probe.cc

Go to the documentation of this file.
00001 ///
00002 /// \file       probe.cc
00003 ///             USB Blackberry detection routines
00004 ///
00005 
00006 /*
00007     Copyright (C) 2005-2009, Net Direct Inc. (http://www.netdirect.ca/)
00008 
00009     This program is free software; you can redistribute it and/or modify
00010     it under the terms of the GNU General Public License as published by
00011     the Free Software Foundation; either version 2 of the License, or
00012     (at your option) any later version.
00013 
00014     This program is distributed in the hope that it will be useful,
00015     but WITHOUT ANY WARRANTY; without even the implied warranty of
00016     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
00017 
00018     See the GNU General Public License in the COPYING file at the
00019     root directory of this project for more details.
00020 */
00021 
00022 #include "common.h"
00023 #include "probe.h"
00024 #include "usbwrap.h"
00025 #include "data.h"
00026 #include "endian.h"
00027 #include "error.h"
00028 #include "debug.h"
00029 #include "packet.h"
00030 #include "socket.h"
00031 #include "protocol.h"
00032 #include "record-internal.h"
00033 #include "strnlen.h"
00034 #include <iomanip>
00035 #include <errno.h>
00036 #include <string.h>
00037 
00038 using namespace Usb;
00039 
00040 namespace Barry {
00041 
00042 unsigned char Intro_Sends[][32] = {
00043         // packet #1
00044         { 0x00, 0x00, 0x10, 0x00, 0x01, 0xff, 0x00, 0x00,
00045           0xa8, 0x18, 0xda, 0x8d, 0x6c, 0x02, 0x00, 0x00 }
00046 };
00047 
00048 
00049 unsigned char Intro_Receives[][32] = {
00050         // response to packet #1
00051         { 0x00, 0x00, 0x10, 0x00, 0x02, 0xff, 0x00, 0x00,
00052           0xa8, 0x18, 0xda, 0x8d, 0x6c, 0x02, 0x00, 0x00 }
00053 };
00054 
00055 namespace {
00056 
00057         unsigned int GetSize(const unsigned char *packet)
00058         {
00059                 uint16_t size = *((uint16_t *)&packet[2]);
00060                 return btohs(size);
00061         }
00062 
00063         bool Intro(int IntroIndex, const EndpointPair &ep, Device &dev, Data &response)
00064         {
00065                 dev.BulkWrite(ep.write, Intro_Sends[IntroIndex],
00066                         GetSize(Intro_Sends[IntroIndex]));
00067                 try {
00068                         dev.BulkRead(ep.read, response, 500);
00069                 }
00070                 catch( Usb::Timeout &to ) {
00071                         ddout("BulkRead: " << to.what());
00072                         return false;
00073                 }
00074                 ddout("BulkRead (" << (unsigned int)ep.read << "):\n" << response);
00075                 return true;
00076         }
00077 
00078 } // anonymous namespace
00079 
00080 
00081 bool Probe::CheckSize(const Data &data, unsigned int required)
00082 {
00083         const unsigned char *pd = data.GetData();
00084 
00085         if( GetSize(pd) != (unsigned int) data.GetSize() ||
00086             data.GetSize() < required ||
00087             pd[4] != SB_COMMAND_FETCHED_ATTRIBUTE )
00088         {
00089                 dout("Probe: Parse data failure: GetSize(pd): " << GetSize(pd)
00090                         << ", data.GetSize(): " << data.GetSize()
00091                         << ", pd[4]: " << (unsigned int) pd[4]);
00092                 return false;
00093         }
00094 
00095         return true;
00096 }
00097 
00098 bool Probe::ParsePIN(const Data &data, uint32_t &pin)
00099 {
00100         // validate response data
00101         const unsigned char *pd = data.GetData();
00102 
00103         if( !CheckSize(data, 0x14) )
00104                 return false;
00105 
00106         // capture the PIN
00107         pin = btohl(*((uint32_t *) &pd[16]));
00108 
00109         return true;
00110 }
00111 
00112 bool Probe::ParseDesc(const Data &data, std::string &desc)
00113 {
00114         if( !CheckSize(data, 29) )
00115                 return false;
00116 
00117         // capture the description
00118         const char *d = (const char*) &data.GetData()[28];
00119         int maxlen = data.GetSize() - 28;
00120         desc.assign(d, strnlen(d, maxlen));
00121 
00122         return true;
00123 }
00124 
00125 Probe::Probe(const char *busname, const char *devname)
00126         : m_fail_count(0)
00127 {
00128         // let the programmer pass in "" as well as 0
00129         if( busname && !strlen(busname) )
00130                 busname = 0;
00131         if( devname && !strlen(devname) )
00132                 devname = 0;
00133 
00134         // Search for standard product ID first
00135         ProbeMatching(VENDOR_RIM, PRODUCT_RIM_BLACKBERRY, busname, devname);
00136 
00137         // Search for Pearl devices second
00138         //
00139         // productID 6 devices (PRODUCT_RIM_PEARL) do not expose
00140         // the USB class 255 interface we need, but only the
00141         // Mass Storage one.  Here we search for PRODUCT_RIM_PEARL_DUAL,
00142         // (ID 4) which has both enabled.
00143         ProbeMatching(VENDOR_RIM, PRODUCT_RIM_PEARL_DUAL, busname, devname);
00144         // And a special case, which behaves similar to the PEARL_DUAL,
00145         // but with a unique Product ID.
00146         ProbeMatching(VENDOR_RIM, PRODUCT_RIM_PEARL_8120, busname, devname);
00147 
00148         // And one more time, for the Blackberry Storm
00149         ProbeMatching(VENDOR_RIM, PRODUCT_RIM_STORM, busname, devname);
00150 }
00151 
00152 void Probe::ProbeMatching(int vendor, int product,
00153                         const char *busname, const char *devname)
00154 {
00155         Usb::DeviceIDType devid;
00156 
00157         Match match(vendor, product, busname, devname);
00158         while( match.next_device(&devid) ) try {
00159                 ProbeDevice(devid);
00160         }
00161         catch( Usb::Error &e ) {
00162                 dout("Usb::Error exception caught: " << e.what());
00163                 if( e.libusb_errcode() == -EBUSY ) {
00164                         m_fail_count++;
00165                         m_fail_msgs.push_back(e.what());
00166                 }
00167                 else {
00168                         throw;
00169                 }
00170         }
00171 }
00172 
00173 void Probe::ProbeDevice(Usb::DeviceIDType devid)
00174 {
00175         // skip if we can't properly discover device config
00176         DeviceDiscovery discover(devid);
00177         ConfigDesc &config = discover.configs[BLACKBERRY_CONFIGURATION];
00178 
00179         // search for interface class
00180         InterfaceDiscovery::base_type::iterator idi = config.interfaces.begin();
00181         for( ; idi != config.interfaces.end(); idi++ ) {
00182                 if( idi->second.desc.bInterfaceClass == BLACKBERRY_DB_CLASS )
00183                         break;
00184         }
00185         if( idi == config.interfaces.end() ) {
00186                 dout("Probe: Interface with BLACKBERRY_DB_CLASS ("
00187                         << BLACKBERRY_DB_CLASS << ") not found.");
00188                 return; // not found
00189         }
00190 
00191         unsigned char InterfaceNumber = idi->second.desc.bInterfaceNumber;
00192         dout("Probe: using InterfaceNumber: " << (unsigned int) InterfaceNumber);
00193 
00194         // check endpoint validity
00195         EndpointDiscovery &ed = config.interfaces[InterfaceNumber].endpoints;
00196         if( !ed.IsValid() || ed.GetEndpointPairs().size() == 0 ) {
00197                 dout("Probe: endpoint invalid.   ed.IsValud() == "
00198                         << (ed.IsValid() ? "true" : "false")
00199                         << ", ed.GetEndpointPairs().size() == "
00200                         << ed.GetEndpointPairs().size());
00201                 return;
00202         }
00203 
00204         ProbeResult result;
00205         result.m_dev = devid;
00206         result.m_interface = InterfaceNumber;
00207         result.m_zeroSocketSequence = 0;
00208 
00209         // open device
00210         Device dev(devid);
00211 //      dev.Reset();
00212 //      sleep(5);
00213 
00214         //  make sure we're talking to the right config
00215         unsigned char cfg;
00216         if( !dev.GetConfiguration(cfg) )
00217                 throw Usb::Error(dev.GetLastError(),
00218                         "Probe: GetConfiguration failed");
00219         if( cfg != BLACKBERRY_CONFIGURATION ) {
00220                 if( !dev.SetConfiguration(BLACKBERRY_CONFIGURATION) )
00221                         throw Usb::Error(dev.GetLastError(),
00222                                 "Probe: SetConfiguration failed");
00223         }
00224 
00225         // open interface
00226         Interface iface(dev, InterfaceNumber);
00227 
00228         // find the first bulk read/write endpoint pair that answers
00229         // to our probe commands
00230         // Start with second pair, since evidence indicates the later pairs
00231         // are the ones we need.
00232         size_t i;
00233         for(i = ed.GetEndpointPairs().size() > 1 ? 1 : 0;
00234             i < ed.GetEndpointPairs().size();
00235             i++ )
00236         {
00237                 const EndpointPair &ep = ed.GetEndpointPairs()[i];
00238                 if( ep.type == USB_ENDPOINT_TYPE_BULK ) {
00239 
00240                         uint32_t pin;
00241                         uint8_t zeroSocketSequence;
00242                         std::string desc;
00243                         if( ProbePair(dev, ep, pin, desc, zeroSocketSequence) ) {
00244                                 result.m_ep = ep;
00245                                 result.m_pin = pin;
00246                                 result.m_description = desc;
00247                                 result.m_zeroSocketSequence = zeroSocketSequence;
00248                                 break;
00249                         }
00250                 }
00251                 else {
00252                         dout("Probe: Skipping non-bulk endpoint pair (offset: "
00253                                 << i-1 << ") ");
00254                 }
00255         }
00256 
00257         // check for ip modem endpoints
00258         i++;
00259         if( i < ed.GetEndpointPairs().size() ) {
00260                 const EndpointPair &ep = ed.GetEndpointPairs()[i];
00261                 if( ProbeModem(dev, ep) ) {
00262                         result.m_epModem = ep;
00263                 }
00264         }
00265 
00266         // add to list
00267         if( result.m_ep.IsComplete() ) {
00268                 m_results.push_back(result);
00269                 ddout("Using ReadEndpoint: " << (unsigned int)result.m_ep.read);
00270                 ddout("      WriteEndpoint: " << (unsigned int)result.m_ep.write);
00271         }
00272         else {
00273                 ddout("Unable to discover endpoint pair for one device.");
00274         }
00275 }
00276 
00277 bool Probe::ProbePair(Usb::Device &dev,
00278                         const Usb::EndpointPair &ep,
00279                         uint32_t &pin,
00280                         std::string &desc,
00281                         uint8_t &zeroSocketSequence)
00282 {
00283         dev.ClearHalt(ep.read);
00284         dev.ClearHalt(ep.write);
00285 
00286         Data data;
00287         dev.BulkDrain(ep.read);
00288         if( !Intro(0, ep, dev, data) ) {
00289                 dout("Probe: Intro(0) failed");
00290                 return false;
00291         }
00292 
00293         SocketZero socket(dev, ep.write, ep.read);
00294 
00295         Data send, receive;
00296         ZeroPacket packet(send, receive);
00297 
00298         // unknown attribute: 0x14 / 0x01
00299         packet.GetAttribute(SB_OBJECT_INITIAL_UNKNOWN,
00300                 SB_ATTR_INITIAL_UNKNOWN);
00301         socket.Send(packet);
00302 
00303         // fetch PIN
00304         packet.GetAttribute(SB_OBJECT_PROFILE, SB_ATTR_PROFILE_PIN);
00305         socket.Send(packet);
00306         if( packet.ObjectID() != SB_OBJECT_PROFILE ||
00307             packet.AttributeID() != SB_ATTR_PROFILE_PIN ||
00308             !ParsePIN(receive, pin) )
00309         {
00310                 dout("Probe: unable to fetch PIN");
00311                 return false;
00312         }
00313 
00314         // fetch Description
00315         packet.GetAttribute(SB_OBJECT_PROFILE, SB_ATTR_PROFILE_DESC);
00316         socket.Send(packet);
00317         // response ObjectID does not match request... :-/
00318         if( // packet.ObjectID() != SB_OBJECT_PROFILE ||
00319             packet.AttributeID() != SB_ATTR_PROFILE_DESC ||
00320             !ParseDesc(receive, desc) )
00321         {
00322                 dout("Probe: unable to fetch description");
00323         }
00324 
00325         // more unknowns:
00326         for( uint16_t attr = 5; attr < 9; attr++ ) {
00327                 packet.GetAttribute(SB_OBJECT_SOCKET_UNKNOWN, attr);
00328                 socket.Send(packet);
00329                 // FIXME parse these responses, if they turn
00330                 // out to be important
00331         }
00332 
00333         // all info obtained!
00334         zeroSocketSequence = socket.GetZeroSocketSequence();
00335         return true;
00336 }
00337 
00338 bool Probe::ProbeModem(Usb::Device &dev, const Usb::EndpointPair &ep)
00339 {
00340         //
00341         // This check is not needed for all devices.  Some devices,
00342         // like the 8700 have both the RIM_UsbSerData mode and IpModem mode.
00343         //
00344         // If this function is called, then we have extra endpoints,
00345         // so might as well try them.
00346         //
00347         // FIXME - someday, we might wish to confirm that the endpoints
00348         // work as a modem, and return true/false based on that test.
00349         //
00350         return true;
00351 
00352 
00353 // Thanks to Rick Scott (XmBlackBerry:bb_usb.c) for reverse engineering this
00354 //      int num_read;
00355 //      char data[255];
00356 //      int local_errno;
00357 //
00358 //      num_read = usb_control_msg(dev.GetHandle(),
00359 //              /* bmRequestType */ USB_ENDPOINT_IN | USB_TYPE_VENDOR | USB_RECIP_DEVICE,
00360 //              /* bRequest */ 0xa5,
00361 //              /* wValue */ 0,
00362 //              /* wIndex */ 1,
00363 //              /* data */ data,
00364 //              /* wLength */ sizeof(data),
00365 //              /* timeout */ 2000);
00366 //      local_errno = errno;
00367 //      if( num_read > 1 ) {
00368 //              if( data[0] == 0x02 ) {
00369 //                      return true;
00370 //              }
00371 //      }
00372 //      return false;
00373 }
00374 
00375 int Probe::FindActive(uint32_t pin) const
00376 {
00377         for( int i = 0; i < GetCount(); i++ ) {
00378                 if( Get(i).m_pin == pin )
00379                         return i;
00380         }
00381         if( pin == 0 ) {
00382                 // can we default to a single device?
00383                 if( GetCount() == 1 )
00384                         return 0;       // yes!
00385         }
00386 
00387         // PIN not found
00388         return -1;
00389 }
00390 
00391 void ProbeResult::DumpAll(std::ostream &os) const
00392 {
00393         os << *this
00394            << ", Interface: 0x" << std::hex << (unsigned int) m_interface
00395            << ", Endpoints: (read: 0x" << std::hex << (unsigned int) m_ep.read
00396                 << ", write: 0x" << std::hex << (unsigned int) m_ep.write
00397                 << ", type: 0x" << std::hex << (unsigned int) m_ep.type
00398            << ", ZeroSocketSequence: 0x" << std::hex << (unsigned int) m_zeroSocketSequence;
00399 }
00400 
00401 std::ostream& operator<< (std::ostream &os, const ProbeResult &pr)
00402 {
00403         os << "Device ID: " << pr.m_dev
00404            << std::hex << ". PIN: " << pr.m_pin
00405            << ", Description: " << pr.m_description;
00406         return os;
00407 }
00408 
00409 } // namespace Barry
00410 

Generated on Mon Jan 12 10:51:13 2009 for Barry by  doxygen 1.5.7.1