Bluez RFCOMM Gotcha

Blog tags: 

We spent some time looking at RFCOMM sockets in C using libbluetooth (bluez)... and we found this treat:

If you use the same channel for both the src and dest struct sockaddr_rc, or rather both as zero - it will never work. Apparently according to documentation on the internet - 0 - means, pick a free one. It actually doesn't and it will result in:

  • Connection refused
  • Host down
  • Permission denied (rarely)
int rfcomm_socket_for_client(char *src_address, char *dst_address)
        int s;

        // src addressing and binding
        struct sockaddr_rc loc_addr = { 0 };
        loc_addr.rc_family = AF_BLUETOOTH;
        loc_addr.rc_channel = 0;
        str2ba(src_address, &loc_addr.rc_bdaddr);
        // set the connection parameters (who to connect to)
        struct sockaddr_rc addr = { 0 };
        addr.rc_family = AF_BLUETOOTH;
        addr.rc_channel = (uint8_t) 1; 
        str2ba(dst_address, &addr.rc_bdaddr);

        // connect to server
        bind(s, (struct sockaddr *)&loc_addr, sizeof(loc_addr));
        status = connect(s, (struct sockaddr *)&addr, sizeof(addr));

        if (status == 0) {
                printf("\nConnection established.");
                write(s, "Hello Master!", 6);
                return (0);
        } else {
                printf("\nConnection Failed.");

        return (0);

The other gotcha is PSCAN - you should either write the HCI code to enable it OR just use:

hciconfig hci[x] PSCAN

 * enable_scanmode(char *mac_address, char *opt)
 * @brief Enables scanmode which allows you to actually have a working RFCOMM host
 * @param mac_address
 * @param opt
 * @return 0 for success, -1 for error
 * @note Borrowed some of this from the bluez hciconfig tool
int enable_scanmode(char *mac_address, char *opt)

        /* Open HCI socket  */
        int ctl = 0;
        struct hci_dev_req dr = { 0 };
        dr.dev_id = hci_devid(mac_address);
        dr.dev_opt = SCAN_DISABLED;

        if ((ctl = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI)) < 0) {
                perror("Can't open HCI socket.");
                return (-1);

        if (strcmp(opt, "iscan") == 0) {
                dr.dev_opt = SCAN_INQUIRY;
        } else if (strcmp(opt, "pscan") == 0) {
                dr.dev_opt = SCAN_PAGE;
        } else if (strcmp(opt, "piscan") == 0) {
                dr.dev_opt = SCAN_PAGE | SCAN_INQUIRY;
        } else if (strcmp(opt, "noscan") == 0) {
                dr.dev_opt = SCAN_DISABLED;
        } else {
                printf("unknown scan option to set\n");
                return (-1);

        if (ioctl(ctl, HCISETSCAN, (unsigned long)&dr) < 0) {
                printf("Can't set scan mode on hci: %s %s-%d\n", mac_address, strerror(errno), errno);
                return (-1);
        return (0);

Simple Pthread wrappers in C

Blog tags: 

Working on a project and supervising an intern - I decided that it would be nicer if I had a good example of a detached thread generator which also provided a parameter (as a structure).

#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>

/* This is the structure you could use to pass parameters to the threads */
typedef struct thread_params_s {
        int param;
} threat_params_t;

C UDP Client and Server example

Blog tags: 

I recently ran across some code for some students that was terribly written regarding sockets and upon helping them - I realized, that most examples just abhorrently throw all of the required code into the program with no function calls to help segment/make sense of it.

Here is my example programs - note that the actual socket code is wrapped up in socket.c & shared.h:

Modifying Linux ELF Binaries - Changing Callq Addresses

Blog tags: 

For awhile, I have wanted to write a simple tutorial of in-line patching of binaries and in particular, changing the assembly instructions and having a binary skip to whatever function we desire manually. This involves tweaking the callq instruction (call can be altered too, but it refers to a static address vs. a relative address).

Okay so lets get started - this tutorial is written to alter one specific thing and assumes that you have some basic knowledge of assembly & know how to compile basic programs. I am also assuming that you could find strings within binaries and know how to convert values in hexadecimal.

The example to be used in this test application contains a main function, and two functions (function1 and function2) which print different messages. The goal of this exercise is to modify the application AFTER it has been compiled so that function2() is executed instead of function1().

Bare-Minimum Autotools C Tutorial

Blog tags: 

One of the black magic arts is using Autotools and despite having copious amounts of documentation on the Internet- much of it is confusing! With this tutorial, I hope to reduce some of the complexity when creating a portable project using autotools; especially if you want to maintain it across several systems.

So the next real question is: what does autotools do for me, and what tasks do the following applications perform - autotools, libtool, autoconf, aclocal, automake and autoreconf? Fortunately, you don't need to know them all. :)

A quick summary of Autotools is that it is synonymous for GNU Build System. According to Wikipedia: "Autotools is a suite of programming tools designed to assist in making source code packages portable to many Unix-like systems." In other words, it helps simplify finding resources, prerequisite libraries, compilers and determining application configuration over several platforms or architectures (ex. X64_X86 vs. PPC). To be honest if you have a small project that is maybe less than 10-20 C files/headers or without any system/architecture specific requirements - stick to a basic Makefile in my opinion. However, if your maintaining something that will be distributed as a package - autotools is a pretty nice tool to have in your arsenal (and how many programmers know it?).

There are alot of tools here, but my goal is to keep this tutorial simple and to get you up and running without pulling your hair out:

Getting The Tutorial Pre-Requisites

Make sure you have the following installed on your system and extract the following example application.

sudo apt-get install binutils gcc autoconf make wget
wget <a href="http://www.pacificsimplicity.ca/sites/default/files/uploads/myApp.tar.gz
tar">http://www.pacificsimplicity.ca/sites/default/files/uploads/myApp.tar.gz...</a> -xzvf myApp.tar.gz
cd myApp/

If you want examine the directories, but the general idea is that myApp looks like this:


Subscribe to RSS - C