbb.h> #include <getopt.h> @@ -166,7 +167,7 @@ void extra_info(int dd, int dev_id, bdaddr_t* bdaddr) void print_name_and_class(int dev_handle, int dev_id, bdaddr_t *bdaddr, char* printable_addr, uint8_t extended) { - char name[248] = { 0 }; + char name[248] = { 0 }; if (hci_read_remote_name(dev_handle, bdaddr, sizeof(name), name, 0) < 0) strcpy(name, "[unknown]"); @@ -179,13 +180,13 @@ void print_name_and_class(int dev_handle, int dev_id, bdaddr_t *bdaddr, int main(int argc, char *argv[]) { - inquiry_info *ii = NULL; + inquiry_info *ii = NULL; int i, opt, dev_id, dev_handle, len, flags, max_rsp, num_rsp, lap, timeout = 20; uint8_t uap, extended = 0; uint8_t scan = 0; char ubertooth_device = -1; char *bt_dev = "hci0"; - char addr[19] = { 0 }; + char addr[19] = { 0 }; ubertooth_t* ut = NULL; btbb_piconet* pn; bdaddr_t bdaddr; @@ -221,7 +222,7 @@ int main(int argc, char *argv[]) } } - dev_id = hci_devid(bt_dev); + dev_id = hci_devid(bt_dev); if (dev_id < 0) { printf("error: Unable to find %s (%d)\n", bt_dev, dev_id); return 1; @@ -241,6 +242,9 @@ int main(int argc, char *argv[]) /* Set sweep mode - otherwise AFH map is useless */ cmd_set_channel(ut->devh, 9999); + /* Clean up on exit. */ + register_cleanup_handler(ut); + if (scan) { /* Equivalent to "hcitool scan" */ printf("HCI scan\n"); @@ -256,34 +260,51 @@ int main(int argc, char *argv[]) for (i = 0; i < num_rsp; i++) { ba2str(&(ii+i)->bdaddr, addr); print_name_and_class(dev_handle, dev_id, &(ii+i)->bdaddr, addr, - extended); + extended); } free(ii); } /* Now find hidden piconets with Ubertooth */ printf("\nUbertooth scan\n"); + + btbb_init(max_ac_errors); btbb_init_survey(); - rx_live(ut, NULL, timeout); + + if (timeout) + ubertooth_set_timeout(ut, timeout); + + ubertooth_bulk_init(ut); + + // tell ubertooth to send packets + cmd_rx_syms(ut->devh); + + // receive and process each packet + while(!ut->stop_ubertooth) { + ubertooth_bulk_wait(ut); + ubertooth_bulk_receive(ut, cb_scan, NULL); + } + ubertooth_stop(ut); + printf("\nScan results:\n"); while((pn=btbb_next_survey_result()) != NULL) { lap = btbb_piconet_get_lap(pn); if (btbb_piconet_get_flag(pn, BTBB_UAP_VALID)) { uap = btbb_piconet_get_uap(pn); sprintf(addr, "00:00:%02X:%02X:%02X:%02X", uap, - (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); + (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); str2ba(addr, &bdaddr); /* Printable version showing that the NAP is unknown */ sprintf(addr, "??:??:%02X:%02X:%02X:%02X", uap, - (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); + (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); print_name_and_class(dev_handle, dev_id, &bdaddr, addr, extended); } else printf("??:??:??:%02X:%02X:%02X\n", (lap >> 16) & 0xFF, - (lap >> 8) & 0xFF, lap & 0xFF); + (lap >> 8) & 0xFF, lap & 0xFF); btbb_print_afh_map(pn); } - close(dev_handle); - return 0; + close(dev_handle); + return 0; } |