From 43241c26795bdcf79fd9fa3e89d914893cee5139 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 00:22:46 +0200 Subject: [PATCH 1/9] admin pw now lives in a separate config block. BREAKING CHANGE! will wipe old settings :( --- CMakeLists.txt | 1 + esphttpdconfig.mk | 3 ++- user/cgi_persist.c | 4 +--- user/persist.c | 32 +++++++++++++++++++++++++------- user/persist.h | 17 ++++++++++++++--- user/serial.c | 9 ++++----- 6 files changed, 47 insertions(+), 19 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ea9d6ac..12dea35 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -153,6 +153,7 @@ include_directories(esp_iot_sdk_v1.5.2/include) add_definitions( -D__ets__ -DICACHE_FLASH + -DDEBUG_LOGBUF_SIZE=2048 -DUSE_OPTIMIZE_PRINTF=1 -DHTTPD_MAX_CONNECTIONS=5 -DHTTPD_STACKSIZE=1000 diff --git a/esphttpdconfig.mk b/esphttpdconfig.mk index cd2a8ad..d9b9e46 100644 --- a/esphttpdconfig.mk +++ b/esphttpdconfig.mk @@ -46,7 +46,7 @@ GLOBAL_CFLAGS = \ -DDEBUG_CAPTDNS=0 \ -DDEBUG_HTTP=0 \ -DDEBUG_ESPFS=0 \ - -DDEBUG_PERSIST=0 \ + -DDEBUG_PERSIST=1 \ -DDEBUG_UTFCACHE=0 \ -DDEBUG_CGI=0 \ -DDEBUG_WIFI=0 \ @@ -59,5 +59,6 @@ GLOBAL_CFLAGS = \ -DHTTPD_MAX_BACKLOG_SIZE=8192 \ -DHTTPD_MAX_HEAD_LEN=1024 \ -DHTTPD_MAX_POST_LEN=512 \ + -DDEBUG_LOGBUF_SIZE=2048 \ -mforce-l32 \ -DUSE_OPTIMIZE_PRINTF=1 diff --git a/user/cgi_persist.c b/user/cgi_persist.c index 4828b8a..61dee19 100644 --- a/user/cgi_persist.c +++ b/user/cgi_persist.c @@ -13,9 +13,7 @@ Cgi/template routines for configuring non-wifi settings static bool ICACHE_FLASH_ATTR verify_admin_pw(const char *pw) { - // This is not really for security, but to prevent someone who - // shouldn't touch those settings from fucking it up. - return streq(pw, STR(ADMIN_PASSWORD)); // the PW comes from the makefile + return streq(pw, persist.admin.pw); } httpd_cgi_state ICACHE_FLASH_ATTR diff --git a/user/persist.c b/user/persist.c index 5bb22d3..c9ea315 100644 --- a/user/persist.c +++ b/user/persist.c @@ -97,19 +97,27 @@ compute_checksum(AppConfigBundle *bundle) return calculateCRC32((uint8_t *) bundle, sizeof(AppConfigBundle) - 4); } +static void ICACHE_FLASH_ATTR +set_admin_block_defaults(void) +{ + persist_info("[Persist] Initing admin config block"); + strcpy(persist.admin.pw, STR(ADMIN_PASSWORD)); + persist.admin.version = ADMINCONF_VERSION; +} + /** * Load, verify and apply persistent config */ void ICACHE_FLASH_ATTR persist_load(void) { - persist_info("[Persist] Loading stored settings from FLASH..."); + persist_info("[Persist] Loading settings from FLASH..."); - persist_dbg("AppConfigBundle memory map:"); - persist_dbg("> WiFiConfigBundle at %4d (error %2d)", wconf_at, wconf_at - 0); - persist_dbg("> SystemConfigBundle at %4d (error %2d)", sconf_at, sconf_at - WIFICONF_SIZE); - persist_dbg("> TerminalConfigBundle at %4d (error %2d)", tconf_at, tconf_at - WIFICONF_SIZE - SYSCONF_SIZE); - persist_dbg("> Checksum at %4d (error %2d)", cksum_at, cksum_at - (APPCONF_SIZE - 4)); + persist_dbg("Persist memory map:"); + persist_dbg("> wifi at %4d (error %2d)", wconf_at, wconf_at - 0); + persist_dbg("> sys at %4d (error %2d)", sconf_at, sconf_at - WIFICONF_SIZE); + persist_dbg("> term at %4d (error %2d)", tconf_at, tconf_at - WIFICONF_SIZE - SYSCONF_SIZE); + persist_dbg("> cksum at %4d (error %2d)", cksum_at, cksum_at - (APPCONF_SIZE - 4)); persist_dbg("> Total size = %d bytes (error %d)", sizeof(AppConfigBundle), APPCONF_SIZE - sizeof(AppConfigBundle)); bool hard_reset = false; @@ -120,7 +128,8 @@ persist_load(void) // Verify checksums if (hard_reset || (compute_checksum(&persist.defaults) != persist.defaults.checksum) || - (compute_checksum(&persist.current) != persist.current.checksum)) { + (compute_checksum(&persist.current) != persist.current.checksum) || + (persist.admin.version != 0 && (calculateCRC32((uint8_t *) &persist.admin, sizeof(AdminConfigBlock) - 4) != persist.admin.checksum))) { error("[Persist] Checksum verification: FAILED"); hard_reset = true; } else { @@ -135,10 +144,18 @@ persist_load(void) // write them also as defaults memcpy(&persist.defaults, &persist.current, sizeof(AppConfigBundle)); + + // reset admin pw + set_admin_block_defaults(); persist_store(); // this also stores them to flash and applies to modules } else { + if (persist.admin.version == 0) { + set_admin_block_defaults(); + persist_store(); + } + apply_live_settings(); } @@ -153,6 +170,7 @@ persist_store(void) // Update checksums before write persist.current.checksum = compute_checksum(&persist.current); persist.defaults.checksum = compute_checksum(&persist.defaults); + persist.admin.checksum = calculateCRC32((uint8_t *) &persist.admin, sizeof(AdminConfigBlock) - 4); if (!system_param_save_with_protect(PERSIST_SECTOR_ID, &persist, sizeof(PersistBlock))) { error("[Persist] Store to flash failed!"); diff --git a/user/persist.h b/user/persist.h index 1cc8a67..d85c964 100644 --- a/user/persist.h +++ b/user/persist.h @@ -16,9 +16,9 @@ // Changing this could be used to force-erase the config area // after a firmware upgrade -#define CHECKSUM_SALT 3 +#define CHECKSUM_SALT 4 -#define APPCONF_SIZE 2048 +#define APPCONF_SIZE 1900 /** Struct for current or default settings */ typedef struct { // the entire block should be 1024 bytes long (for compatibility across upgrades) @@ -41,7 +41,7 @@ typedef struct { // the entire block should be 1024 bytes long (for compatibilit // it grew to a different memory area. uint8_t _filler_end[ APPCONF_SIZE - - sizeof(uint32_t) // checksum + - 4 // checksum - WIFICONF_SIZE - SYSCONF_SIZE - TERMCONF_SIZE @@ -50,10 +50,21 @@ typedef struct { // the entire block should be 1024 bytes long (for compatibilit uint32_t checksum; // computed before write and tested on load. If it doesn't match, values are reset to hard defaults. } AppConfigBundle; +#define ADMINCONF_VERSION 1 +#define ADMINCONF_SIZE 256 + +typedef struct { + u8 version; + char pw[64]; + uint8_t _filler[ADMINCONF_SIZE-64-4]; + uint32_t checksum; +} AdminConfigBlock; + /** This is the entire data block stored in FLASH */ typedef struct { AppConfigBundle defaults; // defaults are stored here AppConfigBundle current; // active settings adjusted by the user + AdminConfigBlock admin; } PersistBlock; // Persist holds the data currently loaded from the flash diff --git a/user/serial.c b/user/serial.c index 4ecb128..bcbd54c 100644 --- a/user/serial.c +++ b/user/serial.c @@ -4,8 +4,7 @@ #include "ansi_parser.h" #include "syscfg.h" -#define LOGBUF_SIZE 512 -static char logbuf[LOGBUF_SIZE]; +static char logbuf[DEBUG_LOGBUF_SIZE]; static u32 lb_nw = 1; static u32 lb_ls = 0; static ETSTimer flushLogTimer; @@ -14,7 +13,7 @@ static void buf_putc(char c) { if (lb_ls != lb_nw) { logbuf[lb_nw++] = c; - if (lb_nw >= LOGBUF_SIZE) lb_nw = 0; + if (lb_nw >= DEBUG_LOGBUF_SIZE) lb_nw = 0; } } @@ -25,11 +24,11 @@ buf_pop(void *unused) u32 old_ls; while (quantity > 0) { // stop when done - if ((lb_ls == lb_nw-1) || (lb_ls == LOGBUF_SIZE-1 && lb_nw == 0)) break; + if ((lb_ls == lb_nw-1) || (lb_ls == DEBUG_LOGBUF_SIZE-1 && lb_nw == 0)) break; old_ls = lb_ls; lb_ls++; - if (lb_ls >= LOGBUF_SIZE) lb_ls = 0; + if (lb_ls >= DEBUG_LOGBUF_SIZE) lb_ls = 0; if (OK == UART_WriteCharCRLF(UART1, logbuf[lb_ls], 5)) { quantity--; From 3849e161e52887bacc3e1dddbafd82d343a5550d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 00:30:16 +0200 Subject: [PATCH 2/9] add pwlock settings to sysconf --- user/syscfg.c | 12 +++++++++++- user/syscfg.h | 12 +++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/user/syscfg.c b/user/syscfg.c index df27de7..d4b262f 100644 --- a/user/syscfg.c +++ b/user/syscfg.c @@ -12,7 +12,17 @@ SystemConfigBundle * const sysconf = &persist.current.sysconf; void ICACHE_FLASH_ATTR sysconf_apply_settings(void) { - // !!! Update to current version !!! + bool changed = false; + if (sysconf->config_version < 1) { + dbg("Upgrading syscfg to v 1"); + changed = true; + sysconf->access_pw[0] = 0; + sysconf->pwlock = PWLOCK_NONE; + } + + if (changed) { + persist_store(); + } serialInit(); } diff --git a/user/syscfg.h b/user/syscfg.h index 92997c9..624dfe3 100644 --- a/user/syscfg.h +++ b/user/syscfg.h @@ -10,13 +10,23 @@ // Size designed for the wifi config structure // Must be constant to avoid corrupting user config after upgrade #define SYSCONF_SIZE 200 -#define SYSCONF_VERSION 0 +#define SYSCONF_VERSION 1 + +enum pwlock { + PWLOCK_NONE = 0, + PWLOCK_SETTINGS_NOTERM = 1, + PWLOCK_SETTINGS_ALL = 2, + PWLOCK_MENUS = 3, + PWLOCK_ALL = 4, +}; typedef struct { u32 uart_baudrate; u8 uart_parity; u8 uart_stopbits; u8 config_version; + enum pwlock pwlock : 8; // page access lock + char access_pw[64]; // access password } SystemConfigBundle; extern SystemConfigBundle * const sysconf; From 82961568b829b80d9e12b4ebc764f4ebdbad116d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 00:33:03 +0200 Subject: [PATCH 3/9] increased sysconbf allocated flash size (safe now bc we alrady have a breaking change that wipes old settings) --- user/persist.h | 2 +- user/syscfg.c | 3 +++ user/syscfg.h | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/user/persist.h b/user/persist.h index d85c964..8f6c15a 100644 --- a/user/persist.h +++ b/user/persist.h @@ -16,7 +16,7 @@ // Changing this could be used to force-erase the config area // after a firmware upgrade -#define CHECKSUM_SALT 4 +#define CHECKSUM_SALT 5 #define APPCONF_SIZE 1900 diff --git a/user/syscfg.c b/user/syscfg.c index d4b262f..cca8a5c 100644 --- a/user/syscfg.c +++ b/user/syscfg.c @@ -33,4 +33,7 @@ sysconf_restore_defaults(void) sysconf->uart_parity = PARITY_NONE; sysconf->uart_baudrate = BIT_RATE_115200; sysconf->uart_stopbits = ONE_STOP_BIT; + sysconf->config_version = SYSCONF_VERSION; + sysconf->access_pw[0] = 0; + sysconf->pwlock = PWLOCK_NONE; } diff --git a/user/syscfg.h b/user/syscfg.h index 624dfe3..e66630c 100644 --- a/user/syscfg.h +++ b/user/syscfg.h @@ -9,7 +9,7 @@ // Size designed for the wifi config structure // Must be constant to avoid corrupting user config after upgrade -#define SYSCONF_SIZE 200 +#define SYSCONF_SIZE 300 #define SYSCONF_VERSION 1 enum pwlock { From 37de3a095d4608f720a9d4a00593151813bef0c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 00:48:57 +0200 Subject: [PATCH 4/9] configurable pw lock (not yet tested and not connected to front-end) --- user/routes.c | 81 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 59 insertions(+), 22 deletions(-) diff --git a/user/routes.c b/user/routes.c index 7711b0e..45e961c 100644 --- a/user/routes.c +++ b/user/routes.c @@ -12,12 +12,66 @@ #include "cgi_network.h" #include "cgi_term_cfg.h" #include "cgi_persist.h" +#include "syscfg.h" -#define WIFI_PROTECT 0 -#define WIFI_AUTH_NAME "wifi" -#define WIFI_AUTH_PASS "nicitel" +/** + * Password for WiFi config + */ +static int ICACHE_FLASH_ATTR wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, char *pass, int passLen) +{ + if (no == 0) { + os_strcpy(user, "admin"); + os_strcpy(pass, sysconf->access_pw); + return 1; + } + return 0; +} -static int wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, char *pass, int passLen); +httpd_cgi_state ICACHE_FLASH_ATTR cgiOptionalPwLock(HttpdConnData *connData) +{ + bool protect = false; + + switch (sysconf->pwlock) { + case PWLOCK_ALL: + protect = true; + break; + + case PWLOCK_SETTINGS_NOTERM: + protect = strstarts(connData->url, "/cfg") && !strstarts(connData->url, "/cfg/term"); + break; + + case PWLOCK_SETTINGS_ALL: + protect = strstarts(connData->url, "/cfg"); + break; + + case PWLOCK_MENUS: + protect = strstarts(connData->url, "/cfg") || strstarts(connData->url, "/about") || strstarts(connData->url, "/help"); + break; + + default: + case PWLOCK_NONE: + break; + } + + // pages outside the normal scope + + if (sysconf->pwlock > PWLOCK_NONE) { + if (strstarts(connData->url, "/system/reset")) protect = true; + } + + if (sysconf->pwlock > PWLOCK_SETTINGS_NOTERM) { + if (strstarts(connData->url, "/system/cls")) protect = true; + } + + if (sysconf->access_pw[0] == 0) protect = false; + + if (protect) { + connData->cgiArg = wifiPassFn; + return authBasic(connData); + } else { + return HTTPD_CGI_NOTFOUND; + } +} /** * Application routes @@ -25,6 +79,7 @@ static int wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, const HttpdBuiltInUrl routes[] ESP_CONST_DATA = { // redirect func for the captive portal ROUTE_CGI_ARG("*", cgiRedirectApClientToHostname, "esp-terminal.ap"), + ROUTE_CGI("*", cgiOptionalPwLock), // --- Web pages --- ROUTE_TPL_FILE("/", tplScreen, "/term.tpl"), @@ -39,10 +94,6 @@ const HttpdBuiltInUrl routes[] ESP_CONST_DATA = { ROUTE_CGI("/system/ping/?", cgiPing), ROUTE_CGI("/system/cls/?", cgiResetScreen), - // --- WiFi config --- (TODO make this conditional and configurable) -#if WIFI_PROTECT - ROUTE_AUTH("/wifi*", wifiPassFn), -#endif ROUTE_REDIRECT("/cfg/?", "/cfg/wifi"), ROUTE_TPL_FILE("/cfg/wifi/?", tplWlan, "/cfg_wifi.tpl"), @@ -67,17 +118,3 @@ const HttpdBuiltInUrl routes[] ESP_CONST_DATA = { ROUTE_END(), }; -// --- Wifi password protection --- - -/** - * Password for WiFi config - */ -static int ICACHE_FLASH_ATTR wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, char *pass, int passLen) -{ - if (no == 0) { - os_strcpy(user, WIFI_AUTH_NAME); - os_strcpy(pass, WIFI_AUTH_PASS); - return 1; - } - return 0; -} From 38b3ce2dc8d21795cc913b1a0aaba7d02961538c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 01:00:52 +0200 Subject: [PATCH 5/9] cgi handler for setting passwords (not tested) --- user/cgi_system.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++- user/syscfg.h | 1 + 2 files changed, 80 insertions(+), 1 deletion(-) diff --git a/user/cgi_system.c b/user/cgi_system.c index 1b70289..7f75797 100755 --- a/user/cgi_system.c +++ b/user/cgi_system.c @@ -78,7 +78,8 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiPing(HttpdConnData *connData) httpd_cgi_state ICACHE_FLASH_ATTR cgiSystemCfgSetParams(HttpdConnData *connData) { - char buff[50]; + char buff[65]; + char buff2[65]; char redir_url_buf[100]; char *redir_url = redir_url_buf; @@ -138,6 +139,80 @@ cgiSystemCfgSetParams(HttpdConnData *connData) } } + if (GET_ARG("security")) { + cgi_dbg("*** Security config! ***"); + + if (GET_ARG("pw")) { + if (streq(buff, persist.admin.pw)) { + // authenticated OK + do { + if (GET_ARG("pwlock")) { + cgi_dbg("pwlock: %s", buff); + int pwlock = atoi(buff); + if (pwlock >= 0 && pwlock < PWLOCK_MAX) { + sysconf->pwlock = (enum pwlock) pwlock; + } + else { + cgi_warn("Bad pwlock %s", buff); + redir_url += sprintf(redir_url, "pwlock,"); + break; + } + } + + if (GET_ARG("access_pw")) { + cgi_dbg("access_pw: %s", buff); + + strcpy(buff2, buff); + if (GET_ARG("access_pw2")) { + cgi_dbg("access_pw2: %s", buff); + + if (streq(buff, buff2)) { + cgi_dbg("Changing access PW!!!"); + strncpy(sysconf->access_pw, buff, 64); + } else { + cgi_warn("Bad repeated access_pw %s", buff); + redir_url += sprintf(redir_url, "access_pw2,"); + } + } else { + cgi_warn("Missing access_pw %s", buff); + redir_url += sprintf(redir_url, "access_pw2,"); + } + + break; // access pw and admin pw are in separate forms + } + + if (GET_ARG("admin_pw")) { + cgi_dbg("admin_pw: %s", buff); + + strcpy(buff2, buff); + if (GET_ARG("admin_pw2")) { + cgi_dbg("admin_pw2: %s", buff); + + if (streq(buff, buff2)) { + cgi_dbg("Changing admin PW!!!"); + strncpy(persist.admin.pw, buff, 64); + } else { + cgi_warn("Bad repeated admin_pw %s", buff); + redir_url += sprintf(redir_url, "admin_pw2,"); + } + } else { + cgi_warn("Missing admin_pw %s", buff); + redir_url += sprintf(redir_url, "admin_pw2,"); + } + + break; + } + } while(0); + } else { + warn("Bad admin pw!"); + redir_url += sprintf(redir_url, "pw,"); + } + } else { + warn("Missing admin pw!"); + redir_url += sprintf(redir_url, "pw,"); + } + } + if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { // All was OK cgi_info("Set system params - success, saving..."); @@ -177,6 +252,9 @@ tplSystemCfg(HttpdConnData *connData, char *token, void **arg) else if (streq(token, "uart_stopbits")) { sprintf(buff, "%d", sysconf->uart_stopbits); } + else if (streq(token, "pwlock")) { + sprintf(buff, "%d", sysconf->pwlock); + } tplSend(connData, buff, -1); return HTTPD_CGI_DONE; diff --git a/user/syscfg.h b/user/syscfg.h index e66630c..c7a47f3 100644 --- a/user/syscfg.h +++ b/user/syscfg.h @@ -18,6 +18,7 @@ enum pwlock { PWLOCK_SETTINGS_ALL = 2, PWLOCK_MENUS = 3, PWLOCK_ALL = 4, + PWLOCK_MAX = 5, }; typedef struct { From a464a73a0eba6b6f55a8b6dc5ab300b05fd012be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Fri, 22 Sep 2017 01:05:13 +0200 Subject: [PATCH 6/9] cgi form handlers for setting password stuff --- user/cgi_system.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/user/cgi_system.c b/user/cgi_system.c index 7f75797..0510637 100755 --- a/user/cgi_system.c +++ b/user/cgi_system.c @@ -213,6 +213,8 @@ cgiSystemCfgSetParams(HttpdConnData *connData) } } + (void)redir_url; + if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { // All was OK cgi_info("Set system params - success, saving..."); From 357a9d43e3badcdf7ae3305534aaab1a03f4be09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Sat, 23 Sep 2017 01:33:55 +0200 Subject: [PATCH 7/9] password changing, changed default pw to "adminpw", added settings revert if validation fails --- esphttpdconfig.mk | 4 +- front-end | 2 +- user/cgi_network.c | 12 +++ user/cgi_system.c | 199 +++++++++++++++++--------------------------- user/cgi_term_cfg.c | 126 ++++++++++++++++++++++------ user/cgi_wifi.c | 14 ++++ user/syscfg.c | 2 + 7 files changed, 209 insertions(+), 150 deletions(-) diff --git a/esphttpdconfig.mk b/esphttpdconfig.mk index d9b9e46..f0a7175 100644 --- a/esphttpdconfig.mk +++ b/esphttpdconfig.mk @@ -39,7 +39,7 @@ OUTPUT_TYPE = combined ESP_SPI_FLASH_SIZE_K = 1024 # Admin password, used to store settings to flash as defaults -ADMIN_PASSWORD = "19738426" +ADMIN_PASSWORD = "adminpw" GLOBAL_CFLAGS = \ -DDEBUG_ROUTER=0 \ @@ -48,7 +48,7 @@ GLOBAL_CFLAGS = \ -DDEBUG_ESPFS=0 \ -DDEBUG_PERSIST=1 \ -DDEBUG_UTFCACHE=0 \ - -DDEBUG_CGI=0 \ + -DDEBUG_CGI=1 \ -DDEBUG_WIFI=0 \ -DDEBUG_WS=0 \ -DDEBUG_ANSI=0 \ diff --git a/front-end b/front-end index 72279bf..172a890 160000 --- a/front-end +++ b/front-end @@ -1 +1 @@ -Subproject commit 72279bf0355af1ba56ff3950a085f38d9adb8506 +Subproject commit 172a890be27476586a54296d6584300ad5bf1888 diff --git a/user/cgi_network.c b/user/cgi_network.c index b87dd96..3bc28b2 100644 --- a/user/cgi_network.c +++ b/user/cgi_network.c @@ -41,6 +41,11 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiNetworkSetParams(HttpdConnData *connData) return HTTPD_CGI_DONE; } + WiFiConfigBundle *wificonf_backup = malloc(sizeof(WiFiConfigBundle)); + WiFiConfChangeFlags *wcf_backup = malloc(sizeof(WiFiConfChangeFlags)); + memcpy(wificonf_backup, wificonf, sizeof(WiFiConfigBundle)); + memcpy(wcf_backup, &wifi_change_flags, sizeof(WiFiConfChangeFlags)); + // ---- AP DHCP server lease time ---- if (GET_ARG("ap_dhcp_time")) { @@ -192,9 +197,16 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiNetworkSetParams(HttpdConnData *connData) httpdRedirect(connData, SET_REDIR_SUC); } else { cgi_warn("Some WiFi settings did not validate, asking for correction"); + + memcpy(wificonf, wificonf_backup, sizeof(WiFiConfigBundle)); + memcpy(&wifi_change_flags, wcf_backup, sizeof(WiFiConfChangeFlags)); + // Some errors, appended to the URL as ?err= httpdRedirect(connData, redir_url_buf); } + + free(wificonf_backup); + free(wcf_backup); return HTTPD_CGI_DONE; } diff --git a/user/cgi_system.c b/user/cgi_system.c index 0510637..7329f97 100755 --- a/user/cgi_system.c +++ b/user/cgi_system.c @@ -91,127 +91,81 @@ cgiSystemCfgSetParams(HttpdConnData *connData) return HTTPD_CGI_DONE; } - if (GET_ARG("uart_baud")) { - cgi_dbg("Baud rate: %s", buff); - int baud = atoi(buff); - if (baud == BIT_RATE_300 || - baud == BIT_RATE_600 || - baud == BIT_RATE_1200 || - baud == BIT_RATE_2400 || - baud == BIT_RATE_4800 || - baud == BIT_RATE_9600 || - baud == BIT_RATE_19200 || - baud == BIT_RATE_38400 || - baud == BIT_RATE_57600 || - baud == BIT_RATE_74880 || - baud == BIT_RATE_115200 || - baud == BIT_RATE_230400 || - baud == BIT_RATE_460800 || - baud == BIT_RATE_921600 || - baud == BIT_RATE_1843200 || - baud == BIT_RATE_3686400) { - sysconf->uart_baudrate = (u32) baud; - } else { - cgi_warn("Bad baud rate %s", buff); - redir_url += sprintf(redir_url, "uart_baud,"); + AdminConfigBlock *admin_backup = malloc(sizeof(AdminConfigBlock)); + SystemConfigBundle *sysconf_backup = malloc(sizeof(SystemConfigBundle)); + memcpy(admin_backup, &persist.admin, sizeof(AdminConfigBlock)); + memcpy(sysconf_backup, sysconf, sizeof(SystemConfigBundle)); + + do { + if (!GET_ARG("pw")) { + warn("Missing admin pw!"); + redir_url += sprintf(redir_url, "pw,"); + break; } - } - if (GET_ARG("uart_parity")) { - cgi_dbg("Parity: %s", buff); - int parity = atoi(buff); - if (parity >= 0 && parity <= 2) { - sysconf->uart_parity = (UartParityMode) parity; - } else { - cgi_warn("Bad parity %s", buff); - redir_url += sprintf(redir_url, "uart_parity,"); + if (!streq(buff, persist.admin.pw)) { + warn("Bad admin pw!"); + redir_url += sprintf(redir_url, "pw,"); + break; } - } - if (GET_ARG("uart_stopbits")) { - cgi_dbg("Stop bits: %s", buff); - int stopbits = atoi(buff); - if (stopbits >= 1 && stopbits <= 3) { - sysconf->uart_stopbits = (UartStopBitsNum) stopbits; - } else { - cgi_warn("Bad stopbits %s", buff); - redir_url += sprintf(redir_url, "uart_stopbits,"); + // authenticated OK + if (GET_ARG("pwlock")) { + cgi_dbg("pwlock: %s", buff); + int pwlock = atoi(buff); + if (pwlock < 0 || pwlock >= PWLOCK_MAX) { + cgi_warn("Bad pwlock %s", buff); + redir_url += sprintf(redir_url, "pwlock,"); + break; + } + + sysconf->pwlock = (enum pwlock) pwlock; } - } - if (GET_ARG("security")) { - cgi_dbg("*** Security config! ***"); - - if (GET_ARG("pw")) { - if (streq(buff, persist.admin.pw)) { - // authenticated OK - do { - if (GET_ARG("pwlock")) { - cgi_dbg("pwlock: %s", buff); - int pwlock = atoi(buff); - if (pwlock >= 0 && pwlock < PWLOCK_MAX) { - sysconf->pwlock = (enum pwlock) pwlock; - } - else { - cgi_warn("Bad pwlock %s", buff); - redir_url += sprintf(redir_url, "pwlock,"); - break; - } - } - - if (GET_ARG("access_pw")) { - cgi_dbg("access_pw: %s", buff); - - strcpy(buff2, buff); - if (GET_ARG("access_pw2")) { - cgi_dbg("access_pw2: %s", buff); - - if (streq(buff, buff2)) { - cgi_dbg("Changing access PW!!!"); - strncpy(sysconf->access_pw, buff, 64); - } else { - cgi_warn("Bad repeated access_pw %s", buff); - redir_url += sprintf(redir_url, "access_pw2,"); - } - } else { - cgi_warn("Missing access_pw %s", buff); - redir_url += sprintf(redir_url, "access_pw2,"); - } - - break; // access pw and admin pw are in separate forms - } - - if (GET_ARG("admin_pw")) { - cgi_dbg("admin_pw: %s", buff); - - strcpy(buff2, buff); - if (GET_ARG("admin_pw2")) { - cgi_dbg("admin_pw2: %s", buff); - - if (streq(buff, buff2)) { - cgi_dbg("Changing admin PW!!!"); - strncpy(persist.admin.pw, buff, 64); - } else { - cgi_warn("Bad repeated admin_pw %s", buff); - redir_url += sprintf(redir_url, "admin_pw2,"); - } - } else { - cgi_warn("Missing admin_pw %s", buff); - redir_url += sprintf(redir_url, "admin_pw2,"); - } - - break; - } - } while(0); - } else { - warn("Bad admin pw!"); - redir_url += sprintf(redir_url, "pw,"); + if (GET_ARG("access_pw")) { + cgi_dbg("access_pw: %s", buff); + + if (strlen(buff)) { + strcpy(buff2, buff); + if (!GET_ARG("access_pw2")) { + cgi_warn("Missing repeated access_pw %s", buff); + redir_url += sprintf(redir_url, "access_pw2,"); + break; + } + + if (!streq(buff, buff2)) { + cgi_warn("Bad repeated access_pw %s", buff); + redir_url += sprintf(redir_url, "access_pw2,"); + break; + } + + cgi_dbg("Changing access PW!!!"); + strncpy(sysconf->access_pw, buff, 64); } - } else { - warn("Missing admin pw!"); - redir_url += sprintf(redir_url, "pw,"); } - } + + if (GET_ARG("admin_pw")) { + cgi_dbg("admin_pw: %s", buff); + + if (strlen(buff)) { + strcpy(buff2, buff); + if (!GET_ARG("admin_pw2")) { + cgi_warn("Missing repeated admin_pw %s", buff); + redir_url += sprintf(redir_url, "admin_pw2,"); + break; + } + + if (!streq(buff, buff2)) { + cgi_warn("Bad repeated admin_pw %s", buff); + redir_url += sprintf(redir_url, "admin_pw2,"); + break; + } + + cgi_dbg("Changing admin PW!!!"); + strncpy(persist.admin.pw, buff, 64); + } + } + } while (0); (void)redir_url; @@ -225,9 +179,17 @@ cgiSystemCfgSetParams(HttpdConnData *connData) httpdRedirect(connData, SET_REDIR_SUC); } else { cgi_warn("Some settings did not validate, asking for correction"); + + // revert any possible changes + memcpy(&persist.admin, admin_backup, sizeof(AdminConfigBlock)); + memcpy(sysconf, sysconf_backup, sizeof(SystemConfigBundle)); + // Some errors, appended to the URL as ?err= httpdRedirect(connData, redir_url_buf); } + + free(admin_backup); + free(sysconf_backup); return HTTPD_CGI_DONE; } @@ -245,16 +207,7 @@ tplSystemCfg(HttpdConnData *connData, char *token, void **arg) strcpy(buff, ""); // fallback - if (streq(token, "uart_baud")) { - sprintf(buff, "%d", sysconf->uart_baudrate); - } - else if (streq(token, "uart_parity")) { - sprintf(buff, "%d", sysconf->uart_parity); - } - else if (streq(token, "uart_stopbits")) { - sprintf(buff, "%d", sysconf->uart_stopbits); - } - else if (streq(token, "pwlock")) { + if (streq(token, "pwlock")) { sprintf(buff, "%d", sysconf->pwlock); } diff --git a/user/cgi_term_cfg.c b/user/cgi_term_cfg.c index 76b8bcc..5b09741 100644 --- a/user/cgi_term_cfg.c +++ b/user/cgi_term_cfg.c @@ -9,6 +9,7 @@ Cgi/template routines for configuring non-wifi settings #include "screen.h" #include "helpers.h" #include "cgi_logging.h" +#include "uart_driver.h" #define SET_REDIR_SUC "/cfg/term" #define SET_REDIR_ERR SET_REDIR_SUC"?err=" @@ -30,6 +31,11 @@ cgiTermCfgSetParams(HttpdConnData *connData) redir_url += sprintf(redir_url, SET_REDIR_ERR); // we'll test if anything was printed by looking for \0 in failed_keys_buf + SystemConfigBundle *sysconf_backup = malloc(sizeof(SystemConfigBundle)); + TerminalConfigBundle *termconf_backup = malloc(sizeof(TerminalConfigBundle)); + memcpy(sysconf_backup, sysconf, sizeof(SystemConfigBundle)); + memcpy(termconf_backup, termconf, sizeof(TerminalConfigBundle)); + if (connData->conn == NULL) { //Connection aborted. Clean up. return HTTPD_CGI_DONE; @@ -39,34 +45,40 @@ cgiTermCfgSetParams(HttpdConnData *connData) if (GET_ARG("term_width")) { cgi_dbg("Default screen width: %s", buff); w = atoi(buff); - if (w > 1) { - if (GET_ARG("term_height")) { - cgi_dbg("Default screen height: %s", buff); - h = atoi(buff); - if (h > 1) { - if (w * h <= MAX_SCREEN_SIZE) { - if (termconf->width != w || termconf->height != h) { - termconf->width = w; - termconf->height = h; - shall_clear_screen = true; // this causes a notify - } - } else { - cgi_warn("Bad dimensions: %d x %d (total %d)", w, h, w*h); - redir_url += sprintf(redir_url, "term_width,term_height,"); - } - } else { - cgi_warn("Bad height: \"%s\"", buff); - redir_url += sprintf(redir_url, "term_width,"); - } - } else { + do { + if (w <= 1) { + cgi_warn("Bad width: \"%s\"", buff); + redir_url += sprintf(redir_url, "term_width,"); + break; + } + + if (!GET_ARG("term_height")) { cgi_warn("Missing height arg!"); // this wont happen normally when the form is used redir_url += sprintf(redir_url, "term_width,term_height,"); + break; } - } else { - cgi_warn("Bad width: \"%s\"", buff); - redir_url += sprintf(redir_url, "term_width,"); - } + + cgi_dbg("Default screen height: %s", buff); + h = atoi(buff); + if (h <= 1) { + cgi_warn("Bad height: \"%s\"", buff); + redir_url += sprintf(redir_url, "term_height,"); + break; + } + + if (w * h > MAX_SCREEN_SIZE) { + cgi_warn("Bad dimensions: %d x %d (total %d)", w, h, w * h); + redir_url += sprintf(redir_url, "term_width,term_height,"); + break; + } + + if (termconf->width != w || termconf->height != h) { + termconf->width = w; + termconf->height = h; + shall_clear_screen = true; // this causes a notify + } + } while (0); } if (GET_ARG("default_bg")) { @@ -265,6 +277,56 @@ cgiTermCfgSetParams(HttpdConnData *connData) } } + if (GET_ARG("uart_baud")) { + cgi_dbg("Baud rate: %s", buff); + int baud = atoi(buff); + if (baud == BIT_RATE_300 || + baud == BIT_RATE_600 || + baud == BIT_RATE_1200 || + baud == BIT_RATE_2400 || + baud == BIT_RATE_4800 || + baud == BIT_RATE_9600 || + baud == BIT_RATE_19200 || + baud == BIT_RATE_38400 || + baud == BIT_RATE_57600 || + baud == BIT_RATE_74880 || + baud == BIT_RATE_115200 || + baud == BIT_RATE_230400 || + baud == BIT_RATE_460800 || + baud == BIT_RATE_921600 || + baud == BIT_RATE_1843200 || + baud == BIT_RATE_3686400) { + sysconf->uart_baudrate = (u32) baud; + } else { + cgi_warn("Bad baud rate %s", buff); + redir_url += sprintf(redir_url, "uart_baud,"); + } + } + + if (GET_ARG("uart_parity")) { + cgi_dbg("Parity: %s", buff); + int parity = atoi(buff); + if (parity >= 0 && parity <= 2) { + sysconf->uart_parity = (UartParityMode) parity; + } else { + cgi_warn("Bad parity %s", buff); + redir_url += sprintf(redir_url, "uart_parity,"); + } + } + + if (GET_ARG("uart_stopbits")) { + cgi_dbg("Stop bits: %s", buff); + int stopbits = atoi(buff); + if (stopbits >= 1 && stopbits <= 3) { + sysconf->uart_stopbits = (UartStopBitsNum) stopbits; + } else { + cgi_warn("Bad stopbits %s", buff); + redir_url += sprintf(redir_url, "uart_stopbits,"); + } + } + + (void)redir_url; + if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { // All was OK info("Set term params - success, saving..."); @@ -288,9 +350,16 @@ cgiTermCfgSetParams(HttpdConnData *connData) httpdRedirect(connData, SET_REDIR_SUC); } else { cgi_warn("Some settings did not validate, asking for correction"); + + memcpy(sysconf, sysconf_backup, sizeof(SystemConfigBundle)); + memcpy(termconf, termconf_backup, sizeof(TerminalConfigBundle)); + // Some errors, appended to the URL as ?err= httpdRedirect(connData, redir_url_buf); } + + free(sysconf_backup); + free(termconf_backup); return HTTPD_CGI_DONE; } @@ -357,6 +426,15 @@ tplTermCfg(HttpdConnData *connData, char *token, void **arg) else if (streq(token, "term_title")) { strncpy_safe(buff, termconf->title, BUFLEN); } + else if (streq(token, "uart_baud")) { + sprintf(buff, "%d", sysconf->uart_baudrate); + } + else if (streq(token, "uart_parity")) { + sprintf(buff, "%d", sysconf->uart_parity); + } + else if (streq(token, "uart_stopbits")) { + sprintf(buff, "%d", sysconf->uart_stopbits); + } else { for (int btn_i = 1; btn_i <= TERM_BTN_COUNT; btn_i++) { sprintf(buff2, "btn%d", btn_i); diff --git a/user/cgi_wifi.c b/user/cgi_wifi.c index df904f3..0cab1a5 100644 --- a/user/cgi_wifi.c +++ b/user/cgi_wifi.c @@ -355,6 +355,11 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData) return HTTPD_CGI_DONE; } + WiFiConfigBundle *wificonf_backup = malloc(sizeof(WiFiConfigBundle)); + WiFiConfChangeFlags *wcf_backup = malloc(sizeof(WiFiConfChangeFlags)); + memcpy(wificonf_backup, wificonf, sizeof(WiFiConfigBundle)); + memcpy(wcf_backup, &wifi_change_flags, sizeof(WiFiConfChangeFlags)); + bool sta_turned_on = false; bool sta_ssid_pw_changed = false; @@ -502,6 +507,8 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData) } } + (void)redir_url; + if (redir_url_buf[strlen(SET_REDIR_ERR)] == 0) { // All was OK cgi_info("Set WiFi params - success, applying in 2000 ms"); @@ -532,9 +539,16 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiWiFiSetParams(HttpdConnData *connData) } } else { cgi_warn("Some WiFi settings did not validate, asking for correction"); + + memcpy(wificonf, wificonf_backup, sizeof(WiFiConfigBundle)); + memcpy(&wifi_change_flags, wcf_backup, sizeof(WiFiConfChangeFlags)); + // Some errors, appended to the URL as ?err= httpdRedirect(connData, redir_url_buf); } + + free(wificonf_backup); + free(wcf_backup); return HTTPD_CGI_DONE; } diff --git a/user/syscfg.c b/user/syscfg.c index cca8a5c..cfa0695 100644 --- a/user/syscfg.c +++ b/user/syscfg.c @@ -20,6 +20,8 @@ sysconf_apply_settings(void) sysconf->pwlock = PWLOCK_NONE; } + sysconf->config_version = SYSCONF_VERSION; + if (changed) { persist_store(); } From 80e8e4f7dac018f2cd1cffbea9f461e652b178da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Sat, 23 Sep 2017 01:59:53 +0200 Subject: [PATCH 8/9] added username config for basic auth --- Makefile | 1 - esphttpdconfig.mk | 11 ++++------- front-end | 2 +- user/cgi_system.c | 32 ++++++++++++++++++++++++++++++-- user/persist.c | 2 +- user/persist.h | 2 ++ user/routes.c | 17 +++++++++++++++-- user/syscfg.c | 9 ++++++++- user/syscfg.h | 6 +++++- 9 files changed, 66 insertions(+), 16 deletions(-) diff --git a/Makefile b/Makefile index a0ecbd3..a815b7a 100644 --- a/Makefile +++ b/Makefile @@ -69,7 +69,6 @@ CFLAGS = -Os -std=gnu99 -Werror -Wpointer-arith -Wundef -Wall -Wl,-EL -fno-inli CFLAGS += -DGIT_HASH_BACKEND='"$(shell git rev-parse --short HEAD)"' CFLAGS += -DGIT_HASH_FRONTEND='"$(shell cd front-end && git rev-parse --short HEAD)"' -CFLAGS += -DADMIN_PASSWORD=$(ADMIN_PASSWORD) CFLAGS += -D__TIMEZONE__='"$(shell date +%Z)"' ifdef GLOBAL_CFLAGS diff --git a/esphttpdconfig.mk b/esphttpdconfig.mk index f0a7175..d8b6237 100644 --- a/esphttpdconfig.mk +++ b/esphttpdconfig.mk @@ -38,20 +38,17 @@ OUTPUT_TYPE = combined # SPI flash size, in K ESP_SPI_FLASH_SIZE_K = 1024 -# Admin password, used to store settings to flash as defaults -ADMIN_PASSWORD = "adminpw" - GLOBAL_CFLAGS = \ -DDEBUG_ROUTER=0 \ -DDEBUG_CAPTDNS=0 \ -DDEBUG_HTTP=0 \ -DDEBUG_ESPFS=0 \ - -DDEBUG_PERSIST=1 \ + -DDEBUG_PERSIST=0 \ -DDEBUG_UTFCACHE=0 \ - -DDEBUG_CGI=1 \ + -DDEBUG_CGI=0 \ -DDEBUG_WIFI=0 \ -DDEBUG_WS=0 \ - -DDEBUG_ANSI=0 \ + -DDEBUG_ANSI=1 \ -DDEBUG_ANSI_NOIMPL=1 \ -DDEBUG_INPUT=0 \ -DDEBUG_HEAP=1 \ @@ -59,6 +56,6 @@ GLOBAL_CFLAGS = \ -DHTTPD_MAX_BACKLOG_SIZE=8192 \ -DHTTPD_MAX_HEAD_LEN=1024 \ -DHTTPD_MAX_POST_LEN=512 \ - -DDEBUG_LOGBUF_SIZE=2048 \ + -DDEBUG_LOGBUF_SIZE=1024 \ -mforce-l32 \ -DUSE_OPTIMIZE_PRINTF=1 diff --git a/front-end b/front-end index 172a890..6c64248 160000 --- a/front-end +++ b/front-end @@ -1 +1 @@ -Subproject commit 172a890be27476586a54296d6584300ad5bf1888 +Subproject commit 6c6424877c49e3e23f563067a78e79338226359d diff --git a/user/cgi_system.c b/user/cgi_system.c index 7329f97..e958f4f 100755 --- a/user/cgi_system.c +++ b/user/cgi_system.c @@ -139,11 +139,29 @@ cgiSystemCfgSetParams(HttpdConnData *connData) break; } - cgi_dbg("Changing access PW!!!"); + if (strlen(buff) >= 64) { + cgi_warn("Too long access_pw %s", buff); + redir_url += sprintf(redir_url, "access_pw,"); + break; + } + + cgi_dbg("Changing access PW!"); strncpy(sysconf->access_pw, buff, 64); } } + if (GET_ARG("access_name")) { + cgi_dbg("access_name: %s", buff); + + if (!strlen(buff) || strlen(buff) >= 32) { + cgi_warn("Too long access_name %s", buff); + redir_url += sprintf(redir_url, "access_name,"); + break; + } + + strncpy(sysconf->access_name, buff, 32); + } + if (GET_ARG("admin_pw")) { cgi_dbg("admin_pw: %s", buff); @@ -161,7 +179,13 @@ cgiSystemCfgSetParams(HttpdConnData *connData) break; } - cgi_dbg("Changing admin PW!!!"); + if (strlen(buff) >= 64) { + cgi_warn("Too long admin_pw %s", buff); + redir_url += sprintf(redir_url, "admin_pw,"); + break; + } + + cgi_dbg("Changing admin PW!"); strncpy(persist.admin.pw, buff, 64); } } @@ -211,6 +235,10 @@ tplSystemCfg(HttpdConnData *connData, char *token, void **arg) sprintf(buff, "%d", sysconf->pwlock); } + if (streq(token, "access_name")) { + sprintf(buff, "%s", sysconf->access_name); + } + tplSend(connData, buff, -1); return HTTPD_CGI_DONE; } diff --git a/user/persist.c b/user/persist.c index c9ea315..cfe189b 100644 --- a/user/persist.c +++ b/user/persist.c @@ -101,7 +101,7 @@ static void ICACHE_FLASH_ATTR set_admin_block_defaults(void) { persist_info("[Persist] Initing admin config block"); - strcpy(persist.admin.pw, STR(ADMIN_PASSWORD)); + strcpy(persist.admin.pw, DEFAULT_ADMIN_PW); persist.admin.version = ADMINCONF_VERSION; } diff --git a/user/persist.h b/user/persist.h index 8f6c15a..7591873 100644 --- a/user/persist.h +++ b/user/persist.h @@ -14,6 +14,8 @@ #include "screen.h" #include "syscfg.h" +#define DEFAULT_ADMIN_PW "adminpw" + // Changing this could be used to force-erase the config area // after a firmware upgrade #define CHECKSUM_SALT 5 diff --git a/user/routes.c b/user/routes.c index 45e961c..9dfd8a5 100644 --- a/user/routes.c +++ b/user/routes.c @@ -13,6 +13,7 @@ #include "cgi_term_cfg.h" #include "cgi_persist.h" #include "syscfg.h" +#include "persist.h" /** * Password for WiFi config @@ -20,10 +21,15 @@ static int ICACHE_FLASH_ATTR wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, char *pass, int passLen) { if (no == 0) { - os_strcpy(user, "admin"); + os_strcpy(user, sysconf->access_name); os_strcpy(pass, sysconf->access_pw); return 1; } + if (no == 1) { + os_strcpy(user, "admin"); + os_strcpy(pass, persist.admin.pw); + return 1; + } return 0; } @@ -31,6 +37,8 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiOptionalPwLock(HttpdConnData *connData) { bool protect = false; + http_dbg("Route, %s, pwlock=%d", connData->url, sysconf->pwlock); + switch (sysconf->pwlock) { case PWLOCK_ALL: protect = true; @@ -63,12 +71,17 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiOptionalPwLock(HttpdConnData *connData) if (strstarts(connData->url, "/system/cls")) protect = true; } - if (sysconf->access_pw[0] == 0) protect = false; + if (sysconf->access_pw[0] == 0) { + http_dbg("Access PW is nil, no protection."); + protect = false; + } if (protect) { + http_dbg("Page is protected!"); connData->cgiArg = wifiPassFn; return authBasic(connData); } else { + http_dbg("Not protected"); return HTTPD_CGI_NOTFOUND; } } diff --git a/user/syscfg.c b/user/syscfg.c index cfa0695..f9004da 100644 --- a/user/syscfg.c +++ b/user/syscfg.c @@ -15,9 +15,16 @@ sysconf_apply_settings(void) bool changed = false; if (sysconf->config_version < 1) { dbg("Upgrading syscfg to v 1"); - changed = true; sysconf->access_pw[0] = 0; sysconf->pwlock = PWLOCK_NONE; + changed = true; + } + + if (sysconf->config_version < 2) { + dbg("Upgrading syscfg to v 2"); + strcpy(sysconf->access_pw, DEF_ACCESS_PW); + strcpy(sysconf->access_name, DEF_ACCESS_NAME); + changed = true; } sysconf->config_version = SYSCONF_VERSION; diff --git a/user/syscfg.h b/user/syscfg.h index c7a47f3..359e0c9 100644 --- a/user/syscfg.h +++ b/user/syscfg.h @@ -10,7 +10,10 @@ // Size designed for the wifi config structure // Must be constant to avoid corrupting user config after upgrade #define SYSCONF_SIZE 300 -#define SYSCONF_VERSION 1 +#define SYSCONF_VERSION 2 + +#define DEF_ACCESS_PW "1234" +#define DEF_ACCESS_NAME "espterm" enum pwlock { PWLOCK_NONE = 0, @@ -28,6 +31,7 @@ typedef struct { u8 config_version; enum pwlock pwlock : 8; // page access lock char access_pw[64]; // access password + char access_name[32]; // access name } SystemConfigBundle; extern SystemConfigBundle * const sysconf; From 2e8ec41115cfb3792b17e5461061c2b10bd39947 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= Date: Sat, 23 Sep 2017 02:13:02 +0200 Subject: [PATCH 9/9] lib bump --- libesphttpd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libesphttpd b/libesphttpd index 58c81c0..24f9a37 160000 --- a/libesphttpd +++ b/libesphttpd @@ -1 +1 @@ -Subproject commit 58c81c0dfe8e15888408886e168ed739aa8f311d +Subproject commit 24f9a371eb5c0804dcc6657f99449ef07788140c