]>
Commit | Line | Data |
---|---|---|
1 | /* HM-sniffer for HM-CFG-USB | |
2 | * | |
3 | * Copyright (c) 2013-16 Michael Gernoth <michael@gernoth.net> | |
4 | * | |
5 | * Permission is hereby granted, free of charge, to any person obtaining a copy | |
6 | * of this software and associated documentation files (the "Software"), to | |
7 | * deal in the Software without restriction, including without limitation the | |
8 | * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or | |
9 | * sell copies of the Software, and to permit persons to whom the Software is | |
10 | * furnished to do so, subject to the following conditions: | |
11 | * | |
12 | * The above copyright notice and this permission notice shall be included in | |
13 | * all copies or substantial portions of the Software. | |
14 | * | |
15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
17 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
18 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
19 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | |
20 | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS | |
21 | * IN THE SOFTWARE. | |
22 | */ | |
23 | ||
24 | #include <stdio.h> | |
25 | #include <stdlib.h> | |
26 | #include <unistd.h> | |
27 | #include <stdint.h> | |
28 | #include <string.h> | |
29 | #include <strings.h> | |
30 | #include <poll.h> | |
31 | #include <errno.h> | |
32 | #include <time.h> | |
33 | #include <sys/time.h> | |
34 | #include <libusb-1.0/libusb.h> | |
35 | ||
36 | #include "version.h" | |
37 | #include "hexdump.h" | |
38 | #include "hmcfgusb.h" | |
39 | ||
40 | static int verbose = 0; | |
41 | ||
42 | /* See HMConfig.pm */ | |
43 | char *hm_message_types(uint8_t type, uint8_t subtype) | |
44 | { | |
45 | switch(type) { | |
46 | case 0x00: | |
47 | return "Device Info"; | |
48 | break; | |
49 | case 0x01: | |
50 | return "Configuration"; | |
51 | break; | |
52 | case 0x02: | |
53 | if (subtype >= 0x80 && subtype <= 0x8f) { | |
54 | return "NACK"; | |
55 | } else if (subtype == 0x01) { | |
56 | return "ACKinfo"; | |
57 | } else if (subtype == 0x04) { | |
58 | return "AESrequest"; | |
59 | } | |
60 | return "ACK"; | |
61 | break; | |
62 | case 0x03: | |
63 | return "AESreply"; | |
64 | break; | |
65 | case 0x04: | |
66 | return "AESkey"; | |
67 | break; | |
68 | case 0x10: | |
69 | return "Information"; | |
70 | break; | |
71 | case 0x11: | |
72 | return "SET"; | |
73 | break; | |
74 | case 0x12: | |
75 | return "HAVE_DATA"; | |
76 | break; | |
77 | case 0x3e: | |
78 | return "Switch"; | |
79 | break; | |
80 | case 0x3f: | |
81 | return "Timestamp"; | |
82 | break; | |
83 | case 0x40: | |
84 | return "Remote"; | |
85 | break; | |
86 | case 0x41: | |
87 | return "Sensor"; | |
88 | break; | |
89 | case 0x53: | |
90 | return "Water sensor"; | |
91 | break; | |
92 | case 0x58: | |
93 | return "Climate event"; | |
94 | break; | |
95 | case 0x5a: | |
96 | return "Thermal control"; | |
97 | break; | |
98 | case 0x5e: | |
99 | return "Power event"; | |
100 | break; | |
101 | case 0x70: | |
102 | return "Weather event"; | |
103 | break; | |
104 | case 0xca: | |
105 | return "Firmware"; | |
106 | break; | |
107 | case 0xcb: | |
108 | return "Rf configuration"; | |
109 | break; | |
110 | default: | |
111 | return "?"; | |
112 | break; | |
113 | } | |
114 | } | |
115 | ||
116 | static void dissect_hm(uint8_t *buf, int len) | |
117 | { | |
118 | struct timeval tv; | |
119 | struct tm *tmp; | |
120 | char ts[32]; | |
121 | static int count = 0; | |
122 | int i; | |
123 | ||
124 | gettimeofday(&tv, NULL); | |
125 | tmp = localtime(&tv.tv_sec); | |
126 | memset(ts, 0, sizeof(ts)); | |
127 | strftime(ts, sizeof(ts)-1, "%Y-%m-%d %H:%M:%S", tmp); | |
128 | ||
129 | if (verbose) { | |
130 | printf("%s.%06ld: ", ts, tv.tv_usec); | |
131 | ||
132 | for (i = 0; i < len; i++) { | |
133 | printf("%02X", buf[i]); | |
134 | } | |
135 | printf("\n"); | |
136 | printf("Packet information:\n"); | |
137 | printf("\tLength: %u\n", buf[0]); | |
138 | printf("\tMessage ID: %u\n", buf[1]); | |
139 | printf("\tSender: %02x%02x%02x\n", buf[4], buf[5], buf[6]); | |
140 | printf("\tReceiver: %02x%02x%02x\n", buf[7], buf[8], buf[9]); | |
141 | printf("\tControl Byte: 0x%02x\n", buf[2]); | |
142 | printf("\t\tFlags: "); | |
143 | if (buf[2] & (1 << 0)) printf("WAKEUP "); | |
144 | if (buf[2] & (1 << 1)) printf("WAKEMEUP "); | |
145 | if (buf[2] & (1 << 2)) printf("CFG "); | |
146 | if (buf[2] & (1 << 3)) printf("? "); | |
147 | if (buf[2] & (1 << 4)) printf("BURST "); | |
148 | if (buf[2] & (1 << 5)) printf("BIDI "); | |
149 | if (buf[2] & (1 << 6)) printf("RPTED "); | |
150 | if (buf[2] & (1 << 7)) printf("RPTEN "); | |
151 | printf("\n"); | |
152 | printf("\tMessage type: %s (0x%02x 0x%02x)\n", hm_message_types(buf[3], buf[10]), buf[3], buf[10]); | |
153 | printf("\tMessage: "); | |
154 | for (i = 10; i < len; i++) { | |
155 | printf("%02X", buf[i]); | |
156 | } | |
157 | printf("\n"); | |
158 | ||
159 | printf("\n"); | |
160 | } else { | |
161 | if (!(count++ % 20)) | |
162 | printf(" LL NR FL CM sender recvr payload\n"); | |
163 | ||
164 | printf("%s.%03ld: %02X %02X %02X %02X %02X%02X%02X %02X%02X%02X ", | |
165 | ts, tv.tv_usec/1000, | |
166 | buf[0], buf[1], buf[2], buf[3], | |
167 | buf[4], buf[5], buf[6], | |
168 | buf[7], buf[8], buf[9]); | |
169 | ||
170 | for (i = 10; i < len; i++) { | |
171 | printf("%02X", buf[i]); | |
172 | } | |
173 | printf("%s(%s)\n", (i>10)?" ":"", hm_message_types(buf[3], buf[10])); | |
174 | } | |
175 | } | |
176 | ||
177 | struct recv_data { | |
178 | int wrong_hmid; | |
179 | }; | |
180 | ||
181 | static int parse_hmcfgusb(uint8_t *buf, int buf_len, void *data) | |
182 | { | |
183 | struct recv_data *rdata = data; | |
184 | ||
185 | if (buf_len < 1) | |
186 | return 1; | |
187 | ||
188 | switch(buf[0]) { | |
189 | case 'E': | |
190 | dissect_hm(buf + 13, buf[13] + 1); | |
191 | break; | |
192 | case 'H': | |
193 | if ((buf[27] != 0x00) || | |
194 | (buf[28] != 0x00) || | |
195 | (buf[29] != 0x00)) { | |
196 | printf("hmId is currently set to: %02x%02x%02x\n", buf[27], buf[28], buf[29]); | |
197 | rdata->wrong_hmid = 1; | |
198 | } | |
199 | break; | |
200 | case 'R': | |
201 | case 'I': | |
202 | case 'G': | |
203 | break; | |
204 | default: | |
205 | hexdump(buf, buf_len, "Unknown> "); | |
206 | break; | |
207 | } | |
208 | ||
209 | return 1; | |
210 | } | |
211 | ||
212 | void hmsniff_syntax(char *prog) | |
213 | { | |
214 | fprintf(stderr, "Syntax: %s options\n\n", prog); | |
215 | fprintf(stderr, "Possible options:\n"); | |
216 | fprintf(stderr, "\t-f\t\tfast (100k/firmware update) mode\n"); | |
217 | fprintf(stderr, "\t-S serial\tuse HM-CFG-USB with given serial\n"); | |
218 | fprintf(stderr, "\t-v\t\tverbose mode\n"); | |
219 | fprintf(stderr, "\t-V\t\tshow version (" VERSION ")\n"); | |
220 | ||
221 | } | |
222 | ||
223 | int main(int argc, char **argv) | |
224 | { | |
225 | struct hmcfgusb_dev *dev; | |
226 | struct recv_data rdata; | |
227 | char *serial = NULL; | |
228 | int quit = 0; | |
229 | int speed = 10; | |
230 | uint8_t speed_buf[2]; | |
231 | int opt; | |
232 | ||
233 | while((opt = getopt(argc, argv, "fS:vV")) != -1) { | |
234 | switch (opt) { | |
235 | case 'f': | |
236 | speed = 100; | |
237 | break; | |
238 | case 'S': | |
239 | serial = optarg; | |
240 | break; | |
241 | case 'v': | |
242 | verbose = 1; | |
243 | break; | |
244 | case 'V': | |
245 | printf("hmsniff " VERSION "\n"); | |
246 | printf("Copyright (c) 2013-16 Michael Gernoth\n\n"); | |
247 | exit(EXIT_SUCCESS); | |
248 | case 'h': | |
249 | case ':': | |
250 | case '?': | |
251 | default: | |
252 | hmsniff_syntax(argv[0]); | |
253 | exit(EXIT_FAILURE); | |
254 | break; | |
255 | } | |
256 | } | |
257 | ||
258 | hmcfgusb_set_debug(0); | |
259 | ||
260 | do { | |
261 | memset(&rdata, 0, sizeof(rdata)); | |
262 | rdata.wrong_hmid = 0; | |
263 | ||
264 | dev = hmcfgusb_init(parse_hmcfgusb, &rdata, serial); | |
265 | if (!dev) { | |
266 | fprintf(stderr, "Can't initialize HM-CFG-USB, retrying in 1s...\n"); | |
267 | sleep(1); | |
268 | continue; | |
269 | } | |
270 | printf("HM-CFG-USB opened!\n"); | |
271 | ||
272 | hmcfgusb_send_null_frame(dev, 1); | |
273 | hmcfgusb_send(dev, (unsigned char*)"K", 1, 1); | |
274 | ||
275 | hmcfgusb_send_null_frame(dev, 1); | |
276 | speed_buf[0] = 'G'; | |
277 | speed_buf[1] = speed; | |
278 | hmcfgusb_send(dev, speed_buf, 2, 1); | |
279 | ||
280 | while(!quit) { | |
281 | int fd; | |
282 | ||
283 | if (rdata.wrong_hmid) { | |
284 | printf("changing hmId to 000000, this might reboot the device!\n"); | |
285 | hmcfgusb_send(dev, (unsigned char*)"A\00\00\00", 4, 1); | |
286 | rdata.wrong_hmid = 0; | |
287 | hmcfgusb_send(dev, (unsigned char*)"K", 1, 1); | |
288 | } | |
289 | fd = hmcfgusb_poll(dev, 1000); | |
290 | if (fd >= 0) { | |
291 | fprintf(stderr, "activity on unknown fd %d!\n", fd); | |
292 | continue; | |
293 | } else if (fd == -1) { | |
294 | if (errno) { | |
295 | if (errno != ETIMEDOUT) { | |
296 | perror("hmcfgusb_poll"); | |
297 | break; | |
298 | } else { | |
299 | /* periodically wakeup the device */ | |
300 | hmcfgusb_send_null_frame(dev, 1); | |
301 | } | |
302 | } | |
303 | } | |
304 | } | |
305 | ||
306 | hmcfgusb_close(dev); | |
307 | } while (!quit); | |
308 | ||
309 | hmcfgusb_exit(); | |
310 | ||
311 | return EXIT_SUCCESS; | |
312 | } |