| 430f2b77 |
shared/log: Add common code to interface with logging channel
This enables any code using shared to log information using the logging
channel which can then be decoded by the likes of btmon. |
Luiz Augusto von Dentz |
7 years ago |
3 files, +223, -0 |
| d6eec1b6 |
meshctl: Switch from write to sendmsg for Acquire*
Use sendmsg with MSG_NOSIGNAL to prevent crashes involving SIGPIPE. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +45, -19 |
| 91df8569 |
client: Switch from write to sendmsg for Acquire*
Use sendmsg with MSG_NOSIGNAL to prevent crashes involving SIGPIPE. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +60, -25 |
| 697a8e4c |
gatt: Switch from pipe2 to sockepair for Acquire*
This enables to use sendmsg with MSG_NOSIGNAL. |
Luiz Augusto von Dentz |
7 years ago |
2 files, +72, -53 |
| 129ba2b1 |
doc/gatt-api: Restrict supported file descriptors
Only support sockets with AcquireWrite/AcquireNotify since pipe don't
work with sendmsg therefore MSG_NOSIGNAL cannot be used. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +6, -6 |
| b12d1984 |
gatt: Fix invalid read when disconnecting
In case there is a client of AcquireNotify and a disconnect happens the
code not only have to free the client object but also destroy the io
associated with it, for this reason the client object cannot be freed
until the io is destroyed otherwise it may lead to the following error:
Invalid read of size 4
at 0x63920: notify_io_destroy (gatt-client.c:1461)
by 0x63EDB: pipe_io_destroy (gatt-client.c:1082)
by 0x6405B: characteristic_free (gatt-client.c:1663)
by 0x81F33: remove_interface (object.c:667)
by 0x826CB: g_dbus_unregister_interface (object.c:1391)
by 0x85D2B: queue_remove_all (queue.c:354)
by 0x635F7: unregister_service (gatt-client.c:1893)
by 0x85CF7: queue_remove_all (queue.c:339)
by 0x661DF: btd_gatt_client_service_removed (gatt-client.c:2199)
by 0x695CB: gatt_service_removed (device.c:3747)
by 0x85B17: queue_foreach (queue.c:220)
by 0x91283: notify_service_changed (gatt-db.c:280)
by 0x91283: gatt_db_service_destroy (gatt-db.c:291)
Address 0x515ed48 is 0 bytes inside a block of size 20 free'd
at 0x483EAD0: free (vg_replace_malloc.c:530)
by 0x85D2B: queue_remove_all (queue.c:354)
by 0x636D3: unregister_characteristic (gatt-client.c:1741)
by 0x85D2B: queue_remove_all (queue.c:354)
by 0x635F7: unregister_service (gatt-client.c:1893)
by 0x85CF7: queue_remove_all (queue.c:339)
by 0x661DF: btd_gatt_client_service_removed (gatt-client.c:2199)
by 0x695CB: gatt_service_removed (device.c:3747)
by 0x85B17: queue_foreach (queue.c:220)
by 0x91283: notify_service_changed (gatt-db.c:280)
by 0x91283: gatt_db_service_destroy (gatt-db.c:291)
by 0x85D2B: queue_remove_all (queue.c:354)
by 0x91387: gatt_db_clear_range (gatt-db.c:475) |
Luiz Augusto von Dentz |
7 years ago |
1 file, +12, -12 |
| 1f6a90d5 |
avctp: Fix possible crash when accepting browsing channel
In order to stop the bt_io_accept from calling the callback with
invalid session, if that is disconnected in the meantime, create the
channel so it can properly be destroyed thus stopping the callback from
being called. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +2, -0 |
| 3ef0ce95 |
bluetooth.conf: remove deprecated at_console statement
As described in [0], this likely did not have the intended effect, so
simply remove it. The change in behavior is that up until this patch
it would be possible for root, lp, and any non-system user to potentially
gain access to bluez' dbus interface. Now this is extended to also allow
any system user.
[0]: <https://www.spinics.net/lists/linux-bluetooth/msg75267.html> |
Tom Gundersen |
7 years ago |
1 file, +1, -11 |
| 0150f95a |
unit/test-sdp: Add robustness test for continuation state
This adds a test for invalid continuation state:
/TP/SERVER/SA/ROB/BI-01-C - init
/TP/SERVER/SA/ROB/BI-01-C - setup
/TP/SERVER/SA/ROB/BI-01-C - setup complete
/TP/SERVER/SA/ROB/BI-01-C - run
test-sdp: < 02 00 01 00 16 35 11 1c 00 00 01 00 00 00 10 00 .....5..........
test-sdp: 80 00 00 80 5f 9b 34 fb 00 01 00 ...._.4....
bluetoothd[26193]: process_request: Got a svc srch req
bluetoothd[26193]: extract_des: Seq type : 53
bluetoothd[26193]: extract_des: Data size : 17
bluetoothd[26193]: extract_des: Data type: 0x1c
bluetoothd[26193]: extract_des: No of elements : 1
bluetoothd[26193]: service_search_req: Expected count: 1
bluetoothd[26193]: service_search_req: Bytes scanned : 19
bluetoothd[26193]: sdp_cstate_get: Continuation State size : 0
bluetoothd[26193]: service_search_req: Checking svcRec : 0x0
bluetoothd[26193]: service_search_req: Checking svcRec : 0x1
bluetoothd[26193]: service_search_req: Checking svcRec : 0x10000
bluetoothd[26193]: service_search_req: Match count: 1
bluetoothd[26193]: process_request: Sending rsp. status 0
bluetoothd[26193]: process_request: Bytes Sent : 14
test-sdp: > 03 00 01 00 09 00 01 00 01 00 01 00 00 00 ..............
test-sdp: < 04 00 01 00 0f 00 01 00 00 00 07 35 06 09 00 00 ...........5....
test-sdp: 09 00 01 00 ....
bluetoothd[26193]: process_request: Got a svc attr req
bluetoothd[26193]: extract_des: Seq type : 53
bluetoothd[26193]: extract_des: Data size : 6
bluetoothd[26193]: extract_des: Data type: 0x09
bluetoothd[26193]: extract_des: No of elements : 1
bluetoothd[26193]: extract_des: Data type: 0x09
bluetoothd[26193]: extract_des: No of elements : 2
bluetoothd[26193]: sdp_cstate_get: Continuation State size : 0
bluetoothd[26193]: service_attr_req: SvcRecHandle : 0x10000
bluetoothd[26193]: service_attr_req: max_rsp_size : 7
bluetoothd[26193]: extract_attrs: Entries in attr seq : 2
bluetoothd[26193]: extract_attrs: AttrDataType : 9
bluetoothd[26193]: extract_attrs: AttrDataType : 9
bluetoothd[26193]: service_attr_req: Creating continuation state of size : 18
bluetoothd[26193]: sdp_set_cstate_pdu: Non null sdp_cstate_t id : 0x5bdb0511
bluetoothd[26193]: process_request: Sending rsp. status 0
bluetoothd[26193]: process_request: Bytes Sent : 23
test-sdp: > 05 00 01 00 12 00 07 35 10 09 00 00 0a 00 08 11 .......5........
test-sdp: 05 db 5b 07 00 00 00 ..[....
test-sdp: < 04 00 02 00 17 00 01 00 00 00 07 35 06 09 00 00 ...........5....
test-sdp: 09 00 01 08 11 05 db 5b ff ff 00 00 .......[....
bluetoothd[26193]: process_request: Got a svc attr req
bluetoothd[26193]: extract_des: Seq type : 53
bluetoothd[26193]: extract_des: Data size : 6
bluetoothd[26193]: extract_des: Data type: 0x09
bluetoothd[26193]: extract_des: No of elements : 1
bluetoothd[26193]: extract_des: Data type: 0x09
bluetoothd[26193]: extract_des: No of elements : 2
bluetoothd[26193]: sdp_cstate_get: Continuation State size : 8
bluetoothd[26193]: sdp_cstate_get: Cstate TS : 0x5bdb0511
bluetoothd[26193]: sdp_cstate_get: Bytes sent : 65535
bluetoothd[26193]: service_attr_req: SvcRecHandle : 0x10000
bluetoothd[26193]: service_attr_req: max_rsp_size : 7
bluetoothd[26193]: NULL cache buffer and non-NULL continuation state
bluetoothd[26193]: process_request: Sending rsp. status 5
bluetoothd[26193]: process_request: Bytes Sent : 7
test-sdp: > 01 00 02 00 02 00 05 .......
/TP/SERVER/SA/ROB/BI-01-C - test passed
/TP/SERVER/SA/ROB/BI-01-C - teardown
/TP/SERVER/SA/ROB/BI-01-C - teardown complete
/TP/SERVER/SA/ROB/BI-01-C - done |
Luiz Augusto von Dentz |
7 years ago |
1 file, +31, -3 |
| 6c7243fb |
sdp: Fix buffer overflow
sdp_append_buf shall check if there is enough space to store the data
before copying it.
An independent security researcher, Julian Rauchberger, has reported
this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure
program. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +6, -0 |
| 7bf67b32 |
sdp: Fix not checking if cstate length
cstate length should be smaller than cached length otherwise the
request shall be considered invalid as the data is not within the
cached buffer.
An independent security researcher, Julian Rauchberger, has reported
this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure
program. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +39, -35 |
| 2657fed2 |
monitor: Decode error response
This adds decoding for the error code in the error response:
> test-sdp: User Data RX
Channel: 0 len 7 [PSM 1 mode 0] {chan 0}
SDP: Error Response (0x01) tid 2 len 2
Error code: Invalid Continuation State (0x0005) |
Luiz Augusto von Dentz |
7 years ago |
1 file, +19, -1 |
| b18f628f |
hcidump: Fix set_ext_ctrl() global buffer overflow
Fix set_ext_ctrl() global buffer overflow. |
Cho, Yu-Chen |
7 years ago |
1 file, +1, -1 |
| 01146fff |
hcidump:fixed hci frame dump stack-buffer-overflow
hci_dump() didn't check the length of frame, and it would be
a stack-buffer-overflow error. |
Cho, Yu-Chen |
7 years ago |
1 file, +3, -0 |
| 70692b7e |
btmon: Add colors to data status in extended adv report
This patch gives color indicators to data status in extended
advertising reports. This gives better visibility on which advertising
events were completed or truncated. |
Łukasz Rymanowski |
7 years ago |
1 file, +6, -1 |
| d2328aaf |
gatt: Fix not removing disconnect handler properly
Previous patch did not really fixed the crash since the bt_server would
be freed already which makes bt_att instance to be passed as NULL to
bt_att_unregister_disconnect which makes it not the take the expected
action. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +3, -3 |
| 72878d96 |
gatt: Fix crash on disconnect
This fix a crash when ATT disconnects causing the following trace:
Invalid read of size 8
at 0x47CD9A: att_disconnected (gatt-database.c:335)
by 0x4E04F5: disconn_handler (att.c:539)
by 0x4DACD0: queue_foreach (queue.c:220)
by 0x4E23D8: disconnect_cb (att.c:592)
by 0x4F0A58: watch_callback (io-glib.c:170)
by 0x50D788C: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.5600.3)
by 0x50D7C57: ??? (in /usr/lib64/libglib-2.0.so.0.5600.3)
by 0x50D7F81: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.5600.3)
by 0x40D336: main (main.c:808)
Address 0x9aed3c0 is 0 bytes inside a block of size 40 free'd
at 0x4C2FDAC: free (vg_replace_malloc.c:530)
by 0x47CE78: att_disconnected (gatt-database.c:358)
by 0x47F9FF: btd_gatt_database_att_disconnected (gatt-database.c:3540)
by 0x4AAB8E: gatt_server_cleanup (device.c:584)
by 0x4AAC26: attio_cleanup (device.c:601)
by 0x4ADDF1: att_disconnected_cb (device.c:4865)
by 0x4E04F5: disconn_handler (att.c:539)
by 0x4DACD0: queue_foreach (queue.c:220)
by 0x4E23D8: disconnect_cb (att.c:592)
by 0x4F0A58: watch_callback (io-glib.c:170)
by 0x50D788C: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.5600.3)
by 0x50D7C57: ??? (in /usr/lib64/libglib-2.0.so.0.5600.3) |
Luiz Augusto von Dentz |
7 years ago |
1 file, +5, -0 |
| 47783216 |
shared/gatt-server: Add bt_gatt_server_get_att
This adds bt_gatt_server_get_att which can be used to get the bt_att
instance attached to the server. |
Luiz Augusto von Dentz |
7 years ago |
2 files, +9, -0 |
| b8d9cae3 |
monitor: Use static inline for functions in header files |
Marcel Holtmann |
7 years ago |
1 file, +2, -2 |
| 3ebf246b |
btmon: fix segfault caused by buffer over-read
Fix segfault caused by buffer over-read in service_rsp function of
monitor/sdp.c.
This bug can be triggered locally reading malformed btmon capture file
and also over the air by sending specifically crafted SDP Search
Attribute response to device running btmon.
Bug was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +4, -0 |
| 800257a5 |
btmon: fix segfault caused by integer underflow
Fix segfault caused by integer underflow in decode_data_element function
of monitor/sdp.c.
Fix is to check that elemlen is not bigger than size before subtracting
elemlen from size. Also search_bytes + attr_bytes should not be bigger
than frame->size.
This bug can be triggered locally reading malformed btmon capture file
and also over the air by sending specifically crafted SDP Search
Attribute response to device running btmon.
This bug was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +10, -0 |
| b9085d74 |
btmon: fix segfault caused by buffer overflow
Buffer overflow vulnerability in monitor/sdp.c SDP continuation handling
caused btmon to crash. This happens in global static buffer which makes
it non-trivial to exploit.
This is nasty bug in a way that this can be triggered also over the air
by sending malformed SDP Search Attribute request to device running
btmon.
This crash was foung by fuzzing btmon with AFL. Seems to be reproducible
also with Synopsys Defensics SDP Server suite. |
Matias Karhumaa |
7 years ago |
1 file, +6, -1 |
| e63175ec |
btmon: fix segfault caused by buffer over-read
Fix segfault caused by buffer over-read in btmon. Fix is to check in
packet_monitor() that index is not bigger than MAX_INDEX before accessing
index_list.
Crash was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +5, -0 |
| 1206eee7 |
btmon: fix segfault caused by integer undeflow
Fix segfault caused by integer underflow. Fix is to check that
rsp->num_codecs + 3 is not bigger than size before subtracting.
Crash was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +5, -0 |
| 8da5f210 |
btmon: fix segfault caused by integer underflow
Fix segfault caused by integer underflow in set_event_filter_cmd().
Fix is to check that size is big enough before subtracting to prevent
underflow.
Crash was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +14, -0 |
| c5d07196 |
btmon: fix multiple segfaults
Fix multiple segfaults caused by buffer over-read in packet_hci_command,
packet_hci_event and packet_hci_acldata. Fix is to check that index is
not bigger than MAX_INDEX before accessing index_list.
Crashes were found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +17, -2 |
| 0f4b19f7 |
btmon: fix stack buffer overflow
Arbitrary code execution vulnerability was discovered in btmon.
pklg_read_hci function read from file attacker controllable
amount of data which caused stack buffer overflow.
Fixes old and previously unfixed CVE-2016-9799.
Initially this was reported by op7ic:
https://www.spinics.net/lists/linux-bluetooth/msg68898.html
Later this was re-discovered by fuzzing btmon with AFL.
Proof-of-concept exploit that shutowns the machine:
$ python -c 'print "\x00\x00\x0c\x10"+ "\x90"*609 +"\x48\x31\xc0\x48\x31\xd2\x50\x6a\x77\x66\x68\x6e\x6f\x48\x89\xe3\x50\x66\x68\x2d\x68\x48\x89\xe1\x50\x49\xb8\x2f\x73\x62\x69\x6e\x2f\x2f\x2f\x49\xba\x73\x68\x75\x74\x64\x6f\x77\x6e\x41\x52\x41\x50\x48\x89\xe7\x52\x53\x51\x57\x48\x89\xe6\x48\x83\xc0\x3b\x0f\x05"+ "\x90"*847 +"\xb0\xda\xff\xff\xff\x7f\x00\x00"' > exploit
$ ./btmon -r exploit
Proof of concept requires that ASLR is disabled and following CFLAGS are
set: -fno-stack-protector -zexecstack |
Matias Karhumaa |
7 years ago |
1 file, +5, -0 |
| f01e006a |
btmon: Fix crash caused by integer underflow
Check in packet_ctrl_open that parsed length is not more than buffer size.
Bug was found by fuzzing btmon with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +1, -1 |
| 5ceef2cb |
btmon: fix segfault caused by buffer over-read
Fix segfault caused by buffer over-read in packet_hci_scodata function
of monitor/packet.c.
Fix is to check that index is not bigger than MAX_INDEX.
This bug was found by fuzzing with AFL. |
Matias Karhumaa |
7 years ago |
1 file, +5, -0 |
| c3d4ca78 |
btmon: fix segfault caused by buffer over-read
Fix segmentation fault caused by buffer over-read in packet_ctrl_open().
Fix is to check that ident_len is not bigger than size.
This bug was found by fuzzing btmon with AFL.
Program received signal SIGSEGV, Segmentation fault.
0x0000000000419e88 in packet_hexdump (buf=0x7fffffffda7e "22", len=<optimized out>) at monitor/packet.c:3813
3813 str[((i % 16) * 3) + 1] = hexdigits[buf[i] & 0xf];
(gdb) bt
#0 0x0000000000419e88 in packet_hexdump (buf=0x7fffffffda7e "22", len=<optimized out>) at monitor/packet.c:3813
#1 0x000000000041eda4 in packet_ctrl_open (tv=<optimized out>, cred=<optimized out>, index=<optimized out>, data=0x7fffffffda7e, size=<optimized out>) at monitor/packet.c:10286
#2 0x000000000041b193 in packet_monitor (tv=0x7fffffffda50, cred=<optimized out>, index=65535, opcode=<optimized out>, data=0x7fffffffda60, size=14) at monitor/packet.c:3957
#3 0x000000000040e177 in control_reader (path=<optimized out>, pager=true) at monitor/control.c:1462
#4 0x0000000000403b00 in main (argc=<optimized out>, argv=<optimized out>) at monitor/main.c:243
(gdb) |
Matias Karhumaa |
7 years ago |
1 file, +6, -0 |
| ab14539c |
btmon: fix segfault caused by buffer over-read
Fix segfault caused by buffer over-read. Check that index is not
bigger than MAX_INDEX.
This bug was found by fuzzing with AFL.
Program received signal SIGSEGV, Segmentation fault.
0x0000000000420bb8 in print_packet (tv=<optimized out>, cred=<optimized out>, ident=<optimized out>, index=<optimized out>, channel=<optimized out>, color=<optimized out>,
label=<optimized out>, text=<optimized out>, extra=<optimized out>) at monitor/packet.c:317
warning: Source file is more recent than executable.
317 index_list[index].frame != last_frame) {
(gdb) bt
#0 0x0000000000420bb8 in print_packet (tv=<optimized out>, cred=<optimized out>, ident=<optimized out>, index=<optimized out>, channel=<optimized out>, color=<optimized out>,
label=<optimized out>, text=<optimized out>, extra=<optimized out>) at monitor/packet.c:317
#1 0x000000000041a8c3 in packet_new_index (tv=<optimized out>, index=<optimized out>, name=0x7fffffffda68 "rsion 4.18.0-matias-patch2 (x86_64)", label=<optimized out>,
type=<optimized out>, bus=<optimized out>) at monitor/packet.c:9818
#2 packet_monitor (tv=0x7fffffffda50, cred=<optimized out>, index=<optimized out>, opcode=<optimized out>, data=0x7fffffffda60, size=<optimized out>) at monitor/packet.c:3881
#3 0x000000000040e177 in control_reader (path=<optimized out>, pager=true) at monitor/control.c:1462
#4 0x0000000000403b00 in main (argc=<optimized out>, argv=<optimized out>) at monitor/main.c:243 |
Matias Karhumaa |
7 years ago |
1 file, +1, -1 |
| 57b7dea2 |
shared/shell: Fix parsing of tool name
Fix leaving leading '/' when parsing tool name. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +1, -1 |
| 876c91cc |
unit: Make use of tester_monitor to print input/output PDUs
tester_monitor will forward the data to btmon when -m/--monitor is
enabled which will attempt to decode the PDUs:
= test-gatt: /robustness/unkown-command - init 11:44:53.464325
= test-gatt: /robustness/unkown-command - setup
= test-gatt: /robustness/unkown-command - setup complete
= test-gatt: /robustness/unkown-command - run
< test-gatt: User Data TX
ATT: Exchange MTU Request (0x02) len 2
Client RX MTU: 23
> test-gatt: User Data RX
ATT: Exchange MTU Response (0x03) len 2
Server RX MTU: 512
< test-gatt: User Data TX
ATT: Unknown (0xff) len 1
00 .
= test-gatt: /robustness/unkown-command - test passed
= test-gatt: /robustness/unkown-command - teardown
= test-gatt: /robustness/unkown-command - teardown complete
= test-gatt: /robustness/unkown-command - done |
Luiz Augusto von Dentz |
7 years ago |
5 files, +16, -44 |
| 78b31069 |
monitor: Add support for user input/output data
This detects if the user logging is an input/output and then proceed to
decode the header which inform for which CID and PSM the data is for. |
Luiz Augusto von Dentz |
7 years ago |
4 files, +63, -19 |
| 0aabe64a |
shared/tester: Add option to print to monitor
This adds option -m/--monitor that can be used together with
tester_monitor to send protocol data to be decoded by btmon.
In addition to that this also logs the tester output into btmon since
that has support to store its output on file this can be quite
convenient for reporting. |
Luiz Augusto von Dentz |
7 years ago |
2 files, +220, -21 |
| 994932b7 |
mesh: Refactor friend.c and net.c for central key DB
To enable multiple local nodes and friendships to
coexist, and minimize redundant encryption processing |
Brian Gix |
7 years ago |
5 files, +212, -473 |
| df337d8d |
mesh: Add centralized caching Net Key management |
Brian Gix |
7 years ago |
3 files, +360, -0 |
| 634f0a6e |
gatt: Fix not cleaning up device state properly
If the device is removed locally device_free would end up calling
bt_att_unref which won't trigger any disconnect callback necessary
to remove device states. |
Luiz Augusto von Dentz |
7 years ago |
3 files, +31, -2 |
| cca82f72 |
gatt: Fix attempting to create device on disconnection
If ATT is disconnected and the state points to an invalid device it
must have been destroyed in the meantime and should not be recreated. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +2, -2 |
| a6ee0566 |
shared/att: Reset fd when disconnected
Set att->fd to -1 when considered disconnected. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +1, -0 |
| b09a49ac |
shared/shell: Set rl_readline_name
Set rl_readline_name so the binary name can be used in inputrc. |
Luiz Augusto von Dentz |
7 years ago |
1 file, +12, -11 |
| e4cf43fc |
mesh: Add clean up on start up failure
Call bt_shell_clanup if failed to start the tool. |
Inga Stotland |
7 years ago |
1 file, +7, -5 |
| c84fcfff |
shared/shell: Print commands when --help option is given
This enables the user to see what command could be given in the
non-interactive mode e.g:
> bluetooth-player --help
bluetooth-player ver 5.50
Usage:
bluetooth-player [--options] [commands]
Options:
--timeout Timeout in seconds for non-interactive mode
--version Display version
--help Display help
Commands:
list List available players
show Player information
select Select default player
play Start playback
pause Pause playback
stop Stop playback
next Jump to next item
previous Jump to previous item
fast-forward Fast forward playback
rewind Rewind playback
equalizer Enable/Disable equalizer
repeat Set repeat mode
shuffle Set shuffle mode
scan Set scan mode
change-folder Change current folder
list-items List items of current folder
search Search items containing string
queue Add item to playlist queue
show-item Show item information |
Luiz Augusto von Dentz |
7 years ago |
1 file, +49, -5 |
| a38796b1 |
mesh: Add start up management command chain
This allows co-existense of meshd and bluetoothd. meshd will
automatically take control of the first available LE-capable
controller that is powered down. |
Inga Stotland |
7 years ago |
6 files, +269, -68 |
| 25741fa6 |
tools/meshctl: Fix default directory for JSON files
This fixes the name of default directory that contains sample JSON files.
README file is updated to describe the default location. |
Inga Stotland |
7 years ago |
2 files, +60, -22 |
| c704a72c |
unit: Fix out of bounds
Test /gobex/test_stream_put_req requires 5 buffers to complete. |
Luiz Augusto von Dentz |
7 years ago |
2 files, +9, -2 |
| 6d2ecb1b |
mesh: Fix uninitilized error
This fixes the following error:
mesh/cfgmod-server.c: In function ‘cfg_srv_pkt’:
mesh/cfgmod-server.c:103:5: error: ‘pub’ may be used uninitialized in
this function [-Werror=maybe-uninitialized] |
Luiz Augusto von Dentz |
7 years ago |
1 file, +1, -1 |
| a4f6905e |
mesh: Fixed warning-to-error from GCC 8.1.1
Fixed compiler flagged unsafe usage of strncpy |
Brian Gix |
7 years ago |
1 file, +8, -13 |
| 5a5cad51 |
btmgmt: Add support to accept multiple PHY options
Before fix-
[hci1]# phy 1MTX 1MRX 2MTX
Too many arguments: 3 > 1
After Fix-
[hci1]# phy 1MRX 1MTX 2MTX
PHY Configuration successfully set
btmon output -
@ MGMT Command: Set PHY Configuration (0x0045) plen 4
Selected PHYs: 0x0e00
LE 1M TX
LE 1M RX
LE 2M TX
< HCI Command: LE Set Default PHY (0x08|0x0031) plen 3
All PHYs preference: 0x00
TX PHYs preference: 0x03
LE 1M
LE 2M
RX PHYs preference: 0x01
LE 1M
> HCI Event: Command Complete (0x0e) plen 4
LE Set Default PHY (0x08|0x0031) ncmd 1
Status: Success (0x00)
@ MGMT Event: Command Complete (0x0001) plen 3
Set PHY Configuration (0x0045) plen 0
Status: Success (0x00)
@ MGMT Event: PHY Configuration Changed (0x0026) plen 4
Selected PHYs: 0x0e00
LE 1M TX
LE 1M RX
LE 2M TX |
Anupam Roy |
7 years ago |
1 file, +4, -1 |
| 36e3f31e |
AUTHORS: add Mesh maintaining authors |
Brian Gix |
7 years ago |
1 file, +2, -1 |