Bluetooth Pairing, with bluez (openwrt/raspberry Pi)


#1

Hello everyone,

The problem is most likely to be more related with bluetooth than with the muse, but since I’m trying to pair with the muse, some might have encountered the same problem.

First, I can pair with my software running on my laptop (Ubuntu), without any issue.

When I build my software for my raspberry pi, running OpenWRT, I can’t pair with the Muse anymore.

I don’t know much about Bluetooth, I’m using the bluez package. When I sniff a connection attempt with hcidump, I get:

root@OpenWrt:~# hcidump
HCI sniffer - Bluetooth packet analyzer ver 1.42
device: hci0 snap_len: 1028 filter: 0xffffffff
< HCI Command: Create Connection (0x01|0x0005) plen 13
> HCI Event: Command Status (0x0f) plen 4
> HCI Event: Connect Complete (0x03) plen 11
< HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2
> HCI Event: Command Status (0x0f) plen 4
> HCI Event: Max Slots Change (0x1b) plen 3
> HCI Event: Command Status (0x0f) plen 4
< HCI Command: Remote Name Request (0x01|0x0019) plen 10
> HCI Event: Command Status (0x0f) plen 4
> HCI Event: Read Remote Supported Features (0x0b) plen 11
< HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3
> HCI Event: Remote Name Req Complete (0x07) plen 255
> HCI Event: Command Status (0x0f) plen 4
> HCI Event: Read Remote Extended Features (0x23) plen 13
< HCI Command: Remote Name Request (0x01|0x0019) plen 10
< ACL data: handle 71 flags 0x00 dlen 10
> HCI Event: Number of Completed Packets (0x13) plen 5
> HCI Event: Command Status (0x0f) plen 4
> ACL data: handle 71 flags 0x02 dlen 16
L2CAP(s): Info rsp: type 2 result 0
Extended feature mask 0x0000
< ACL data: handle 71 flags 0x00 dlen 12
> HCI Event: Remote Name Req Complete (0x07) plen 255
> ACL data: handle 71 flags 0x02 dlen 16
L2CAP(s): Connect rsp: dcid 0x0041 scid 0x0040 result 1 status 2
Connection pending - Authorization pending
> HCI Event: Number of Completed Packets (0x13) plen 5
> HCI Event: PIN Code Request (0x16) plen 6
< HCI Command: PIN Code Request Negative Reply (0x01|0x000e) plen 6
> HCI Event: Command Complete (0x0e) plen 10
< HCI Command: PIN Code Request Negative Reply (0x01|0x000e) plen 6
> HCI Event: Command Complete (0x0e) plen 10
> ACL data: handle 71 flags 0x02 dlen 16
L2CAP(s): Connect rsp: dcid 0x0000 scid 0x0040 result 3 status 0
Connection refused - security block
> HCI Event: Disconn Complete (0x05) plen 4

From my perspective, the L2CAP message seems to be at the heart of the problem, since it concludes with connection refused. Is it even supposed to try to connect this way, that’s an open question. To compare, here’s what I get on my laptop, when the connection is established. The two are obviously different, but I don’t know enough yet to understand what is going on.

> HCI Event: Command Status (0x0f) plen 4
Create Connection (0x01|0x0005) status 0x00 ncmd 1
> HCI Event: Connect Complete (0x03) plen 11
status 0x00 handle 71 bdaddr 00:06:66:6C:16:54 type ACL encrypt 0x00
> HCI Event: Command Status (0x0f) plen 4
Read Remote Supported Features (0x01|0x001b) status 0x00 ncmd 0
> HCI Event: Command Status (0x0f) plen 4
Unknown (0x00|0x0000) status 0x00 ncmd 1
> HCI Event: Read Remote Supported Features (0x0b) plen 11
status 0x00 handle 71
Features: 0xff 0xff 0x8f 0xfe 0x9b 0xff 0x59 0x83
> HCI Event: Command Status (0x0f) plen 4
Read Remote Extended Features (0x01|0x001c) status 0x00 ncmd 1
> HCI Event: Read Remote Extended Features (0x23) plen 13
status 0x00 handle 71 page 1 max 1
Features: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00
> HCI Event: Command Status (0x0f) plen 4
Remote Name Request (0x01|0x0019) status 0x00 ncmd 1
> HCI Event: Remote Name Req Complete (0x07) plen 255
status 0x00 bdaddr 00:06:66:6C:16:54 name ‘Muse-1654’
> HCI Event: Command Status (0x0f) plen 4
Authentication Requested (0x01|0x0011) status 0x00 ncmd 1
> HCI Event: Command Complete (0x0e) plen 10
Link Key Request Negative Reply (0x01|0x000c) ncmd 1
status 0x00 bdaddr 00:06:66:6C:16:54
> HCI Event: Command Complete (0x0e) plen 10
IO Capability Request Reply (0x01|0x002b) ncmd 1
status 0x00 bdaddr 00:06:66:6C:16:54
> HCI Event: Command Complete (0x0e) plen 10
User Confirmation Request Reply (0x01|0x002c) ncmd 1
status 0x00 bdaddr 00:06:66:6C:16:54
> HCI Event: Auth Complete (0x06) plen 3
status 0x00 handle 71
> HCI Event: Command Status (0x0f) plen 4
Set Connection Encryption (0x01|0x0013) status 0x00 ncmd 1
> HCI Event: Encrypt Change (0x08) plen 4
status 0x00 handle 71 encrypt 0x01

Anyone to give a few hints on what to look for?


#2

I finally got it to work.

I’m not updating the story here, since I think it has more to do with bluetooth and openwrt, but if anyone is interested, I’m developing the full story in the link below.


#3

Lock up your FaceBook, Whatsapp, Messenger and other important apps which may leak your privacy with LEO Privacy Guard 3.0 on android or iOS mobile phones and tablets.