password changing, changed default pw to "adminpw", added settings revert if validation fails

http-comm
Ondřej Hruška 7 years ago
parent a464a73a0e
commit 357a9d43e3
  1. 4
      esphttpdconfig.mk
  2. 2
      front-end
  3. 12
      user/cgi_network.c
  4. 141
      user/cgi_system.c
  5. 118
      user/cgi_term_cfg.c
  6. 14
      user/cgi_wifi.c
  7. 2
      user/syscfg.c

@ -39,7 +39,7 @@ OUTPUT_TYPE = combined
ESP_SPI_FLASH_SIZE_K = 1024 ESP_SPI_FLASH_SIZE_K = 1024
# Admin password, used to store settings to flash as defaults # Admin password, used to store settings to flash as defaults
ADMIN_PASSWORD = "19738426" ADMIN_PASSWORD = "adminpw"
GLOBAL_CFLAGS = \ GLOBAL_CFLAGS = \
-DDEBUG_ROUTER=0 \ -DDEBUG_ROUTER=0 \
@ -48,7 +48,7 @@ GLOBAL_CFLAGS = \
-DDEBUG_ESPFS=0 \ -DDEBUG_ESPFS=0 \
-DDEBUG_PERSIST=1 \ -DDEBUG_PERSIST=1 \
-DDEBUG_UTFCACHE=0 \ -DDEBUG_UTFCACHE=0 \
-DDEBUG_CGI=0 \ -DDEBUG_CGI=1 \
-DDEBUG_WIFI=0 \ -DDEBUG_WIFI=0 \
-DDEBUG_WS=0 \ -DDEBUG_WS=0 \
-DDEBUG_ANSI=0 \ -DDEBUG_ANSI=0 \

@ -1 +1 @@
Subproject commit 72279bf0355af1ba56ff3950a085f38d9adb8506 Subproject commit 172a890be27476586a54296d6584300ad5bf1888

@ -41,6 +41,11 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiNetworkSetParams(HttpdConnData *connData)
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }
WiFiConfigBundle *wificonf_backup = malloc(sizeof(WiFiConfigBundle));
WiFiConfChangeFlags *wcf_backup = malloc(sizeof(WiFiConfChangeFlags));
memcpy(wificonf_backup, wificonf, sizeof(WiFiConfigBundle));
memcpy(wcf_backup, &wifi_change_flags, sizeof(WiFiConfChangeFlags));
// ---- AP DHCP server lease time ---- // ---- AP DHCP server lease time ----
if (GET_ARG("ap_dhcp_time")) { if (GET_ARG("ap_dhcp_time")) {
@ -192,9 +197,16 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiNetworkSetParams(HttpdConnData *connData)
httpdRedirect(connData, SET_REDIR_SUC); httpdRedirect(connData, SET_REDIR_SUC);
} else { } else {
cgi_warn("Some WiFi settings did not validate, asking for correction"); cgi_warn("Some WiFi settings did not validate, asking for correction");
memcpy(wificonf, wificonf_backup, sizeof(WiFiConfigBundle));
memcpy(&wifi_change_flags, wcf_backup, sizeof(WiFiConfChangeFlags));
// Some errors, appended to the URL as ?err= // Some errors, appended to the URL as ?err=
httpdRedirect(connData, redir_url_buf); httpdRedirect(connData, redir_url_buf);
} }
free(wificonf_backup);
free(wcf_backup);
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }

@ -91,127 +91,81 @@ cgiSystemCfgSetParams(HttpdConnData *connData)
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }
if (GET_ARG("uart_baud")) { AdminConfigBlock *admin_backup = malloc(sizeof(AdminConfigBlock));
cgi_dbg("Baud rate: %s", buff); SystemConfigBundle *sysconf_backup = malloc(sizeof(SystemConfigBundle));
int baud = atoi(buff); memcpy(admin_backup, &persist.admin, sizeof(AdminConfigBlock));
if (baud == BIT_RATE_300 || memcpy(sysconf_backup, sysconf, sizeof(SystemConfigBundle));
baud == BIT_RATE_600 ||
baud == BIT_RATE_1200 ||
baud == BIT_RATE_2400 ||
baud == BIT_RATE_4800 ||
baud == BIT_RATE_9600 ||
baud == BIT_RATE_19200 ||
baud == BIT_RATE_38400 ||
baud == BIT_RATE_57600 ||
baud == BIT_RATE_74880 ||
baud == BIT_RATE_115200 ||
baud == BIT_RATE_230400 ||
baud == BIT_RATE_460800 ||
baud == BIT_RATE_921600 ||
baud == BIT_RATE_1843200 ||
baud == BIT_RATE_3686400) {
sysconf->uart_baudrate = (u32) baud;
} else {
cgi_warn("Bad baud rate %s", buff);
redir_url += sprintf(redir_url, "uart_baud,");
}
}
if (GET_ARG("uart_parity")) { do {
cgi_dbg("Parity: %s", buff); if (!GET_ARG("pw")) {
int parity = atoi(buff); warn("Missing admin pw!");
if (parity >= 0 && parity <= 2) { redir_url += sprintf(redir_url, "pw,");
sysconf->uart_parity = (UartParityMode) parity; break;
} else {
cgi_warn("Bad parity %s", buff);
redir_url += sprintf(redir_url, "uart_parity,");
}
} }
if (GET_ARG("uart_stopbits")) { if (!streq(buff, persist.admin.pw)) {
cgi_dbg("Stop bits: %s", buff); warn("Bad admin pw!");
int stopbits = atoi(buff); redir_url += sprintf(redir_url, "pw,");
if (stopbits >= 1 && stopbits <= 3) { break;
sysconf->uart_stopbits = (UartStopBitsNum) stopbits;
} else {
cgi_warn("Bad stopbits %s", buff);
redir_url += sprintf(redir_url, "uart_stopbits,");
}
} }
if (GET_ARG("security")) {
cgi_dbg("*** Security config! ***");
if (GET_ARG("pw")) {
if (streq(buff, persist.admin.pw)) {
// authenticated OK // authenticated OK
do {
if (GET_ARG("pwlock")) { if (GET_ARG("pwlock")) {
cgi_dbg("pwlock: %s", buff); cgi_dbg("pwlock: %s", buff);
int pwlock = atoi(buff); int pwlock = atoi(buff);
if (pwlock >= 0 && pwlock < PWLOCK_MAX) { if (pwlock < 0 || pwlock >= PWLOCK_MAX) {
sysconf->pwlock = (enum pwlock) pwlock;
}
else {
cgi_warn("Bad pwlock %s", buff); cgi_warn("Bad pwlock %s", buff);
redir_url += sprintf(redir_url, "pwlock,"); redir_url += sprintf(redir_url, "pwlock,");
break; break;
} }
sysconf->pwlock = (enum pwlock) pwlock;
} }
if (GET_ARG("access_pw")) { if (GET_ARG("access_pw")) {
cgi_dbg("access_pw: %s", buff); cgi_dbg("access_pw: %s", buff);
if (strlen(buff)) {
strcpy(buff2, buff); strcpy(buff2, buff);
if (GET_ARG("access_pw2")) { if (!GET_ARG("access_pw2")) {
cgi_dbg("access_pw2: %s", buff); cgi_warn("Missing repeated access_pw %s", buff);
if (streq(buff, buff2)) {
cgi_dbg("Changing access PW!!!");
strncpy(sysconf->access_pw, buff, 64);
} else {
cgi_warn("Bad repeated access_pw %s", buff);
redir_url += sprintf(redir_url, "access_pw2,"); redir_url += sprintf(redir_url, "access_pw2,");
break;
} }
} else {
cgi_warn("Missing access_pw %s", buff); if (!streq(buff, buff2)) {
cgi_warn("Bad repeated access_pw %s", buff);
redir_url += sprintf(redir_url, "access_pw2,"); redir_url += sprintf(redir_url, "access_pw2,");
break;
} }
break; // access pw and admin pw are in separate forms cgi_dbg("Changing access PW!!!");
strncpy(sysconf->access_pw, buff, 64);
}
} }
if (GET_ARG("admin_pw")) { if (GET_ARG("admin_pw")) {
cgi_dbg("admin_pw: %s", buff); cgi_dbg("admin_pw: %s", buff);
if (strlen(buff)) {
strcpy(buff2, buff); strcpy(buff2, buff);
if (GET_ARG("admin_pw2")) { if (!GET_ARG("admin_pw2")) {
cgi_dbg("admin_pw2: %s", buff); cgi_warn("Missing repeated admin_pw %s", buff);
if (streq(buff, buff2)) {
cgi_dbg("Changing admin PW!!!");
strncpy(persist.admin.pw, buff, 64);
} else {
cgi_warn("Bad repeated admin_pw %s", buff);
redir_url += sprintf(redir_url, "admin_pw2,");
}
} else {
cgi_warn("Missing admin_pw %s", buff);
redir_url += sprintf(redir_url, "admin_pw2,"); redir_url += sprintf(redir_url, "admin_pw2,");
break;
} }
if (!streq(buff, buff2)) {
cgi_warn("Bad repeated admin_pw %s", buff);
redir_url += sprintf(redir_url, "admin_pw2,");
break; break;
} }
} while(0);
} else { cgi_dbg("Changing admin PW!!!");
warn("Bad admin pw!"); strncpy(persist.admin.pw, buff, 64);
redir_url += sprintf(redir_url, "pw,");
}
} else {
warn("Missing admin pw!");
redir_url += sprintf(redir_url, "pw,");
} }
} }
} while (0);
(void)redir_url; (void)redir_url;
@ -225,9 +179,17 @@ cgiSystemCfgSetParams(HttpdConnData *connData)
httpdRedirect(connData, SET_REDIR_SUC); httpdRedirect(connData, SET_REDIR_SUC);
} else { } else {
cgi_warn("Some settings did not validate, asking for correction"); cgi_warn("Some settings did not validate, asking for correction");
// revert any possible changes
memcpy(&persist.admin, admin_backup, sizeof(AdminConfigBlock));
memcpy(sysconf, sysconf_backup, sizeof(SystemConfigBundle));
// Some errors, appended to the URL as ?err= // Some errors, appended to the URL as ?err=
httpdRedirect(connData, redir_url_buf); httpdRedirect(connData, redir_url_buf);
} }
free(admin_backup);
free(sysconf_backup);
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }
@ -245,16 +207,7 @@ tplSystemCfg(HttpdConnData *connData, char *token, void **arg)
strcpy(buff, ""); // fallback strcpy(buff, ""); // fallback
if (streq(token, "uart_baud")) { if (streq(token, "pwlock")) {
sprintf(buff, "%d", sysconf->uart_baudrate);
}
else if (streq(token, "uart_parity")) {
sprintf(buff, "%d", sysconf->uart_parity);
}
else if (streq(token, "uart_stopbits")) {
sprintf(buff, "%d", sysconf->uart_stopbits);
}
else if (streq(token, "pwlock")) {
sprintf(buff, "%d", sysconf->pwlock); sprintf(buff, "%d", sysconf->pwlock);
} }

@ -9,6 +9,7 @@ Cgi/template routines for configuring non-wifi settings
#include "screen.h" #include "screen.h"
#include "helpers.h" #include "helpers.h"
#include "cgi_logging.h" #include "cgi_logging.h"
#include "uart_driver.h"
#define SET_REDIR_SUC "/cfg/term" #define SET_REDIR_SUC "/cfg/term"
#define SET_REDIR_ERR SET_REDIR_SUC"?err=" #define SET_REDIR_ERR SET_REDIR_SUC"?err="
@ -30,6 +31,11 @@ cgiTermCfgSetParams(HttpdConnData *connData)
redir_url += sprintf(redir_url, SET_REDIR_ERR); redir_url += sprintf(redir_url, SET_REDIR_ERR);
// we'll test if anything was printed by looking for \0 in failed_keys_buf // we'll test if anything was printed by looking for \0 in failed_keys_buf
SystemConfigBundle *sysconf_backup = malloc(sizeof(SystemConfigBundle));
TerminalConfigBundle *termconf_backup = malloc(sizeof(TerminalConfigBundle));
memcpy(sysconf_backup, sysconf, sizeof(SystemConfigBundle));
memcpy(termconf_backup, termconf, sizeof(TerminalConfigBundle));
if (connData->conn == NULL) { if (connData->conn == NULL) {
//Connection aborted. Clean up. //Connection aborted. Clean up.
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
@ -39,34 +45,40 @@ cgiTermCfgSetParams(HttpdConnData *connData)
if (GET_ARG("term_width")) { if (GET_ARG("term_width")) {
cgi_dbg("Default screen width: %s", buff); cgi_dbg("Default screen width: %s", buff);
w = atoi(buff); w = atoi(buff);
if (w > 1) { do {
if (GET_ARG("term_height")) { if (w <= 1) {
cgi_dbg("Default screen height: %s", buff); cgi_warn("Bad width: \"%s\"", buff);
h = atoi(buff); redir_url += sprintf(redir_url, "term_width,");
if (h > 1) { break;
if (w * h <= MAX_SCREEN_SIZE) {
if (termconf->width != w || termconf->height != h) {
termconf->width = w;
termconf->height = h;
shall_clear_screen = true; // this causes a notify
} }
} else {
cgi_warn("Bad dimensions: %d x %d (total %d)", w, h, w*h); if (!GET_ARG("term_height")) {
cgi_warn("Missing height arg!");
// this wont happen normally when the form is used
redir_url += sprintf(redir_url, "term_width,term_height,"); redir_url += sprintf(redir_url, "term_width,term_height,");
break;
} }
} else {
cgi_dbg("Default screen height: %s", buff);
h = atoi(buff);
if (h <= 1) {
cgi_warn("Bad height: \"%s\"", buff); cgi_warn("Bad height: \"%s\"", buff);
redir_url += sprintf(redir_url, "term_width,"); redir_url += sprintf(redir_url, "term_height,");
break;
} }
} else {
cgi_warn("Missing height arg!"); if (w * h > MAX_SCREEN_SIZE) {
// this wont happen normally when the form is used cgi_warn("Bad dimensions: %d x %d (total %d)", w, h, w * h);
redir_url += sprintf(redir_url, "term_width,term_height,"); redir_url += sprintf(redir_url, "term_width,term_height,");
break;
} }
} else {
cgi_warn("Bad width: \"%s\"", buff); if (termconf->width != w || termconf->height != h) {
redir_url += sprintf(redir_url, "term_width,"); termconf->width = w;
termconf->height = h;
shall_clear_screen = true; // this causes a notify
} }
} while (0);
} }
if (GET_ARG("default_bg")) { if (GET_ARG("default_bg")) {
@ -265,6 +277,56 @@ cgiTermCfgSetParams(HttpdConnData *connData)
} }
} }
if (GET_ARG("uart_baud")) {
cgi_dbg("Baud rate: %s", buff);
int baud = atoi(buff);
if (baud == BIT_RATE_300 ||
baud == BIT_RATE_600 ||
baud == BIT_RATE_1200 ||
baud == BIT_RATE_2400 ||
baud == BIT_RATE_4800 ||
baud == BIT_RATE_9600 ||
baud == BIT_RATE_19200 ||
baud == BIT_RATE_38400 ||
baud == BIT_RATE_57600 ||
baud == BIT_RATE_74880 ||
baud == BIT_RATE_115200 ||
baud == BIT_RATE_230400 ||
baud == BIT_RATE_460800 ||
baud == BIT_RATE_921600 ||
baud == BIT_RATE_1843200 ||
baud == BIT_RATE_3686400) {
sysconf->uart_baudrate = (u32) baud;
} else {
cgi_warn("Bad baud rate %s", buff);
redir_url += sprintf(redir_url, "uart_baud,");
}
}
if (GET_ARG("uart_parity")) {
cgi_dbg("Parity: %s", buff);
int parity = atoi(buff);
if (parity >= 0 && parity <= 2) {
sysconf->uart_parity = (UartParityMode) parity;
} else {
cgi_warn("Bad parity %s", buff);
redir_url += sprintf(redir_url, "uart_parity,");
}
}
if (GET_ARG("uart_stopbits")) {
cgi_dbg("Stop bits: %s", buff);
int stopbits = atoi(buff);
if (stopbits >= 1 && stopbits <= 3) {
sysconf->uart_stopbits = (UartStopBitsNum) stopbits;
} else {
cgi_warn("Bad stopbits %s", buff);
redir_url += sprintf(redir_url, "uart_stopbits,");
}
}
(void)redir_url;
if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) {
// All was OK // All was OK
info("Set term params - success, saving..."); info("Set term params - success, saving...");
@ -288,9 +350,16 @@ cgiTermCfgSetParams(HttpdConnData *connData)
httpdRedirect(connData, SET_REDIR_SUC); httpdRedirect(connData, SET_REDIR_SUC);
} else { } else {
cgi_warn("Some settings did not validate, asking for correction"); cgi_warn("Some settings did not validate, asking for correction");
memcpy(sysconf, sysconf_backup, sizeof(SystemConfigBundle));
memcpy(termconf, termconf_backup, sizeof(TerminalConfigBundle));
// Some errors, appended to the URL as ?err= // Some errors, appended to the URL as ?err=
httpdRedirect(connData, redir_url_buf); httpdRedirect(connData, redir_url_buf);
} }
free(sysconf_backup);
free(termconf_backup);
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }
@ -357,6 +426,15 @@ tplTermCfg(HttpdConnData *connData, char *token, void **arg)
else if (streq(token, "term_title")) { else if (streq(token, "term_title")) {
strncpy_safe(buff, termconf->title, BUFLEN); strncpy_safe(buff, termconf->title, BUFLEN);
} }
else if (streq(token, "uart_baud")) {
sprintf(buff, "%d", sysconf->uart_baudrate);
}
else if (streq(token, "uart_parity")) {
sprintf(buff, "%d", sysconf->uart_parity);
}
else if (streq(token, "uart_stopbits")) {
sprintf(buff, "%d", sysconf->uart_stopbits);
}
else { else {
for (int btn_i = 1; btn_i <= TERM_BTN_COUNT; btn_i++) { for (int btn_i = 1; btn_i <= TERM_BTN_COUNT; btn_i++) {
sprintf(buff2, "btn%d", btn_i); sprintf(buff2, "btn%d", btn_i);

@ -355,6 +355,11 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData)
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }
WiFiConfigBundle *wificonf_backup = malloc(sizeof(WiFiConfigBundle));
WiFiConfChangeFlags *wcf_backup = malloc(sizeof(WiFiConfChangeFlags));
memcpy(wificonf_backup, wificonf, sizeof(WiFiConfigBundle));
memcpy(wcf_backup, &wifi_change_flags, sizeof(WiFiConfChangeFlags));
bool sta_turned_on = false; bool sta_turned_on = false;
bool sta_ssid_pw_changed = false; bool sta_ssid_pw_changed = false;
@ -502,6 +507,8 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData)
} }
} }
(void)redir_url;
if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) {
// All was OK // All was OK
cgi_info("Set WiFi params - success, applying in 2000 ms"); cgi_info("Set WiFi params - success, applying in 2000 ms");
@ -532,9 +539,16 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData)
} }
} else { } else {
cgi_warn("Some WiFi settings did not validate, asking for correction"); cgi_warn("Some WiFi settings did not validate, asking for correction");
memcpy(wificonf, wificonf_backup, sizeof(WiFiConfigBundle));
memcpy(&wifi_change_flags, wcf_backup, sizeof(WiFiConfChangeFlags));
// Some errors, appended to the URL as ?err= // Some errors, appended to the URL as ?err=
httpdRedirect(connData, redir_url_buf); httpdRedirect(connData, redir_url_buf);
} }
free(wificonf_backup);
free(wcf_backup);
return HTTPD_CGI_DONE; return HTTPD_CGI_DONE;
} }

@ -20,6 +20,8 @@ sysconf_apply_settings(void)
sysconf->pwlock = PWLOCK_NONE; sysconf->pwlock = PWLOCK_NONE;
} }
sysconf->config_version = SYSCONF_VERSION;
if (changed) { if (changed) {
persist_store(); persist_store();
} }

Loading…
Cancel
Save