From 20deba73db98f3dbfa3c48fc704ad25bb36806af Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 26 Sep 2023 14:23:44 -0300 Subject: [PATCH 01/39] MQTT over TLS first build --- src/mqtt/new_mqtt.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 4fe1dd791..eedf6b40c 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -12,6 +12,10 @@ #include "../driver/drv_tuyaMCU.h" #include "../ota/ota.h" +#ifdef MQTT_USE_TLS +#include "lwip/altcp_tls.h" +#endif + #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT #if LWIP_IPV4 #define LWIP_MQTT_EXAMPLE_IPADDR_INIT = IPADDR4_INIT(PP_HTONL(IPADDR_LOOPBACK)) @@ -1188,6 +1192,14 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + /* Includes for MQTT over TLS */ +#ifdef MQTT_USE_TLS + if (mqtt_port == 8883) { + mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + } +#endif + + // host name/ip //ipaddr_aton(mqtt_host,&mqtt_ip); From 6f6d738870a6d5de0840f9e19f4eb3b440f73446 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Wed, 27 Sep 2023 23:46:19 -0300 Subject: [PATCH 02/39] MQTT TLS boot ok --- .gitignore | 6 ++++++ src/driver/drv_ir.cpp | 17 ++++++++++++++--- src/mqtt/new_mqtt.c | 4 ++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index a85580d0b..2287a49e0 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,9 @@ configMemory.bin # MSVC enc_temp_folder/** +/sdk/OpenBK7231N +/sdk/OpenBK7231T +/sdk/OpenBL602 +/sdk/OpenW600 +/sdk/OpenW800 +/sdk/OpenXR809 \ No newline at end of file diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp index d2f2573b0..7b0281b6d 100644 --- a/src/driver/drv_ir.cpp +++ b/src/driver/drv_ir.cpp @@ -1,6 +1,5 @@ #if PLATFORM_BEKEN - extern "C" { // these cause error: conflicting declaration of 'int bk_wlan_mcu_suppress_and_sleep(unsigned int)' with 'C' linkage #include "../new_common.h" @@ -30,6 +29,18 @@ extern "C" { #include +/*Drive IR and MQTT TLS are too big for OTA. IF MQTT_USE_TLS enabled IR disabled*/ +#ifdef MQTT_USE_TLS + extern "C" void DRV_IR_Init() { + //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); + } + // this polls the IR receive to see off there was any IR received + extern "C" void DRV_IR_RunFrame() { + //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); + } +} +#endif // MQTT_USE_TLS +#ifndef MQTT_USE_TLS unsigned long ir_counter = 0; uint8_t gEnableIRSendWhilstReceive = 0; uint32_t gIRProtocolEnable = 0xFFFFFFFF; @@ -869,5 +880,5 @@ void cpptest(){ } #endif -#endif - +#endif //MQTT_USE_TLS +#endif //PLATFORM_BEKEN diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index eedf6b40c..a46981ca6 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1192,9 +1192,13 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============VERSAO COM SUPORTE TLS %s\r", mqtt_userName); + /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============MQTT_USE_TLS ATIVO %s\r", mqtt_userName); if (mqtt_port == 8883) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============tls_config set on client_info %s\r", mqtt_userName); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); } #endif From bfcd0297c3b85b5d6b3f573bda77865b56952826 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 30 Sep 2023 01:16:39 -0300 Subject: [PATCH 03/39] Funcional version MQTT secure TLS --- src/driver/drv_ir.cpp | 16 ++-------------- src/driver/drv_main.c | 2 ++ src/mqtt/new_mqtt.c | 13 +++++++++---- src/obk_config.h | 6 ++++++ 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp index 7b0281b6d..73492f74d 100644 --- a/src/driver/drv_ir.cpp +++ b/src/driver/drv_ir.cpp @@ -29,18 +29,6 @@ extern "C" { #include -/*Drive IR and MQTT TLS are too big for OTA. IF MQTT_USE_TLS enabled IR disabled*/ -#ifdef MQTT_USE_TLS - extern "C" void DRV_IR_Init() { - //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); - } - // this polls the IR receive to see off there was any IR received - extern "C" void DRV_IR_RunFrame() { - //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); - } -} -#endif // MQTT_USE_TLS -#ifndef MQTT_USE_TLS unsigned long ir_counter = 0; uint8_t gEnableIRSendWhilstReceive = 0; uint32_t gIRProtocolEnable = 0xFFFFFFFF; @@ -880,5 +868,5 @@ void cpptest(){ } #endif -#endif //MQTT_USE_TLS -#endif //PLATFORM_BEKEN +#endif + diff --git a/src/driver/drv_main.c b/src/driver/drv_main.c index 837449689..a56e3bc3a 100644 --- a/src/driver/drv_main.c +++ b/src/driver/drv_main.c @@ -152,12 +152,14 @@ static driver_t g_drivers[] = { //drvdetail:"requires":""} { "SM16703P", SM16703P_Init, NULL, NULL, NULL, NULL, NULL, false }, #endif +#if ENABLE_DRIVER_IR //drvdetail:{"name":"IR", //drvdetail:"title":"TODO", //drvdetail:"descr":"IRLibrary wrapper, so you can receive remote signals and send them. See [forum discussion here](https://www.elektroda.com/rtvforum/topic3920360.html), also see [LED strip and IR YT video](https://www.youtube.com/watch?v=KU0tDwtjfjw)", //drvdetail:"requires":""} { "IR", DRV_IR_Init, NULL, NULL, DRV_IR_RunFrame, NULL, NULL, false }, #endif +#endif #if defined(PLATFORM_BEKEN) || defined(WINDOWS) || defined(PLATFORM_BL602) //drvdetail:{"name":"DDP", //drvdetail:"title":"TODO", diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index a46981ca6..f8cf91d1a 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1192,14 +1192,19 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============VERSAO COM SUPORTE TLS %s\r", mqtt_userName); - /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============MQTT_USE_TLS ATIVO %s\r", mqtt_userName); if (mqtt_port == 8883) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============tls_config set on client_info %s\r", mqtt_userName); + LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + UNLOCK_TCPIP_CORE(); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); + } + else { + if (mqtt_client_info.tls_config) { + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } } #endif diff --git a/src/obk_config.h b/src/obk_config.h index 906be22eb..fdd4459fa 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -13,7 +13,9 @@ //ENABLE_DRIVER_BL0942 - Enable support for BL0942 //ENABLE_DRIVER_CSE7766 - Enable support for CSE7766 //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor +//ENABLE_DRIVER_IR - Enable suporte for IR +#define MQTT_USE_TLS #if PLATFORM_XR809 @@ -71,7 +73,11 @@ #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 +//TLS use 120k rom e 44k ram. If enabled IR e MCU disabled to fit +#ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 +#define ENABLE_DRIVER_IR 1 +#endif //#define ENABLE_DRIVER_HT16K33 1 //#define ENABLE_DRIVER_MAX72XX 1 #define ENABLE_I2C 1 From 11e230cf0ed90942c29cf5c3d3ce81bad7ce61eb Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 30 Sep 2023 19:03:28 -0300 Subject: [PATCH 04/39] Add option for mqtt to use tls in web config --- src/httpserver/http_fns.c | 17 +++++++++++++++++ src/mqtt/new_mqtt.c | 4 +++- src/new_cfg.c | 11 +++++++++++ src/new_cfg.h | 2 ++ src/new_pins.h | 4 +++- src/obk_config.h | 2 +- 6 files changed, 37 insertions(+), 3 deletions(-) diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 88ee33648..ee829f696 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1014,6 +1014,18 @@ int http_fn_cfg_mqtt(http_request_t* request) { add_label_text_field(request, "Host", "host", CFG_GetMQTTHost(), "
"); add_label_numeric_field(request, "Port", "port", CFG_GetMQTTPort(), "
"); + +// poststr(request, "
"); +// poststr(request, ""); + } + hprintf255(request, ""); + add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "

"); add_label_text_field(request, "Group Topic (Secondary Topic to only receive cmnds)", "group", CFG_GetMQTTGroupTopic(), "
"); add_label_text_field(request, "User", "user", CFG_GetMQTTUserName(), "
"); @@ -1085,6 +1097,11 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { if (http_getArg(request->url, "port", tmpA, sizeof(tmpA))) { CFG_SetMQTTPort(atoi(tmpA)); } + if (http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))) { + CFG_SetMQTTUseTls(true); + } else { + CFG_SetMQTTUseTls(false); + } if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); } diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index f8cf91d1a..eba8b4ae2 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1132,6 +1132,7 @@ static int MQTT_do_connect(mqtt_client_t* client) int res; struct hostent* hostEntry; char will_topic[CGF_MQTT_CLIENT_ID_SIZE + 16]; + bool mqtt_use_tls; mqtt_host = CFG_GetMQTTHost(); @@ -1145,6 +1146,7 @@ static int MQTT_do_connect(mqtt_client_t* client) mqtt_pass = CFG_GetMQTTPass(); mqtt_clientID = CFG_GetMQTTClientId(); mqtt_port = CFG_GetMQTTPort(); + mqtt_use_tls = CFG_GetMQTTUseTls(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, @@ -1194,7 +1196,7 @@ static int MQTT_do_connect(mqtt_client_t* client) /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS - if (mqtt_port == 8883) { + if (mqtt_use_tls) { LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); UNLOCK_TCPIP_CORE(); diff --git a/src/new_cfg.c b/src/new_cfg.c index fc5bf3595..3bba4add9 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -286,6 +286,9 @@ const char *CFG_GetOpenBekenHostName() { int CFG_GetMQTTPort() { return g_cfg.mqtt_port; } +bool CFG_GetMQTTUseTls() { + return g_cfg.mqtt_use_tls; +} void CFG_SetShortDeviceName(const char *s) { // this will return non-zero if there were any changes @@ -309,6 +312,14 @@ void CFG_SetMQTTPort(int p) { g_cfg_pendingChanges++; } } +void CFG_SetMQTTUseTls(bool value) { + // is there a change? + if(g_cfg.mqtt_use_tls != value) { + g_cfg.mqtt_use_tls = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_SetOpenAccessPoint() { // is there a change? if(g_cfg.wifi_ssid[0] == 0 && g_cfg.wifi_pass[0] == 0) { diff --git a/src/new_cfg.h b/src/new_cfg.h index c5e243693..356a8077c 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -31,11 +31,13 @@ const char *CFG_GetMQTTClientId(); const char *CFG_GetMQTTGroupTopic(); const char *CFG_GetMQTTUserName(); const char *CFG_GetMQTTPass(); +bool CFG_GetMQTTUseTls(); void CFG_SetMQTTHost(const char *s); void CFG_SetMQTTClientId(const char *s); void CFG_SetMQTTUserName(const char *s); void CFG_SetMQTTGroupTopic(const char *s); void CFG_SetMQTTPass(const char *s); +void CFG_SetMQTTUseTls(bool value); const char *CFG_GetWebappRoot(); void CFG_SetLEDRemap(int r, int g, int b, int c, int w); void CFG_SetDefaultLEDRemap(int r, int g, int b, int c, int w); diff --git a/src/new_pins.h b/src/new_pins.h index 98cfdf62e..5a6b67af8 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1171,7 +1171,9 @@ typedef struct mainConfig_s { // offset 0x00000C40 (3136 decimal) char wifi_pass2[68]; // offset 0x00000C84 (3204 decimal) - char unused[380]; + bool mqtt_use_tls; + // offset 0x00000C84 (3205 decimal) + char unused[379]; #endif } mainConfig_t; diff --git a/src/obk_config.h b/src/obk_config.h index fdd4459fa..0488b9300 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -73,7 +73,7 @@ #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 -//TLS use 120k rom e 44k ram. If enabled IR e MCU disabled to fit +//TLS use 100k rom e 44k ram. If enabled IR e MCU disabled to fit #ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 #define ENABLE_DRIVER_IR 1 From ab1db5327dfef2738332c9575baf4687d6ed57f4 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Thu, 19 Oct 2023 03:37:03 -0300 Subject: [PATCH 05/39] Versao funcional pendente otimizacao de rom --- .gitmodules | 40 ++-- Makefile | 2 +- sdk/OpenBK7231N | 2 +- src/lwipopts.h | 448 ++++++++++++++++++++++++++++++++++++++ src/mqtt/new_mqtt.c | 132 ++++++----- src/obk_config.h | 3 +- src/user_mbedtls_config.h | 140 ++++++++++++ 7 files changed, 687 insertions(+), 80 deletions(-) create mode 100755 src/lwipopts.h create mode 100644 src/user_mbedtls_config.h diff --git a/.gitmodules b/.gitmodules index e129c1d55..84f8758d9 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,24 +1,24 @@ -[submodule "sdk/OpenXR809"] - path = sdk/OpenXR809 - url = https://github.com/openshwprojects/OpenXR809.git - branch = master -[submodule "sdk/OpenBK7231T"] - path = sdk/OpenBK7231T - url = https://github.com/openshwprojects/OpenBK7231T.git - branch = master +# [submodule "sdk/OpenXR809"] +# path = sdk/OpenXR809 +# url = https://github.com/openshwprojects/OpenXR809.git +# branch = master +# [submodule "sdk/OpenBK7231T"] +# path = sdk/OpenBK7231T +# url = https://github.com/openshwprojects/OpenBK7231T.git +# branch = master [submodule "sdk/OpenBK7231N"] path = sdk/OpenBK7231N url = https://github.com/openshwprojects/OpenBK7231N.git branch = master -[submodule "sdk/OpenBL602"] - path = sdk/OpenBL602 - url = https://github.com/openshwprojects/OpenBL602.git - branch = master -[submodule "sdk/OpenW800"] - path = sdk/OpenW800 - url = https://github.com/openshwprojects/OpenW800.git - branch = master -[submodule "sdk/OpenW600"] - path = sdk/OpenW600 - url = https://github.com/openshwprojects/OpenW600.git - branch = master +# [submodule "sdk/OpenBL602"] +# path = sdk/OpenBL602 +# url = https://github.com/openshwprojects/OpenBL602.git +# branch = master +# [submodule "sdk/OpenW800"] +# path = sdk/OpenW800 +# url = https://github.com/openshwprojects/OpenW800.git +# branch = master +# [submodule "sdk/OpenW600"] +# path = sdk/OpenW600 +# url = https://github.com/openshwprojects/OpenW600.git +# branch = master diff --git a/Makefile b/Makefile index 48a7c3106..022194de4 100644 --- a/Makefile +++ b/Makefile @@ -31,7 +31,7 @@ submodules: ifdef GITHUB_ACTIONS @echo Submodules already checked out during setup else - git submodule update --init --recursive --remote +# git submodule update --init --recursive --remote endif update-submodules: submodules diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index 7a65b01f6..e98b0b2e4 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit 7a65b01f637203c1c6c1f7a7ec630aa16ea5df4b +Subproject commit e98b0b2e4d68a01b89b7bd60db6eff5642a55cd6 diff --git a/src/lwipopts.h b/src/lwipopts.h new file mode 100755 index 000000000..8ddf53e40 --- /dev/null +++ b/src/lwipopts.h @@ -0,0 +1,448 @@ +/* + * Copyright (c) 2001-2003 Swedish Institute of Computer Science. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT + * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT + * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + * + * This file is part of the lwIP TCP/IP stack. + * + * Author: Adam Dunkels + * + */ +#ifndef __LWIPOPTS_H__ +#define __LWIPOPTS_H__ + +#include "obk_config.h" + +#if MQTT_USE_TLS +#define LWIP_ALTCP 1 +#define LWIP_ALTCP_TLS 1 +#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define MQTT_DEBUG LWIP_DBG_ON +#endif + + /** + * Loopback demo related options. + */ +#define LWIP_NETIF_LOOPBACK 1 +#define LWIP_HAVE_LOOPIF 1 +#define LWIP_NETIF_LOOPBACK_MULTITHREADING 1 +#define LWIP_LOOPBACK_MAX_PBUFS 8 + +#define TCPIP_THREAD_NAME "tcp/ip" +#define TCPIP_THREAD_STACKSIZE 768 +#define TCPIP_THREAD_PRIO 7 + +#define DEFAULT_THREAD_STACKSIZE 200 +#define DEFAULT_THREAD_PRIO 1 + + /* Disable lwIP asserts */ +#define LWIP_NOASSERT 1 + +#define LWIP_DEBUG LWIP_DBG_ON +#define LWIP_DEBUG_TRACE 0 +#define SOCKETS_DEBUG LWIP_DBG_OFF // | LWIP_DBG_MASK_LEVEL + +#define IP_DEBUG LWIP_DBG_OFF +#define ETHARP_DEBUG LWIP_DBG_OFF +#define NETIF_DEBUG LWIP_DBG_OFF +#define PBUF_DEBUG LWIP_DBG_OFF +#define MEMP_DEBUG LWIP_DBG_OFF +#define API_LIB_DEBUG LWIP_DBG_OFF +#define API_MSG_DEBUG LWIP_DBG_OFF +#define ICMP_DEBUG LWIP_DBG_OFF +#define IGMP_DEBUG LWIP_DBG_OFF +#define INET_DEBUG LWIP_DBG_OFF +#define IP_REASS_DEBUG LWIP_DBG_OFF +#define RAW_DEBUG LWIP_DBG_OFF +#define MEM_DEBUG LWIP_DBG_OFF +#define SYS_DEBUG LWIP_DBG_OFF +#define TCP_DEBUG LWIP_DBG_OFF +#define TCP_INPUT_DEBUG LWIP_DBG_OFF +#define TCP_FR_DEBUG LWIP_DBG_OFF +#define TCP_RTO_DEBUG LWIP_DBG_OFF +#define TCP_CWND_DEBUG LWIP_DBG_OFF +#define TCP_WND_DEBUG LWIP_DBG_OFF +#define TCP_OUTPUT_DEBUG LWIP_DBG_OFF +#define TCP_RST_DEBUG LWIP_DBG_OFF +#define TCP_QLEN_DEBUG LWIP_DBG_OFF +#define UDP_DEBUG LWIP_DBG_OFF +#define TCPIP_DEBUG LWIP_DBG_OFF +#define PPP_DEBUG LWIP_DBG_OFF +#define SLIP_DEBUG LWIP_DBG_OFF +#define DHCP_DEBUG LWIP_DBG_OFF +#define AUTOIP_DEBUG LWIP_DBG_OFF +#define SNMP_MSG_DEBUG LWIP_DBG_OFF +#define SNMP_MIB_DEBUG LWIP_DBG_OFF +#define DNS_DEBUG LWIP_DBG_OFF + +/** + * SYS_LIGHTWEIGHT_PROT==1: if you want inter-task protection for certain + * critical regions during buffer allocation, deallocation and memory + * allocation and deallocation. + */ +#define SYS_LIGHTWEIGHT_PROT 1 + + /* + ------------------------------------ + ---------- Memory options ---------- + ------------------------------------ + */ + + /** + * MEM_ALIGNMENT: should be set to the alignment of the CPU + * 4 byte alignment -> #define MEM_ALIGNMENT 4 + * 2 byte alignment -> #define MEM_ALIGNMENT 2 + */ +#define MEM_ALIGNMENT 4 + +#define MAX_SOCKETS_TCP 12 +#define MAX_LISTENING_SOCKETS_TCP 4 +#define MAX_SOCKETS_UDP 18 + + /* Value of TCP_SND_BUF_COUNT denotes the number of buffers and is set by + * CONFIG option available in the SDK + */ +#define TCP_SND_BUF_COUNT 12 + /* Buffer size needed for TCP: Max. number of TCP sockets * Size of pbuf * + * Max. number of TCP sender buffers per socket + * + * Listening sockets for TCP servers do not require the same amount buffer + * space. Hence do not consider these sockets for memory computation + */ +#define TCP_MEM_SIZE (MAX_SOCKETS_TCP * \ + PBUF_POOL_BUFSIZE * (TCP_SND_BUF/TCP_MSS)) + + /* Buffer size needed for UDP: Max. number of UDP sockets * Size of pbuf + */ +#define UDP_MEM_SIZE (MAX_SOCKETS_UDP * PBUF_POOL_BUFSIZE) + + /** + * MEM_SIZE: the size of the heap memory. If the application will send + * a lot of data that needs to be copied, this should be set high. + */ + +#define MEM_SIZE (16*1024) + + + + /* + ------------------------------------------------ + ---------- Internal Memory Pool Sizes ---------- + ------------------------------------------------ + */ + /** + * MEMP_NUM_PBUF: the number of memp struct pbufs (used for PBUF_ROM and PBUF_REF). + * If the application sends a lot of data out of ROM (or other static memory), + * this should be set high. + */ +#define MEMP_NUM_PBUF 12 + + /** + * MEMP_NUM_TCP_PCB: the number of simulatenously active TCP connections. + * (requires the LWIP_TCP option) + */ +#define MEMP_NUM_TCP_PCB MAX_SOCKETS_TCP +#define MEMP_NUM_TCP_PCB_LISTEN MAX_LISTENING_SOCKETS_TCP + + /** + * MEMP_NUM_TCP_SEG: the number of simultaneously queued TCP segments. + * (requires the LWIP_TCP option) + */ + + /** + * MEMP_NUM_TCPIP_MSG_INPKT: the number of struct tcpip_msg, which are used + * for incoming packets. + * (only needed if you use tcpip.c) + */ + +#define MEMP_NUM_TCPIP_MSG_INPKT 20 + + /** + * MEMP_NUM_SYS_TIMEOUT: the number of simulateously active timeouts. + * (requires NO_SYS==0) + */ +#define MEMP_NUM_SYS_TIMEOUT 16 + + /** + * MEMP_NUM_NETBUF: the number of struct netbufs. + * (only needed if you use the sequential API, like api_lib.c) + */ + +#define MEMP_NUM_NETBUF 20 + + /** + * MEMP_NUM_NETCONN: the number of struct netconns. + * (only needed if you use the sequential API, like api_lib.c) + * + * This number corresponds to the maximum number of active sockets at any + * given point in time. This number must be sum of max. TCP sockets, max. TCP + * sockets used for listening, and max. number of UDP sockets + */ +#define MEMP_NUM_NETCONN (MAX_SOCKETS_TCP + \ + MAX_LISTENING_SOCKETS_TCP + MAX_SOCKETS_UDP) + + /** + * PBUF_POOL_SIZE: the number of buffers in the pbuf pool. + */ + +#define PBUF_POOL_SIZE 3 + + + /* + ---------------------------------- + ---------- Pbuf options ---------- + ---------------------------------- + */ + + /** + * PBUF_POOL_BUFSIZE: the size of each pbuf in the pbuf pool. The default is + * designed to accomodate single full size TCP frame in one pbuf, including + * TCP_MSS, IP header, and link header. + */ +#define PBUF_POOL_BUFSIZE 1580 + + + /* + --------------------------------- + ---------- RAW options ---------- + --------------------------------- + */ + /** + * LWIP_RAW==1: Enable application layer to hook into the IP layer itself. + */ +#define LWIP_RAW 1 +#ifdef CONFIG_IPV6 +#define LWIP_IPV6 1 +#endif + + /* Enable IPv4 Auto IP */ +#ifdef CONFIG_AUTOIP +#define LWIP_AUTOIP 1 +#define LWIP_DHCP_AUTOIP_COOP 1 +#define LWIP_DHCP_AUTOIP_COOP_TRIES 5 +#endif + +/* + ------------------------------------ + ---------- Socket options ---------- + ------------------------------------ +*/ +/** + * LWIP_SOCKET==1: Enable Socket API (require to use sockets.c) + */ +#define LWIP_SOCKET 1 +#define LWIP_NETIF_API 1 + + /** + * LWIP_RECV_CB==1: Enable callback when a socket receives data. + */ +#define LWIP_RECV_CB 1 + /** + * SO_REUSE==1: Enable SO_REUSEADDR option. + */ +#define SO_REUSE 1 +#define SO_REUSE_RXTOALL 1 + + /** + * Enable TCP_KEEPALIVE + */ +#define LWIP_TCP_KEEPALIVE 1 + + /* + ---------------------------------------- + ---------- Statistics options ---------- + ---------------------------------------- + */ + /** + * LWIP_STATS==1: Enable statistics collection in lwip_stats. + */ +#define LWIP_STATS 1 + + /** + * LWIP_STATS_DISPLAY==1: Compile in the statistics output functions. + */ +#define LWIP_STATS_DISPLAY 0 + + /* + ---------------------------------- + ---------- DHCP options ---------- + ---------------------------------- + */ + /** + * LWIP_DHCP==1: Enable DHCP module. + */ +#define LWIP_DHCP 1 +#define LWIP_NETIF_STATUS_CALLBACK 1 + + /** + * DNS related options, revisit later to fine tune. + */ +#define LWIP_DNS 1 +#define DNS_TABLE_SIZE 2 // number of table entries, default 4 + //#define DNS_MAX_NAME_LENGTH 64 // max. name length, default 256 +#define DNS_MAX_SERVERS 2 // number of DNS servers, default 2 +#define DNS_DOES_NAME_CHECK 1 // compare received name with given,def 0 +#define DNS_MSG_SIZE 512 +#define MDNS_MSG_SIZE 512 + +#define MDNS_TABLE_SIZE 1 // number of mDNS table entries +#define MDNS_MAX_SERVERS 1 // number of mDNS multicast addresses +/* TODO: Number of active UDP PCBs is equal to number of active UDP sockets plus + * two. Need to find the users of these 2 PCBs + */ +#define MEMP_NUM_UDP_PCB (MAX_SOCKETS_UDP + 2) + /* NOTE: some times the socket() call for SOCK_DGRAM might fail if you dont + * have enough MEMP_NUM_UDP_PCB */ + + /* + ---------------------------------- + ---------- IGMP options ---------- + ---------------------------------- + */ + /** + * LWIP_IGMP==1: Turn on IGMP module. + */ +#define LWIP_IGMP 1 + + /** + * LWIP_SO_SNDTIMEO==1: Enable send timeout for sockets/netconns and + * SO_SNDTIMEO processing. + */ +#define LWIP_SO_SNDTIMEO 1 + + /** + * LWIP_SO_RCVTIMEO==1: Enable receive timeout for sockets/netconns and + * SO_RCVTIMEO processing. + */ +#define LWIP_SO_RCVTIMEO 1 +#define LWIP_SO_SNDTIMEO 1 + /** + * TCP_LISTEN_BACKLOG==1: Handle backlog connections. + */ +#define TCP_LISTEN_BACKLOG 1 +#define LWIP_PROVIDE_ERRNO 1 + +#include +#define ERRNO 1 + + //#define LWIP_SNMP 1 + + + /* + ------------------------------------------------ + ---------- Network Interfaces options ---------- + ------------------------------------------------ + */ + /** + * LWIP_NETIF_HOSTNAME==1: use DHCP_OPTION_HOSTNAME with netif's hostname + * field. + */ +#define LWIP_NETIF_HOSTNAME 1 + + + /* + The STM32F107 allows computing and verifying the IP, UDP, TCP and ICMP checksums by hardware: + - To use this feature let the following define uncommented. + - To disable it and process by CPU comment the the checksum. + */ + //#define CHECKSUM_BY_HARDWARE + + +#ifdef CHECKSUM_BY_HARDWARE + /* CHECKSUM_GEN_IP==0: Generate checksums by hardware for outgoing IP packets.*/ +#define CHECKSUM_GEN_IP 0 +/* CHECKSUM_GEN_UDP==0: Generate checksums by hardware for outgoing UDP packets.*/ +#define CHECKSUM_GEN_UDP 0 +/* CHECKSUM_GEN_TCP==0: Generate checksums by hardware for outgoing TCP packets.*/ +#define CHECKSUM_GEN_TCP 0 +/* CHECKSUM_CHECK_IP==0: Check checksums by hardware for incoming IP packets.*/ +#define CHECKSUM_CHECK_IP 0 +/* CHECKSUM_CHECK_UDP==0: Check checksums by hardware for incoming UDP packets.*/ +#define CHECKSUM_CHECK_UDP 0 +/* CHECKSUM_CHECK_TCP==0: Check checksums by hardware for incoming TCP packets.*/ +#define CHECKSUM_CHECK_TCP 0 +#else + /* CHECKSUM_GEN_IP==1: Generate checksums in software for outgoing IP packets.*/ +#define CHECKSUM_GEN_IP 1 +/* CHECKSUM_GEN_UDP==1: Generate checksums in software for outgoing UDP packets.*/ +#define CHECKSUM_GEN_UDP 1 +/* CHECKSUM_GEN_TCP==1: Generate checksums in software for outgoing TCP packets.*/ +#define CHECKSUM_GEN_TCP 1 +/* CHECKSUM_CHECK_IP==1: Check checksums in software for incoming IP packets.*/ +#define CHECKSUM_CHECK_IP 1 +/* CHECKSUM_CHECK_UDP==1: Check checksums in software for incoming UDP packets.*/ +#define CHECKSUM_CHECK_UDP 1 +/* CHECKSUM_CHECK_TCP==1: Check checksums in software for incoming TCP packets.*/ +#define CHECKSUM_CHECK_TCP 1 +#endif + +/** + * TCP_RESOURCE_FAIL_RETRY_LIMIT: limit for retrying sending of tcp segment + * on resource failure error returned by driver. + */ +#define TCP_RESOURCE_FAIL_RETRY_LIMIT 50 + + //#ifdef CONFIG_ENABLE_MXCHIP + /* save memory */ + ///#define PBUF_POOL_SIZE (3) +#define TCP_MSS (1500 - 40) +/* TCP receive window. */ +#define TCP_WND (3 * TCP_MSS) +/* TCP sender buffer space (bytes). */ +#define TCP_SND_BUF (10 * TCP_MSS) + +#define TCP_SND_QUEUELEN (40) + +/* ARP before DHCP causes multi-second delay - turn it off */ +#define DHCP_DOES_ARP_CHECK (0) + +#define TCP_MAX_ACCEPT_CONN 5 +#define MEMP_NUM_TCP_SEG (TCP_SND_QUEUELEN*2) + +#define IP_REASS_MAX_PBUFS 0 +#define IP_REASSEMBLY 0 +#define IP_REASS_MAX_PBUFS 0 +#define IP_REASSEMBLY 0 +#define MEMP_NUM_REASSDATA 0 +#define IP_FRAG 0 + +#define MEM_LIBC_MALLOC (0) + +#define DEFAULT_UDP_RECVMBOX_SIZE 3 //each udp socket max buffer 3 packets. + +#define MEMP_MEM_MALLOC (0) +#define TCP_MSL (TCP_TMR_INTERVAL) + +#define LWIP_COMPAT_MUTEX_ALLOWED (1) + +#define MEMP_STATS 1 +#define MEM_STATS 1 + +#define LWIP_DONT_PROVIDE_BYTEORDER_FUNCTIONS + +#define ETHARP_SUPPORT_STATIC_ENTRIES 1 +#define LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS 1 + +#endif /* __LWIPOPTS_H__ */ + diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index aee3e57a2..49a239aa5 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -68,14 +68,14 @@ int mqtt_rx_buffer_count; unsigned char temp_topic[128]; unsigned char temp_data[2048]; -int addLenData(int len, const unsigned char *data){ +int addLenData(int len, const unsigned char* data) { mqtt_rx_buffer[mqtt_rx_buffer_head] = (len >> 8) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; mqtt_rx_buffer[mqtt_rx_buffer_head] = (len) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; - for (int i = 0; i < len; i++){ + for (int i = 0; i < len; i++) { mqtt_rx_buffer[mqtt_rx_buffer_head] = data[i]; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; @@ -83,32 +83,33 @@ int addLenData(int len, const unsigned char *data){ return len + 2; } -int getLenData(int *len, unsigned char *data, int maxlen){ +int getLenData(int* len, unsigned char* data, int maxlen) { int l; l = mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - l = l<<8; + l = l << 8; l |= mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - for (int i = 0; i < l; i++){ - if (i < maxlen){ + for (int i = 0; i < l; i++) { + if (i < maxlen) { data[i] = mqtt_rx_buffer[mqtt_rx_buffer_tail]; } mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; } - if (mqtt_rx_buffer_count < 0){ + if (mqtt_rx_buffer_count < 0) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer underflow!!!"); mqtt_rx_buffer_count = 0; mqtt_rx_buffer_tail = mqtt_rx_buffer_head = 0; } - if (l > maxlen){ + if (l > maxlen) { *len = maxlen; - } else { + } + else { *len = l; } return l + 2; @@ -141,12 +142,13 @@ static void MQTT_Mutex_Free() // NOTE: this function is now public, but only because my unit tests // system can use it to spoof MQTT packets to check if MQTT commands // are working... -int MQTT_Post_Received(const char *topic, int topiclen, const unsigned char *data, int datalen){ +int MQTT_Post_Received(const char* topic, int topiclen, const unsigned char* data, int datalen) { MQTT_Mutex_Take(100); - if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2){ + if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer overflow for topic %s", topic); - } else { - addLenData(topiclen, (unsigned char *)topic); + } + else { + addLenData(topiclen, (unsigned char*)topic); addLenData(datalen, data); } MQTT_Mutex_Free(); @@ -157,18 +159,18 @@ int MQTT_Post_Received(const char *topic, int topiclen, const unsigned char *dat #endif return 1; } -int MQTT_Post_Received_Str(const char *topic, const char *data) { +int MQTT_Post_Received_Str(const char* topic, const char* data) { return MQTT_Post_Received(topic, strlen(topic), (const unsigned char*)data, strlen(data)); } -int get_received(char **topic, int *topiclen, unsigned char **data, int *datalen){ +int get_received(char** topic, int* topiclen, unsigned char** data, int* datalen) { int res = 0; MQTT_Mutex_Take(100); - if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head){ - getLenData(topiclen, temp_topic, sizeof(temp_topic)-1); + if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head) { + getLenData(topiclen, temp_topic, sizeof(temp_topic) - 1); temp_topic[*topiclen] = 0; - getLenData(datalen, temp_data, sizeof(temp_data)-1); + getLenData(datalen, temp_data, sizeof(temp_data) - 1); temp_data[*datalen] = 0; - *topic = (char *)temp_topic; + *topic = (char*)temp_topic; *data = temp_data; res = 1; } @@ -494,7 +496,7 @@ int MQTT_RemoveCallback(int ID) { return 0; } -const char *skipExpected(const char *p, const char *tok) { +const char* skipExpected(const char* p, const char* tok) { while (1) { if (*p == 0) return 0; @@ -518,9 +520,9 @@ const char *skipExpected(const char *p, const char *tok) { * @param topic The topic to parse * @return The topic without the client, or NULL if / wasn't present */ -const char* MQTT_RemoveClientFromTopic(const char* topic, const char *prefix) { - const char *p2; - const char *p = topic; +const char* MQTT_RemoveClientFromTopic(const char* topic, const char* prefix) { + const char* p2; + const char* p = topic; if (prefix) { p = skipExpected(p, prefix); if (p == 0) { @@ -534,7 +536,7 @@ const char* MQTT_RemoveClientFromTopic(const char* topic, const char *prefix) { } return p2; } -bool stribegins(const char *str, const char *needle) { +bool stribegins(const char* str, const char* needle) { int l = strlen(needle); return !wal_strnicmp(str, needle, l); } @@ -552,7 +554,7 @@ int channelGet(obk_mqtt_request_t* request) { addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelGet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic,0); + p = MQTT_RemoveClientFromTopic(request->topic, 0); if (p == NULL) { return 0; @@ -603,11 +605,11 @@ int channelSet(obk_mqtt_request_t* request) { int channel = 0; int iValue = 0; const char* p; - const char *argument; + const char* argument; addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelSet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic,0); + p = MQTT_RemoveClientFromTopic(request->topic, 0); if (p == NULL) { return 0; @@ -664,16 +666,16 @@ int channelSet(obk_mqtt_request_t* request) { // -void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { - const char *toUse; +void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { + const char* toUse; if (printer->allocated) toUse = printer->allocated; else toUse = printer->stackBuffer; MQTT_PublishStat(statName, toUse); } -void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { - const char *toUse; +void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { + const char* toUse; if (printer->allocated) toUse = printer->allocated; else @@ -710,7 +712,7 @@ int mqtt_printf255(obk_mqtt_publishReplyPrinter_t* request, const char* fmt, ... request->curLen += myLen; return 0; } -void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) { +void MQTT_ProcessCommandReplyJSON(const char* cmd, const char* args, int flags) { obk_mqtt_publishReplyPrinter_t replyBuilder; memset(&replyBuilder, 0, sizeof(obk_mqtt_publishReplyPrinter_t)); JSON_ProcessCommandReply(cmd, args, &replyBuilder, (jsonCb_t)mqtt_printf255, flags); @@ -719,8 +721,8 @@ void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) } } int tasCmnd(obk_mqtt_request_t* request) { - const char *p, *args; - //const char *p2; + const char* p, * args; + //const char *p2; p = MQTT_RemoveClientFromTopic(request->topic, "cmnd"); if (p == 0) { @@ -736,7 +738,7 @@ int tasCmnd(obk_mqtt_request_t* request) { return 1; #if 1 - args = (const char *)request->received; + args = (const char*)request->received; // I think that our function get_received always ensured that // there is a NULL terminating character after payload of MQTT // So we can feed it directly as command @@ -745,7 +747,7 @@ int tasCmnd(obk_mqtt_request_t* request) { #else int len = request->receivedLen; char copy[64]; - char *allocated; + char* allocated; // assume a string input here, copy and terminate // Try to avoid free/malloc if (len > sizeof(copy) - 2) { @@ -862,7 +864,7 @@ static OBK_Publish_Result MQTT_PublishTopicToClient(mqtt_client_t* client, const { strcpy(pub_topic, sChannel); } - else + else { sprintf(pub_topic, "%s/%s%s", sTopic, sChannel, (appendGet == true ? "/get" : "")); } @@ -923,7 +925,7 @@ OBK_Publish_Result MQTT_PublishTele(const char* teleName, const char* teleValue) OBK_Publish_Result MQTT_PublishStat(const char* statName, const char* statValue) { char topic[64]; - snprintf(topic,sizeof(topic),"stat/%s", CFG_GetMQTTClientId()); + snprintf(topic, sizeof(topic), "stat/%s", CFG_GetMQTTClientId()); return MQTT_PublishTopicToClient(mqtt_client, topic, statName, statValue, 0, false); } /// @brief Publish a MQTT message immediately. @@ -984,16 +986,16 @@ static void mqtt_incoming_data_cb(void* arg, const u8_t* data, u16_t len, u8_t f // run from userland (quicktick or wakeable thread) -int MQTT_process_received(){ - char *topic; +int MQTT_process_received() { + char* topic; int topiclen; - unsigned char *data; + unsigned char* data; int datalen; int found = 0; int count = 0; - do{ + do { found = get_received(&topic, &topiclen, &data, &datalen); - if (found){ + if (found) { count++; strncpy(g_mqtt_request_cb.topic, topic, sizeof(g_mqtt_request_cb.topic)); g_mqtt_request_cb.received = data; @@ -1160,14 +1162,16 @@ static int MQTT_do_connect(mqtt_client_t* client) // empty field for us means "no password", etc, // but LWIP (without mods) expects a NULL pointer in that case... mqtt_client_info.client_id = mqtt_clientID; - if(mqtt_pass[0] != 0) { + if (mqtt_pass[0] != 0) { mqtt_client_info.client_pass = mqtt_pass; - } else { + } + else { mqtt_client_info.client_pass = 0; } - if(mqtt_userName[0] != 0) { + if (mqtt_userName[0] != 0) { mqtt_client_info.client_user = mqtt_userName; - } else { + } + else { mqtt_client_info.client_user = 0; } @@ -1198,6 +1202,10 @@ static int MQTT_do_connect(mqtt_client_t* client) #ifdef MQTT_USE_TLS if (mqtt_use_tls) { LOCK_TCPIP_CORE(); + if (mqtt_client_info.tls_config) { + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); UNLOCK_TCPIP_CORE(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); @@ -1210,7 +1218,6 @@ static int MQTT_do_connect(mqtt_client_t* client) } #endif - // host name/ip //ipaddr_aton(mqtt_host,&mqtt_ip); @@ -1334,7 +1341,7 @@ commandResult_t MQTT_PublishChannel(const void* context, const char* cmd, const } channelIndex = Tokenizer_GetArgInteger(0); - MQTT_ChannelPublish(channelIndex,0); + MQTT_ChannelPublish(channelIndex, 0); return CMD_RES_OK; } @@ -1687,8 +1694,8 @@ void MQTT_InitCallbacks() { MQTT_RegisterCallback(cbtopicbase, cbtopicsub, 7, tasCmnd); } } - // initialise things MQTT - // called from user_main +// initialise things MQTT +// called from user_main void MQTT_init() { // WINDOWS must support reinit @@ -1863,7 +1870,7 @@ OBK_Publish_Result MQTT_DoItemPublish(int idx) } // from 5ms quicktick -int MQTT_RunQuickTick(){ +int MQTT_RunQuickTick() { #ifndef PLATFORM_BEKEN // on Beken, we use a one-shot timer for this. MQTT_process_received(); @@ -1930,7 +1937,7 @@ int MQTT_RunEverySecondUpdate() } int res = 0; - if (mqtt_client){ + if (mqtt_client) { LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); @@ -1995,7 +2002,7 @@ int MQTT_RunEverySecondUpdate() } else { // things to do in our threads on connection accepted. - if (g_just_connected){ + if (g_just_connected) { g_just_connected = 0; // publish all values on state if (CFG_HasFlag(OBK_FLAG_MQTT_BROADCASTSELFSTATEONCONNECT)) { @@ -2193,7 +2200,7 @@ void MQTT_QueuePublishWithCommand(const char* topic, const char* channel, const /// @param command void MQTT_InvokeCommandAtEnd(PostPublishCommands command) { MqttPublishItem_t* tail = get_queue_tail(g_MqttPublishQueueHead); - if (tail == NULL){ + if (tail == NULL) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "InvokeCommandAtEnd invoked but queue is empty"); } else { @@ -2258,7 +2265,7 @@ OBK_Publish_Result PublishQueuedItems() { /// @return bool MQTT_IsReady() { int res = 0; - if (mqtt_client){ + if (mqtt_client) { LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); @@ -2266,3 +2273,16 @@ bool MQTT_IsReady() { return mqtt_client && res; } +#ifdef MQTT_USE_TLS +#include "fake_clock_pub.h" +int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + ((void)data); + *olen = len; + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "->wolfssl_custom_random len(%u)", len); + srand(fclk_get_second()); + while (len--) { + *output++ = rand() % 255; + } + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " <-wolfssl_custom_random ret(%u)", 0); +} +#endif \ No newline at end of file diff --git a/src/obk_config.h b/src/obk_config.h index 8d4429ef2..c06be039b 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -15,8 +15,6 @@ //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor //ENABLE_DRIVER_IR - Enable suporte for IR -#define MQTT_USE_TLS - #if PLATFORM_XR809 #define OBK_DISABLE_ALL_DRIVERS 1 @@ -68,6 +66,7 @@ #elif PLATFORM_BEKEN // set to 0 to disable +#define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 #define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h new file mode 100644 index 000000000..b26ce3a7f --- /dev/null +++ b/src/user_mbedtls_config.h @@ -0,0 +1,140 @@ +#ifndef USER_MBEDTLS_CONFIG_H +#define USER_MBEDTLS_CONFIG_H + +#include "mbedtls/config.h" + +#undef MBEDTLS_MD5_C +#undef MBEDTLS_CAMELLIA_C +#define MBEDTLS_SHA256_SMALLER +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#undef MBEDTLS_RIPEMD160_C +#undef MBEDTLS_SHA512_C + +// Plataform specific +#undef MBEDTLS_FS_IO +#undef MBEDTLS_NET_C +#undef MBEDTLS_TIMING_C +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +// Modes +#define MBEDTLS_SSL_CLI_C // Only client enabled +#undef MBEDTLS_SSL_SRV_C +// Protos +#undef MBEDTLS_SSL_PROTO_SSL3 +#undef MBEDTLS_SSL_PROTO_TLS1 +#undef MBEDTLS_SSL_PROTO_TLS1_1 +#define MBEDTLS_SSL_PROTO_TLS1_2 // Only TLS1.2 enabled +#undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +#undef MBEDTLS_SSL_PROTO_DTLS + +// MPI / BIGNUM options +#define MBEDTLS_MPI_WINDOW_SIZE 1 +#define MBEDTLS_MPI_MAX_SIZE 512 +// ECP Options +#define MBEDTLS_ECP_WINDOW_SIZE 2 +// Content Lenght +#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 + +/* +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#undef MBEDTLS_SSL_SERVER_NAME_INDICATION +#undef MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_AES_FEWER_TABLES +#define MBEDTLS_CAMELLIA_SMALL_MEMORY +//675296 +#undef MBEDTLS_CIPHER_MODE_CBC //??? +//671424 +#undef MBEDTLS_CIPHER_NULL_CIPHER +#undef MBEDTLS_ENABLE_WEAK_CIPHERSUITES +#define MBEDTLS_REMOVE_3DES_CIPHERSUITES +//671424 +// Only SECP384R1 or CURVE25519 // +#undef MBEDTLS_ECP_DP_SECP192R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP224R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED // da para desativar? +#undef MBEDTLS_ECP_DP_SECP521R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP192K1_ENABLED +#undef MBEDTLS_ECP_DP_SECP224K1_ENABLED +#undef MBEDTLS_ECP_DP_SECP256K1_ENABLED +#undef MBEDTLS_ECP_DP_BP256R1_ENABLED +#undef MBEDTLS_ECP_DP_BP384R1_ENABLED +#undef MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED //usar somente esta +#undef MBEDTLS_ECP_DP_CURVE448_ENABLED +//667568 +// Only ECDHE RSA // +#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +//664192 +#undef MBEDTLS_GENPRIME +//663296 +#undef MBEDTLS_PKCS1_V15 //??? +#undef MBEDTLS_PKCS1_V21 //??? +//659488 +// Define only on development // +#undef MBEDTLS_SELF_TEST +#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES +#undef MBEDTLS_SSL_RECORD_CHECKING +#undef MBEDTLS_SSL_CONTEXT_SERIALIZATION +#undef MBEDTLS_SSL_DEBUG_ALL +#undef MBEDTLS_VERSION_FEATURES +#undef MBEDTLS_CERTS_C +//657824 +#undef MBEDTLS_X509_RSASSA_PSS_SUPPORT +//657216 +#undef MBEDTLS_ARC4_C +//655872 +#undef MBEDTLS_BLOWFISH_C +//650752 +#undef MBEDTLS_CAMELLIA_C +//648352 +#undef MBEDTLS_ARIA_C +#undef MBEDTLS_DES_C +#undef MBEDTLS_CCM_C +#undef MBEDTLS_MD2_C +#undef MBEDTLS_MD4_C +#undef MBEDTLS_MD5_C +//641504 +#undef MBEDTLS_DHM_C +#define MBEDTLS_ECDH_C // Enable only ECDH +#undef MBEDTLS_ECDSA_C +#undef MBEDTLS_ECJPAKE_C +//639664 +#undef MBEDTLS_PEM_PARSE_C +#undef MBEDTLS_PEM_WRITE_C +//638848 +#undef MBEDTLS_SHA1_C +//635376 +#undef MBEDTLS_DEBUG_C +// 622032 + + +// Enabled Ciphers +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_CHACHA20_C +#define MBEDTLS_CHACHAPOLY_C +#define MBEDTLS_POLY1305_C +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_AES_C // Tentar desativar +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_GCM_C + +#undef MBEDTLS_SHA512_C +#undef MBEDTLS_RIPEMD160_C +#define MBEDTLS_SHA512_NO_SHA384 +#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE +*/ + +#endif From c5b6c77581d72f1e6718cb29a1f1d6ba9d271893 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Fri, 20 Oct 2023 14:30:43 -0300 Subject: [PATCH 06/39] Versao funcional com verify certificate disabled --- .vscode/settings.json | 7 +- sdk/OpenBK7231N | 2 +- src/httpserver/http_fns.c | 408 ++++++++++++++++++++------------------ src/mqtt/new_mqtt.c | 81 ++++++-- src/new_cfg.c | 22 ++ src/new_cfg.h | 8 +- src/new_pins.h | 10 +- src/user_mbedtls_config.h | 145 ++++++-------- 8 files changed, 385 insertions(+), 298 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index d9094df0b..359a4bd2b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "editor.formatOnPaste": true, - "editor.formatOnSave": true, + "editor.formatOnSave": false, "C_Cpp.formatting": "vcFormat", "C_Cpp.codeAnalysis.runAutomatically": false, "C_Cpp.clang_format_style": "{ BasedOnStyle: LLVM, UseTab: Always, IndentWidth: 4, TabWidth: 4, BreakBeforeBraces: Attach, AllowShortIfStatementsOnASingleLine: false, IndentCaseLabels: false, ColumnLimit: 0, AccessModifierOffset: -4, NamespaceIndentation: All, FixNamespaceComments: false }", @@ -15,5 +15,8 @@ "C_Cpp.clang_format_fallbackStyle": "{ BasedOnStyle: LLVM, UseTab: Always, IndentWidth: 4, TabWidth: 4, BreakBeforeBraces: Attach, AllowShortIfStatementsOnASingleLine: false, IndentCaseLabels: false, ColumnLimit: 0, AccessModifierOffset: -4, NamespaceIndentation: All, FixNamespaceComments: false }", "prettier.tabWidth": 4, "prettier.useTabs": true, - "prettier.printWidth": 120 + "prettier.printWidth": 120, + "files.associations": { + "altcp_tls.h": "c" + } } \ No newline at end of file diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index e98b0b2e4..a427faeac 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit e98b0b2e4d68a01b89b7bd60db6eff5642a55cd6 +Subproject commit a427faeacfdc1f996dc4524aa7eb52d2c69229cf diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index afa511318..74fa749ec 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -474,7 +474,7 @@ int http_fn_index(http_request_t* request) { types = types6; numTypes = 6; } - + iValue = CHANNEL_Get(i); poststr(request, ""); @@ -1025,18 +1025,26 @@ int http_fn_cfg_mqtt(http_request_t* request) { add_label_text_field(request, "Host", "host", CFG_GetMQTTHost(), ""); add_label_numeric_field(request, "Port", "port", CFG_GetMQTTPort(), "
"); -// poststr(request, "
"); -// poststr(request, "Show all hex?
"); + // poststr(request, ""); } - hprintf255(request, ""); + hprintf255(request, "
"); + + hprintf255(request, ""); + } + hprintf255(request, "
"); + + add_label_text_field(request, "Certificate File (CA Root or Public Certificate PEM format)", "mqtt_cert_file", CFG_GetMQTTCertFile(), "
"); - add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "

"); + add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "
"); add_label_text_field(request, "Group Topic (Secondary Topic to only receive cmnds)", "group", CFG_GetMQTTGroupTopic(), "
"); add_label_text_field(request, "User", "user", CFG_GetMQTTUserName(), "
"); add_label_password_field(request, "Password", "password", CFG_GetMQTTPass(), "
"); @@ -1107,11 +1115,13 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { if (http_getArg(request->url, "port", tmpA, sizeof(tmpA))) { CFG_SetMQTTPort(atoi(tmpA)); } - if (http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))) { - CFG_SetMQTTUseTls(true); - } else { - CFG_SetMQTTUseTls(false); + + CFG_SetMQTTUseTls(http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))); + CFG_SetMQTTVerifyTlsCert(http_getArg(request->url, "mqtt_verify_tls_cert", tmpA, sizeof(tmpA))); + if (http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA))) { + CFG_SetMQTTCertFile(tmpA); } + if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); } @@ -1747,23 +1757,23 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } #endif //if (relayCount > 0) { - for (i = 0; i < CHANNEL_MAX; i++) { - bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; - if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { - // TODO: flags are 32 bit and there are 64 max channels - BIT_SET(flagsChannelPublished, i); - if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { - dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); - } - else { - dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); - } - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); - dev_info = NULL; - discoveryQueued = true; + for (i = 0; i < CHANNEL_MAX; i++) { + bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; + if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { + // TODO: flags are 32 bit and there are 64 max channels + BIT_SET(flagsChannelPublished, i); + if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { + dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); + } + else { + dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); } + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); + dev_info = NULL; + discoveryQueued = true; } + } //} if (dInputCount > 0) { @@ -1885,195 +1895,195 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } switch (type) { - case ChType_OpenClosed: - { - dev_info = hass_init_binary_sensor_device_info(i, false); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + case ChType_OpenClosed: + { + dev_info = hass_init_binary_sensor_device_info(i, false); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_OpenClosed_Inv: - { - dev_info = hass_init_binary_sensor_device_info(i, true); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_OpenClosed_Inv: + { + dev_info = hass_init_binary_sensor_device_info(i, true); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div10: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div10: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div100: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div100: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnlyLowMidHigh: - { - dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnlyLowMidHigh: + { + dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_SmokePercent: - { - dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_SmokePercent: + { + dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Illuminance: - { - dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Illuminance: + { + dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnly: - { - dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnly: + { + dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div2: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div2: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div10: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div10: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity_div10: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity_div10: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div100: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div100: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div1000: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div1000: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power_div10: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power_div10: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_PowerFactor_div1000: - { - dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_PowerFactor_div1000: + { + dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Frequency_div100: - { - dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Frequency_div100: + { + dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div100: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div100: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div1000: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div1000: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; + discoveryQueued = true; + } + break; } } #endif @@ -2331,10 +2341,11 @@ int http_fn_cm(http_request_t* request) { if (request->method == HTTP_GET) { commandLen = http_getArg(request->url, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (GET) %s;%s;%d\n", request->url, tmpA, commandLen); - } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } + else if (request->method == HTTP_POST || request->method == HTTP_PUT) { commandLen = http_getRawArg(request->bodystart, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (POST) %s;%s;%d\n", request->bodystart, tmpA, commandLen); - } + } if (commandLen) { if (commandLen > (sizeof(tmpA) - 5)) { commandLen += 8; @@ -2342,7 +2353,8 @@ int http_fn_cm(http_request_t* request) { if (long_str_alloced) { if (request->method == HTTP_GET) { http_getArg(request->url, "cmnd", long_str_alloced, commandLen); - } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } + else if (request->method == HTTP_POST || request->method == HTTP_PUT) { http_getRawArg(request->bodystart, "cmnd", long_str_alloced, commandLen); } CMD_ExecuteCommand(long_str_alloced, COMMAND_FLAG_SOURCE_HTTP); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 49a239aa5..35f120257 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -14,6 +14,26 @@ #ifdef MQTT_USE_TLS #include "lwip/altcp_tls.h" +#include "lwip/apps/mqtt_priv.h" +#include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" +#include "mbedtls/ssl.h" +struct altcp_tls_config { + mbedtls_ssl_config conf; + mbedtls_x509_crt* cert; + mbedtls_pk_context* pkey; + u8_t cert_count; + u8_t cert_max; + u8_t pkey_count; + u8_t pkey_max; + mbedtls_x509_crt* ca; +#if defined(MBEDTLS_SSL_CACHE_C) && ALTCP_MBEDTLS_USE_SESSION_CACHE + // Inter-connection cache for fast connection startup + struct mbedtls_ssl_cache_context cache; +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && ALTCP_MBEDTLS_USE_SESSION_TICKETS + mbedtls_ssl_ticket_context ticket_ctx; +#endif +}; #endif #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT @@ -1071,6 +1091,16 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); +#ifdef LWIP_ALTCP_TLS_MBEDTLS + if (client && client->conn && client->conn->state) { + altcp_mbedtls_state_t* state = client->conn->state; + mbedtls_ssl_context* ssl = &state->ssl_context; + LWIP_PLATFORM_DIAG(("MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl))); + LWIP_PLATFORM_DIAG(("MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl))); + + } +#endif + //LOCK_TCPIP_CORE(); mqtt_set_inpub_callback(mqtt_client, mqtt_incoming_publish_cb, @@ -1134,7 +1164,7 @@ static int MQTT_do_connect(mqtt_client_t* client) int res; struct hostent* hostEntry; char will_topic[CGF_MQTT_CLIENT_ID_SIZE + 16]; - bool mqtt_use_tls; + bool mqtt_use_tls, mqtt_verify_tls_cert; mqtt_host = CFG_GetMQTTHost(); @@ -1149,6 +1179,7 @@ static int MQTT_do_connect(mqtt_client_t* client) mqtt_clientID = CFG_GetMQTTClientId(); mqtt_port = CFG_GetMQTTPort(); mqtt_use_tls = CFG_GetMQTTUseTls(); + mqtt_verify_tls_cert = CFG_GetMQTTVerifyTlsCert(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, @@ -1200,20 +1231,45 @@ static int MQTT_do_connect(mqtt_client_t* client) /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS + /* Free old configuration */ + if (mqtt_client_info.tls_config) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Free old configuration "); + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } if (mqtt_use_tls) { - LOCK_TCPIP_CORE(); - if (mqtt_client_info.tls_config) { - altcp_tls_free_entropy(); - mqtt_client_info.tls_config = NULL; + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); + size_t ca_len = 0; + u8_t* ca = NULL; + if (mqtt_verify_tls_cert) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); + ca = LFS_ReadFile(CFG_GetMQTTCertFile()); + if (ca) { + ca_len = strlen((char*)ca); + } + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "ca_len=%d", ca_len); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "%s=%s", CFG_GetMQTTCertFile(), ca); } - mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + else { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate disabled"); + } + LOCK_TCPIP_CORE(); + mqtt_client_info.tls_config = altcp_tls_create_config_client(ca, ca_len); UNLOCK_TCPIP_CORE(); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); - } - else { + if (ca) { + mem_free(ca); + ca = NULL; + } if (mqtt_client_info.tls_config) { - altcp_tls_free_entropy(); - mqtt_client_info.tls_config = NULL; + if (mqtt_verify_tls_cert) { + mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); + } + else { + mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + } + } + else { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS config fail. Try connect anyway."); } } #endif @@ -2278,11 +2334,10 @@ bool MQTT_IsReady() { int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { ((void)data); *olen = len; - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "->wolfssl_custom_random len(%u)", len); srand(fclk_get_second()); while (len--) { *output++ = rand() % 255; } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " <-wolfssl_custom_random ret(%u)", 0); + return 0; } #endif \ No newline at end of file diff --git a/src/new_cfg.c b/src/new_cfg.c index d7600090d..4c018fa33 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -289,6 +289,13 @@ int CFG_GetMQTTPort() { bool CFG_GetMQTTUseTls() { return g_cfg.mqtt_use_tls; } +bool CFG_GetMQTTVerifyTlsCert() { + return g_cfg.mqtt_verify_tls_cert; +} +const char* CFG_GetMQTTCertFile() { + return g_cfg.mqtt_cert_file; +} + void CFG_SetShortDeviceName(const char *s) { // this will return non-zero if there were any changes @@ -320,6 +327,21 @@ void CFG_SetMQTTUseTls(bool value) { g_cfg_pendingChanges++; } } +void CFG_SetMQTTVerifyTlsCert(bool value) { + // is there a change? + if (g_cfg.mqtt_verify_tls_cert != value) { + g_cfg.mqtt_verify_tls_cert = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} +void CFG_SetMQTTCertFile(const char* s) { + // this will return non-zero if there were any changes + if (strcpy_safe_checkForChanges(g_cfg.mqtt_cert_file, s, sizeof(g_cfg.mqtt_cert_file))) { + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_SetOpenAccessPoint() { // is there a change? if(g_cfg.wifi_ssid[0] == 0 && g_cfg.wifi_pass[0] == 0) { diff --git a/src/new_cfg.h b/src/new_cfg.h index 496b68953..f54050f04 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -32,12 +32,16 @@ const char *CFG_GetMQTTGroupTopic(); const char *CFG_GetMQTTUserName(); const char *CFG_GetMQTTPass(); bool CFG_GetMQTTUseTls(); +bool CFG_GetMQTTVerifyTlsCert(); +const char* CFG_GetMQTTCertFile(); void CFG_SetMQTTHost(const char *s); void CFG_SetMQTTClientId(const char *s); void CFG_SetMQTTUserName(const char *s); void CFG_SetMQTTGroupTopic(const char *s); void CFG_SetMQTTPass(const char *s); void CFG_SetMQTTUseTls(bool value); +void CFG_SetMQTTVerifyTlsCert(bool value); +void CFG_SetMQTTCertFile(const char* s); const char *CFG_GetWebappRoot(); void CFG_SetLEDRemap(int r, int g, int b, int c, int w); void CFG_SetDefaultLEDRemap(int r, int g, int b, int c, int w); @@ -92,8 +96,8 @@ void CFG_SetButtonShortPressTime(int value); void CFG_SetButtonRepeatPressTime(int value); #if ENABLE_LITTLEFS - void CFG_SetLFS_Size(uint32_t value); - uint32_t CFG_GetLFS_Size(); +void CFG_SetLFS_Size(uint32_t value); +uint32_t CFG_GetLFS_Size(); #endif #endif diff --git a/src/new_pins.h b/src/new_pins.h index ee9c016ec..7f419f032 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1180,10 +1180,14 @@ typedef struct mainConfig_s { char wifi_pass2[68]; // offset 0x00000C84 (3204 decimal) bool mqtt_use_tls; - // offset 0x00000C84 (3205 decimal) - char unused[379]; + // offset 0x00000C85 (3205 decimal) + bool mqtt_verify_tls_cert; + // offset 0x00000C86 (3206 decimal) + char mqtt_cert_file[20]; + // offset 0x00000C9A (3226 decimal) + char unused[358]; #endif -} mainConfig_t; +} mainConfig_t; // one sector is 4096 so it we still have some expand possibility #define MAGIC_CONFIG_SIZE_V3 2016 diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index b26ce3a7f..54749f8c6 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -2,24 +2,22 @@ #define USER_MBEDTLS_CONFIG_H #include "mbedtls/config.h" - -#undef MBEDTLS_MD5_C -#undef MBEDTLS_CAMELLIA_C -#define MBEDTLS_SHA256_SMALLER -#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -#undef MBEDTLS_RIPEMD160_C -#undef MBEDTLS_SHA512_C - // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C #undef MBEDTLS_TIMING_C #define MBEDTLS_NO_PLATFORM_ENTROPY #define MBEDTLS_ENTROPY_HARDWARE_ALT -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MPI_WINDOW_SIZE 1 +#define MBEDTLS_MPI_MAX_SIZE 512 +#define MBEDTLS_ECP_WINDOW_SIZE 2 +#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 + // Modes #define MBEDTLS_SSL_CLI_C // Only client enabled -#undef MBEDTLS_SSL_SRV_C +#undef MBEDTLS_SSL_SRV_C + // Protos #undef MBEDTLS_SSL_PROTO_SSL3 #undef MBEDTLS_SSL_PROTO_TLS1 @@ -28,32 +26,42 @@ #undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL #undef MBEDTLS_SSL_PROTO_DTLS -// MPI / BIGNUM options -#define MBEDTLS_MPI_WINDOW_SIZE 1 -#define MBEDTLS_MPI_MAX_SIZE 512 -// ECP Options -#define MBEDTLS_ECP_WINDOW_SIZE 2 -// Content Lenght -#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 - -/* -#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -#undef MBEDTLS_SSL_SERVER_NAME_INDICATION +// Enabled Ciphers +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_AES_C #undef MBEDTLS_AES_ROM_TABLES #define MBEDTLS_AES_FEWER_TABLES -#define MBEDTLS_CAMELLIA_SMALL_MEMORY -//675296 -#undef MBEDTLS_CIPHER_MODE_CBC //??? -//671424 +#define MBEDTLS_ENTROPY_FORCE_SHA256 + +//Disabled ciphers +#undef MBEDTLS_ARC4_C +#undef MBEDTLS_BLOWFISH_C +#undef MBEDTLS_CAMELLIA_C +#undef MBEDTLS_ARIA_C +#undef MBEDTLS_DES_C +#undef MBEDTLS_CCM_C +#undef MBEDTLS_MD2_C +#undef MBEDTLS_MD4_C +#undef MBEDTLS_MD5_C +#undef MBEDTLS_RIPEMD160_C +#undef MBEDTLS_SHA1_C +#undef MBEDTLS_SHA512_C +#undef MBEDTLS_CHACHA20_C +#undef MBEDTLS_CHACHAPOLY_C +#undef MBEDTLS_POLY1305_C #undef MBEDTLS_CIPHER_NULL_CIPHER #undef MBEDTLS_ENABLE_WEAK_CIPHERSUITES #define MBEDTLS_REMOVE_3DES_CIPHERSUITES -//671424 -// Only SECP384R1 or CURVE25519 // +#define MBEDTLS_CAMELLIA_SMALL_MEMORY +#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + +// Curves // #undef MBEDTLS_ECP_DP_SECP192R1_ENABLED #undef MBEDTLS_ECP_DP_SECP224R1_ENABLED -#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED // da para desativar? +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED //Only SECP256R1 +#undef MBEDTLS_ECP_DP_SECP384R1_ENABLED #undef MBEDTLS_ECP_DP_SECP521R1_ENABLED #undef MBEDTLS_ECP_DP_SECP192K1_ENABLED #undef MBEDTLS_ECP_DP_SECP224K1_ENABLED @@ -61,10 +69,22 @@ #undef MBEDTLS_ECP_DP_BP256R1_ENABLED #undef MBEDTLS_ECP_DP_BP384R1_ENABLED #undef MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED //usar somente esta +#undef MBEDTLS_ECP_DP_CURVE25519_ENABLED #undef MBEDTLS_ECP_DP_CURVE448_ENABLED -//667568 -// Only ECDHE RSA // + +// Block mode +#define MBEDTLS_GCM_C //Only GCM +#undef MBEDTLS_CIPHER_MODE_CBC +#undef MBEDTLS_CIPHER_MODE_CFB +#undef MBEDTLS_CIPHER_MODE_CTR +#undef MBEDTLS_CIPHER_MODE_OFB +#undef MBEDTLS_CIPHER_MODE_XTS + +// Exchange Key // +#define MBEDTLS_DHM_C +#define MBEDTLS_ECDH_C +#undef MBEDTLS_ECDSA_C +#undef MBEDTLS_ECJPAKE_C #undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED #undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED @@ -76,12 +96,7 @@ #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -//664192 -#undef MBEDTLS_GENPRIME -//663296 -#undef MBEDTLS_PKCS1_V15 //??? -#undef MBEDTLS_PKCS1_V21 //??? -//659488 + // Define only on development // #undef MBEDTLS_SELF_TEST #undef MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -90,51 +105,23 @@ #undef MBEDTLS_SSL_DEBUG_ALL #undef MBEDTLS_VERSION_FEATURES #undef MBEDTLS_CERTS_C -//657824 +#undef MBEDTLS_DEBUG_C + +/* +Avaliar efeito + +#undef MBEDTLS_GENPRIME + +#undef MBEDTLS_PKCS1_V15 +#undef MBEDTLS_PKCS1_V21 + #undef MBEDTLS_X509_RSASSA_PSS_SUPPORT -//657216 -#undef MBEDTLS_ARC4_C -//655872 -#undef MBEDTLS_BLOWFISH_C -//650752 -#undef MBEDTLS_CAMELLIA_C -//648352 -#undef MBEDTLS_ARIA_C -#undef MBEDTLS_DES_C -#undef MBEDTLS_CCM_C -#undef MBEDTLS_MD2_C -#undef MBEDTLS_MD4_C -#undef MBEDTLS_MD5_C -//641504 -#undef MBEDTLS_DHM_C -#define MBEDTLS_ECDH_C // Enable only ECDH -#undef MBEDTLS_ECDSA_C -#undef MBEDTLS_ECJPAKE_C -//639664 + #undef MBEDTLS_PEM_PARSE_C #undef MBEDTLS_PEM_WRITE_C -//638848 -#undef MBEDTLS_SHA1_C -//635376 -#undef MBEDTLS_DEBUG_C -// 622032 +APN -// Enabled Ciphers -#define MBEDTLS_SHA256_SMALLER -#define MBEDTLS_CHACHA20_C -#define MBEDTLS_CHACHAPOLY_C -#define MBEDTLS_POLY1305_C -#define MBEDTLS_RSA_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_AES_C // Tentar desativar -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_GCM_C - -#undef MBEDTLS_SHA512_C -#undef MBEDTLS_RIPEMD160_C -#define MBEDTLS_SHA512_NO_SHA384 -#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ -#endif +#endif \ No newline at end of file From 00e30ef51db1a202e68bb7798c5133c77bb0887b Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 21 Oct 2023 04:05:10 -0300 Subject: [PATCH 07/39] Adicao de informacoes para debug --- .vscode/settings.json | 6 ++++- src/httpserver/http_fns.c | 3 ++- src/lwipopts.h | 1 - src/mqtt/new_mqtt.c | 51 ++++++++++++++++++++++++++++++--------- src/user_mbedtls_config.h | 4 +-- 5 files changed, 49 insertions(+), 16 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 359a4bd2b..3d4456cb6 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -17,6 +17,10 @@ "prettier.useTabs": true, "prettier.printWidth": 120, "files.associations": { - "altcp_tls.h": "c" + "altcp_tls.h": "c", + "system_error": "cpp", + "logging.h": "c", + "opt.h": "c", + "altcp_tls_mbedtls_opts.h": "c" } } \ No newline at end of file diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 74fa749ec..2cf1b7dc9 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -18,6 +18,7 @@ #include #include "../driver/drv_ntp.h" #include "../driver/drv_local.h" +#include "start_type_pub.h" static char SUBMIT_AND_END_FORM[] = "
"; @@ -1059,7 +1060,7 @@ int http_fn_cfg_mqtt(http_request_t* request) { int http_fn_cfg_ip(http_request_t* request) { char tmp[64]; int g_changes = 0; - byte ip[4]; + //byte ip[4]; http_setup(request, httpMimeTypeHTML); http_html_start(request, "IP"); poststr_h2(request, "Here you can set static IP or DHCP"); diff --git a/src/lwipopts.h b/src/lwipopts.h index 8ddf53e40..0fbf0ca8e 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -38,7 +38,6 @@ #define LWIP_ALTCP 1 #define LWIP_ALTCP_TLS 1 #define LWIP_ALTCP_TLS_MBEDTLS 1 -#define MQTT_DEBUG LWIP_DBG_ON #endif /** diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 35f120257..c242807f6 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -17,6 +17,7 @@ #include "lwip/apps/mqtt_priv.h" #include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" #include "mbedtls/ssl.h" +#include "mbedtls/debug.h" struct altcp_tls_config { mbedtls_ssl_config conf; mbedtls_x509_crt* cert; @@ -1091,7 +1092,7 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); -#ifdef LWIP_ALTCP_TLS_MBEDTLS +#if LWIP_ALTCP_TLS_MBEDTLS if (client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; @@ -1157,6 +1158,26 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection } } +static void my_debug(void* ctx, int level, const char* file, int line, const char* str); +static void my_debug(void* ctx, int level, const char* file, int line, const char* str) +{ + const char* p, * basename; + (void)ctx; + + if (level == 2) + return; + + /* Extract basename from file */ + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { + basename = p + 1; + } + } + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); +} + + static int MQTT_do_connect(mqtt_client_t* client) { const char* mqtt_userName, * mqtt_host, * mqtt_pass, * mqtt_clientID; @@ -1230,10 +1251,10 @@ static int MQTT_do_connect(mqtt_client_t* client) } /* Includes for MQTT over TLS */ -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS /* Free old configuration */ if (mqtt_client_info.tls_config) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Free old configuration "); + altcp_tls_free_config(mqtt_client_info.tls_config); altcp_tls_free_entropy(); mqtt_client_info.tls_config = NULL; } @@ -1245,22 +1266,29 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); if (ca) { - ca_len = strlen((char*)ca); + ca_len = strlen((char*)ca)+1; } - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "ca_len=%d", ca_len); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "%s=%s", CFG_GetMQTTCertFile(), ca); } else { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate disabled"); } - LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(ca, ca_len); - UNLOCK_TCPIP_CORE(); if (ca) { - mem_free(ca); + free(ca); ca = NULL; } - if (mqtt_client_info.tls_config) { + if (mqtt_client_info.tls_config) { + mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, my_debug, NULL); + mbedtls_debug_set_threshold(1); + + if (mqtt_client_info.tls_config->ca){ + char* buf = malloc(1025 + 1); + memset(buf, 0 , 1025); + mbedtls_x509_crt_info(buf, 1024, "", mqtt_client_info.tls_config->ca); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "=============== CERTIFICATE INFO ===============\n%s", buf); + free(buf); + } + if (mqtt_verify_tls_cert) { mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); } @@ -1310,6 +1338,7 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + OBK_Publish_Result MQTT_PublishMain_StringInt(const char* sChannel, int iv, int flags) { char valueStr[16]; @@ -2335,7 +2364,7 @@ int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* ((void)data); *olen = len; srand(fclk_get_second()); - while (len--) { + for (int i=0; i Date: Sun, 22 Oct 2023 20:02:20 -0300 Subject: [PATCH 08/39] Versao funcional com verificacao do certificado --- .vscode/settings.json | 4 +- sdk/OpenBK7231N | 2 +- src/lwipopts.h | 8 +- src/mqtt/new_mqtt.c | 237 +++++++++++++++++++++++++++++++------- src/user_mbedtls_config.h | 29 ++++- 5 files changed, 230 insertions(+), 50 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 3d4456cb6..c4ad84acd 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -21,6 +21,8 @@ "system_error": "cpp", "logging.h": "c", "opt.h": "c", - "altcp_tls_mbedtls_opts.h": "c" + "altcp_tls_mbedtls_opts.h": "c", + "fake_clock_pub.h": "c", + "check_config.h": "c" } } \ No newline at end of file diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index a427faeac..c075b336f 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit a427faeacfdc1f996dc4524aa7eb52d2c69229cf +Subproject commit c075b336faa19f08f020df100292a66f292c7101 diff --git a/src/lwipopts.h b/src/lwipopts.h index 0fbf0ca8e..82d7c96eb 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -35,9 +35,10 @@ #include "obk_config.h" #if MQTT_USE_TLS -#define LWIP_ALTCP 1 -#define LWIP_ALTCP_TLS 1 -#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define LWIP_ALTCP 1 +#define LWIP_ALTCP_TLS 1 +#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_ON #endif /** @@ -61,7 +62,6 @@ #define LWIP_DEBUG LWIP_DBG_ON #define LWIP_DEBUG_TRACE 0 #define SOCKETS_DEBUG LWIP_DBG_OFF // | LWIP_DBG_MASK_LEVEL - #define IP_DEBUG LWIP_DBG_OFF #define ETHARP_DEBUG LWIP_DBG_OFF #define NETIF_DEBUG LWIP_DBG_OFF diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index c242807f6..78a2422f0 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -12,12 +12,11 @@ #include "../driver/drv_tuyaMCU.h" #include "../ota/ota.h" -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS #include "lwip/altcp_tls.h" #include "lwip/apps/mqtt_priv.h" #include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" #include "mbedtls/ssl.h" -#include "mbedtls/debug.h" struct altcp_tls_config { mbedtls_ssl_config conf; mbedtls_x509_crt* cert; @@ -28,13 +27,19 @@ struct altcp_tls_config { u8_t pkey_max; mbedtls_x509_crt* ca; #if defined(MBEDTLS_SSL_CACHE_C) && ALTCP_MBEDTLS_USE_SESSION_CACHE - // Inter-connection cache for fast connection startup struct mbedtls_ssl_cache_context cache; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && ALTCP_MBEDTLS_USE_SESSION_TICKETS mbedtls_ssl_ticket_context ticket_ctx; #endif }; +#if ALTCP_MBEDTLS_DEBUG + #include "mbedtls/ssl_internal.h" + #include "mbedtls/debug.h" + static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint32_t* flags); + static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, const char* str); + void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl); +#endif #endif #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT @@ -1096,9 +1101,8 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection if (client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; - LWIP_PLATFORM_DIAG(("MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl))); - LWIP_PLATFORM_DIAG(("MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl))); - + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); } #endif @@ -1158,26 +1162,6 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection } } -static void my_debug(void* ctx, int level, const char* file, int line, const char* str); -static void my_debug(void* ctx, int level, const char* file, int line, const char* str) -{ - const char* p, * basename; - (void)ctx; - - if (level == 2) - return; - - /* Extract basename from file */ - for (p = basename = file; *p != '\0'; p++) { - if (*p == '/' || *p == '\\') { - basename = p + 1; - } - } - - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); -} - - static int MQTT_do_connect(mqtt_client_t* client) { const char* mqtt_userName, * mqtt_host, * mqtt_pass, * mqtt_clientID; @@ -1262,7 +1246,13 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); size_t ca_len = 0; u8_t* ca = NULL; - if (mqtt_verify_tls_cert) { + /* + if (mqtt_verify_tls_cert && !NTP_IsTimeSynced()){ + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); + return 0; + } + */ + if (strlen(CFG_GetMQTTCertFile()) > 0) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); if (ca) { @@ -1278,16 +1268,15 @@ static int MQTT_do_connect(mqtt_client_t* client) ca = NULL; } if (mqtt_client_info.tls_config) { - mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, my_debug, NULL); +#if ALTCP_MBEDTLS_DEBUG + mbedtls_ssl_conf_verify(&mqtt_client_info.tls_config->conf, mbedtls_verify_cb, NULL); + mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, mbedtls_debug_cb, NULL); mbedtls_debug_set_threshold(1); if (mqtt_client_info.tls_config->ca){ - char* buf = malloc(1025 + 1); - memset(buf, 0 , 1025); - mbedtls_x509_crt_info(buf, 1024, "", mqtt_client_info.tls_config->ca); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "=============== CERTIFICATE INFO ===============\n%s", buf); - free(buf); + mbedtls_dump_conf(&mqtt_client_info.tls_config->conf, NULL); } +#endif if (mqtt_verify_tls_cert) { mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); @@ -2358,15 +2347,185 @@ bool MQTT_IsReady() { return mqtt_client && res; } -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS +#ifdef MBEDTLS_TIMING_C #include "fake_clock_pub.h" +#include "mbedtls/error.h" +int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + return mbedtls_hardware_poll(data, output, len, olen); +} int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void)data); - *olen = len; - srand(fclk_get_second()); - for (int i=0; itm_year + 1900, ltm->tm_mon + 1, ltm->tm_mday, ltm->tm_hour, ltm->tm_min, ltm->tm_sec); + return ltm; +} +#endif //MBEDTLS_PLATFORM_GMTIME_R_ALT + + +#if ALTCP_MBEDTLS_DEBUG +static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint32_t* flags) +{ + ((void)data); + char buf[1024]; + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s", buf); + + if ((*flags) == 0) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " This certificate has no flags\n"); + } + else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s\n", buf); } return 0; } -#endif \ No newline at end of file + +static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, const char* str) +{ + const char* p, * basename; + (void)ctx; + + if (level == 2) + return; + + /* Extract basename from file */ + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { + basename = p + 1; + } + } + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); +} + +void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl) { + if (ssl && ssl->handshake) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); + switch (ssl->handshake->ciphersuite_info->key_exchange) + { + case MBEDTLS_KEY_EXCHANGE_NONE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); + break; + case MBEDTLS_KEY_EXCHANGE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); + break; + case MBEDTLS_KEY_EXCHANGE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); + break; + } + } + + if (conf) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); + int len = sizeof(conf->ciphersuite_list) / (sizeof(conf->ciphersuite_list[0])); + for (int s = 0; s < len; s++) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " %s", + mbedtls_ssl_get_ciphersuite_name(*conf->ciphersuite_list[s])); + } + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); + len = sizeof(conf->curve_list) / (sizeof(mbedtls_ecp_group_id)); + const mbedtls_ecp_group_id* c = conf->curve_list; + for (; *c; c++) { + switch (*c) + { + case MBEDTLS_ECP_DP_NONE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); + break; + case MBEDTLS_ECP_DP_SECP192R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); + break; + case MBEDTLS_ECP_DP_SECP224R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); + break; + case MBEDTLS_ECP_DP_SECP256R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); + break; + case MBEDTLS_ECP_DP_SECP384R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); + break; + case MBEDTLS_ECP_DP_SECP521R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); + break; + case MBEDTLS_ECP_DP_BP256R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); + break; + case MBEDTLS_ECP_DP_BP384R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); + break; + case MBEDTLS_ECP_DP_BP512R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); + break; + case MBEDTLS_ECP_DP_CURVE25519: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); + break; + case MBEDTLS_ECP_DP_SECP192K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); + break; + case MBEDTLS_ECP_DP_SECP224K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); + break; + case MBEDTLS_ECP_DP_SECP256K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); + break; + case MBEDTLS_ECP_DP_CURVE448: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); + break; + } + } + } +} +#endif //ALTCP_MBEDTLS_DEBUG +#endif //MQTT_USE_TLS \ No newline at end of file diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index cfabc11d5..a458f27a6 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -2,13 +2,17 @@ #define USER_MBEDTLS_CONFIG_H #include "mbedtls/config.h" + // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C -#undef MBEDTLS_TIMING_C -#define MBEDTLS_NO_PLATFORM_ENTROPY + +#define MBEDTLS_TIMING_C +#define MBEDTLS_HAVE_TIME_DATE +#define MBEDTLS_PLATFORM_GMTIME_R_ALT + #define MBEDTLS_ENTROPY_HARDWARE_ALT -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_NO_PLATFORM_ENTROPY #define MBEDTLS_MPI_WINDOW_SIZE 1 #define MBEDTLS_MPI_MAX_SIZE 512 #define MBEDTLS_ECP_WINDOW_SIZE 2 @@ -31,7 +35,7 @@ #define MBEDTLS_SHA256_C #define MBEDTLS_SHA256_SMALLER #define MBEDTLS_AES_C -#undef MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_AES_FEWER_TABLES #define MBEDTLS_ENTROPY_FORCE_SHA256 @@ -98,6 +102,19 @@ #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED // Define only on development // +#if 1 +#define MBEDTLS_DEBUG_C +#define MBEDTLS_SELF_TEST +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES +#define MBEDTLS_SSL_RECORD_CHECKING +#define MBEDTLS_SSL_CONTEXT_SERIALIZATION +#define MBEDTLS_SSL_DEBUG_ALL +#define MBEDTLS_VERSION_FEATURES +#define MBEDTLS_CERTS_C +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MEMORY_BACKTRACE +#else +#undef MBEDTLS_DEBUG_C #undef MBEDTLS_SELF_TEST #undef MBEDTLS_SSL_ALL_ALERT_MESSAGES #undef MBEDTLS_SSL_RECORD_CHECKING @@ -105,7 +122,9 @@ #undef MBEDTLS_SSL_DEBUG_ALL #undef MBEDTLS_VERSION_FEATURES #undef MBEDTLS_CERTS_C -#define MBEDTLS_DEBUG_C +#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C +#undef MBEDTLS_MEMORY_BACKTRACE +#endif /* Avaliar efeito From baf8e49a9e74aa8f3a4c661e06d6b5d235829f4f Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 22 Oct 2023 22:26:57 -0300 Subject: [PATCH 09/39] Otimizacoes de rom e heap usage --- src/mqtt/new_mqtt.c | 113 +++++++++++++++++++------------------- src/user_mbedtls_config.h | 24 ++------ 2 files changed, 62 insertions(+), 75 deletions(-) diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 78a2422f0..17140a15b 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1188,7 +1188,7 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, - mqtt_pass, + "********", mqtt_clientID, mqtt_host, mqtt_port @@ -1246,17 +1246,18 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); size_t ca_len = 0; u8_t* ca = NULL; - /* - if (mqtt_verify_tls_cert && !NTP_IsTimeSynced()){ - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); - return 0; - } - */ - if (strlen(CFG_GetMQTTCertFile()) > 0) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); - ca = LFS_ReadFile(CFG_GetMQTTCertFile()); - if (ca) { - ca_len = strlen((char*)ca)+1; + if (mqtt_verify_tls_cert) { + if (!NTP_IsTimeSynced()) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); + // silently allow retry next frame + return ERR_RTE; + } + if (strlen(CFG_GetMQTTCertFile()) > 0) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); + ca = LFS_ReadFile(CFG_GetMQTTCertFile()); + if (ca) { + ca_len = strlen((char*)ca)+1; + } } } else { @@ -1270,9 +1271,10 @@ static int MQTT_do_connect(mqtt_client_t* client) if (mqtt_client_info.tls_config) { #if ALTCP_MBEDTLS_DEBUG mbedtls_ssl_conf_verify(&mqtt_client_info.tls_config->conf, mbedtls_verify_cb, NULL); +#if MBEDTLS_DEBUG_C mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, mbedtls_debug_cb, NULL); mbedtls_debug_set_threshold(1); - +#endif if (mqtt_client_info.tls_config->ca){ mbedtls_dump_conf(&mqtt_client_info.tls_config->conf, NULL); } @@ -2348,12 +2350,9 @@ bool MQTT_IsReady() { } #if MQTT_USE_TLS -#ifdef MBEDTLS_TIMING_C +#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT #include "fake_clock_pub.h" #include "mbedtls/error.h" -int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { - return mbedtls_hardware_poll(data, output, len, olen); -} int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void)data); @@ -2373,15 +2372,15 @@ int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* } return ret; } -#endif +int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + return mbedtls_hardware_poll(data, output, len, olen); +} +#endif //MBEDTLS_ENTROPY_HARDWARE_ALT #ifdef MBEDTLS_PLATFORM_GMTIME_R_ALT struct tm* mbedtls_platform_gmtime_r(const mbedtls_time_t* tt, struct tm* tm_buf) { // Use NTP time - struct tm* ltm = gmtime_r((time_t*)&g_ntpTime, tm_buf); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "mbedtls_platform_gmtime_r: %04d/%02d/%02d %02d:%02d:%02d\n", - ltm->tm_year + 1900, ltm->tm_mon + 1, ltm->tm_mday, ltm->tm_hour, ltm->tm_min, ltm->tm_sec); - return ltm; + return gmtime_r((time_t*)&g_ntpTime, tm_buf); } #endif //MBEDTLS_PLATFORM_GMTIME_R_ALT @@ -2392,16 +2391,16 @@ static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint3 ((void)data); char buf[1024]; - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s", buf); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "\n%s", buf); if ((*flags) == 0) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " This certificate has no flags\n"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " This certificate has no flags\n"); } else { mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s\n", buf); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "%s\n", buf); } return 0; } @@ -2421,107 +2420,107 @@ static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, c } } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); + addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); } void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl) { if (ssl && ssl->handshake) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); switch (ssl->handshake->ciphersuite_info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_NONE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); break; case MBEDTLS_KEY_EXCHANGE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); break; case MBEDTLS_KEY_EXCHANGE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); break; case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); break; } } if (conf) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); int len = sizeof(conf->ciphersuite_list) / (sizeof(conf->ciphersuite_list[0])); for (int s = 0; s < len; s++) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " %s", + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " %s", mbedtls_ssl_get_ciphersuite_name(*conf->ciphersuite_list[s])); } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); len = sizeof(conf->curve_list) / (sizeof(mbedtls_ecp_group_id)); const mbedtls_ecp_group_id* c = conf->curve_list; for (; *c; c++) { switch (*c) { case MBEDTLS_ECP_DP_NONE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); break; case MBEDTLS_ECP_DP_SECP192R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); break; case MBEDTLS_ECP_DP_SECP224R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); break; case MBEDTLS_ECP_DP_SECP256R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); break; case MBEDTLS_ECP_DP_SECP384R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); break; case MBEDTLS_ECP_DP_SECP521R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); break; case MBEDTLS_ECP_DP_BP256R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); break; case MBEDTLS_ECP_DP_BP384R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); break; case MBEDTLS_ECP_DP_BP512R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); break; case MBEDTLS_ECP_DP_CURVE25519: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); break; case MBEDTLS_ECP_DP_SECP192K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); break; case MBEDTLS_ECP_DP_SECP224K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); break; case MBEDTLS_ECP_DP_SECP256K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); break; case MBEDTLS_ECP_DP_CURVE448: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); break; } } diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index a458f27a6..d97a19aad 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -6,13 +6,11 @@ // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C - #define MBEDTLS_TIMING_C #define MBEDTLS_HAVE_TIME_DATE #define MBEDTLS_PLATFORM_GMTIME_R_ALT - -#define MBEDTLS_ENTROPY_HARDWARE_ALT #define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT #define MBEDTLS_MPI_WINDOW_SIZE 1 #define MBEDTLS_MPI_MAX_SIZE 512 #define MBEDTLS_ECP_WINDOW_SIZE 2 @@ -29,6 +27,7 @@ #define MBEDTLS_SSL_PROTO_TLS1_2 // Only TLS1.2 enabled #undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL #undef MBEDTLS_SSL_PROTO_DTLS +#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY // Enabled Ciphers #define MBEDTLS_RSA_C @@ -102,7 +101,7 @@ #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED // Define only on development // -#if 1 +#if 0 #define MBEDTLS_DEBUG_C #define MBEDTLS_SELF_TEST #define MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -126,21 +125,10 @@ #undef MBEDTLS_MEMORY_BACKTRACE #endif -/* -Avaliar efeito - -#undef MBEDTLS_GENPRIME - -#undef MBEDTLS_PKCS1_V15 +//Disabled functions +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE #undef MBEDTLS_PKCS1_V21 - +#undef MBEDTLS_GENPRIME #undef MBEDTLS_X509_RSASSA_PSS_SUPPORT -#undef MBEDTLS_PEM_PARSE_C -#undef MBEDTLS_PEM_WRITE_C - -APN - -*/ - #endif \ No newline at end of file From 05ad912753d4fbf356eb5a4989caa144c0d64cb7 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 24 Oct 2023 00:17:48 -0300 Subject: [PATCH 10/39] Versao com webserver enable/disable --- .vscode/settings.json | 3 ++- src/cmnds/cmd_main.c | 38 ++++++++++++++++++++++++++++++++ src/httpserver/http_fns.c | 20 +++++++++++++---- src/httpserver/http_tcp_server.c | 11 +++++++++ src/httpserver/http_tcp_server.h | 1 + src/mqtt/new_mqtt.c | 6 ++--- src/new_cfg.c | 16 ++++++++++++++ src/new_cfg.h | 3 +++ src/new_pins.h | 4 +++- src/user_main.c | 10 ++++++--- 10 files changed, 100 insertions(+), 12 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index c4ad84acd..a4473523f 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -23,6 +23,7 @@ "opt.h": "c", "altcp_tls_mbedtls_opts.h": "c", "fake_clock_pub.h": "c", - "check_config.h": "c" + "check_config.h": "c", + "cmd_public.h": "c" } } \ No newline at end of file diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index cab34f2cb..c7737942f 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -9,6 +9,8 @@ #include "../driver/drv_public.h" #include "../hal/hal_adc.h" #include "../hal/hal_flashVars.h" +#include "../httpserver/http_tcp_server.h" +#include "../hal/hal_generic.h" int cmd_uartInitIndex = 0; @@ -597,6 +599,37 @@ commandResult_t CMD_DeepSleep_SetEdge(const void* context, const char* cmd, cons return CMD_RES_OK; } +static commandResult_t CMD_WebServer(const void* context, const char* cmd, const char* args, int cmdFlags) { + int value; + Tokenizer_TokenizeString(args, 0); + value = Tokenizer_GetArgsCount(); + if (value == 0) + { + ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", CFG_GetEnableWebServer()); + return CMD_RES_OK; + } + if (value == 1) { + ADDLOG_INFO(LOG_FEATURE_CMD, "ARG0 (%s), ARG1 (%s)", Tokenizer_GetArg(0), Tokenizer_GetArg(1)); + if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { + ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); + CFG_SetEnableWebServer(false); + CFG_Save_IfThereArePendingChanges(); + HTTPServer_Stop(); + return CMD_RES_OK; + } + else if (strcmp(Tokenizer_GetArg(0), "1") == 0) { + ADDLOG_INFO(LOG_FEATURE_CMD, "Enable WebServer and restart"); + CFG_SetEnableWebServer(true); + CFG_Save_IfThereArePendingChanges(); + HAL_RebootModule(); + return CMD_RES_OK; + } + } + ADDLOG_ERROR(LOG_FEATURE_CMD, "Invalid Argument"); + return CMD_RES_BAD_ARGUMENT; +} + + void CMD_Init_Early() { //cmddetail:{"name":"alias","args":"[Alias][Command with spaces]", //cmddetail:"descr":"add an aliased command, so a command with spaces can be called with a short, nospaced alias", @@ -724,6 +757,11 @@ void CMD_Init_Early() { //cmddetail:"examples":""} CMD_RegisterCommand("StartupCommand", CMD_StartupCommand, NULL); //CMD_RegisterCommand("FindPattern", CMD_FindPattern, NULL); + //cmddetail:{"name":"WebServer","args":"[0 - Stop / 1 - Start]", + //cmddetail:"descr":"Setting state of WebServer", + //cmddetail:"fn":"CMD_WebServer","file":"cmnds/cmd_main.c","requires":"", + //cmddetail:"examples":""} + CMD_RegisterCommand("WebServer", CMD_WebServer, NULL); #if (defined WINDOWS) || (defined PLATFORM_BEKEN) CMD_InitScripting(); diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 2cf1b7dc9..68f3f1b5b 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1119,9 +1119,8 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { CFG_SetMQTTUseTls(http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))); CFG_SetMQTTVerifyTlsCert(http_getArg(request->url, "mqtt_verify_tls_cert", tmpA, sizeof(tmpA))); - if (http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA))) { - CFG_SetMQTTCertFile(tmpA); - } + http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA)); + CFG_SetMQTTCertFile(tmpA); if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); @@ -1153,6 +1152,13 @@ int http_fn_cfg_webapp(http_request_t* request) { http_setup(request, httpMimeTypeHTML); http_html_start(request, "Set Webapp"); add_label_text_field(request, "URL of the Webapp", "url", CFG_GetWebappRoot(), "
"); + + hprintf255(request, ""); + } + hprintf255(request, "
"); + poststr(request, SUBMIT_AND_END_FORM); poststr(request, htmlFooterReturnToCfgLink); http_html_end(request); @@ -1166,7 +1172,7 @@ int http_fn_cfg_webapp_set(http_request_t* request) { http_html_start(request, "Saving Webapp"); if (http_getArg(request->url, "url", tmpA, sizeof(tmpA))) { - CFG_SetWebappRoot(tmpA); + CFG_SetWebappRoot(tmpA); CFG_Save_IfThereArePendingChanges(); hprintf255(request, "Webapp url set to %s", tmpA); } @@ -1174,6 +1180,12 @@ int http_fn_cfg_webapp_set(http_request_t* request) { poststr(request, "Webapp url not set because you didn't specify the argument."); } + CFG_SetEnableWebServer(http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); + if (CFG_GetEnableWebServer()){ + poststr(request, "
"); + poststr(request, "Webapp will be disabled on next boot!"); + } + poststr(request, "
"); poststr(request, htmlFooterReturnToCfgLink); http_html_end(request); diff --git a/src/httpserver/http_tcp_server.c b/src/httpserver/http_tcp_server.c index de186e8db..64a2b8599 100644 --- a/src/httpserver/http_tcp_server.c +++ b/src/httpserver/http_tcp_server.c @@ -54,6 +54,17 @@ void HTTPServer_Start() } } +void HTTPServer_Stop() +{ + OSStatus err = kNoErr; + + err = rtos_delete_thread(&g_http_thread); + + if (err != kNoErr) + { + ADDLOG_ERROR(LOG_FEATURE_HTTP, "stop \"TCP_server\" thread failed with %i!\r\n", err); + } +} int sendfn(int fd, char* data, int len) { if (fd) { diff --git a/src/httpserver/http_tcp_server.h b/src/httpserver/http_tcp_server.h index ba803a6c8..e39e579b6 100644 --- a/src/httpserver/http_tcp_server.h +++ b/src/httpserver/http_tcp_server.h @@ -1,2 +1,3 @@ void HTTPServer_Start(); +void HTTPServer_Stop(); \ No newline at end of file diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 17140a15b..1f633cd5a 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1098,11 +1098,11 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); #if LWIP_ALTCP_TLS_MBEDTLS - if (client && client->conn && client->conn->state) { + if (CFG_GetMQTTUseTls() && client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl)); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TLS VERSION: %s\n", mbedtls_ssl_get_version(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TLS CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); } #endif diff --git a/src/new_cfg.c b/src/new_cfg.c index 4c018fa33..c0ec192ca 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -171,6 +171,11 @@ void CFG_SetDefaultConfig() { #endif CFG_SetDefaultLEDCorrectionTable(); + CFG_SetMQTTUseTls(false); + CFG_SetMQTTVerifyTlsCert(false); + CFG_SetMQTTCertFile(""); + CFG_SetEnableWebServer(true); + CFG_SetDefaultLEDCorrectionTable(); g_cfg_pendingChanges++; } @@ -718,6 +723,17 @@ uint32_t CFG_GetLFS_Size() { } #endif +bool CFG_GetEnableWebServer() { + return g_cfg.enable_web_server; +} +void CFG_SetEnableWebServer(bool value) { + // is there a change? + if (g_cfg.enable_web_server != value) { + g_cfg.enable_web_server = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_InitAndLoad() { byte chkSum; diff --git a/src/new_cfg.h b/src/new_cfg.h index f54050f04..ec4631e3d 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -100,5 +100,8 @@ void CFG_SetLFS_Size(uint32_t value); uint32_t CFG_GetLFS_Size(); #endif +bool CFG_GetEnableWebServer(); +void CFG_SetEnableWebServer(bool value); + #endif diff --git a/src/new_pins.h b/src/new_pins.h index 7f419f032..e6419d6d8 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1185,7 +1185,9 @@ typedef struct mainConfig_s { // offset 0x00000C86 (3206 decimal) char mqtt_cert_file[20]; // offset 0x00000C9A (3226 decimal) - char unused[358]; + bool enable_web_server; + // offset 0x00000C9B (3227 decimal) + char unused[357]; #endif } mainConfig_t; diff --git a/src/user_main.c b/src/user_main.c index 1a2015be1..cdcae55fb 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -42,6 +42,8 @@ #ifdef PLATFORM_BEKEN #include #include +#include "BkDriverWdg.h" + void bg_register_irda_check_func(FUNCPTR func); #endif @@ -1147,13 +1149,15 @@ void Main_Init_After_Delay() } ADDLOGF_INFO("Using SSID [%s]\r\n", wifi_ssid); - ADDLOGF_INFO("Using Pass [%s]\r\n", wifi_pass); + ADDLOGF_INFO("Using Pass [%s]\r\n", "********"); // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); - HTTPServer_Start(); - ADDLOGF_DEBUG("Started http tcp server\r\n"); + if (CFG_GetEnableWebServer() || bSafeMode) { + HTTPServer_Start(); + ADDLOGF_DEBUG("Started http tcp server\r\n"); + } // only initialise certain things if we are not in AP mode if (!bSafeMode) From bb98db0519c36e16ae14a0fdbb582ab61a95e25f Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 24 Oct 2023 19:24:12 -0300 Subject: [PATCH 11/39] Versao boa para mqtt mbedtls boa uso --- src/cmnds/cmd_main.c | 1 - src/mqtt/new_mqtt.c | 23 +++++++++++++++++------ src/obk_config.h | 5 +---- 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index c7737942f..b2830ae32 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -609,7 +609,6 @@ static commandResult_t CMD_WebServer(const void* context, const char* cmd, const return CMD_RES_OK; } if (value == 1) { - ADDLOG_INFO(LOG_FEATURE_CMD, "ARG0 (%s), ARG1 (%s)", Tokenizer_GetArg(0), Tokenizer_GetArg(1)); if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); CFG_SetEnableWebServer(false); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 1f633cd5a..2e31250f0 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1247,11 +1247,6 @@ static int MQTT_do_connect(mqtt_client_t* client) size_t ca_len = 0; u8_t* ca = NULL; if (mqtt_verify_tls_cert) { - if (!NTP_IsTimeSynced()) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); - // silently allow retry next frame - return ERR_RTE; - } if (strlen(CFG_GetMQTTCertFile()) > 0) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); @@ -2378,8 +2373,24 @@ int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t #endif //MBEDTLS_ENTROPY_HARDWARE_ALT #ifdef MBEDTLS_PLATFORM_GMTIME_R_ALT +struct tm* cvt_date(char const* date, char const* time, struct tm* t); +struct tm* cvt_date(char const* date, char const* time, struct tm* t) +{ + char s_month[5]; + int year; + static const char month_names[] = "JanFebMarAprMayJunJulAugSepOctNovDec"; + sscanf(date, "%s %d %d", s_month, &t->tm_mday, &year); + sscanf(time, "%2d %*c %2d %*c %2d", &t->tm_hour, &t->tm_min, &t->tm_sec); + // Find where is s_month in month_names. Deduce month value. + t->tm_mon = (strstr(month_names, s_month) - month_names) / 3 + 1; + t->tm_year = year - 1900; + return t; +} struct tm* mbedtls_platform_gmtime_r(const mbedtls_time_t* tt, struct tm* tm_buf) { - // Use NTP time + // If NTP time not synced return compile time + if (!NTP_IsTimeSynced()) { + return cvt_date(__DATE__, __TIME__, tm_buf); + } return gmtime_r((time_t*)&g_ntpTime, tm_buf); } #endif //MBEDTLS_PLATFORM_GMTIME_R_ALT diff --git a/src/obk_config.h b/src/obk_config.h index c06be039b..a5d7cf3ff 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -68,17 +68,14 @@ // set to 0 to disable #define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 -#define ENABLE_NTP 1 +#define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 #define ENABLE_DRIVER_BL0937 1 #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 -//TLS use 100k rom e 44k ram. If enabled IR e MCU disabled to fit -#ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 #define ENABLE_DRIVER_IR 1 -#endif //#define ENABLE_DRIVER_HT16K33 1 //#define ENABLE_DRIVER_MAX72XX 1 #define ENABLE_I2C 1 From adbf8538f7447c6d973aacb0e7982fad816e8b95 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 28 Oct 2023 14:48:02 -0300 Subject: [PATCH 12/39] Invert CFG enable_web_server to disable_web_server --- Makefile | 2 ++ components.mk | 63 +++++++++++++++++++++++++++++++++++++++ src/cmnds/cmd_main.c | 14 ++++----- src/httpserver/http_fns.c | 6 ++-- src/lwipopts.h | 4 +-- src/new_cfg.c | 15 ++++------ src/new_cfg.h | 4 +-- src/new_pins.h | 2 +- src/obk_config.h | 1 - src/user_main.c | 2 +- 10 files changed, 85 insertions(+), 28 deletions(-) create mode 100644 components.mk diff --git a/Makefile b/Makefile index 022194de4..b742485d4 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,10 @@ # HACK - if COMPILE_PREX defined then we are being called running from original build_app.sh script in standard SDK # Required to not break old build_app.sh script lines 74-77 +MBEDTLS_DIR := ../../../apps/$(APP_BIN_NAME) ifdef COMPILE_PREX all: @echo Calling original build_app.sh script + if [ ! -d "output/mbedtls-2.28.5" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi cd $(PWD)/../../platforms/$(TARGET_PLATFORM)/toolchain/$(TUYA_APPS_BUILD_PATH) && sh $(TUYA_APPS_BUILD_CMD) $(APP_NAME) $(APP_VERSION) $(TARGET_PLATFORM) $(USER_CMD) else diff --git a/components.mk b/components.mk new file mode 100644 index 000000000..3aee695c4 --- /dev/null +++ b/components.mk @@ -0,0 +1,63 @@ +ifeq ($(TARGET_PLATFORM),bk7231n) + +CFG_USE_MQTT_TLS ?= 1 + +ifeq ($(CFG_USE_MQTT_TLS),1) + +MBEDTLS_DIR = $(TOP_DIR)/apps/$(APP_BIN_NAME)/output/mbedtls-2.28.5 +INCLUDES := -I$(MBEDTLS_DIR)/include -I$(TOP_DIR)/apps/$(APP_BIN_NAME)/src $(INCLUDES) +CPPDEFINES += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' +OSFLAGS += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' + +SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls.c +SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls_mem.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_tls.c +SRC_C += ${MBEDTLS_DIR}/library/x509_crt.c +SRC_C += ${MBEDTLS_DIR}/library/entropy.c +SRC_C += ${MBEDTLS_DIR}/library/chachapoly.c +SRC_C += ${MBEDTLS_DIR}/library/ctr_drbg.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_msg.c +SRC_C += ${MBEDTLS_DIR}/library/debug.c +SRC_C += ${MBEDTLS_DIR}/library/md.c +SRC_C += ${MBEDTLS_DIR}/library/sha512.c +SRC_C += ${MBEDTLS_DIR}/library/platform_util.c +SRC_C += ${MBEDTLS_DIR}/library/sha256.c +SRC_C += ${MBEDTLS_DIR}/library/sha1.c +SRC_C += ${MBEDTLS_DIR}/library/ripemd160.c +SRC_C += ${MBEDTLS_DIR}/library/md5.c +SRC_C += ${MBEDTLS_DIR}/library/cipher.c +SRC_C += ${MBEDTLS_DIR}/library/gcm.c +SRC_C += ${MBEDTLS_DIR}/library/chacha20.c +SRC_C += ${MBEDTLS_DIR}/library/ccm.c +SRC_C += ${MBEDTLS_DIR}/library/constant_time.c +SRC_C += ${MBEDTLS_DIR}/library/aes.c +SRC_C += ${MBEDTLS_DIR}/library/poly1305.c +SRC_C += ${MBEDTLS_DIR}/library/pem.c +SRC_C += ${MBEDTLS_DIR}/library/des.c +SRC_C += ${MBEDTLS_DIR}/library/asn1parse.c +SRC_C += ${MBEDTLS_DIR}/library/base64.c +SRC_C += ${MBEDTLS_DIR}/library/x509.c +SRC_C += ${MBEDTLS_DIR}/library/oid.c +SRC_C += ${MBEDTLS_DIR}/library/pkparse.c +SRC_C += ${MBEDTLS_DIR}/library/ecp.c +SRC_C += ${MBEDTLS_DIR}/library/bignum.c +SRC_C += ${MBEDTLS_DIR}/library/pk.c +SRC_C += ${MBEDTLS_DIR}/library/pk_wrap.c +SRC_C += ${MBEDTLS_DIR}/library/ecdsa.c +SRC_C += ${MBEDTLS_DIR}/library/asn1write.c +SRC_C += ${MBEDTLS_DIR}/library/hmac_drbg.c +SRC_C += ${MBEDTLS_DIR}/library/rsa.c +SRC_C += ${MBEDTLS_DIR}/library/rsa_internal.c +SRC_C += ${MBEDTLS_DIR}/library/ecp_curves.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_ciphersuites.c +SRC_C += ${MBEDTLS_DIR}/library/ecdh.c +SRC_C += ${MBEDTLS_DIR}/library/dhm.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_srv.c +SRC_C += ${MBEDTLS_DIR}/library/cipher_wrap.c +SRC_C += ${MBEDTLS_DIR}/library/arc4.c +SRC_C += ${MBEDTLS_DIR}/library/blowfish.c +SRC_C += ${MBEDTLS_DIR}/library/camellia.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_cli.c + +endif #ifeq ($(CFG_USE_MQTT_TLS),1) +endif #ifeq ($(TARGET_PLATFORM),bk7231n) \ No newline at end of file diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index b2830ae32..902aa157d 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -600,25 +600,25 @@ commandResult_t CMD_DeepSleep_SetEdge(const void* context, const char* cmd, cons } static commandResult_t CMD_WebServer(const void* context, const char* cmd, const char* args, int cmdFlags) { - int value; + int arg_count; Tokenizer_TokenizeString(args, 0); - value = Tokenizer_GetArgsCount(); - if (value == 0) + arg_count = Tokenizer_GetArgsCount(); + if (arg_count == 0) { - ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", CFG_GetEnableWebServer()); + ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", !CFG_GetDisableWebServer()); return CMD_RES_OK; } - if (value == 1) { + if (arg_count == 1) { if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); - CFG_SetEnableWebServer(false); + CFG_SetDisableWebServer(true); CFG_Save_IfThereArePendingChanges(); HTTPServer_Stop(); return CMD_RES_OK; } else if (strcmp(Tokenizer_GetArg(0), "1") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Enable WebServer and restart"); - CFG_SetEnableWebServer(true); + CFG_SetDisableWebServer(false); CFG_Save_IfThereArePendingChanges(); HAL_RebootModule(); return CMD_RES_OK; diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 68f3f1b5b..77c87cf12 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1154,7 +1154,7 @@ int http_fn_cfg_webapp(http_request_t* request) { add_label_text_field(request, "URL of the Webapp", "url", CFG_GetWebappRoot(), ""); hprintf255(request, ""); } hprintf255(request, "
"); @@ -1180,8 +1180,8 @@ int http_fn_cfg_webapp_set(http_request_t* request) { poststr(request, "Webapp url not set because you didn't specify the argument."); } - CFG_SetEnableWebServer(http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); - if (CFG_GetEnableWebServer()){ + CFG_SetDisableWebServer(!http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); + if (CFG_GetDisableWebServer()){ poststr(request, "
"); poststr(request, "Webapp will be disabled on next boot!"); } diff --git a/src/lwipopts.h b/src/lwipopts.h index 82d7c96eb..eb5c11de4 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -32,13 +32,11 @@ #ifndef __LWIPOPTS_H__ #define __LWIPOPTS_H__ -#include "obk_config.h" - #if MQTT_USE_TLS #define LWIP_ALTCP 1 #define LWIP_ALTCP_TLS 1 #define LWIP_ALTCP_TLS_MBEDTLS 1 -#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_ON +#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_OFF #endif /** diff --git a/src/new_cfg.c b/src/new_cfg.c index c0ec192ca..55bedf12d 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -171,11 +171,6 @@ void CFG_SetDefaultConfig() { #endif CFG_SetDefaultLEDCorrectionTable(); - CFG_SetMQTTUseTls(false); - CFG_SetMQTTVerifyTlsCert(false); - CFG_SetMQTTCertFile(""); - CFG_SetEnableWebServer(true); - CFG_SetDefaultLEDCorrectionTable(); g_cfg_pendingChanges++; } @@ -723,13 +718,13 @@ uint32_t CFG_GetLFS_Size() { } #endif -bool CFG_GetEnableWebServer() { - return g_cfg.enable_web_server; +bool CFG_GetDisableWebServer() { + return g_cfg.disable_web_server; } -void CFG_SetEnableWebServer(bool value) { +void CFG_SetDisableWebServer(bool value) { // is there a change? - if (g_cfg.enable_web_server != value) { - g_cfg.enable_web_server = value; + if (g_cfg.disable_web_server != value) { + g_cfg.disable_web_server = value; // mark as dirty (value has changed) g_cfg_pendingChanges++; } diff --git a/src/new_cfg.h b/src/new_cfg.h index ec4631e3d..6858d9a60 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -100,8 +100,8 @@ void CFG_SetLFS_Size(uint32_t value); uint32_t CFG_GetLFS_Size(); #endif -bool CFG_GetEnableWebServer(); -void CFG_SetEnableWebServer(bool value); +bool CFG_GetDisableWebServer(); +void CFG_SetDisableWebServer(bool value); #endif diff --git a/src/new_pins.h b/src/new_pins.h index e6419d6d8..21b3dafc2 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1185,7 +1185,7 @@ typedef struct mainConfig_s { // offset 0x00000C86 (3206 decimal) char mqtt_cert_file[20]; // offset 0x00000C9A (3226 decimal) - bool enable_web_server; + bool disable_web_server; // offset 0x00000C9B (3227 decimal) char unused[357]; #endif diff --git a/src/obk_config.h b/src/obk_config.h index a5d7cf3ff..a3da1e06e 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -66,7 +66,6 @@ #elif PLATFORM_BEKEN // set to 0 to disable -#define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 #define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 diff --git a/src/user_main.c b/src/user_main.c index cdcae55fb..47d1e4a4c 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -1154,7 +1154,7 @@ void Main_Init_After_Delay() // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); - if (CFG_GetEnableWebServer() || bSafeMode) { + if (!CFG_GetDisableWebServer() || bSafeMode) { HTTPServer_Start(); ADDLOGF_DEBUG("Started http tcp server\r\n"); } From bccdf29d50e13e93b255c15668c38011400edb04 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 26 Sep 2023 14:23:44 -0300 Subject: [PATCH 13/39] MQTT over TLS first build --- src/mqtt/new_mqtt.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 40b5b827e..fad0963e2 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -12,6 +12,10 @@ #include "../driver/drv_tuyaMCU.h" #include "../ota/ota.h" +#ifdef MQTT_USE_TLS +#include "lwip/altcp_tls.h" +#endif + #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT #if LWIP_IPV4 #define LWIP_MQTT_EXAMPLE_IPADDR_INIT = IPADDR4_INIT(PP_HTONL(IPADDR_LOOPBACK)) @@ -1188,6 +1192,14 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + /* Includes for MQTT over TLS */ +#ifdef MQTT_USE_TLS + if (mqtt_port == 8883) { + mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + } +#endif + + // host name/ip //ipaddr_aton(mqtt_host,&mqtt_ip); From 0b0f158502e343582d84e54da152272df080bab2 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Wed, 27 Sep 2023 23:46:19 -0300 Subject: [PATCH 14/39] MQTT TLS boot ok --- .gitignore | 6 ++++++ src/driver/drv_ir.cpp | 17 ++++++++++++++--- src/mqtt/new_mqtt.c | 4 ++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index a85580d0b..2287a49e0 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,9 @@ configMemory.bin # MSVC enc_temp_folder/** +/sdk/OpenBK7231N +/sdk/OpenBK7231T +/sdk/OpenBL602 +/sdk/OpenW600 +/sdk/OpenW800 +/sdk/OpenXR809 \ No newline at end of file diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp index d2f2573b0..7b0281b6d 100644 --- a/src/driver/drv_ir.cpp +++ b/src/driver/drv_ir.cpp @@ -1,6 +1,5 @@ #if PLATFORM_BEKEN - extern "C" { // these cause error: conflicting declaration of 'int bk_wlan_mcu_suppress_and_sleep(unsigned int)' with 'C' linkage #include "../new_common.h" @@ -30,6 +29,18 @@ extern "C" { #include +/*Drive IR and MQTT TLS are too big for OTA. IF MQTT_USE_TLS enabled IR disabled*/ +#ifdef MQTT_USE_TLS + extern "C" void DRV_IR_Init() { + //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); + } + // this polls the IR receive to see off there was any IR received + extern "C" void DRV_IR_RunFrame() { + //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); + } +} +#endif // MQTT_USE_TLS +#ifndef MQTT_USE_TLS unsigned long ir_counter = 0; uint8_t gEnableIRSendWhilstReceive = 0; uint32_t gIRProtocolEnable = 0xFFFFFFFF; @@ -869,5 +880,5 @@ void cpptest(){ } #endif -#endif - +#endif //MQTT_USE_TLS +#endif //PLATFORM_BEKEN diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index fad0963e2..bddb74faa 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1192,9 +1192,13 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============VERSAO COM SUPORTE TLS %s\r", mqtt_userName); + /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============MQTT_USE_TLS ATIVO %s\r", mqtt_userName); if (mqtt_port == 8883) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============tls_config set on client_info %s\r", mqtt_userName); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); } #endif From 8b66372e7ab82abe3bd0fb71a5688a452297ffac Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 30 Sep 2023 01:16:39 -0300 Subject: [PATCH 15/39] Funcional version MQTT secure TLS --- src/driver/drv_ir.cpp | 16 ++-------------- src/driver/drv_main.c | 2 ++ src/mqtt/new_mqtt.c | 13 +++++++++---- src/obk_config.h | 6 ++++++ 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp index 7b0281b6d..73492f74d 100644 --- a/src/driver/drv_ir.cpp +++ b/src/driver/drv_ir.cpp @@ -29,18 +29,6 @@ extern "C" { #include -/*Drive IR and MQTT TLS are too big for OTA. IF MQTT_USE_TLS enabled IR disabled*/ -#ifdef MQTT_USE_TLS - extern "C" void DRV_IR_Init() { - //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); - } - // this polls the IR receive to see off there was any IR received - extern "C" void DRV_IR_RunFrame() { - //ADDLOG_INFO(LOG_FEATURE_IR, (char*)"Not supported"); - } -} -#endif // MQTT_USE_TLS -#ifndef MQTT_USE_TLS unsigned long ir_counter = 0; uint8_t gEnableIRSendWhilstReceive = 0; uint32_t gIRProtocolEnable = 0xFFFFFFFF; @@ -880,5 +868,5 @@ void cpptest(){ } #endif -#endif //MQTT_USE_TLS -#endif //PLATFORM_BEKEN +#endif + diff --git a/src/driver/drv_main.c b/src/driver/drv_main.c index b744e4a6d..183e05dac 100644 --- a/src/driver/drv_main.c +++ b/src/driver/drv_main.c @@ -154,12 +154,14 @@ static driver_t g_drivers[] = { //drvdetail:"requires":""} { "SM16703P", SM16703P_Init, NULL, NULL, NULL, NULL, NULL, false }, #endif +#if ENABLE_DRIVER_IR //drvdetail:{"name":"IR", //drvdetail:"title":"TODO", //drvdetail:"descr":"IRLibrary wrapper, so you can receive remote signals and send them. See [forum discussion here](https://www.elektroda.com/rtvforum/topic3920360.html), also see [LED strip and IR YT video](https://www.youtube.com/watch?v=KU0tDwtjfjw)", //drvdetail:"requires":""} { "IR", DRV_IR_Init, NULL, NULL, DRV_IR_RunFrame, NULL, NULL, false }, #endif +#endif #if defined(PLATFORM_BEKEN) || defined(WINDOWS) || defined(PLATFORM_BL602) //drvdetail:{"name":"DDP", //drvdetail:"title":"TODO", diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index bddb74faa..981b88b8c 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1192,14 +1192,19 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============VERSAO COM SUPORTE TLS %s\r", mqtt_userName); - /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============MQTT_USE_TLS ATIVO %s\r", mqtt_userName); if (mqtt_port == 8883) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "==============tls_config set on client_info %s\r", mqtt_userName); + LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + UNLOCK_TCPIP_CORE(); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); + } + else { + if (mqtt_client_info.tls_config) { + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } } #endif diff --git a/src/obk_config.h b/src/obk_config.h index c9dae81d7..d699e3606 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -13,7 +13,9 @@ //ENABLE_DRIVER_BL0942 - Enable support for BL0942 //ENABLE_DRIVER_CSE7766 - Enable support for CSE7766 //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor +//ENABLE_DRIVER_IR - Enable suporte for IR +#define MQTT_USE_TLS #if PLATFORM_XR809 @@ -73,7 +75,11 @@ #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 +//TLS use 120k rom e 44k ram. If enabled IR e MCU disabled to fit +#ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 +#define ENABLE_DRIVER_IR 1 +#endif //#define ENABLE_DRIVER_HT16K33 1 //#define ENABLE_DRIVER_MAX72XX 1 #define ENABLE_I2C 1 From 38eceae2a5b84a824c6cce4fc21f95b1a04b76f9 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 30 Sep 2023 19:03:28 -0300 Subject: [PATCH 16/39] Add option for mqtt to use tls in web config --- src/httpserver/http_fns.c | 17 +++++++++++++++++ src/mqtt/new_mqtt.c | 4 +++- src/new_cfg.c | 11 +++++++++++ src/new_cfg.h | 2 ++ src/new_pins.h | 4 +++- src/obk_config.h | 2 +- 6 files changed, 37 insertions(+), 3 deletions(-) diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index dbe86ce93..eab8597c4 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1048,6 +1048,18 @@ int http_fn_cfg_mqtt(http_request_t* request) { add_label_text_field(request, "Host", "host", CFG_GetMQTTHost(), ""); add_label_numeric_field(request, "Port", "port", CFG_GetMQTTPort(), "
"); + +// poststr(request, "
"); +// poststr(request, ""); + } + hprintf255(request, ""); + add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "

"); add_label_text_field(request, "Group Topic (Secondary Topic to only receive cmnds)", "group", CFG_GetMQTTGroupTopic(), "
"); add_label_text_field(request, "User", "user", CFG_GetMQTTUserName(), "
"); @@ -1119,6 +1131,11 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { if (http_getArg(request->url, "port", tmpA, sizeof(tmpA))) { CFG_SetMQTTPort(atoi(tmpA)); } + if (http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))) { + CFG_SetMQTTUseTls(true); + } else { + CFG_SetMQTTUseTls(false); + } if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); } diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 981b88b8c..aee3e57a2 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1132,6 +1132,7 @@ static int MQTT_do_connect(mqtt_client_t* client) int res; struct hostent* hostEntry; char will_topic[CGF_MQTT_CLIENT_ID_SIZE + 16]; + bool mqtt_use_tls; mqtt_host = CFG_GetMQTTHost(); @@ -1145,6 +1146,7 @@ static int MQTT_do_connect(mqtt_client_t* client) mqtt_pass = CFG_GetMQTTPass(); mqtt_clientID = CFG_GetMQTTClientId(); mqtt_port = CFG_GetMQTTPort(); + mqtt_use_tls = CFG_GetMQTTUseTls(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, @@ -1194,7 +1196,7 @@ static int MQTT_do_connect(mqtt_client_t* client) /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS - if (mqtt_port == 8883) { + if (mqtt_use_tls) { LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); UNLOCK_TCPIP_CORE(); diff --git a/src/new_cfg.c b/src/new_cfg.c index 26a371d8c..d7600090d 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -286,6 +286,9 @@ const char *CFG_GetOpenBekenHostName() { int CFG_GetMQTTPort() { return g_cfg.mqtt_port; } +bool CFG_GetMQTTUseTls() { + return g_cfg.mqtt_use_tls; +} void CFG_SetShortDeviceName(const char *s) { // this will return non-zero if there were any changes @@ -309,6 +312,14 @@ void CFG_SetMQTTPort(int p) { g_cfg_pendingChanges++; } } +void CFG_SetMQTTUseTls(bool value) { + // is there a change? + if(g_cfg.mqtt_use_tls != value) { + g_cfg.mqtt_use_tls = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_SetOpenAccessPoint() { // is there a change? if(g_cfg.wifi_ssid[0] == 0 && g_cfg.wifi_pass[0] == 0) { diff --git a/src/new_cfg.h b/src/new_cfg.h index 80c103012..496b68953 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -31,11 +31,13 @@ const char *CFG_GetMQTTClientId(); const char *CFG_GetMQTTGroupTopic(); const char *CFG_GetMQTTUserName(); const char *CFG_GetMQTTPass(); +bool CFG_GetMQTTUseTls(); void CFG_SetMQTTHost(const char *s); void CFG_SetMQTTClientId(const char *s); void CFG_SetMQTTUserName(const char *s); void CFG_SetMQTTGroupTopic(const char *s); void CFG_SetMQTTPass(const char *s); +void CFG_SetMQTTUseTls(bool value); const char *CFG_GetWebappRoot(); void CFG_SetLEDRemap(int r, int g, int b, int c, int w); void CFG_SetDefaultLEDRemap(int r, int g, int b, int c, int w); diff --git a/src/new_pins.h b/src/new_pins.h index c5ee36a7c..197d886f0 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1186,7 +1186,9 @@ typedef struct mainConfig_s { // offset 0x00000C40 (3136 decimal) char wifi_pass2[68]; // offset 0x00000C84 (3204 decimal) - char unused[380]; + bool mqtt_use_tls; + // offset 0x00000C84 (3205 decimal) + char unused[379]; #endif } mainConfig_t; diff --git a/src/obk_config.h b/src/obk_config.h index d699e3606..8d4429ef2 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -75,7 +75,7 @@ #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 -//TLS use 120k rom e 44k ram. If enabled IR e MCU disabled to fit +//TLS use 100k rom e 44k ram. If enabled IR e MCU disabled to fit #ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 #define ENABLE_DRIVER_IR 1 From 23b12fb665ffb4120252e144d5b17ed412502483 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Thu, 19 Oct 2023 03:37:03 -0300 Subject: [PATCH 17/39] Versao funcional pendente otimizacao de rom --- .gitmodules | 40 ++-- Makefile | 2 +- sdk/OpenBK7231N | 2 +- src/lwipopts.h | 448 ++++++++++++++++++++++++++++++++++++++ src/mqtt/new_mqtt.c | 132 ++++++----- src/obk_config.h | 3 +- src/user_mbedtls_config.h | 140 ++++++++++++ 7 files changed, 687 insertions(+), 80 deletions(-) create mode 100755 src/lwipopts.h create mode 100644 src/user_mbedtls_config.h diff --git a/.gitmodules b/.gitmodules index e129c1d55..84f8758d9 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,24 +1,24 @@ -[submodule "sdk/OpenXR809"] - path = sdk/OpenXR809 - url = https://github.com/openshwprojects/OpenXR809.git - branch = master -[submodule "sdk/OpenBK7231T"] - path = sdk/OpenBK7231T - url = https://github.com/openshwprojects/OpenBK7231T.git - branch = master +# [submodule "sdk/OpenXR809"] +# path = sdk/OpenXR809 +# url = https://github.com/openshwprojects/OpenXR809.git +# branch = master +# [submodule "sdk/OpenBK7231T"] +# path = sdk/OpenBK7231T +# url = https://github.com/openshwprojects/OpenBK7231T.git +# branch = master [submodule "sdk/OpenBK7231N"] path = sdk/OpenBK7231N url = https://github.com/openshwprojects/OpenBK7231N.git branch = master -[submodule "sdk/OpenBL602"] - path = sdk/OpenBL602 - url = https://github.com/openshwprojects/OpenBL602.git - branch = master -[submodule "sdk/OpenW800"] - path = sdk/OpenW800 - url = https://github.com/openshwprojects/OpenW800.git - branch = master -[submodule "sdk/OpenW600"] - path = sdk/OpenW600 - url = https://github.com/openshwprojects/OpenW600.git - branch = master +# [submodule "sdk/OpenBL602"] +# path = sdk/OpenBL602 +# url = https://github.com/openshwprojects/OpenBL602.git +# branch = master +# [submodule "sdk/OpenW800"] +# path = sdk/OpenW800 +# url = https://github.com/openshwprojects/OpenW800.git +# branch = master +# [submodule "sdk/OpenW600"] +# path = sdk/OpenW600 +# url = https://github.com/openshwprojects/OpenW600.git +# branch = master diff --git a/Makefile b/Makefile index 48a7c3106..022194de4 100644 --- a/Makefile +++ b/Makefile @@ -31,7 +31,7 @@ submodules: ifdef GITHUB_ACTIONS @echo Submodules already checked out during setup else - git submodule update --init --recursive --remote +# git submodule update --init --recursive --remote endif update-submodules: submodules diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index 7a65b01f6..e98b0b2e4 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit 7a65b01f637203c1c6c1f7a7ec630aa16ea5df4b +Subproject commit e98b0b2e4d68a01b89b7bd60db6eff5642a55cd6 diff --git a/src/lwipopts.h b/src/lwipopts.h new file mode 100755 index 000000000..8ddf53e40 --- /dev/null +++ b/src/lwipopts.h @@ -0,0 +1,448 @@ +/* + * Copyright (c) 2001-2003 Swedish Institute of Computer Science. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT + * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT + * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + * + * This file is part of the lwIP TCP/IP stack. + * + * Author: Adam Dunkels + * + */ +#ifndef __LWIPOPTS_H__ +#define __LWIPOPTS_H__ + +#include "obk_config.h" + +#if MQTT_USE_TLS +#define LWIP_ALTCP 1 +#define LWIP_ALTCP_TLS 1 +#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define MQTT_DEBUG LWIP_DBG_ON +#endif + + /** + * Loopback demo related options. + */ +#define LWIP_NETIF_LOOPBACK 1 +#define LWIP_HAVE_LOOPIF 1 +#define LWIP_NETIF_LOOPBACK_MULTITHREADING 1 +#define LWIP_LOOPBACK_MAX_PBUFS 8 + +#define TCPIP_THREAD_NAME "tcp/ip" +#define TCPIP_THREAD_STACKSIZE 768 +#define TCPIP_THREAD_PRIO 7 + +#define DEFAULT_THREAD_STACKSIZE 200 +#define DEFAULT_THREAD_PRIO 1 + + /* Disable lwIP asserts */ +#define LWIP_NOASSERT 1 + +#define LWIP_DEBUG LWIP_DBG_ON +#define LWIP_DEBUG_TRACE 0 +#define SOCKETS_DEBUG LWIP_DBG_OFF // | LWIP_DBG_MASK_LEVEL + +#define IP_DEBUG LWIP_DBG_OFF +#define ETHARP_DEBUG LWIP_DBG_OFF +#define NETIF_DEBUG LWIP_DBG_OFF +#define PBUF_DEBUG LWIP_DBG_OFF +#define MEMP_DEBUG LWIP_DBG_OFF +#define API_LIB_DEBUG LWIP_DBG_OFF +#define API_MSG_DEBUG LWIP_DBG_OFF +#define ICMP_DEBUG LWIP_DBG_OFF +#define IGMP_DEBUG LWIP_DBG_OFF +#define INET_DEBUG LWIP_DBG_OFF +#define IP_REASS_DEBUG LWIP_DBG_OFF +#define RAW_DEBUG LWIP_DBG_OFF +#define MEM_DEBUG LWIP_DBG_OFF +#define SYS_DEBUG LWIP_DBG_OFF +#define TCP_DEBUG LWIP_DBG_OFF +#define TCP_INPUT_DEBUG LWIP_DBG_OFF +#define TCP_FR_DEBUG LWIP_DBG_OFF +#define TCP_RTO_DEBUG LWIP_DBG_OFF +#define TCP_CWND_DEBUG LWIP_DBG_OFF +#define TCP_WND_DEBUG LWIP_DBG_OFF +#define TCP_OUTPUT_DEBUG LWIP_DBG_OFF +#define TCP_RST_DEBUG LWIP_DBG_OFF +#define TCP_QLEN_DEBUG LWIP_DBG_OFF +#define UDP_DEBUG LWIP_DBG_OFF +#define TCPIP_DEBUG LWIP_DBG_OFF +#define PPP_DEBUG LWIP_DBG_OFF +#define SLIP_DEBUG LWIP_DBG_OFF +#define DHCP_DEBUG LWIP_DBG_OFF +#define AUTOIP_DEBUG LWIP_DBG_OFF +#define SNMP_MSG_DEBUG LWIP_DBG_OFF +#define SNMP_MIB_DEBUG LWIP_DBG_OFF +#define DNS_DEBUG LWIP_DBG_OFF + +/** + * SYS_LIGHTWEIGHT_PROT==1: if you want inter-task protection for certain + * critical regions during buffer allocation, deallocation and memory + * allocation and deallocation. + */ +#define SYS_LIGHTWEIGHT_PROT 1 + + /* + ------------------------------------ + ---------- Memory options ---------- + ------------------------------------ + */ + + /** + * MEM_ALIGNMENT: should be set to the alignment of the CPU + * 4 byte alignment -> #define MEM_ALIGNMENT 4 + * 2 byte alignment -> #define MEM_ALIGNMENT 2 + */ +#define MEM_ALIGNMENT 4 + +#define MAX_SOCKETS_TCP 12 +#define MAX_LISTENING_SOCKETS_TCP 4 +#define MAX_SOCKETS_UDP 18 + + /* Value of TCP_SND_BUF_COUNT denotes the number of buffers and is set by + * CONFIG option available in the SDK + */ +#define TCP_SND_BUF_COUNT 12 + /* Buffer size needed for TCP: Max. number of TCP sockets * Size of pbuf * + * Max. number of TCP sender buffers per socket + * + * Listening sockets for TCP servers do not require the same amount buffer + * space. Hence do not consider these sockets for memory computation + */ +#define TCP_MEM_SIZE (MAX_SOCKETS_TCP * \ + PBUF_POOL_BUFSIZE * (TCP_SND_BUF/TCP_MSS)) + + /* Buffer size needed for UDP: Max. number of UDP sockets * Size of pbuf + */ +#define UDP_MEM_SIZE (MAX_SOCKETS_UDP * PBUF_POOL_BUFSIZE) + + /** + * MEM_SIZE: the size of the heap memory. If the application will send + * a lot of data that needs to be copied, this should be set high. + */ + +#define MEM_SIZE (16*1024) + + + + /* + ------------------------------------------------ + ---------- Internal Memory Pool Sizes ---------- + ------------------------------------------------ + */ + /** + * MEMP_NUM_PBUF: the number of memp struct pbufs (used for PBUF_ROM and PBUF_REF). + * If the application sends a lot of data out of ROM (or other static memory), + * this should be set high. + */ +#define MEMP_NUM_PBUF 12 + + /** + * MEMP_NUM_TCP_PCB: the number of simulatenously active TCP connections. + * (requires the LWIP_TCP option) + */ +#define MEMP_NUM_TCP_PCB MAX_SOCKETS_TCP +#define MEMP_NUM_TCP_PCB_LISTEN MAX_LISTENING_SOCKETS_TCP + + /** + * MEMP_NUM_TCP_SEG: the number of simultaneously queued TCP segments. + * (requires the LWIP_TCP option) + */ + + /** + * MEMP_NUM_TCPIP_MSG_INPKT: the number of struct tcpip_msg, which are used + * for incoming packets. + * (only needed if you use tcpip.c) + */ + +#define MEMP_NUM_TCPIP_MSG_INPKT 20 + + /** + * MEMP_NUM_SYS_TIMEOUT: the number of simulateously active timeouts. + * (requires NO_SYS==0) + */ +#define MEMP_NUM_SYS_TIMEOUT 16 + + /** + * MEMP_NUM_NETBUF: the number of struct netbufs. + * (only needed if you use the sequential API, like api_lib.c) + */ + +#define MEMP_NUM_NETBUF 20 + + /** + * MEMP_NUM_NETCONN: the number of struct netconns. + * (only needed if you use the sequential API, like api_lib.c) + * + * This number corresponds to the maximum number of active sockets at any + * given point in time. This number must be sum of max. TCP sockets, max. TCP + * sockets used for listening, and max. number of UDP sockets + */ +#define MEMP_NUM_NETCONN (MAX_SOCKETS_TCP + \ + MAX_LISTENING_SOCKETS_TCP + MAX_SOCKETS_UDP) + + /** + * PBUF_POOL_SIZE: the number of buffers in the pbuf pool. + */ + +#define PBUF_POOL_SIZE 3 + + + /* + ---------------------------------- + ---------- Pbuf options ---------- + ---------------------------------- + */ + + /** + * PBUF_POOL_BUFSIZE: the size of each pbuf in the pbuf pool. The default is + * designed to accomodate single full size TCP frame in one pbuf, including + * TCP_MSS, IP header, and link header. + */ +#define PBUF_POOL_BUFSIZE 1580 + + + /* + --------------------------------- + ---------- RAW options ---------- + --------------------------------- + */ + /** + * LWIP_RAW==1: Enable application layer to hook into the IP layer itself. + */ +#define LWIP_RAW 1 +#ifdef CONFIG_IPV6 +#define LWIP_IPV6 1 +#endif + + /* Enable IPv4 Auto IP */ +#ifdef CONFIG_AUTOIP +#define LWIP_AUTOIP 1 +#define LWIP_DHCP_AUTOIP_COOP 1 +#define LWIP_DHCP_AUTOIP_COOP_TRIES 5 +#endif + +/* + ------------------------------------ + ---------- Socket options ---------- + ------------------------------------ +*/ +/** + * LWIP_SOCKET==1: Enable Socket API (require to use sockets.c) + */ +#define LWIP_SOCKET 1 +#define LWIP_NETIF_API 1 + + /** + * LWIP_RECV_CB==1: Enable callback when a socket receives data. + */ +#define LWIP_RECV_CB 1 + /** + * SO_REUSE==1: Enable SO_REUSEADDR option. + */ +#define SO_REUSE 1 +#define SO_REUSE_RXTOALL 1 + + /** + * Enable TCP_KEEPALIVE + */ +#define LWIP_TCP_KEEPALIVE 1 + + /* + ---------------------------------------- + ---------- Statistics options ---------- + ---------------------------------------- + */ + /** + * LWIP_STATS==1: Enable statistics collection in lwip_stats. + */ +#define LWIP_STATS 1 + + /** + * LWIP_STATS_DISPLAY==1: Compile in the statistics output functions. + */ +#define LWIP_STATS_DISPLAY 0 + + /* + ---------------------------------- + ---------- DHCP options ---------- + ---------------------------------- + */ + /** + * LWIP_DHCP==1: Enable DHCP module. + */ +#define LWIP_DHCP 1 +#define LWIP_NETIF_STATUS_CALLBACK 1 + + /** + * DNS related options, revisit later to fine tune. + */ +#define LWIP_DNS 1 +#define DNS_TABLE_SIZE 2 // number of table entries, default 4 + //#define DNS_MAX_NAME_LENGTH 64 // max. name length, default 256 +#define DNS_MAX_SERVERS 2 // number of DNS servers, default 2 +#define DNS_DOES_NAME_CHECK 1 // compare received name with given,def 0 +#define DNS_MSG_SIZE 512 +#define MDNS_MSG_SIZE 512 + +#define MDNS_TABLE_SIZE 1 // number of mDNS table entries +#define MDNS_MAX_SERVERS 1 // number of mDNS multicast addresses +/* TODO: Number of active UDP PCBs is equal to number of active UDP sockets plus + * two. Need to find the users of these 2 PCBs + */ +#define MEMP_NUM_UDP_PCB (MAX_SOCKETS_UDP + 2) + /* NOTE: some times the socket() call for SOCK_DGRAM might fail if you dont + * have enough MEMP_NUM_UDP_PCB */ + + /* + ---------------------------------- + ---------- IGMP options ---------- + ---------------------------------- + */ + /** + * LWIP_IGMP==1: Turn on IGMP module. + */ +#define LWIP_IGMP 1 + + /** + * LWIP_SO_SNDTIMEO==1: Enable send timeout for sockets/netconns and + * SO_SNDTIMEO processing. + */ +#define LWIP_SO_SNDTIMEO 1 + + /** + * LWIP_SO_RCVTIMEO==1: Enable receive timeout for sockets/netconns and + * SO_RCVTIMEO processing. + */ +#define LWIP_SO_RCVTIMEO 1 +#define LWIP_SO_SNDTIMEO 1 + /** + * TCP_LISTEN_BACKLOG==1: Handle backlog connections. + */ +#define TCP_LISTEN_BACKLOG 1 +#define LWIP_PROVIDE_ERRNO 1 + +#include +#define ERRNO 1 + + //#define LWIP_SNMP 1 + + + /* + ------------------------------------------------ + ---------- Network Interfaces options ---------- + ------------------------------------------------ + */ + /** + * LWIP_NETIF_HOSTNAME==1: use DHCP_OPTION_HOSTNAME with netif's hostname + * field. + */ +#define LWIP_NETIF_HOSTNAME 1 + + + /* + The STM32F107 allows computing and verifying the IP, UDP, TCP and ICMP checksums by hardware: + - To use this feature let the following define uncommented. + - To disable it and process by CPU comment the the checksum. + */ + //#define CHECKSUM_BY_HARDWARE + + +#ifdef CHECKSUM_BY_HARDWARE + /* CHECKSUM_GEN_IP==0: Generate checksums by hardware for outgoing IP packets.*/ +#define CHECKSUM_GEN_IP 0 +/* CHECKSUM_GEN_UDP==0: Generate checksums by hardware for outgoing UDP packets.*/ +#define CHECKSUM_GEN_UDP 0 +/* CHECKSUM_GEN_TCP==0: Generate checksums by hardware for outgoing TCP packets.*/ +#define CHECKSUM_GEN_TCP 0 +/* CHECKSUM_CHECK_IP==0: Check checksums by hardware for incoming IP packets.*/ +#define CHECKSUM_CHECK_IP 0 +/* CHECKSUM_CHECK_UDP==0: Check checksums by hardware for incoming UDP packets.*/ +#define CHECKSUM_CHECK_UDP 0 +/* CHECKSUM_CHECK_TCP==0: Check checksums by hardware for incoming TCP packets.*/ +#define CHECKSUM_CHECK_TCP 0 +#else + /* CHECKSUM_GEN_IP==1: Generate checksums in software for outgoing IP packets.*/ +#define CHECKSUM_GEN_IP 1 +/* CHECKSUM_GEN_UDP==1: Generate checksums in software for outgoing UDP packets.*/ +#define CHECKSUM_GEN_UDP 1 +/* CHECKSUM_GEN_TCP==1: Generate checksums in software for outgoing TCP packets.*/ +#define CHECKSUM_GEN_TCP 1 +/* CHECKSUM_CHECK_IP==1: Check checksums in software for incoming IP packets.*/ +#define CHECKSUM_CHECK_IP 1 +/* CHECKSUM_CHECK_UDP==1: Check checksums in software for incoming UDP packets.*/ +#define CHECKSUM_CHECK_UDP 1 +/* CHECKSUM_CHECK_TCP==1: Check checksums in software for incoming TCP packets.*/ +#define CHECKSUM_CHECK_TCP 1 +#endif + +/** + * TCP_RESOURCE_FAIL_RETRY_LIMIT: limit for retrying sending of tcp segment + * on resource failure error returned by driver. + */ +#define TCP_RESOURCE_FAIL_RETRY_LIMIT 50 + + //#ifdef CONFIG_ENABLE_MXCHIP + /* save memory */ + ///#define PBUF_POOL_SIZE (3) +#define TCP_MSS (1500 - 40) +/* TCP receive window. */ +#define TCP_WND (3 * TCP_MSS) +/* TCP sender buffer space (bytes). */ +#define TCP_SND_BUF (10 * TCP_MSS) + +#define TCP_SND_QUEUELEN (40) + +/* ARP before DHCP causes multi-second delay - turn it off */ +#define DHCP_DOES_ARP_CHECK (0) + +#define TCP_MAX_ACCEPT_CONN 5 +#define MEMP_NUM_TCP_SEG (TCP_SND_QUEUELEN*2) + +#define IP_REASS_MAX_PBUFS 0 +#define IP_REASSEMBLY 0 +#define IP_REASS_MAX_PBUFS 0 +#define IP_REASSEMBLY 0 +#define MEMP_NUM_REASSDATA 0 +#define IP_FRAG 0 + +#define MEM_LIBC_MALLOC (0) + +#define DEFAULT_UDP_RECVMBOX_SIZE 3 //each udp socket max buffer 3 packets. + +#define MEMP_MEM_MALLOC (0) +#define TCP_MSL (TCP_TMR_INTERVAL) + +#define LWIP_COMPAT_MUTEX_ALLOWED (1) + +#define MEMP_STATS 1 +#define MEM_STATS 1 + +#define LWIP_DONT_PROVIDE_BYTEORDER_FUNCTIONS + +#define ETHARP_SUPPORT_STATIC_ENTRIES 1 +#define LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS 1 + +#endif /* __LWIPOPTS_H__ */ + diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index aee3e57a2..49a239aa5 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -68,14 +68,14 @@ int mqtt_rx_buffer_count; unsigned char temp_topic[128]; unsigned char temp_data[2048]; -int addLenData(int len, const unsigned char *data){ +int addLenData(int len, const unsigned char* data) { mqtt_rx_buffer[mqtt_rx_buffer_head] = (len >> 8) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; mqtt_rx_buffer[mqtt_rx_buffer_head] = (len) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; - for (int i = 0; i < len; i++){ + for (int i = 0; i < len; i++) { mqtt_rx_buffer[mqtt_rx_buffer_head] = data[i]; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; @@ -83,32 +83,33 @@ int addLenData(int len, const unsigned char *data){ return len + 2; } -int getLenData(int *len, unsigned char *data, int maxlen){ +int getLenData(int* len, unsigned char* data, int maxlen) { int l; l = mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - l = l<<8; + l = l << 8; l |= mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - for (int i = 0; i < l; i++){ - if (i < maxlen){ + for (int i = 0; i < l; i++) { + if (i < maxlen) { data[i] = mqtt_rx_buffer[mqtt_rx_buffer_tail]; } mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; } - if (mqtt_rx_buffer_count < 0){ + if (mqtt_rx_buffer_count < 0) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer underflow!!!"); mqtt_rx_buffer_count = 0; mqtt_rx_buffer_tail = mqtt_rx_buffer_head = 0; } - if (l > maxlen){ + if (l > maxlen) { *len = maxlen; - } else { + } + else { *len = l; } return l + 2; @@ -141,12 +142,13 @@ static void MQTT_Mutex_Free() // NOTE: this function is now public, but only because my unit tests // system can use it to spoof MQTT packets to check if MQTT commands // are working... -int MQTT_Post_Received(const char *topic, int topiclen, const unsigned char *data, int datalen){ +int MQTT_Post_Received(const char* topic, int topiclen, const unsigned char* data, int datalen) { MQTT_Mutex_Take(100); - if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2){ + if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer overflow for topic %s", topic); - } else { - addLenData(topiclen, (unsigned char *)topic); + } + else { + addLenData(topiclen, (unsigned char*)topic); addLenData(datalen, data); } MQTT_Mutex_Free(); @@ -157,18 +159,18 @@ int MQTT_Post_Received(const char *topic, int topiclen, const unsigned char *dat #endif return 1; } -int MQTT_Post_Received_Str(const char *topic, const char *data) { +int MQTT_Post_Received_Str(const char* topic, const char* data) { return MQTT_Post_Received(topic, strlen(topic), (const unsigned char*)data, strlen(data)); } -int get_received(char **topic, int *topiclen, unsigned char **data, int *datalen){ +int get_received(char** topic, int* topiclen, unsigned char** data, int* datalen) { int res = 0; MQTT_Mutex_Take(100); - if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head){ - getLenData(topiclen, temp_topic, sizeof(temp_topic)-1); + if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head) { + getLenData(topiclen, temp_topic, sizeof(temp_topic) - 1); temp_topic[*topiclen] = 0; - getLenData(datalen, temp_data, sizeof(temp_data)-1); + getLenData(datalen, temp_data, sizeof(temp_data) - 1); temp_data[*datalen] = 0; - *topic = (char *)temp_topic; + *topic = (char*)temp_topic; *data = temp_data; res = 1; } @@ -494,7 +496,7 @@ int MQTT_RemoveCallback(int ID) { return 0; } -const char *skipExpected(const char *p, const char *tok) { +const char* skipExpected(const char* p, const char* tok) { while (1) { if (*p == 0) return 0; @@ -518,9 +520,9 @@ const char *skipExpected(const char *p, const char *tok) { * @param topic The topic to parse * @return The topic without the client, or NULL if / wasn't present */ -const char* MQTT_RemoveClientFromTopic(const char* topic, const char *prefix) { - const char *p2; - const char *p = topic; +const char* MQTT_RemoveClientFromTopic(const char* topic, const char* prefix) { + const char* p2; + const char* p = topic; if (prefix) { p = skipExpected(p, prefix); if (p == 0) { @@ -534,7 +536,7 @@ const char* MQTT_RemoveClientFromTopic(const char* topic, const char *prefix) { } return p2; } -bool stribegins(const char *str, const char *needle) { +bool stribegins(const char* str, const char* needle) { int l = strlen(needle); return !wal_strnicmp(str, needle, l); } @@ -552,7 +554,7 @@ int channelGet(obk_mqtt_request_t* request) { addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelGet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic,0); + p = MQTT_RemoveClientFromTopic(request->topic, 0); if (p == NULL) { return 0; @@ -603,11 +605,11 @@ int channelSet(obk_mqtt_request_t* request) { int channel = 0; int iValue = 0; const char* p; - const char *argument; + const char* argument; addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelSet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic,0); + p = MQTT_RemoveClientFromTopic(request->topic, 0); if (p == NULL) { return 0; @@ -664,16 +666,16 @@ int channelSet(obk_mqtt_request_t* request) { // -void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { - const char *toUse; +void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { + const char* toUse; if (printer->allocated) toUse = printer->allocated; else toUse = printer->stackBuffer; MQTT_PublishStat(statName, toUse); } -void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { - const char *toUse; +void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { + const char* toUse; if (printer->allocated) toUse = printer->allocated; else @@ -710,7 +712,7 @@ int mqtt_printf255(obk_mqtt_publishReplyPrinter_t* request, const char* fmt, ... request->curLen += myLen; return 0; } -void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) { +void MQTT_ProcessCommandReplyJSON(const char* cmd, const char* args, int flags) { obk_mqtt_publishReplyPrinter_t replyBuilder; memset(&replyBuilder, 0, sizeof(obk_mqtt_publishReplyPrinter_t)); JSON_ProcessCommandReply(cmd, args, &replyBuilder, (jsonCb_t)mqtt_printf255, flags); @@ -719,8 +721,8 @@ void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) } } int tasCmnd(obk_mqtt_request_t* request) { - const char *p, *args; - //const char *p2; + const char* p, * args; + //const char *p2; p = MQTT_RemoveClientFromTopic(request->topic, "cmnd"); if (p == 0) { @@ -736,7 +738,7 @@ int tasCmnd(obk_mqtt_request_t* request) { return 1; #if 1 - args = (const char *)request->received; + args = (const char*)request->received; // I think that our function get_received always ensured that // there is a NULL terminating character after payload of MQTT // So we can feed it directly as command @@ -745,7 +747,7 @@ int tasCmnd(obk_mqtt_request_t* request) { #else int len = request->receivedLen; char copy[64]; - char *allocated; + char* allocated; // assume a string input here, copy and terminate // Try to avoid free/malloc if (len > sizeof(copy) - 2) { @@ -862,7 +864,7 @@ static OBK_Publish_Result MQTT_PublishTopicToClient(mqtt_client_t* client, const { strcpy(pub_topic, sChannel); } - else + else { sprintf(pub_topic, "%s/%s%s", sTopic, sChannel, (appendGet == true ? "/get" : "")); } @@ -923,7 +925,7 @@ OBK_Publish_Result MQTT_PublishTele(const char* teleName, const char* teleValue) OBK_Publish_Result MQTT_PublishStat(const char* statName, const char* statValue) { char topic[64]; - snprintf(topic,sizeof(topic),"stat/%s", CFG_GetMQTTClientId()); + snprintf(topic, sizeof(topic), "stat/%s", CFG_GetMQTTClientId()); return MQTT_PublishTopicToClient(mqtt_client, topic, statName, statValue, 0, false); } /// @brief Publish a MQTT message immediately. @@ -984,16 +986,16 @@ static void mqtt_incoming_data_cb(void* arg, const u8_t* data, u16_t len, u8_t f // run from userland (quicktick or wakeable thread) -int MQTT_process_received(){ - char *topic; +int MQTT_process_received() { + char* topic; int topiclen; - unsigned char *data; + unsigned char* data; int datalen; int found = 0; int count = 0; - do{ + do { found = get_received(&topic, &topiclen, &data, &datalen); - if (found){ + if (found) { count++; strncpy(g_mqtt_request_cb.topic, topic, sizeof(g_mqtt_request_cb.topic)); g_mqtt_request_cb.received = data; @@ -1160,14 +1162,16 @@ static int MQTT_do_connect(mqtt_client_t* client) // empty field for us means "no password", etc, // but LWIP (without mods) expects a NULL pointer in that case... mqtt_client_info.client_id = mqtt_clientID; - if(mqtt_pass[0] != 0) { + if (mqtt_pass[0] != 0) { mqtt_client_info.client_pass = mqtt_pass; - } else { + } + else { mqtt_client_info.client_pass = 0; } - if(mqtt_userName[0] != 0) { + if (mqtt_userName[0] != 0) { mqtt_client_info.client_user = mqtt_userName; - } else { + } + else { mqtt_client_info.client_user = 0; } @@ -1198,6 +1202,10 @@ static int MQTT_do_connect(mqtt_client_t* client) #ifdef MQTT_USE_TLS if (mqtt_use_tls) { LOCK_TCPIP_CORE(); + if (mqtt_client_info.tls_config) { + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); UNLOCK_TCPIP_CORE(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); @@ -1210,7 +1218,6 @@ static int MQTT_do_connect(mqtt_client_t* client) } #endif - // host name/ip //ipaddr_aton(mqtt_host,&mqtt_ip); @@ -1334,7 +1341,7 @@ commandResult_t MQTT_PublishChannel(const void* context, const char* cmd, const } channelIndex = Tokenizer_GetArgInteger(0); - MQTT_ChannelPublish(channelIndex,0); + MQTT_ChannelPublish(channelIndex, 0); return CMD_RES_OK; } @@ -1687,8 +1694,8 @@ void MQTT_InitCallbacks() { MQTT_RegisterCallback(cbtopicbase, cbtopicsub, 7, tasCmnd); } } - // initialise things MQTT - // called from user_main +// initialise things MQTT +// called from user_main void MQTT_init() { // WINDOWS must support reinit @@ -1863,7 +1870,7 @@ OBK_Publish_Result MQTT_DoItemPublish(int idx) } // from 5ms quicktick -int MQTT_RunQuickTick(){ +int MQTT_RunQuickTick() { #ifndef PLATFORM_BEKEN // on Beken, we use a one-shot timer for this. MQTT_process_received(); @@ -1930,7 +1937,7 @@ int MQTT_RunEverySecondUpdate() } int res = 0; - if (mqtt_client){ + if (mqtt_client) { LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); @@ -1995,7 +2002,7 @@ int MQTT_RunEverySecondUpdate() } else { // things to do in our threads on connection accepted. - if (g_just_connected){ + if (g_just_connected) { g_just_connected = 0; // publish all values on state if (CFG_HasFlag(OBK_FLAG_MQTT_BROADCASTSELFSTATEONCONNECT)) { @@ -2193,7 +2200,7 @@ void MQTT_QueuePublishWithCommand(const char* topic, const char* channel, const /// @param command void MQTT_InvokeCommandAtEnd(PostPublishCommands command) { MqttPublishItem_t* tail = get_queue_tail(g_MqttPublishQueueHead); - if (tail == NULL){ + if (tail == NULL) { addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "InvokeCommandAtEnd invoked but queue is empty"); } else { @@ -2258,7 +2265,7 @@ OBK_Publish_Result PublishQueuedItems() { /// @return bool MQTT_IsReady() { int res = 0; - if (mqtt_client){ + if (mqtt_client) { LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); @@ -2266,3 +2273,16 @@ bool MQTT_IsReady() { return mqtt_client && res; } +#ifdef MQTT_USE_TLS +#include "fake_clock_pub.h" +int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + ((void)data); + *olen = len; + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "->wolfssl_custom_random len(%u)", len); + srand(fclk_get_second()); + while (len--) { + *output++ = rand() % 255; + } + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " <-wolfssl_custom_random ret(%u)", 0); +} +#endif \ No newline at end of file diff --git a/src/obk_config.h b/src/obk_config.h index 8d4429ef2..c06be039b 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -15,8 +15,6 @@ //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor //ENABLE_DRIVER_IR - Enable suporte for IR -#define MQTT_USE_TLS - #if PLATFORM_XR809 #define OBK_DISABLE_ALL_DRIVERS 1 @@ -68,6 +66,7 @@ #elif PLATFORM_BEKEN // set to 0 to disable +#define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 #define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h new file mode 100644 index 000000000..b26ce3a7f --- /dev/null +++ b/src/user_mbedtls_config.h @@ -0,0 +1,140 @@ +#ifndef USER_MBEDTLS_CONFIG_H +#define USER_MBEDTLS_CONFIG_H + +#include "mbedtls/config.h" + +#undef MBEDTLS_MD5_C +#undef MBEDTLS_CAMELLIA_C +#define MBEDTLS_SHA256_SMALLER +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#undef MBEDTLS_RIPEMD160_C +#undef MBEDTLS_SHA512_C + +// Plataform specific +#undef MBEDTLS_FS_IO +#undef MBEDTLS_NET_C +#undef MBEDTLS_TIMING_C +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +// Modes +#define MBEDTLS_SSL_CLI_C // Only client enabled +#undef MBEDTLS_SSL_SRV_C +// Protos +#undef MBEDTLS_SSL_PROTO_SSL3 +#undef MBEDTLS_SSL_PROTO_TLS1 +#undef MBEDTLS_SSL_PROTO_TLS1_1 +#define MBEDTLS_SSL_PROTO_TLS1_2 // Only TLS1.2 enabled +#undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +#undef MBEDTLS_SSL_PROTO_DTLS + +// MPI / BIGNUM options +#define MBEDTLS_MPI_WINDOW_SIZE 1 +#define MBEDTLS_MPI_MAX_SIZE 512 +// ECP Options +#define MBEDTLS_ECP_WINDOW_SIZE 2 +// Content Lenght +#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 + +/* +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#undef MBEDTLS_SSL_SERVER_NAME_INDICATION +#undef MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_AES_FEWER_TABLES +#define MBEDTLS_CAMELLIA_SMALL_MEMORY +//675296 +#undef MBEDTLS_CIPHER_MODE_CBC //??? +//671424 +#undef MBEDTLS_CIPHER_NULL_CIPHER +#undef MBEDTLS_ENABLE_WEAK_CIPHERSUITES +#define MBEDTLS_REMOVE_3DES_CIPHERSUITES +//671424 +// Only SECP384R1 or CURVE25519 // +#undef MBEDTLS_ECP_DP_SECP192R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP224R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED // da para desativar? +#undef MBEDTLS_ECP_DP_SECP521R1_ENABLED +#undef MBEDTLS_ECP_DP_SECP192K1_ENABLED +#undef MBEDTLS_ECP_DP_SECP224K1_ENABLED +#undef MBEDTLS_ECP_DP_SECP256K1_ENABLED +#undef MBEDTLS_ECP_DP_BP256R1_ENABLED +#undef MBEDTLS_ECP_DP_BP384R1_ENABLED +#undef MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED //usar somente esta +#undef MBEDTLS_ECP_DP_CURVE448_ENABLED +//667568 +// Only ECDHE RSA // +#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +//664192 +#undef MBEDTLS_GENPRIME +//663296 +#undef MBEDTLS_PKCS1_V15 //??? +#undef MBEDTLS_PKCS1_V21 //??? +//659488 +// Define only on development // +#undef MBEDTLS_SELF_TEST +#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES +#undef MBEDTLS_SSL_RECORD_CHECKING +#undef MBEDTLS_SSL_CONTEXT_SERIALIZATION +#undef MBEDTLS_SSL_DEBUG_ALL +#undef MBEDTLS_VERSION_FEATURES +#undef MBEDTLS_CERTS_C +//657824 +#undef MBEDTLS_X509_RSASSA_PSS_SUPPORT +//657216 +#undef MBEDTLS_ARC4_C +//655872 +#undef MBEDTLS_BLOWFISH_C +//650752 +#undef MBEDTLS_CAMELLIA_C +//648352 +#undef MBEDTLS_ARIA_C +#undef MBEDTLS_DES_C +#undef MBEDTLS_CCM_C +#undef MBEDTLS_MD2_C +#undef MBEDTLS_MD4_C +#undef MBEDTLS_MD5_C +//641504 +#undef MBEDTLS_DHM_C +#define MBEDTLS_ECDH_C // Enable only ECDH +#undef MBEDTLS_ECDSA_C +#undef MBEDTLS_ECJPAKE_C +//639664 +#undef MBEDTLS_PEM_PARSE_C +#undef MBEDTLS_PEM_WRITE_C +//638848 +#undef MBEDTLS_SHA1_C +//635376 +#undef MBEDTLS_DEBUG_C +// 622032 + + +// Enabled Ciphers +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_CHACHA20_C +#define MBEDTLS_CHACHAPOLY_C +#define MBEDTLS_POLY1305_C +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_AES_C // Tentar desativar +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_GCM_C + +#undef MBEDTLS_SHA512_C +#undef MBEDTLS_RIPEMD160_C +#define MBEDTLS_SHA512_NO_SHA384 +#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE +*/ + +#endif From 51bfc0c9e1726747b83fa9a5f9aa24f8fd1dd7d5 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Fri, 20 Oct 2023 14:30:43 -0300 Subject: [PATCH 18/39] Versao funcional com verify certificate disabled --- .vscode/settings.json | 7 +- sdk/OpenBK7231N | 2 +- src/httpserver/http_fns.c | 408 ++++++++++++++++++++------------------ src/mqtt/new_mqtt.c | 81 ++++++-- src/new_cfg.c | 22 ++ src/new_cfg.h | 8 +- src/new_pins.h | 10 +- src/user_mbedtls_config.h | 145 ++++++-------- 8 files changed, 385 insertions(+), 298 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index d9094df0b..359a4bd2b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "editor.formatOnPaste": true, - "editor.formatOnSave": true, + "editor.formatOnSave": false, "C_Cpp.formatting": "vcFormat", "C_Cpp.codeAnalysis.runAutomatically": false, "C_Cpp.clang_format_style": "{ BasedOnStyle: LLVM, UseTab: Always, IndentWidth: 4, TabWidth: 4, BreakBeforeBraces: Attach, AllowShortIfStatementsOnASingleLine: false, IndentCaseLabels: false, ColumnLimit: 0, AccessModifierOffset: -4, NamespaceIndentation: All, FixNamespaceComments: false }", @@ -15,5 +15,8 @@ "C_Cpp.clang_format_fallbackStyle": "{ BasedOnStyle: LLVM, UseTab: Always, IndentWidth: 4, TabWidth: 4, BreakBeforeBraces: Attach, AllowShortIfStatementsOnASingleLine: false, IndentCaseLabels: false, ColumnLimit: 0, AccessModifierOffset: -4, NamespaceIndentation: All, FixNamespaceComments: false }", "prettier.tabWidth": 4, "prettier.useTabs": true, - "prettier.printWidth": 120 + "prettier.printWidth": 120, + "files.associations": { + "altcp_tls.h": "c" + } } \ No newline at end of file diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index e98b0b2e4..a427faeac 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit e98b0b2e4d68a01b89b7bd60db6eff5642a55cd6 +Subproject commit a427faeacfdc1f996dc4524aa7eb52d2c69229cf diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index eab8597c4..d11e71ae6 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -498,7 +498,7 @@ int http_fn_index(http_request_t* request) { types = types6; numTypes = 6; } - + iValue = CHANNEL_Get(i); poststr(request, ""); @@ -1049,18 +1049,26 @@ int http_fn_cfg_mqtt(http_request_t* request) { add_label_text_field(request, "Host", "host", CFG_GetMQTTHost(), ""); add_label_numeric_field(request, "Port", "port", CFG_GetMQTTPort(), "
"); -// poststr(request, "
"); -// poststr(request, "Show all hex?
"); + // poststr(request, ""); } - hprintf255(request, ""); + hprintf255(request, "
"); + + hprintf255(request, ""); + } + hprintf255(request, "
"); + + add_label_text_field(request, "Certificate File (CA Root or Public Certificate PEM format)", "mqtt_cert_file", CFG_GetMQTTCertFile(), "
"); - add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "

"); + add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "
"); add_label_text_field(request, "Group Topic (Secondary Topic to only receive cmnds)", "group", CFG_GetMQTTGroupTopic(), "
"); add_label_text_field(request, "User", "user", CFG_GetMQTTUserName(), "
"); add_label_password_field(request, "Password", "password", CFG_GetMQTTPass(), "
"); @@ -1131,11 +1139,13 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { if (http_getArg(request->url, "port", tmpA, sizeof(tmpA))) { CFG_SetMQTTPort(atoi(tmpA)); } - if (http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))) { - CFG_SetMQTTUseTls(true); - } else { - CFG_SetMQTTUseTls(false); + + CFG_SetMQTTUseTls(http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))); + CFG_SetMQTTVerifyTlsCert(http_getArg(request->url, "mqtt_verify_tls_cert", tmpA, sizeof(tmpA))); + if (http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA))) { + CFG_SetMQTTCertFile(tmpA); } + if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); } @@ -1771,23 +1781,23 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } #endif //if (relayCount > 0) { - for (i = 0; i < CHANNEL_MAX; i++) { - bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; - if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { - // TODO: flags are 32 bit and there are 64 max channels - BIT_SET(flagsChannelPublished, i); - if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { - dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); - } - else { - dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); - } - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); - dev_info = NULL; - discoveryQueued = true; + for (i = 0; i < CHANNEL_MAX; i++) { + bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; + if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { + // TODO: flags are 32 bit and there are 64 max channels + BIT_SET(flagsChannelPublished, i); + if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { + dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); + } + else { + dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); } + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); + dev_info = NULL; + discoveryQueued = true; } + } //} if (dInputCount > 0) { @@ -1909,195 +1919,195 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } switch (type) { - case ChType_OpenClosed: - { - dev_info = hass_init_binary_sensor_device_info(i, false); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + case ChType_OpenClosed: + { + dev_info = hass_init_binary_sensor_device_info(i, false); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_OpenClosed_Inv: - { - dev_info = hass_init_binary_sensor_device_info(i, true); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_OpenClosed_Inv: + { + dev_info = hass_init_binary_sensor_device_info(i, true); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div10: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div10: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div100: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div100: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnlyLowMidHigh: - { - dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnlyLowMidHigh: + { + dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_SmokePercent: - { - dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_SmokePercent: + { + dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Illuminance: - { - dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Illuminance: + { + dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnly: - { - dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnly: + { + dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div2: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div2: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div10: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div10: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity_div10: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity_div10: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div100: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div100: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div1000: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div1000: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power_div10: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power_div10: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_PowerFactor_div1000: - { - dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_PowerFactor_div1000: + { + dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Frequency_div100: - { - dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Frequency_div100: + { + dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div100: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div100: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div1000: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div1000: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; + discoveryQueued = true; + } + break; } } #endif @@ -2363,10 +2373,11 @@ int http_fn_cm(http_request_t* request) { if (request->method == HTTP_GET) { commandLen = http_getArg(request->url, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (GET) %s;%s;%d\n", request->url, tmpA, commandLen); - } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } + else if (request->method == HTTP_POST || request->method == HTTP_PUT) { commandLen = http_getRawArg(request->bodystart, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (POST) %s;%s;%d\n", request->bodystart, tmpA, commandLen); - } + } if (commandLen) { if (commandLen > (sizeof(tmpA) - 5)) { commandLen += 8; @@ -2374,7 +2385,8 @@ int http_fn_cm(http_request_t* request) { if (long_str_alloced) { if (request->method == HTTP_GET) { http_getArg(request->url, "cmnd", long_str_alloced, commandLen); - } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } + else if (request->method == HTTP_POST || request->method == HTTP_PUT) { http_getRawArg(request->bodystart, "cmnd", long_str_alloced, commandLen); } CMD_ExecuteCommand(long_str_alloced, COMMAND_FLAG_SOURCE_HTTP); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 49a239aa5..35f120257 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -14,6 +14,26 @@ #ifdef MQTT_USE_TLS #include "lwip/altcp_tls.h" +#include "lwip/apps/mqtt_priv.h" +#include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" +#include "mbedtls/ssl.h" +struct altcp_tls_config { + mbedtls_ssl_config conf; + mbedtls_x509_crt* cert; + mbedtls_pk_context* pkey; + u8_t cert_count; + u8_t cert_max; + u8_t pkey_count; + u8_t pkey_max; + mbedtls_x509_crt* ca; +#if defined(MBEDTLS_SSL_CACHE_C) && ALTCP_MBEDTLS_USE_SESSION_CACHE + // Inter-connection cache for fast connection startup + struct mbedtls_ssl_cache_context cache; +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && ALTCP_MBEDTLS_USE_SESSION_TICKETS + mbedtls_ssl_ticket_context ticket_ctx; +#endif +}; #endif #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT @@ -1071,6 +1091,16 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); +#ifdef LWIP_ALTCP_TLS_MBEDTLS + if (client && client->conn && client->conn->state) { + altcp_mbedtls_state_t* state = client->conn->state; + mbedtls_ssl_context* ssl = &state->ssl_context; + LWIP_PLATFORM_DIAG(("MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl))); + LWIP_PLATFORM_DIAG(("MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl))); + + } +#endif + //LOCK_TCPIP_CORE(); mqtt_set_inpub_callback(mqtt_client, mqtt_incoming_publish_cb, @@ -1134,7 +1164,7 @@ static int MQTT_do_connect(mqtt_client_t* client) int res; struct hostent* hostEntry; char will_topic[CGF_MQTT_CLIENT_ID_SIZE + 16]; - bool mqtt_use_tls; + bool mqtt_use_tls, mqtt_verify_tls_cert; mqtt_host = CFG_GetMQTTHost(); @@ -1149,6 +1179,7 @@ static int MQTT_do_connect(mqtt_client_t* client) mqtt_clientID = CFG_GetMQTTClientId(); mqtt_port = CFG_GetMQTTPort(); mqtt_use_tls = CFG_GetMQTTUseTls(); + mqtt_verify_tls_cert = CFG_GetMQTTVerifyTlsCert(); addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, @@ -1200,20 +1231,45 @@ static int MQTT_do_connect(mqtt_client_t* client) /* Includes for MQTT over TLS */ #ifdef MQTT_USE_TLS + /* Free old configuration */ + if (mqtt_client_info.tls_config) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Free old configuration "); + altcp_tls_free_entropy(); + mqtt_client_info.tls_config = NULL; + } if (mqtt_use_tls) { - LOCK_TCPIP_CORE(); - if (mqtt_client_info.tls_config) { - altcp_tls_free_entropy(); - mqtt_client_info.tls_config = NULL; + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); + size_t ca_len = 0; + u8_t* ca = NULL; + if (mqtt_verify_tls_cert) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); + ca = LFS_ReadFile(CFG_GetMQTTCertFile()); + if (ca) { + ca_len = strlen((char*)ca); + } + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "ca_len=%d", ca_len); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "%s=%s", CFG_GetMQTTCertFile(), ca); } - mqtt_client_info.tls_config = altcp_tls_create_config_client(NULL, 0); + else { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate disabled"); + } + LOCK_TCPIP_CORE(); + mqtt_client_info.tls_config = altcp_tls_create_config_client(ca, ca_len); UNLOCK_TCPIP_CORE(); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "tls_config created"); - } - else { + if (ca) { + mem_free(ca); + ca = NULL; + } if (mqtt_client_info.tls_config) { - altcp_tls_free_entropy(); - mqtt_client_info.tls_config = NULL; + if (mqtt_verify_tls_cert) { + mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); + } + else { + mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + } + } + else { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS config fail. Try connect anyway."); } } #endif @@ -2278,11 +2334,10 @@ bool MQTT_IsReady() { int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { ((void)data); *olen = len; - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "->wolfssl_custom_random len(%u)", len); srand(fclk_get_second()); while (len--) { *output++ = rand() % 255; } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " <-wolfssl_custom_random ret(%u)", 0); + return 0; } #endif \ No newline at end of file diff --git a/src/new_cfg.c b/src/new_cfg.c index d7600090d..4c018fa33 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -289,6 +289,13 @@ int CFG_GetMQTTPort() { bool CFG_GetMQTTUseTls() { return g_cfg.mqtt_use_tls; } +bool CFG_GetMQTTVerifyTlsCert() { + return g_cfg.mqtt_verify_tls_cert; +} +const char* CFG_GetMQTTCertFile() { + return g_cfg.mqtt_cert_file; +} + void CFG_SetShortDeviceName(const char *s) { // this will return non-zero if there were any changes @@ -320,6 +327,21 @@ void CFG_SetMQTTUseTls(bool value) { g_cfg_pendingChanges++; } } +void CFG_SetMQTTVerifyTlsCert(bool value) { + // is there a change? + if (g_cfg.mqtt_verify_tls_cert != value) { + g_cfg.mqtt_verify_tls_cert = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} +void CFG_SetMQTTCertFile(const char* s) { + // this will return non-zero if there were any changes + if (strcpy_safe_checkForChanges(g_cfg.mqtt_cert_file, s, sizeof(g_cfg.mqtt_cert_file))) { + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_SetOpenAccessPoint() { // is there a change? if(g_cfg.wifi_ssid[0] == 0 && g_cfg.wifi_pass[0] == 0) { diff --git a/src/new_cfg.h b/src/new_cfg.h index 496b68953..f54050f04 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -32,12 +32,16 @@ const char *CFG_GetMQTTGroupTopic(); const char *CFG_GetMQTTUserName(); const char *CFG_GetMQTTPass(); bool CFG_GetMQTTUseTls(); +bool CFG_GetMQTTVerifyTlsCert(); +const char* CFG_GetMQTTCertFile(); void CFG_SetMQTTHost(const char *s); void CFG_SetMQTTClientId(const char *s); void CFG_SetMQTTUserName(const char *s); void CFG_SetMQTTGroupTopic(const char *s); void CFG_SetMQTTPass(const char *s); void CFG_SetMQTTUseTls(bool value); +void CFG_SetMQTTVerifyTlsCert(bool value); +void CFG_SetMQTTCertFile(const char* s); const char *CFG_GetWebappRoot(); void CFG_SetLEDRemap(int r, int g, int b, int c, int w); void CFG_SetDefaultLEDRemap(int r, int g, int b, int c, int w); @@ -92,8 +96,8 @@ void CFG_SetButtonShortPressTime(int value); void CFG_SetButtonRepeatPressTime(int value); #if ENABLE_LITTLEFS - void CFG_SetLFS_Size(uint32_t value); - uint32_t CFG_GetLFS_Size(); +void CFG_SetLFS_Size(uint32_t value); +uint32_t CFG_GetLFS_Size(); #endif #endif diff --git a/src/new_pins.h b/src/new_pins.h index 197d886f0..e85cc10a2 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1187,10 +1187,14 @@ typedef struct mainConfig_s { char wifi_pass2[68]; // offset 0x00000C84 (3204 decimal) bool mqtt_use_tls; - // offset 0x00000C84 (3205 decimal) - char unused[379]; + // offset 0x00000C85 (3205 decimal) + bool mqtt_verify_tls_cert; + // offset 0x00000C86 (3206 decimal) + char mqtt_cert_file[20]; + // offset 0x00000C9A (3226 decimal) + char unused[358]; #endif -} mainConfig_t; +} mainConfig_t; // one sector is 4096 so it we still have some expand possibility #define MAGIC_CONFIG_SIZE_V3 2016 diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index b26ce3a7f..54749f8c6 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -2,24 +2,22 @@ #define USER_MBEDTLS_CONFIG_H #include "mbedtls/config.h" - -#undef MBEDTLS_MD5_C -#undef MBEDTLS_CAMELLIA_C -#define MBEDTLS_SHA256_SMALLER -#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -#undef MBEDTLS_RIPEMD160_C -#undef MBEDTLS_SHA512_C - // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C #undef MBEDTLS_TIMING_C #define MBEDTLS_NO_PLATFORM_ENTROPY #define MBEDTLS_ENTROPY_HARDWARE_ALT -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MPI_WINDOW_SIZE 1 +#define MBEDTLS_MPI_MAX_SIZE 512 +#define MBEDTLS_ECP_WINDOW_SIZE 2 +#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 + // Modes #define MBEDTLS_SSL_CLI_C // Only client enabled -#undef MBEDTLS_SSL_SRV_C +#undef MBEDTLS_SSL_SRV_C + // Protos #undef MBEDTLS_SSL_PROTO_SSL3 #undef MBEDTLS_SSL_PROTO_TLS1 @@ -28,32 +26,42 @@ #undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL #undef MBEDTLS_SSL_PROTO_DTLS -// MPI / BIGNUM options -#define MBEDTLS_MPI_WINDOW_SIZE 1 -#define MBEDTLS_MPI_MAX_SIZE 512 -// ECP Options -#define MBEDTLS_ECP_WINDOW_SIZE 2 -// Content Lenght -#define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 - -/* -#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -#undef MBEDTLS_SSL_SERVER_NAME_INDICATION +// Enabled Ciphers +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_AES_C #undef MBEDTLS_AES_ROM_TABLES #define MBEDTLS_AES_FEWER_TABLES -#define MBEDTLS_CAMELLIA_SMALL_MEMORY -//675296 -#undef MBEDTLS_CIPHER_MODE_CBC //??? -//671424 +#define MBEDTLS_ENTROPY_FORCE_SHA256 + +//Disabled ciphers +#undef MBEDTLS_ARC4_C +#undef MBEDTLS_BLOWFISH_C +#undef MBEDTLS_CAMELLIA_C +#undef MBEDTLS_ARIA_C +#undef MBEDTLS_DES_C +#undef MBEDTLS_CCM_C +#undef MBEDTLS_MD2_C +#undef MBEDTLS_MD4_C +#undef MBEDTLS_MD5_C +#undef MBEDTLS_RIPEMD160_C +#undef MBEDTLS_SHA1_C +#undef MBEDTLS_SHA512_C +#undef MBEDTLS_CHACHA20_C +#undef MBEDTLS_CHACHAPOLY_C +#undef MBEDTLS_POLY1305_C #undef MBEDTLS_CIPHER_NULL_CIPHER #undef MBEDTLS_ENABLE_WEAK_CIPHERSUITES #define MBEDTLS_REMOVE_3DES_CIPHERSUITES -//671424 -// Only SECP384R1 or CURVE25519 // +#define MBEDTLS_CAMELLIA_SMALL_MEMORY +#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + +// Curves // #undef MBEDTLS_ECP_DP_SECP192R1_ENABLED #undef MBEDTLS_ECP_DP_SECP224R1_ENABLED -#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED // da para desativar? +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED //Only SECP256R1 +#undef MBEDTLS_ECP_DP_SECP384R1_ENABLED #undef MBEDTLS_ECP_DP_SECP521R1_ENABLED #undef MBEDTLS_ECP_DP_SECP192K1_ENABLED #undef MBEDTLS_ECP_DP_SECP224K1_ENABLED @@ -61,10 +69,22 @@ #undef MBEDTLS_ECP_DP_BP256R1_ENABLED #undef MBEDTLS_ECP_DP_BP384R1_ENABLED #undef MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED //usar somente esta +#undef MBEDTLS_ECP_DP_CURVE25519_ENABLED #undef MBEDTLS_ECP_DP_CURVE448_ENABLED -//667568 -// Only ECDHE RSA // + +// Block mode +#define MBEDTLS_GCM_C //Only GCM +#undef MBEDTLS_CIPHER_MODE_CBC +#undef MBEDTLS_CIPHER_MODE_CFB +#undef MBEDTLS_CIPHER_MODE_CTR +#undef MBEDTLS_CIPHER_MODE_OFB +#undef MBEDTLS_CIPHER_MODE_XTS + +// Exchange Key // +#define MBEDTLS_DHM_C +#define MBEDTLS_ECDH_C +#undef MBEDTLS_ECDSA_C +#undef MBEDTLS_ECJPAKE_C #undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED #undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED @@ -76,12 +96,7 @@ #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -//664192 -#undef MBEDTLS_GENPRIME -//663296 -#undef MBEDTLS_PKCS1_V15 //??? -#undef MBEDTLS_PKCS1_V21 //??? -//659488 + // Define only on development // #undef MBEDTLS_SELF_TEST #undef MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -90,51 +105,23 @@ #undef MBEDTLS_SSL_DEBUG_ALL #undef MBEDTLS_VERSION_FEATURES #undef MBEDTLS_CERTS_C -//657824 +#undef MBEDTLS_DEBUG_C + +/* +Avaliar efeito + +#undef MBEDTLS_GENPRIME + +#undef MBEDTLS_PKCS1_V15 +#undef MBEDTLS_PKCS1_V21 + #undef MBEDTLS_X509_RSASSA_PSS_SUPPORT -//657216 -#undef MBEDTLS_ARC4_C -//655872 -#undef MBEDTLS_BLOWFISH_C -//650752 -#undef MBEDTLS_CAMELLIA_C -//648352 -#undef MBEDTLS_ARIA_C -#undef MBEDTLS_DES_C -#undef MBEDTLS_CCM_C -#undef MBEDTLS_MD2_C -#undef MBEDTLS_MD4_C -#undef MBEDTLS_MD5_C -//641504 -#undef MBEDTLS_DHM_C -#define MBEDTLS_ECDH_C // Enable only ECDH -#undef MBEDTLS_ECDSA_C -#undef MBEDTLS_ECJPAKE_C -//639664 + #undef MBEDTLS_PEM_PARSE_C #undef MBEDTLS_PEM_WRITE_C -//638848 -#undef MBEDTLS_SHA1_C -//635376 -#undef MBEDTLS_DEBUG_C -// 622032 +APN -// Enabled Ciphers -#define MBEDTLS_SHA256_SMALLER -#define MBEDTLS_CHACHA20_C -#define MBEDTLS_CHACHAPOLY_C -#define MBEDTLS_POLY1305_C -#define MBEDTLS_RSA_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_AES_C // Tentar desativar -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_GCM_C - -#undef MBEDTLS_SHA512_C -#undef MBEDTLS_RIPEMD160_C -#define MBEDTLS_SHA512_NO_SHA384 -#undef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ -#endif +#endif \ No newline at end of file From 909fee03b48d514c469fb124c1e98a4523ea3e14 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 21 Oct 2023 04:05:10 -0300 Subject: [PATCH 19/39] Adicao de informacoes para debug --- .vscode/settings.json | 6 ++++- src/httpserver/http_fns.c | 3 ++- src/lwipopts.h | 1 - src/mqtt/new_mqtt.c | 51 ++++++++++++++++++++++++++++++--------- src/user_mbedtls_config.h | 4 +-- 5 files changed, 49 insertions(+), 16 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 359a4bd2b..3d4456cb6 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -17,6 +17,10 @@ "prettier.useTabs": true, "prettier.printWidth": 120, "files.associations": { - "altcp_tls.h": "c" + "altcp_tls.h": "c", + "system_error": "cpp", + "logging.h": "c", + "opt.h": "c", + "altcp_tls_mbedtls_opts.h": "c" } } \ No newline at end of file diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index d11e71ae6..0c7fdd0b4 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -18,6 +18,7 @@ #include #include "../driver/drv_ntp.h" #include "../driver/drv_local.h" +#include "start_type_pub.h" static char SUBMIT_AND_END_FORM[] = "
"; @@ -1083,7 +1084,7 @@ int http_fn_cfg_mqtt(http_request_t* request) { int http_fn_cfg_ip(http_request_t* request) { char tmp[64]; int g_changes = 0; - byte ip[4]; + //byte ip[4]; http_setup(request, httpMimeTypeHTML); http_html_start(request, "IP"); poststr_h2(request, "Here you can set static IP or DHCP"); diff --git a/src/lwipopts.h b/src/lwipopts.h index 8ddf53e40..0fbf0ca8e 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -38,7 +38,6 @@ #define LWIP_ALTCP 1 #define LWIP_ALTCP_TLS 1 #define LWIP_ALTCP_TLS_MBEDTLS 1 -#define MQTT_DEBUG LWIP_DBG_ON #endif /** diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 35f120257..c242807f6 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -17,6 +17,7 @@ #include "lwip/apps/mqtt_priv.h" #include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" #include "mbedtls/ssl.h" +#include "mbedtls/debug.h" struct altcp_tls_config { mbedtls_ssl_config conf; mbedtls_x509_crt* cert; @@ -1091,7 +1092,7 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); -#ifdef LWIP_ALTCP_TLS_MBEDTLS +#if LWIP_ALTCP_TLS_MBEDTLS if (client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; @@ -1157,6 +1158,26 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection } } +static void my_debug(void* ctx, int level, const char* file, int line, const char* str); +static void my_debug(void* ctx, int level, const char* file, int line, const char* str) +{ + const char* p, * basename; + (void)ctx; + + if (level == 2) + return; + + /* Extract basename from file */ + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { + basename = p + 1; + } + } + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); +} + + static int MQTT_do_connect(mqtt_client_t* client) { const char* mqtt_userName, * mqtt_host, * mqtt_pass, * mqtt_clientID; @@ -1230,10 +1251,10 @@ static int MQTT_do_connect(mqtt_client_t* client) } /* Includes for MQTT over TLS */ -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS /* Free old configuration */ if (mqtt_client_info.tls_config) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Free old configuration "); + altcp_tls_free_config(mqtt_client_info.tls_config); altcp_tls_free_entropy(); mqtt_client_info.tls_config = NULL; } @@ -1245,22 +1266,29 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); if (ca) { - ca_len = strlen((char*)ca); + ca_len = strlen((char*)ca)+1; } - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "ca_len=%d", ca_len); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "%s=%s", CFG_GetMQTTCertFile(), ca); } else { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate disabled"); } - LOCK_TCPIP_CORE(); mqtt_client_info.tls_config = altcp_tls_create_config_client(ca, ca_len); - UNLOCK_TCPIP_CORE(); if (ca) { - mem_free(ca); + free(ca); ca = NULL; } - if (mqtt_client_info.tls_config) { + if (mqtt_client_info.tls_config) { + mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, my_debug, NULL); + mbedtls_debug_set_threshold(1); + + if (mqtt_client_info.tls_config->ca){ + char* buf = malloc(1025 + 1); + memset(buf, 0 , 1025); + mbedtls_x509_crt_info(buf, 1024, "", mqtt_client_info.tls_config->ca); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "=============== CERTIFICATE INFO ===============\n%s", buf); + free(buf); + } + if (mqtt_verify_tls_cert) { mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); } @@ -1310,6 +1338,7 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } + OBK_Publish_Result MQTT_PublishMain_StringInt(const char* sChannel, int iv, int flags) { char valueStr[16]; @@ -2335,7 +2364,7 @@ int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* ((void)data); *olen = len; srand(fclk_get_second()); - while (len--) { + for (int i=0; i Date: Sun, 22 Oct 2023 20:02:20 -0300 Subject: [PATCH 20/39] Versao funcional com verificacao do certificado --- .vscode/settings.json | 4 +- sdk/OpenBK7231N | 2 +- src/lwipopts.h | 8 +- src/mqtt/new_mqtt.c | 237 +++++++++++++++++++++++++++++++------- src/user_mbedtls_config.h | 29 ++++- 5 files changed, 230 insertions(+), 50 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 3d4456cb6..c4ad84acd 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -21,6 +21,8 @@ "system_error": "cpp", "logging.h": "c", "opt.h": "c", - "altcp_tls_mbedtls_opts.h": "c" + "altcp_tls_mbedtls_opts.h": "c", + "fake_clock_pub.h": "c", + "check_config.h": "c" } } \ No newline at end of file diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index a427faeac..c075b336f 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit a427faeacfdc1f996dc4524aa7eb52d2c69229cf +Subproject commit c075b336faa19f08f020df100292a66f292c7101 diff --git a/src/lwipopts.h b/src/lwipopts.h index 0fbf0ca8e..82d7c96eb 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -35,9 +35,10 @@ #include "obk_config.h" #if MQTT_USE_TLS -#define LWIP_ALTCP 1 -#define LWIP_ALTCP_TLS 1 -#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define LWIP_ALTCP 1 +#define LWIP_ALTCP_TLS 1 +#define LWIP_ALTCP_TLS_MBEDTLS 1 +#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_ON #endif /** @@ -61,7 +62,6 @@ #define LWIP_DEBUG LWIP_DBG_ON #define LWIP_DEBUG_TRACE 0 #define SOCKETS_DEBUG LWIP_DBG_OFF // | LWIP_DBG_MASK_LEVEL - #define IP_DEBUG LWIP_DBG_OFF #define ETHARP_DEBUG LWIP_DBG_OFF #define NETIF_DEBUG LWIP_DBG_OFF diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index c242807f6..78a2422f0 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -12,12 +12,11 @@ #include "../driver/drv_tuyaMCU.h" #include "../ota/ota.h" -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS #include "lwip/altcp_tls.h" #include "lwip/apps/mqtt_priv.h" #include "apps/altcp_tls/altcp_tls_mbedtls_structs.h" #include "mbedtls/ssl.h" -#include "mbedtls/debug.h" struct altcp_tls_config { mbedtls_ssl_config conf; mbedtls_x509_crt* cert; @@ -28,13 +27,19 @@ struct altcp_tls_config { u8_t pkey_max; mbedtls_x509_crt* ca; #if defined(MBEDTLS_SSL_CACHE_C) && ALTCP_MBEDTLS_USE_SESSION_CACHE - // Inter-connection cache for fast connection startup struct mbedtls_ssl_cache_context cache; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && ALTCP_MBEDTLS_USE_SESSION_TICKETS mbedtls_ssl_ticket_context ticket_ctx; #endif }; +#if ALTCP_MBEDTLS_DEBUG + #include "mbedtls/ssl_internal.h" + #include "mbedtls/debug.h" + static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint32_t* flags); + static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, const char* str); + void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl); +#endif #endif #ifndef LWIP_MQTT_EXAMPLE_IPADDR_INIT @@ -1096,9 +1101,8 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection if (client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; - LWIP_PLATFORM_DIAG(("MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl))); - LWIP_PLATFORM_DIAG(("MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl))); - + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); } #endif @@ -1158,26 +1162,6 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection } } -static void my_debug(void* ctx, int level, const char* file, int line, const char* str); -static void my_debug(void* ctx, int level, const char* file, int line, const char* str) -{ - const char* p, * basename; - (void)ctx; - - if (level == 2) - return; - - /* Extract basename from file */ - for (p = basename = file; *p != '\0'; p++) { - if (*p == '/' || *p == '\\') { - basename = p + 1; - } - } - - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); -} - - static int MQTT_do_connect(mqtt_client_t* client) { const char* mqtt_userName, * mqtt_host, * mqtt_pass, * mqtt_clientID; @@ -1262,7 +1246,13 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); size_t ca_len = 0; u8_t* ca = NULL; - if (mqtt_verify_tls_cert) { + /* + if (mqtt_verify_tls_cert && !NTP_IsTimeSynced()){ + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); + return 0; + } + */ + if (strlen(CFG_GetMQTTCertFile()) > 0) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); if (ca) { @@ -1278,16 +1268,15 @@ static int MQTT_do_connect(mqtt_client_t* client) ca = NULL; } if (mqtt_client_info.tls_config) { - mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, my_debug, NULL); +#if ALTCP_MBEDTLS_DEBUG + mbedtls_ssl_conf_verify(&mqtt_client_info.tls_config->conf, mbedtls_verify_cb, NULL); + mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, mbedtls_debug_cb, NULL); mbedtls_debug_set_threshold(1); if (mqtt_client_info.tls_config->ca){ - char* buf = malloc(1025 + 1); - memset(buf, 0 , 1025); - mbedtls_x509_crt_info(buf, 1024, "", mqtt_client_info.tls_config->ca); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "=============== CERTIFICATE INFO ===============\n%s", buf); - free(buf); + mbedtls_dump_conf(&mqtt_client_info.tls_config->conf, NULL); } +#endif if (mqtt_verify_tls_cert) { mbedtls_ssl_conf_authmode(&mqtt_client_info.tls_config->conf, MBEDTLS_SSL_VERIFY_REQUIRED); @@ -2358,15 +2347,185 @@ bool MQTT_IsReady() { return mqtt_client && res; } -#ifdef MQTT_USE_TLS +#if MQTT_USE_TLS +#ifdef MBEDTLS_TIMING_C #include "fake_clock_pub.h" +#include "mbedtls/error.h" +int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + return mbedtls_hardware_poll(data, output, len, olen); +} int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void)data); - *olen = len; - srand(fclk_get_second()); - for (int i=0; itm_year + 1900, ltm->tm_mon + 1, ltm->tm_mday, ltm->tm_hour, ltm->tm_min, ltm->tm_sec); + return ltm; +} +#endif //MBEDTLS_PLATFORM_GMTIME_R_ALT + + +#if ALTCP_MBEDTLS_DEBUG +static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint32_t* flags) +{ + ((void)data); + char buf[1024]; + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s", buf); + + if ((*flags) == 0) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " This certificate has no flags\n"); + } + else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s\n", buf); } return 0; } -#endif \ No newline at end of file + +static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, const char* str) +{ + const char* p, * basename; + (void)ctx; + + if (level == 2) + return; + + /* Extract basename from file */ + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { + basename = p + 1; + } + } + + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); +} + +void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl) { + if (ssl && ssl->handshake) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); + switch (ssl->handshake->ciphersuite_info->key_exchange) + { + case MBEDTLS_KEY_EXCHANGE_NONE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); + break; + case MBEDTLS_KEY_EXCHANGE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); + break; + case MBEDTLS_KEY_EXCHANGE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); + break; + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); + break; + } + } + + if (conf) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); + int len = sizeof(conf->ciphersuite_list) / (sizeof(conf->ciphersuite_list[0])); + for (int s = 0; s < len; s++) { + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " %s", + mbedtls_ssl_get_ciphersuite_name(*conf->ciphersuite_list[s])); + } + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); + len = sizeof(conf->curve_list) / (sizeof(mbedtls_ecp_group_id)); + const mbedtls_ecp_group_id* c = conf->curve_list; + for (; *c; c++) { + switch (*c) + { + case MBEDTLS_ECP_DP_NONE: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); + break; + case MBEDTLS_ECP_DP_SECP192R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); + break; + case MBEDTLS_ECP_DP_SECP224R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); + break; + case MBEDTLS_ECP_DP_SECP256R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); + break; + case MBEDTLS_ECP_DP_SECP384R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); + break; + case MBEDTLS_ECP_DP_SECP521R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); + break; + case MBEDTLS_ECP_DP_BP256R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); + break; + case MBEDTLS_ECP_DP_BP384R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); + break; + case MBEDTLS_ECP_DP_BP512R1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); + break; + case MBEDTLS_ECP_DP_CURVE25519: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); + break; + case MBEDTLS_ECP_DP_SECP192K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); + break; + case MBEDTLS_ECP_DP_SECP224K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); + break; + case MBEDTLS_ECP_DP_SECP256K1: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); + break; + case MBEDTLS_ECP_DP_CURVE448: + addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); + break; + } + } + } +} +#endif //ALTCP_MBEDTLS_DEBUG +#endif //MQTT_USE_TLS \ No newline at end of file diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index cfabc11d5..a458f27a6 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -2,13 +2,17 @@ #define USER_MBEDTLS_CONFIG_H #include "mbedtls/config.h" + // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C -#undef MBEDTLS_TIMING_C -#define MBEDTLS_NO_PLATFORM_ENTROPY + +#define MBEDTLS_TIMING_C +#define MBEDTLS_HAVE_TIME_DATE +#define MBEDTLS_PLATFORM_GMTIME_R_ALT + #define MBEDTLS_ENTROPY_HARDWARE_ALT -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_NO_PLATFORM_ENTROPY #define MBEDTLS_MPI_WINDOW_SIZE 1 #define MBEDTLS_MPI_MAX_SIZE 512 #define MBEDTLS_ECP_WINDOW_SIZE 2 @@ -31,7 +35,7 @@ #define MBEDTLS_SHA256_C #define MBEDTLS_SHA256_SMALLER #define MBEDTLS_AES_C -#undef MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_AES_FEWER_TABLES #define MBEDTLS_ENTROPY_FORCE_SHA256 @@ -98,6 +102,19 @@ #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED // Define only on development // +#if 1 +#define MBEDTLS_DEBUG_C +#define MBEDTLS_SELF_TEST +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES +#define MBEDTLS_SSL_RECORD_CHECKING +#define MBEDTLS_SSL_CONTEXT_SERIALIZATION +#define MBEDTLS_SSL_DEBUG_ALL +#define MBEDTLS_VERSION_FEATURES +#define MBEDTLS_CERTS_C +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_MEMORY_BACKTRACE +#else +#undef MBEDTLS_DEBUG_C #undef MBEDTLS_SELF_TEST #undef MBEDTLS_SSL_ALL_ALERT_MESSAGES #undef MBEDTLS_SSL_RECORD_CHECKING @@ -105,7 +122,9 @@ #undef MBEDTLS_SSL_DEBUG_ALL #undef MBEDTLS_VERSION_FEATURES #undef MBEDTLS_CERTS_C -#define MBEDTLS_DEBUG_C +#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C +#undef MBEDTLS_MEMORY_BACKTRACE +#endif /* Avaliar efeito From 50f49a391f0bfa5daf35a7a85a1d54b092e49167 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 22 Oct 2023 22:26:57 -0300 Subject: [PATCH 21/39] Otimizacoes de rom e heap usage --- src/mqtt/new_mqtt.c | 113 +++++++++++++++++++------------------- src/user_mbedtls_config.h | 24 ++------ 2 files changed, 62 insertions(+), 75 deletions(-) diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 78a2422f0..17140a15b 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1188,7 +1188,7 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, - mqtt_pass, + "********", mqtt_clientID, mqtt_host, mqtt_port @@ -1246,17 +1246,18 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Secure TLS connection enabled"); size_t ca_len = 0; u8_t* ca = NULL; - /* - if (mqtt_verify_tls_cert && !NTP_IsTimeSynced()){ - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); - return 0; - } - */ - if (strlen(CFG_GetMQTTCertFile()) > 0) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); - ca = LFS_ReadFile(CFG_GetMQTTCertFile()); - if (ca) { - ca_len = strlen((char*)ca)+1; + if (mqtt_verify_tls_cert) { + if (!NTP_IsTimeSynced()) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); + // silently allow retry next frame + return ERR_RTE; + } + if (strlen(CFG_GetMQTTCertFile()) > 0) { + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); + ca = LFS_ReadFile(CFG_GetMQTTCertFile()); + if (ca) { + ca_len = strlen((char*)ca)+1; + } } } else { @@ -1270,9 +1271,10 @@ static int MQTT_do_connect(mqtt_client_t* client) if (mqtt_client_info.tls_config) { #if ALTCP_MBEDTLS_DEBUG mbedtls_ssl_conf_verify(&mqtt_client_info.tls_config->conf, mbedtls_verify_cb, NULL); +#if MBEDTLS_DEBUG_C mbedtls_ssl_conf_dbg(&mqtt_client_info.tls_config->conf, mbedtls_debug_cb, NULL); mbedtls_debug_set_threshold(1); - +#endif if (mqtt_client_info.tls_config->ca){ mbedtls_dump_conf(&mqtt_client_info.tls_config->conf, NULL); } @@ -2348,12 +2350,9 @@ bool MQTT_IsReady() { } #if MQTT_USE_TLS -#ifdef MBEDTLS_TIMING_C +#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT #include "fake_clock_pub.h" #include "mbedtls/error.h" -int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { - return mbedtls_hardware_poll(data, output, len, olen); -} int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void)data); @@ -2373,15 +2372,15 @@ int mbedtls_hardware_poll(void* data, unsigned char* output, size_t len, size_t* } return ret; } -#endif +int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t* olen) { + return mbedtls_hardware_poll(data, output, len, olen); +} +#endif //MBEDTLS_ENTROPY_HARDWARE_ALT #ifdef MBEDTLS_PLATFORM_GMTIME_R_ALT struct tm* mbedtls_platform_gmtime_r(const mbedtls_time_t* tt, struct tm* tm_buf) { // Use NTP time - struct tm* ltm = gmtime_r((time_t*)&g_ntpTime, tm_buf); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "mbedtls_platform_gmtime_r: %04d/%02d/%02d %02d:%02d:%02d\n", - ltm->tm_year + 1900, ltm->tm_mon + 1, ltm->tm_mday, ltm->tm_hour, ltm->tm_min, ltm->tm_sec); - return ltm; + return gmtime_r((time_t*)&g_ntpTime, tm_buf); } #endif //MBEDTLS_PLATFORM_GMTIME_R_ALT @@ -2392,16 +2391,16 @@ static int mbedtls_verify_cb(void* data, mbedtls_x509_crt* crt, int depth, uint3 ((void)data); char buf[1024]; - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "Verify requested for (Depth% d) : \n", depth); mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s", buf); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "\n%s", buf); if ((*flags) == 0) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " This certificate has no flags\n"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " This certificate has no flags\n"); } else { mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s\n", buf); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "%s\n", buf); } return 0; } @@ -2421,107 +2420,107 @@ static void mbedtls_debug_cb(void* ctx, int level, const char* file, int line, c } } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); + addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "%s:%04d: |%d| %s", basename, line, level, str); } void mbedtls_dump_conf(mbedtls_ssl_config* conf, mbedtls_ssl_context* ssl) { if (ssl && ssl->handshake) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE CIPHER SUITE: %s", ssl->handshake->ciphersuite_info->name); switch (ssl->handshake->ciphersuite_info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_NONE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_NONE"); break; case MBEDTLS_KEY_EXCHANGE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA"); break; case MBEDTLS_KEY_EXCHANGE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_DHE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_RSA_PSK"); break; case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK"); break; case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_RSA"); break; case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA"); break; case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "HANDSHAKE KEY EXCHANGE: MBEDTLS_KEY_EXCHANGE_ECJPAKE"); break; } } if (conf) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "AVAILABLE CIPHERS:"); int len = sizeof(conf->ciphersuite_list) / (sizeof(conf->ciphersuite_list[0])); for (int s = 0; s < len; s++) { - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " %s", + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " %s", mbedtls_ssl_get_ciphersuite_name(*conf->ciphersuite_list[s])); } - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "AVAILABLE CURVES:"); len = sizeof(conf->curve_list) / (sizeof(mbedtls_ecp_group_id)); const mbedtls_ecp_group_id* c = conf->curve_list; for (; *c; c++) { switch (*c) { case MBEDTLS_ECP_DP_NONE: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_NONE"); break; case MBEDTLS_ECP_DP_SECP192R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192R1"); break; case MBEDTLS_ECP_DP_SECP224R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224R1"); break; case MBEDTLS_ECP_DP_SECP256R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256R1"); break; case MBEDTLS_ECP_DP_SECP384R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP384R1"); break; case MBEDTLS_ECP_DP_SECP521R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP521R1"); break; case MBEDTLS_ECP_DP_BP256R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP256R1"); break; case MBEDTLS_ECP_DP_BP384R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP384R1"); break; case MBEDTLS_ECP_DP_BP512R1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_BP512R1"); break; case MBEDTLS_ECP_DP_CURVE25519: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE25519"); break; case MBEDTLS_ECP_DP_SECP192K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP192K1"); break; case MBEDTLS_ECP_DP_SECP224K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP224K1"); break; case MBEDTLS_ECP_DP_SECP256K1: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_SECP256K1"); break; case MBEDTLS_ECP_DP_CURVE448: - addLogAdv(LOG_WARN, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); + addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, " MBEDTLS_ECP_DP_CURVE448"); break; } } diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index a458f27a6..d97a19aad 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -6,13 +6,11 @@ // Plataform specific #undef MBEDTLS_FS_IO #undef MBEDTLS_NET_C - #define MBEDTLS_TIMING_C #define MBEDTLS_HAVE_TIME_DATE #define MBEDTLS_PLATFORM_GMTIME_R_ALT - -#define MBEDTLS_ENTROPY_HARDWARE_ALT #define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT #define MBEDTLS_MPI_WINDOW_SIZE 1 #define MBEDTLS_MPI_MAX_SIZE 512 #define MBEDTLS_ECP_WINDOW_SIZE 2 @@ -29,6 +27,7 @@ #define MBEDTLS_SSL_PROTO_TLS1_2 // Only TLS1.2 enabled #undef MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL #undef MBEDTLS_SSL_PROTO_DTLS +#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY // Enabled Ciphers #define MBEDTLS_RSA_C @@ -102,7 +101,7 @@ #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED // Define only on development // -#if 1 +#if 0 #define MBEDTLS_DEBUG_C #define MBEDTLS_SELF_TEST #define MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -126,21 +125,10 @@ #undef MBEDTLS_MEMORY_BACKTRACE #endif -/* -Avaliar efeito - -#undef MBEDTLS_GENPRIME - -#undef MBEDTLS_PKCS1_V15 +//Disabled functions +#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE #undef MBEDTLS_PKCS1_V21 - +#undef MBEDTLS_GENPRIME #undef MBEDTLS_X509_RSASSA_PSS_SUPPORT -#undef MBEDTLS_PEM_PARSE_C -#undef MBEDTLS_PEM_WRITE_C - -APN - -*/ - #endif \ No newline at end of file From 7bb0963e4fe7b0fd995e79475bc2e897c1f98006 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 24 Oct 2023 00:17:48 -0300 Subject: [PATCH 22/39] Versao com webserver enable/disable --- .vscode/settings.json | 3 ++- src/cmnds/cmd_main.c | 38 ++++++++++++++++++++++++++++++++ src/httpserver/http_fns.c | 20 +++++++++++++---- src/httpserver/http_tcp_server.c | 11 +++++++++ src/httpserver/http_tcp_server.h | 1 + src/mqtt/new_mqtt.c | 6 ++--- src/new_cfg.c | 16 ++++++++++++++ src/new_cfg.h | 3 +++ src/new_pins.h | 4 +++- src/user_main.c | 10 ++++++--- 10 files changed, 100 insertions(+), 12 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index c4ad84acd..a4473523f 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -23,6 +23,7 @@ "opt.h": "c", "altcp_tls_mbedtls_opts.h": "c", "fake_clock_pub.h": "c", - "check_config.h": "c" + "check_config.h": "c", + "cmd_public.h": "c" } } \ No newline at end of file diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index 203254fbf..163b85eaf 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -9,6 +9,8 @@ #include "../driver/drv_public.h" #include "../hal/hal_adc.h" #include "../hal/hal_flashVars.h" +#include "../httpserver/http_tcp_server.h" +#include "../hal/hal_generic.h" int cmd_uartInitIndex = 0; @@ -617,6 +619,37 @@ commandResult_t CMD_DeepSleep_SetEdge(const void* context, const char* cmd, cons return CMD_RES_OK; } +static commandResult_t CMD_WebServer(const void* context, const char* cmd, const char* args, int cmdFlags) { + int value; + Tokenizer_TokenizeString(args, 0); + value = Tokenizer_GetArgsCount(); + if (value == 0) + { + ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", CFG_GetEnableWebServer()); + return CMD_RES_OK; + } + if (value == 1) { + ADDLOG_INFO(LOG_FEATURE_CMD, "ARG0 (%s), ARG1 (%s)", Tokenizer_GetArg(0), Tokenizer_GetArg(1)); + if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { + ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); + CFG_SetEnableWebServer(false); + CFG_Save_IfThereArePendingChanges(); + HTTPServer_Stop(); + return CMD_RES_OK; + } + else if (strcmp(Tokenizer_GetArg(0), "1") == 0) { + ADDLOG_INFO(LOG_FEATURE_CMD, "Enable WebServer and restart"); + CFG_SetEnableWebServer(true); + CFG_Save_IfThereArePendingChanges(); + HAL_RebootModule(); + return CMD_RES_OK; + } + } + ADDLOG_ERROR(LOG_FEATURE_CMD, "Invalid Argument"); + return CMD_RES_BAD_ARGUMENT; +} + + void CMD_Init_Early() { //cmddetail:{"name":"alias","args":"[Alias][Command with spaces]", //cmddetail:"descr":"add an aliased command, so a command with spaces can be called with a short, nospaced alias", @@ -745,6 +778,11 @@ void CMD_Init_Early() { CMD_RegisterCommand("StartupCommand", CMD_StartupCommand, NULL); CMD_RegisterCommand("Choice", CMD_Choice, NULL); //CMD_RegisterCommand("FindPattern", CMD_FindPattern, NULL); + //cmddetail:{"name":"WebServer","args":"[0 - Stop / 1 - Start]", + //cmddetail:"descr":"Setting state of WebServer", + //cmddetail:"fn":"CMD_WebServer","file":"cmnds/cmd_main.c","requires":"", + //cmddetail:"examples":""} + CMD_RegisterCommand("WebServer", CMD_WebServer, NULL); #if (defined WINDOWS) || (defined PLATFORM_BEKEN) CMD_InitScripting(); diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 0c7fdd0b4..5dcb75f77 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1143,9 +1143,8 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { CFG_SetMQTTUseTls(http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))); CFG_SetMQTTVerifyTlsCert(http_getArg(request->url, "mqtt_verify_tls_cert", tmpA, sizeof(tmpA))); - if (http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA))) { - CFG_SetMQTTCertFile(tmpA); - } + http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA)); + CFG_SetMQTTCertFile(tmpA); if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); @@ -1177,6 +1176,13 @@ int http_fn_cfg_webapp(http_request_t* request) { http_setup(request, httpMimeTypeHTML); http_html_start(request, "Set Webapp"); add_label_text_field(request, "URL of the Webapp", "url", CFG_GetWebappRoot(), "
"); + + hprintf255(request, ""); + } + hprintf255(request, "
"); + poststr(request, SUBMIT_AND_END_FORM); poststr(request, htmlFooterReturnToCfgLink); http_html_end(request); @@ -1190,7 +1196,7 @@ int http_fn_cfg_webapp_set(http_request_t* request) { http_html_start(request, "Saving Webapp"); if (http_getArg(request->url, "url", tmpA, sizeof(tmpA))) { - CFG_SetWebappRoot(tmpA); + CFG_SetWebappRoot(tmpA); CFG_Save_IfThereArePendingChanges(); hprintf255(request, "Webapp url set to %s", tmpA); } @@ -1198,6 +1204,12 @@ int http_fn_cfg_webapp_set(http_request_t* request) { poststr(request, "Webapp url not set because you didn't specify the argument."); } + CFG_SetEnableWebServer(http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); + if (CFG_GetEnableWebServer()){ + poststr(request, "
"); + poststr(request, "Webapp will be disabled on next boot!"); + } + poststr(request, "
"); poststr(request, htmlFooterReturnToCfgLink); http_html_end(request); diff --git a/src/httpserver/http_tcp_server.c b/src/httpserver/http_tcp_server.c index de186e8db..64a2b8599 100644 --- a/src/httpserver/http_tcp_server.c +++ b/src/httpserver/http_tcp_server.c @@ -54,6 +54,17 @@ void HTTPServer_Start() } } +void HTTPServer_Stop() +{ + OSStatus err = kNoErr; + + err = rtos_delete_thread(&g_http_thread); + + if (err != kNoErr) + { + ADDLOG_ERROR(LOG_FEATURE_HTTP, "stop \"TCP_server\" thread failed with %i!\r\n", err); + } +} int sendfn(int fd, char* data, int len) { if (fd) { diff --git a/src/httpserver/http_tcp_server.h b/src/httpserver/http_tcp_server.h index ba803a6c8..e39e579b6 100644 --- a/src/httpserver/http_tcp_server.h +++ b/src/httpserver/http_tcp_server.h @@ -1,2 +1,3 @@ void HTTPServer_Start(); +void HTTPServer_Stop(); \ No newline at end of file diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 17140a15b..1f633cd5a 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1098,11 +1098,11 @@ static void mqtt_connection_cb(mqtt_client_t* client, void* arg, mqtt_connection addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_connection_cb: Successfully connected\n"); #if LWIP_ALTCP_TLS_MBEDTLS - if (client && client->conn && client->conn->state) { + if (CFG_GetMQTTUseTls() && client && client->conn && client->conn->state) { altcp_mbedtls_state_t* state = client->conn->state; mbedtls_ssl_context* ssl = &state->ssl_context; - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL VERSION: %s\n", mbedtls_ssl_get_version(ssl)); - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TSL CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TLS VERSION: %s\n", mbedtls_ssl_get_version(ssl)); + addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "MQTT TLS CIPHER : %s\n", mbedtls_ssl_get_ciphersuite(ssl)); } #endif diff --git a/src/new_cfg.c b/src/new_cfg.c index 4c018fa33..c0ec192ca 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -171,6 +171,11 @@ void CFG_SetDefaultConfig() { #endif CFG_SetDefaultLEDCorrectionTable(); + CFG_SetMQTTUseTls(false); + CFG_SetMQTTVerifyTlsCert(false); + CFG_SetMQTTCertFile(""); + CFG_SetEnableWebServer(true); + CFG_SetDefaultLEDCorrectionTable(); g_cfg_pendingChanges++; } @@ -718,6 +723,17 @@ uint32_t CFG_GetLFS_Size() { } #endif +bool CFG_GetEnableWebServer() { + return g_cfg.enable_web_server; +} +void CFG_SetEnableWebServer(bool value) { + // is there a change? + if (g_cfg.enable_web_server != value) { + g_cfg.enable_web_server = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} void CFG_InitAndLoad() { byte chkSum; diff --git a/src/new_cfg.h b/src/new_cfg.h index f54050f04..ec4631e3d 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -100,5 +100,8 @@ void CFG_SetLFS_Size(uint32_t value); uint32_t CFG_GetLFS_Size(); #endif +bool CFG_GetEnableWebServer(); +void CFG_SetEnableWebServer(bool value); + #endif diff --git a/src/new_pins.h b/src/new_pins.h index e85cc10a2..b4023098b 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1192,7 +1192,9 @@ typedef struct mainConfig_s { // offset 0x00000C86 (3206 decimal) char mqtt_cert_file[20]; // offset 0x00000C9A (3226 decimal) - char unused[358]; + bool enable_web_server; + // offset 0x00000C9B (3227 decimal) + char unused[357]; #endif } mainConfig_t; diff --git a/src/user_main.c b/src/user_main.c index 1a2015be1..cdcae55fb 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -42,6 +42,8 @@ #ifdef PLATFORM_BEKEN #include #include +#include "BkDriverWdg.h" + void bg_register_irda_check_func(FUNCPTR func); #endif @@ -1147,13 +1149,15 @@ void Main_Init_After_Delay() } ADDLOGF_INFO("Using SSID [%s]\r\n", wifi_ssid); - ADDLOGF_INFO("Using Pass [%s]\r\n", wifi_pass); + ADDLOGF_INFO("Using Pass [%s]\r\n", "********"); // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); - HTTPServer_Start(); - ADDLOGF_DEBUG("Started http tcp server\r\n"); + if (CFG_GetEnableWebServer() || bSafeMode) { + HTTPServer_Start(); + ADDLOGF_DEBUG("Started http tcp server\r\n"); + } // only initialise certain things if we are not in AP mode if (!bSafeMode) From 52f16bccdbd880e6ad3407d02b33c62c7dc4f194 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Tue, 24 Oct 2023 19:24:12 -0300 Subject: [PATCH 23/39] Versao boa para mqtt mbedtls boa uso --- src/cmnds/cmd_main.c | 1 - src/mqtt/new_mqtt.c | 23 +++++++++++++++++------ src/obk_config.h | 5 +---- 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index 163b85eaf..31ce6c640 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -629,7 +629,6 @@ static commandResult_t CMD_WebServer(const void* context, const char* cmd, const return CMD_RES_OK; } if (value == 1) { - ADDLOG_INFO(LOG_FEATURE_CMD, "ARG0 (%s), ARG1 (%s)", Tokenizer_GetArg(0), Tokenizer_GetArg(1)); if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); CFG_SetEnableWebServer(false); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 1f633cd5a..2e31250f0 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1247,11 +1247,6 @@ static int MQTT_do_connect(mqtt_client_t* client) size_t ca_len = 0; u8_t* ca = NULL; if (mqtt_verify_tls_cert) { - if (!NTP_IsTimeSynced()) { - addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Verify certificate enabled. Wait NTP Synced"); - // silently allow retry next frame - return ERR_RTE; - } if (strlen(CFG_GetMQTTCertFile()) > 0) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Load certificate %s", CFG_GetMQTTCertFile()); ca = LFS_ReadFile(CFG_GetMQTTCertFile()); @@ -2378,8 +2373,24 @@ int mbedtls_hardclock_poll(void* data, unsigned char* output, size_t len, size_t #endif //MBEDTLS_ENTROPY_HARDWARE_ALT #ifdef MBEDTLS_PLATFORM_GMTIME_R_ALT +struct tm* cvt_date(char const* date, char const* time, struct tm* t); +struct tm* cvt_date(char const* date, char const* time, struct tm* t) +{ + char s_month[5]; + int year; + static const char month_names[] = "JanFebMarAprMayJunJulAugSepOctNovDec"; + sscanf(date, "%s %d %d", s_month, &t->tm_mday, &year); + sscanf(time, "%2d %*c %2d %*c %2d", &t->tm_hour, &t->tm_min, &t->tm_sec); + // Find where is s_month in month_names. Deduce month value. + t->tm_mon = (strstr(month_names, s_month) - month_names) / 3 + 1; + t->tm_year = year - 1900; + return t; +} struct tm* mbedtls_platform_gmtime_r(const mbedtls_time_t* tt, struct tm* tm_buf) { - // Use NTP time + // If NTP time not synced return compile time + if (!NTP_IsTimeSynced()) { + return cvt_date(__DATE__, __TIME__, tm_buf); + } return gmtime_r((time_t*)&g_ntpTime, tm_buf); } #endif //MBEDTLS_PLATFORM_GMTIME_R_ALT diff --git a/src/obk_config.h b/src/obk_config.h index c06be039b..a5d7cf3ff 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -68,17 +68,14 @@ // set to 0 to disable #define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 -#define ENABLE_NTP 1 +#define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 #define ENABLE_DRIVER_BL0937 1 #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 -//TLS use 100k rom e 44k ram. If enabled IR e MCU disabled to fit -#ifndef MQTT_USE_TLS #define ENABLE_DRIVER_TUYAMCU 1 #define ENABLE_DRIVER_IR 1 -#endif //#define ENABLE_DRIVER_HT16K33 1 //#define ENABLE_DRIVER_MAX72XX 1 #define ENABLE_I2C 1 From 748febd553923196a4c6c53b3e6e3ff8f697748b Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 28 Oct 2023 14:48:02 -0300 Subject: [PATCH 24/39] Invert CFG enable_web_server to disable_web_server --- Makefile | 2 ++ components.mk | 63 +++++++++++++++++++++++++++++++++++++++ src/cmnds/cmd_main.c | 14 ++++----- src/httpserver/http_fns.c | 6 ++-- src/lwipopts.h | 4 +-- src/new_cfg.c | 15 ++++------ src/new_cfg.h | 4 +-- src/new_pins.h | 2 +- src/obk_config.h | 1 - src/user_main.c | 2 +- 10 files changed, 85 insertions(+), 28 deletions(-) create mode 100644 components.mk diff --git a/Makefile b/Makefile index 022194de4..b742485d4 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,10 @@ # HACK - if COMPILE_PREX defined then we are being called running from original build_app.sh script in standard SDK # Required to not break old build_app.sh script lines 74-77 +MBEDTLS_DIR := ../../../apps/$(APP_BIN_NAME) ifdef COMPILE_PREX all: @echo Calling original build_app.sh script + if [ ! -d "output/mbedtls-2.28.5" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi cd $(PWD)/../../platforms/$(TARGET_PLATFORM)/toolchain/$(TUYA_APPS_BUILD_PATH) && sh $(TUYA_APPS_BUILD_CMD) $(APP_NAME) $(APP_VERSION) $(TARGET_PLATFORM) $(USER_CMD) else diff --git a/components.mk b/components.mk new file mode 100644 index 000000000..3aee695c4 --- /dev/null +++ b/components.mk @@ -0,0 +1,63 @@ +ifeq ($(TARGET_PLATFORM),bk7231n) + +CFG_USE_MQTT_TLS ?= 1 + +ifeq ($(CFG_USE_MQTT_TLS),1) + +MBEDTLS_DIR = $(TOP_DIR)/apps/$(APP_BIN_NAME)/output/mbedtls-2.28.5 +INCLUDES := -I$(MBEDTLS_DIR)/include -I$(TOP_DIR)/apps/$(APP_BIN_NAME)/src $(INCLUDES) +CPPDEFINES += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' +OSFLAGS += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' + +SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls.c +SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls_mem.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_tls.c +SRC_C += ${MBEDTLS_DIR}/library/x509_crt.c +SRC_C += ${MBEDTLS_DIR}/library/entropy.c +SRC_C += ${MBEDTLS_DIR}/library/chachapoly.c +SRC_C += ${MBEDTLS_DIR}/library/ctr_drbg.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_msg.c +SRC_C += ${MBEDTLS_DIR}/library/debug.c +SRC_C += ${MBEDTLS_DIR}/library/md.c +SRC_C += ${MBEDTLS_DIR}/library/sha512.c +SRC_C += ${MBEDTLS_DIR}/library/platform_util.c +SRC_C += ${MBEDTLS_DIR}/library/sha256.c +SRC_C += ${MBEDTLS_DIR}/library/sha1.c +SRC_C += ${MBEDTLS_DIR}/library/ripemd160.c +SRC_C += ${MBEDTLS_DIR}/library/md5.c +SRC_C += ${MBEDTLS_DIR}/library/cipher.c +SRC_C += ${MBEDTLS_DIR}/library/gcm.c +SRC_C += ${MBEDTLS_DIR}/library/chacha20.c +SRC_C += ${MBEDTLS_DIR}/library/ccm.c +SRC_C += ${MBEDTLS_DIR}/library/constant_time.c +SRC_C += ${MBEDTLS_DIR}/library/aes.c +SRC_C += ${MBEDTLS_DIR}/library/poly1305.c +SRC_C += ${MBEDTLS_DIR}/library/pem.c +SRC_C += ${MBEDTLS_DIR}/library/des.c +SRC_C += ${MBEDTLS_DIR}/library/asn1parse.c +SRC_C += ${MBEDTLS_DIR}/library/base64.c +SRC_C += ${MBEDTLS_DIR}/library/x509.c +SRC_C += ${MBEDTLS_DIR}/library/oid.c +SRC_C += ${MBEDTLS_DIR}/library/pkparse.c +SRC_C += ${MBEDTLS_DIR}/library/ecp.c +SRC_C += ${MBEDTLS_DIR}/library/bignum.c +SRC_C += ${MBEDTLS_DIR}/library/pk.c +SRC_C += ${MBEDTLS_DIR}/library/pk_wrap.c +SRC_C += ${MBEDTLS_DIR}/library/ecdsa.c +SRC_C += ${MBEDTLS_DIR}/library/asn1write.c +SRC_C += ${MBEDTLS_DIR}/library/hmac_drbg.c +SRC_C += ${MBEDTLS_DIR}/library/rsa.c +SRC_C += ${MBEDTLS_DIR}/library/rsa_internal.c +SRC_C += ${MBEDTLS_DIR}/library/ecp_curves.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_ciphersuites.c +SRC_C += ${MBEDTLS_DIR}/library/ecdh.c +SRC_C += ${MBEDTLS_DIR}/library/dhm.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_srv.c +SRC_C += ${MBEDTLS_DIR}/library/cipher_wrap.c +SRC_C += ${MBEDTLS_DIR}/library/arc4.c +SRC_C += ${MBEDTLS_DIR}/library/blowfish.c +SRC_C += ${MBEDTLS_DIR}/library/camellia.c +SRC_C += ${MBEDTLS_DIR}/library/ssl_cli.c + +endif #ifeq ($(CFG_USE_MQTT_TLS),1) +endif #ifeq ($(TARGET_PLATFORM),bk7231n) \ No newline at end of file diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index 31ce6c640..17d7435dd 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -620,25 +620,25 @@ commandResult_t CMD_DeepSleep_SetEdge(const void* context, const char* cmd, cons } static commandResult_t CMD_WebServer(const void* context, const char* cmd, const char* args, int cmdFlags) { - int value; + int arg_count; Tokenizer_TokenizeString(args, 0); - value = Tokenizer_GetArgsCount(); - if (value == 0) + arg_count = Tokenizer_GetArgsCount(); + if (arg_count == 0) { - ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", CFG_GetEnableWebServer()); + ADDLOG_INFO(LOG_FEATURE_CMD, "WebServer:%d", !CFG_GetDisableWebServer()); return CMD_RES_OK; } - if (value == 1) { + if (arg_count == 1) { if (strcmp(Tokenizer_GetArg(0) , "0") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Stop WebServer"); - CFG_SetEnableWebServer(false); + CFG_SetDisableWebServer(true); CFG_Save_IfThereArePendingChanges(); HTTPServer_Stop(); return CMD_RES_OK; } else if (strcmp(Tokenizer_GetArg(0), "1") == 0) { ADDLOG_INFO(LOG_FEATURE_CMD, "Enable WebServer and restart"); - CFG_SetEnableWebServer(true); + CFG_SetDisableWebServer(false); CFG_Save_IfThereArePendingChanges(); HAL_RebootModule(); return CMD_RES_OK; diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 5dcb75f77..8b3037d9b 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1178,7 +1178,7 @@ int http_fn_cfg_webapp(http_request_t* request) { add_label_text_field(request, "URL of the Webapp", "url", CFG_GetWebappRoot(), ""); hprintf255(request, ""); } hprintf255(request, "
"); @@ -1204,8 +1204,8 @@ int http_fn_cfg_webapp_set(http_request_t* request) { poststr(request, "Webapp url not set because you didn't specify the argument."); } - CFG_SetEnableWebServer(http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); - if (CFG_GetEnableWebServer()){ + CFG_SetDisableWebServer(!http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); + if (CFG_GetDisableWebServer()){ poststr(request, "
"); poststr(request, "Webapp will be disabled on next boot!"); } diff --git a/src/lwipopts.h b/src/lwipopts.h index 82d7c96eb..eb5c11de4 100755 --- a/src/lwipopts.h +++ b/src/lwipopts.h @@ -32,13 +32,11 @@ #ifndef __LWIPOPTS_H__ #define __LWIPOPTS_H__ -#include "obk_config.h" - #if MQTT_USE_TLS #define LWIP_ALTCP 1 #define LWIP_ALTCP_TLS 1 #define LWIP_ALTCP_TLS_MBEDTLS 1 -#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_ON +#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_OFF #endif /** diff --git a/src/new_cfg.c b/src/new_cfg.c index c0ec192ca..55bedf12d 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -171,11 +171,6 @@ void CFG_SetDefaultConfig() { #endif CFG_SetDefaultLEDCorrectionTable(); - CFG_SetMQTTUseTls(false); - CFG_SetMQTTVerifyTlsCert(false); - CFG_SetMQTTCertFile(""); - CFG_SetEnableWebServer(true); - CFG_SetDefaultLEDCorrectionTable(); g_cfg_pendingChanges++; } @@ -723,13 +718,13 @@ uint32_t CFG_GetLFS_Size() { } #endif -bool CFG_GetEnableWebServer() { - return g_cfg.enable_web_server; +bool CFG_GetDisableWebServer() { + return g_cfg.disable_web_server; } -void CFG_SetEnableWebServer(bool value) { +void CFG_SetDisableWebServer(bool value) { // is there a change? - if (g_cfg.enable_web_server != value) { - g_cfg.enable_web_server = value; + if (g_cfg.disable_web_server != value) { + g_cfg.disable_web_server = value; // mark as dirty (value has changed) g_cfg_pendingChanges++; } diff --git a/src/new_cfg.h b/src/new_cfg.h index ec4631e3d..6858d9a60 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -100,8 +100,8 @@ void CFG_SetLFS_Size(uint32_t value); uint32_t CFG_GetLFS_Size(); #endif -bool CFG_GetEnableWebServer(); -void CFG_SetEnableWebServer(bool value); +bool CFG_GetDisableWebServer(); +void CFG_SetDisableWebServer(bool value); #endif diff --git a/src/new_pins.h b/src/new_pins.h index b4023098b..ffdf367cf 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1192,7 +1192,7 @@ typedef struct mainConfig_s { // offset 0x00000C86 (3206 decimal) char mqtt_cert_file[20]; // offset 0x00000C9A (3226 decimal) - bool enable_web_server; + bool disable_web_server; // offset 0x00000C9B (3227 decimal) char unused[357]; #endif diff --git a/src/obk_config.h b/src/obk_config.h index a5d7cf3ff..a3da1e06e 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -66,7 +66,6 @@ #elif PLATFORM_BEKEN // set to 0 to disable -#define MQTT_USE_TLS 1 #define ENABLE_LITTLEFS 1 #define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 diff --git a/src/user_main.c b/src/user_main.c index cdcae55fb..47d1e4a4c 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -1154,7 +1154,7 @@ void Main_Init_After_Delay() // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); - if (CFG_GetEnableWebServer() || bSafeMode) { + if (!CFG_GetDisableWebServer() || bSafeMode) { HTTPServer_Start(); ADDLOGF_DEBUG("Started http tcp server\r\n"); } From 6fd77e6cc678fffa15904b4ede150e146a571440 Mon Sep 17 00:00:00 2001 From: alexs Date: Sat, 28 Oct 2023 21:24:25 -0300 Subject: [PATCH 25/39] Same documentation --- Makefile | 5 ++--- src/user_mbedtls_config.h | 29 +++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index b742485d4..6e7d76964 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,5 @@ # HACK - if COMPILE_PREX defined then we are being called running from original build_app.sh script in standard SDK # Required to not break old build_app.sh script lines 74-77 -MBEDTLS_DIR := ../../../apps/$(APP_BIN_NAME) ifdef COMPILE_PREX all: @echo Calling original build_app.sh script @@ -72,16 +71,16 @@ sdk/OpenW600/sharedAppContainer/sharedApp: ln -s "$(shell pwd)/" "sdk/OpenW600/sharedAppContainer/sharedApp" # Build main binaries -OpenBK7231T: +OpenBK7231T: output/mbedtls-2.28.5 $(MAKE) APP_NAME=OpenBK7231T TARGET_PLATFORM=bk7231t SDK_PATH=sdk/OpenBK7231T APPS_BUILD_PATH=../bk7231t_os build-BK7231 OpenBK7231N: + if [ ! -d "output/mbedtls-2.28.5" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi $(MAKE) APP_NAME=OpenBK7231N TARGET_PLATFORM=bk7231n SDK_PATH=sdk/OpenBK7231N APPS_BUILD_PATH=../bk7231n_os build-BK7231 sdk/OpenXR809/tools/gcc-arm-none-eabi-4_9-2015q2: cd sdk/OpenXR809/tools && wget -q "https://launchpad.net/gcc-arm-embedded/4.9/4.9-2015-q2-update/+download/gcc-arm-none-eabi-4_9-2015q2-20150609-linux.tar.bz2" && tar -xf *.tar.bz2 && rm -f *.tar.bz2 - .PHONY: OpenXR809 build-XR809 # Retry OpenXR809 a few times to account for calibration file issues diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index d97a19aad..249a18c2a 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -1,3 +1,32 @@ +/****************************************************************************** + * @version V1.0.0 + * @date 05-Oct-2023 + * + * This file contains specific configuration for mbedtls + * Due to environment limitations there is only one version of TSL + * and only one cipher enabled: + * TSL VERSION: TLSv1.2 + * TSL CIPHER : TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 + * + * This is a common configuration supported by the mosquitto MQTT server + * + * Tested only with LWIP MQTT client application on BK7231N platform + * It's possible that it will also work on other platforms, + * but I don't have specific hardware to test. + * + * The web server MQTT page has been updated to specify whether MQTT + * uses TSL and if the certificate needs to be validated. + * The CA certificate or public certificate (in case of self-signed) + * must be uploaded in PEM format to LFS + * + * To validate the certificate dates, the NTP driver must be enabled, + * otherwise the build date will be used to validate. + * + * Author: alexsandroz@gmail.com + * + ******************************************************************************/ + + #ifndef USER_MBEDTLS_CONFIG_H #define USER_MBEDTLS_CONFIG_H From 90360e6f9b0eab0ee03b2f6bb87569683e1f5958 Mon Sep 17 00:00:00 2001 From: alexs Date: Sat, 28 Oct 2023 21:52:47 -0300 Subject: [PATCH 26/39] Rever submodulos configuration --- .gitmodules | 40 ++++++++++++++++++++-------------------- Makefile | 5 +++-- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.gitmodules b/.gitmodules index 84f8758d9..e129c1d55 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,24 +1,24 @@ -# [submodule "sdk/OpenXR809"] -# path = sdk/OpenXR809 -# url = https://github.com/openshwprojects/OpenXR809.git -# branch = master -# [submodule "sdk/OpenBK7231T"] -# path = sdk/OpenBK7231T -# url = https://github.com/openshwprojects/OpenBK7231T.git -# branch = master +[submodule "sdk/OpenXR809"] + path = sdk/OpenXR809 + url = https://github.com/openshwprojects/OpenXR809.git + branch = master +[submodule "sdk/OpenBK7231T"] + path = sdk/OpenBK7231T + url = https://github.com/openshwprojects/OpenBK7231T.git + branch = master [submodule "sdk/OpenBK7231N"] path = sdk/OpenBK7231N url = https://github.com/openshwprojects/OpenBK7231N.git branch = master -# [submodule "sdk/OpenBL602"] -# path = sdk/OpenBL602 -# url = https://github.com/openshwprojects/OpenBL602.git -# branch = master -# [submodule "sdk/OpenW800"] -# path = sdk/OpenW800 -# url = https://github.com/openshwprojects/OpenW800.git -# branch = master -# [submodule "sdk/OpenW600"] -# path = sdk/OpenW600 -# url = https://github.com/openshwprojects/OpenW600.git -# branch = master +[submodule "sdk/OpenBL602"] + path = sdk/OpenBL602 + url = https://github.com/openshwprojects/OpenBL602.git + branch = master +[submodule "sdk/OpenW800"] + path = sdk/OpenW800 + url = https://github.com/openshwprojects/OpenW800.git + branch = master +[submodule "sdk/OpenW600"] + path = sdk/OpenW600 + url = https://github.com/openshwprojects/OpenW600.git + branch = master diff --git a/Makefile b/Makefile index 6e7d76964..63df0695e 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,7 @@ submodules: ifdef GITHUB_ACTIONS @echo Submodules already checked out during setup else -# git submodule update --init --recursive --remote + git submodule update --init --recursive --remote endif update-submodules: submodules @@ -71,7 +71,7 @@ sdk/OpenW600/sharedAppContainer/sharedApp: ln -s "$(shell pwd)/" "sdk/OpenW600/sharedAppContainer/sharedApp" # Build main binaries -OpenBK7231T: output/mbedtls-2.28.5 +OpenBK7231T: $(MAKE) APP_NAME=OpenBK7231T TARGET_PLATFORM=bk7231t SDK_PATH=sdk/OpenBK7231T APPS_BUILD_PATH=../bk7231t_os build-BK7231 OpenBK7231N: @@ -81,6 +81,7 @@ OpenBK7231N: sdk/OpenXR809/tools/gcc-arm-none-eabi-4_9-2015q2: cd sdk/OpenXR809/tools && wget -q "https://launchpad.net/gcc-arm-embedded/4.9/4.9-2015-q2-update/+download/gcc-arm-none-eabi-4_9-2015q2-20150609-linux.tar.bz2" && tar -xf *.tar.bz2 && rm -f *.tar.bz2 + .PHONY: OpenXR809 build-XR809 # Retry OpenXR809 a few times to account for calibration file issues From 57b3669d308081f4cac3112e09c2335678eb2b63 Mon Sep 17 00:00:00 2001 From: alexsandroz <93751123+alexsandroz@users.noreply.github.com> Date: Sat, 28 Oct 2023 23:02:07 -0300 Subject: [PATCH 27/39] Rever ignore submodules Rever ignore submodules --- .gitignore | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.gitignore b/.gitignore index 2287a49e0..a85580d0b 100644 --- a/.gitignore +++ b/.gitignore @@ -35,9 +35,3 @@ configMemory.bin # MSVC enc_temp_folder/** -/sdk/OpenBK7231N -/sdk/OpenBK7231T -/sdk/OpenBL602 -/sdk/OpenW600 -/sdk/OpenW800 -/sdk/OpenXR809 \ No newline at end of file From 21e00874178f43809cdbddb09e372b6c92625585 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 00:18:51 -0300 Subject: [PATCH 28/39] Fix for git actions --- Makefile | 7 +++++-- components.mk | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 60 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 63df0695e..6613d3156 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,11 @@ # HACK - if COMPILE_PREX defined then we are being called running from original build_app.sh script in standard SDK # Required to not break old build_app.sh script lines 74-77 +MBEDTLS=output/mbedtls-2.28.5 ifdef COMPILE_PREX all: @echo Calling original build_app.sh script - if [ ! -d "output/mbedtls-2.28.5" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi + mkdir -p output + if [ ! -d "$(MBEDTLS)" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi cd $(PWD)/../../platforms/$(TARGET_PLATFORM)/toolchain/$(TUYA_APPS_BUILD_PATH) && sh $(TUYA_APPS_BUILD_CMD) $(APP_NAME) $(APP_VERSION) $(TARGET_PLATFORM) $(USER_CMD) else @@ -75,7 +77,8 @@ OpenBK7231T: $(MAKE) APP_NAME=OpenBK7231T TARGET_PLATFORM=bk7231t SDK_PATH=sdk/OpenBK7231T APPS_BUILD_PATH=../bk7231t_os build-BK7231 OpenBK7231N: - if [ ! -d "output/mbedtls-2.28.5" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi + mkdir -p output + if [ ! -d "$(MBEDTLS)" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi $(MAKE) APP_NAME=OpenBK7231N TARGET_PLATFORM=bk7231n SDK_PATH=sdk/OpenBK7231N APPS_BUILD_PATH=../bk7231n_os build-BK7231 sdk/OpenXR809/tools/gcc-arm-none-eabi-4_9-2015q2: diff --git a/components.mk b/components.mk index 3aee695c4..759f55f33 100644 --- a/components.mk +++ b/components.mk @@ -60,4 +60,58 @@ SRC_C += ${MBEDTLS_DIR}/library/camellia.c SRC_C += ${MBEDTLS_DIR}/library/ssl_cli.c endif #ifeq ($(CFG_USE_MQTT_TLS),1) -endif #ifeq ($(TARGET_PLATFORM),bk7231n) \ No newline at end of file +endif #ifeq ($(TARGET_PLATFORM),bk7231n) + + +# Wolfssl sources +# ifeq ($(CFG_ENABLE_MQTT_TLS),1) +# SRC_TLS_C += $(WOLFSSL_DIR)/src/ssl.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/internal.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/tls.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/keys.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/wolfio.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/crl.c +# SRC_TLS_C += $(WOLFSSL_DIR)/src/ocsp.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wc_port.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/hash.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/memory.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/asn.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha3.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/rsa.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/random.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/md5.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/dh.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/arc4.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/des3.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/aes.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha256.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha512.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/integer.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/hmac.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/coding.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/error.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sp_int.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/kdf.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/dsa.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wolfmath.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ecc.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/tfm.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/srp.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/chacha.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/poly1305.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/curve448.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ed448.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_448.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_448.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/curve25519.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ed25519.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_operations.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_low_mem.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_operations.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_low_mem.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wc_encrypt.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/pwdbased.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/camellia.c +# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/logging.c +# endif \ No newline at end of file From 94c4622715b4324ab4c6269ecc1ae93bb0647b4b Mon Sep 17 00:00:00 2001 From: alexs Date: Sun, 29 Oct 2023 01:21:09 -0300 Subject: [PATCH 29/39] Fix build start_type_pub only in platform Beken --- sdk/OpenBK7231N | 2 +- src/httpserver/http_fns.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/sdk/OpenBK7231N b/sdk/OpenBK7231N index c075b336f..7a65b01f6 160000 --- a/sdk/OpenBK7231N +++ b/sdk/OpenBK7231N @@ -1 +1 @@ -Subproject commit c075b336faa19f08f020df100292a66f292c7101 +Subproject commit 7a65b01f637203c1c6c1f7a7ec630aa16ea5df4b diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 8b3037d9b..ecddf599f 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -18,7 +18,9 @@ #include #include "../driver/drv_ntp.h" #include "../driver/drv_local.h" +#ifdef PLATFORM_BEKEN #include "start_type_pub.h" +#endif static char SUBMIT_AND_END_FORM[] = "
"; From 7eedd7f3a4528aff2393daa3fac24dcbd3aadffb Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 12:57:51 -0300 Subject: [PATCH 30/39] Fix build git w600 --- src/cmnds/cmd_main.c | 5 ++- src/httpserver/http_fns.c | 10 +++++- src/mqtt/new_mqtt.c | 2 ++ src/new_cfg.c | 67 ++++++++++++++++++++------------------- src/new_cfg.h | 14 ++++---- src/user_main.c | 4 +++ src/user_mbedtls_config.h | 5 ++- 7 files changed, 66 insertions(+), 41 deletions(-) diff --git a/src/cmnds/cmd_main.c b/src/cmnds/cmd_main.c index 17d7435dd..748f6ab73 100644 --- a/src/cmnds/cmd_main.c +++ b/src/cmnds/cmd_main.c @@ -619,6 +619,7 @@ commandResult_t CMD_DeepSleep_SetEdge(const void* context, const char* cmd, cons return CMD_RES_OK; } +#if MQTT_USE_TLS static commandResult_t CMD_WebServer(const void* context, const char* cmd, const char* args, int cmdFlags) { int arg_count; Tokenizer_TokenizeString(args, 0); @@ -647,7 +648,7 @@ static commandResult_t CMD_WebServer(const void* context, const char* cmd, const ADDLOG_ERROR(LOG_FEATURE_CMD, "Invalid Argument"); return CMD_RES_BAD_ARGUMENT; } - +#endif void CMD_Init_Early() { //cmddetail:{"name":"alias","args":"[Alias][Command with spaces]", @@ -776,12 +777,14 @@ void CMD_Init_Early() { //cmddetail:"examples":""} CMD_RegisterCommand("StartupCommand", CMD_StartupCommand, NULL); CMD_RegisterCommand("Choice", CMD_Choice, NULL); +#if MQTT_USE_TLS //CMD_RegisterCommand("FindPattern", CMD_FindPattern, NULL); //cmddetail:{"name":"WebServer","args":"[0 - Stop / 1 - Start]", //cmddetail:"descr":"Setting state of WebServer", //cmddetail:"fn":"CMD_WebServer","file":"cmnds/cmd_main.c","requires":"", //cmddetail:"examples":""} CMD_RegisterCommand("WebServer", CMD_WebServer, NULL); +#endif #if (defined WINDOWS) || (defined PLATFORM_BEKEN) CMD_InitScripting(); diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index ecddf599f..55fbb72a2 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1057,6 +1057,7 @@ int http_fn_cfg_mqtt(http_request_t* request) { // if (hex) { // poststr(request, " checked"); // } +#if MQTT_USE_TLS hprintf255(request, ""); @@ -1070,6 +1071,7 @@ int http_fn_cfg_mqtt(http_request_t* request) { hprintf255(request, "
"); add_label_text_field(request, "Certificate File (CA Root or Public Certificate PEM format)", "mqtt_cert_file", CFG_GetMQTTCertFile(), "
"); +#endif add_label_text_field(request, "Client Topic (Base Topic)", "client", CFG_GetMQTTClientId(), "
"); add_label_text_field(request, "Group Topic (Secondary Topic to only receive cmnds)", "group", CFG_GetMQTTGroupTopic(), "
"); @@ -1086,7 +1088,7 @@ int http_fn_cfg_mqtt(http_request_t* request) { int http_fn_cfg_ip(http_request_t* request) { char tmp[64]; int g_changes = 0; - //byte ip[4]; + //byte ip[4]; unused. comment for silent warning http_setup(request, httpMimeTypeHTML); http_html_start(request, "IP"); poststr_h2(request, "Here you can set static IP or DHCP"); @@ -1143,10 +1145,12 @@ int http_fn_cfg_mqtt_set(http_request_t* request) { CFG_SetMQTTPort(atoi(tmpA)); } +#if MQTT_USE_TLS CFG_SetMQTTUseTls(http_getArg(request->url, "mqtt_use_tls", tmpA, sizeof(tmpA))); CFG_SetMQTTVerifyTlsCert(http_getArg(request->url, "mqtt_verify_tls_cert", tmpA, sizeof(tmpA))); http_getArg(request->url, "mqtt_cert_file", tmpA, sizeof(tmpA)); CFG_SetMQTTCertFile(tmpA); +#endif if (http_getArg(request->url, "user", tmpA, sizeof(tmpA))) { CFG_SetMQTTUserName(tmpA); @@ -1179,11 +1183,13 @@ int http_fn_cfg_webapp(http_request_t* request) { http_html_start(request, "Set Webapp"); add_label_text_field(request, "URL of the Webapp", "url", CFG_GetWebappRoot(), "
"); +#if MQTT_USE_TLS hprintf255(request, ""); } hprintf255(request, "
"); +#endif poststr(request, SUBMIT_AND_END_FORM); poststr(request, htmlFooterReturnToCfgLink); @@ -1206,11 +1212,13 @@ int http_fn_cfg_webapp_set(http_request_t* request) { poststr(request, "Webapp url not set because you didn't specify the argument."); } +#if MQTT_USE_TLS CFG_SetDisableWebServer(!http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); if (CFG_GetDisableWebServer()){ poststr(request, "
"); poststr(request, "Webapp will be disabled on next boot!"); } +#endif poststr(request, "
"); poststr(request, htmlFooterReturnToCfgLink); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 2e31250f0..40cf9096f 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1183,8 +1183,10 @@ static int MQTT_do_connect(mqtt_client_t* client) mqtt_pass = CFG_GetMQTTPass(); mqtt_clientID = CFG_GetMQTTClientId(); mqtt_port = CFG_GetMQTTPort(); +#if MQTT_USE_TLS mqtt_use_tls = CFG_GetMQTTUseTls(); mqtt_verify_tls_cert = CFG_GetMQTTVerifyTlsCert(); +#endif addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, diff --git a/src/new_cfg.c b/src/new_cfg.c index 55bedf12d..338ded4a6 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -286,15 +286,6 @@ const char *CFG_GetOpenBekenHostName() { int CFG_GetMQTTPort() { return g_cfg.mqtt_port; } -bool CFG_GetMQTTUseTls() { - return g_cfg.mqtt_use_tls; -} -bool CFG_GetMQTTVerifyTlsCert() { - return g_cfg.mqtt_verify_tls_cert; -} -const char* CFG_GetMQTTCertFile() { - return g_cfg.mqtt_cert_file; -} void CFG_SetShortDeviceName(const char *s) { @@ -319,29 +310,6 @@ void CFG_SetMQTTPort(int p) { g_cfg_pendingChanges++; } } -void CFG_SetMQTTUseTls(bool value) { - // is there a change? - if(g_cfg.mqtt_use_tls != value) { - g_cfg.mqtt_use_tls = value; - // mark as dirty (value has changed) - g_cfg_pendingChanges++; - } -} -void CFG_SetMQTTVerifyTlsCert(bool value) { - // is there a change? - if (g_cfg.mqtt_verify_tls_cert != value) { - g_cfg.mqtt_verify_tls_cert = value; - // mark as dirty (value has changed) - g_cfg_pendingChanges++; - } -} -void CFG_SetMQTTCertFile(const char* s) { - // this will return non-zero if there were any changes - if (strcpy_safe_checkForChanges(g_cfg.mqtt_cert_file, s, sizeof(g_cfg.mqtt_cert_file))) { - // mark as dirty (value has changed) - g_cfg_pendingChanges++; - } -} void CFG_SetOpenAccessPoint() { // is there a change? if(g_cfg.wifi_ssid[0] == 0 && g_cfg.wifi_pass[0] == 0) { @@ -718,6 +686,39 @@ uint32_t CFG_GetLFS_Size() { } #endif +#if MQTT_USE_TLS +bool CFG_GetMQTTUseTls() { + return g_cfg.mqtt_use_tls; +} +bool CFG_GetMQTTVerifyTlsCert() { + return g_cfg.mqtt_verify_tls_cert; +} +const char* CFG_GetMQTTCertFile() { + return g_cfg.mqtt_cert_file; +} +void CFG_SetMQTTUseTls(bool value) { + // is there a change? + if (g_cfg.mqtt_use_tls != value) { + g_cfg.mqtt_use_tls = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} +void CFG_SetMQTTVerifyTlsCert(bool value) { + // is there a change? + if (g_cfg.mqtt_verify_tls_cert != value) { + g_cfg.mqtt_verify_tls_cert = value; + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} +void CFG_SetMQTTCertFile(const char* s) { + // this will return non-zero if there were any changes + if (strcpy_safe_checkForChanges(g_cfg.mqtt_cert_file, s, sizeof(g_cfg.mqtt_cert_file))) { + // mark as dirty (value has changed) + g_cfg_pendingChanges++; + } +} bool CFG_GetDisableWebServer() { return g_cfg.disable_web_server; } @@ -729,6 +730,8 @@ void CFG_SetDisableWebServer(bool value) { g_cfg_pendingChanges++; } } +#endif + void CFG_InitAndLoad() { byte chkSum; diff --git a/src/new_cfg.h b/src/new_cfg.h index 6858d9a60..419b45526 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -31,17 +31,11 @@ const char *CFG_GetMQTTClientId(); const char *CFG_GetMQTTGroupTopic(); const char *CFG_GetMQTTUserName(); const char *CFG_GetMQTTPass(); -bool CFG_GetMQTTUseTls(); -bool CFG_GetMQTTVerifyTlsCert(); -const char* CFG_GetMQTTCertFile(); void CFG_SetMQTTHost(const char *s); void CFG_SetMQTTClientId(const char *s); void CFG_SetMQTTUserName(const char *s); void CFG_SetMQTTGroupTopic(const char *s); void CFG_SetMQTTPass(const char *s); -void CFG_SetMQTTUseTls(bool value); -void CFG_SetMQTTVerifyTlsCert(bool value); -void CFG_SetMQTTCertFile(const char* s); const char *CFG_GetWebappRoot(); void CFG_SetLEDRemap(int r, int g, int b, int c, int w); void CFG_SetDefaultLEDRemap(int r, int g, int b, int c, int w); @@ -100,8 +94,16 @@ void CFG_SetLFS_Size(uint32_t value); uint32_t CFG_GetLFS_Size(); #endif +#if MQTT_USE_TLS +void CFG_SetMQTTUseTls(bool value); +void CFG_SetMQTTVerifyTlsCert(bool value); +void CFG_SetMQTTCertFile(const char* s); +bool CFG_GetMQTTUseTls(); +bool CFG_GetMQTTVerifyTlsCert(); +const char* CFG_GetMQTTCertFile(); bool CFG_GetDisableWebServer(); void CFG_SetDisableWebServer(bool value); +#endif #endif diff --git a/src/user_main.c b/src/user_main.c index 47d1e4a4c..97ff1cb38 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -1154,10 +1154,14 @@ void Main_Init_After_Delay() // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); +#if MQTT_USE_TLS if (!CFG_GetDisableWebServer() || bSafeMode) { +#endif HTTPServer_Start(); ADDLOGF_DEBUG("Started http tcp server\r\n"); +#if MQTT_USE_TLS } +#endif // only initialise certain things if we are not in AP mode if (!bSafeMode) diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index 249a18c2a..fc3c482f3 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -30,6 +30,8 @@ #ifndef USER_MBEDTLS_CONFIG_H #define USER_MBEDTLS_CONFIG_H +#if MQTT_USE_TLS + #include "mbedtls/config.h" // Plataform specific @@ -160,4 +162,5 @@ #undef MBEDTLS_GENPRIME #undef MBEDTLS_X509_RSASSA_PSS_SUPPORT -#endif \ No newline at end of file +#endif //MQTT_USE_TLS +#endif //USER_MBEDTLS_CONFIG_H \ No newline at end of file From 4c7974423048186cb475c68f467e79942407ee9f Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 17:27:57 -0300 Subject: [PATCH 31/39] Fix BL602 build --- components.mk | 11 +- src/lwipopts.h | 445 ------------------------------------------------- 2 files changed, 9 insertions(+), 447 deletions(-) delete mode 100755 src/lwipopts.h diff --git a/components.mk b/components.mk index 759f55f33..173954060 100644 --- a/components.mk +++ b/components.mk @@ -6,8 +6,15 @@ ifeq ($(CFG_USE_MQTT_TLS),1) MBEDTLS_DIR = $(TOP_DIR)/apps/$(APP_BIN_NAME)/output/mbedtls-2.28.5 INCLUDES := -I$(MBEDTLS_DIR)/include -I$(TOP_DIR)/apps/$(APP_BIN_NAME)/src $(INCLUDES) -CPPDEFINES += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' -OSFLAGS += -DMQTT_USE_TLS=1 -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' +MQTT_TLS_DEFS += -DMQTT_USE_TLS=1 +MQTT_TLS_DEFS += -DLWIP_ALTCP=1 +MQTT_TLS_DEFS += -DLWIP_ALTCP_TLS=1 +MQTT_TLS_DEFS += -DLWIP_ALTCP_TLS_MBEDTLS=1 +MQTT_TLS_DEFS += -DMEMP_NUM_ALTCP_PCB=4 +MQTT_TLS_DEFS += -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' +CPPDEFINES += $(MQTT_TLS_DEFS) -Wno-misleading-indentation +OSFLAGS += $(MQTT_TLS_DEFS) +LFLAGS += -Wl,--print-memory-usage SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls.c SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls_mem.c diff --git a/src/lwipopts.h b/src/lwipopts.h deleted file mode 100755 index eb5c11de4..000000000 --- a/src/lwipopts.h +++ /dev/null @@ -1,445 +0,0 @@ -/* - * Copyright (c) 2001-2003 Swedish Institute of Computer Science. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT - * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT - * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING - * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY - * OF SUCH DAMAGE. - * - * This file is part of the lwIP TCP/IP stack. - * - * Author: Adam Dunkels - * - */ -#ifndef __LWIPOPTS_H__ -#define __LWIPOPTS_H__ - -#if MQTT_USE_TLS -#define LWIP_ALTCP 1 -#define LWIP_ALTCP_TLS 1 -#define LWIP_ALTCP_TLS_MBEDTLS 1 -#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_OFF -#endif - - /** - * Loopback demo related options. - */ -#define LWIP_NETIF_LOOPBACK 1 -#define LWIP_HAVE_LOOPIF 1 -#define LWIP_NETIF_LOOPBACK_MULTITHREADING 1 -#define LWIP_LOOPBACK_MAX_PBUFS 8 - -#define TCPIP_THREAD_NAME "tcp/ip" -#define TCPIP_THREAD_STACKSIZE 768 -#define TCPIP_THREAD_PRIO 7 - -#define DEFAULT_THREAD_STACKSIZE 200 -#define DEFAULT_THREAD_PRIO 1 - - /* Disable lwIP asserts */ -#define LWIP_NOASSERT 1 - -#define LWIP_DEBUG LWIP_DBG_ON -#define LWIP_DEBUG_TRACE 0 -#define SOCKETS_DEBUG LWIP_DBG_OFF // | LWIP_DBG_MASK_LEVEL -#define IP_DEBUG LWIP_DBG_OFF -#define ETHARP_DEBUG LWIP_DBG_OFF -#define NETIF_DEBUG LWIP_DBG_OFF -#define PBUF_DEBUG LWIP_DBG_OFF -#define MEMP_DEBUG LWIP_DBG_OFF -#define API_LIB_DEBUG LWIP_DBG_OFF -#define API_MSG_DEBUG LWIP_DBG_OFF -#define ICMP_DEBUG LWIP_DBG_OFF -#define IGMP_DEBUG LWIP_DBG_OFF -#define INET_DEBUG LWIP_DBG_OFF -#define IP_REASS_DEBUG LWIP_DBG_OFF -#define RAW_DEBUG LWIP_DBG_OFF -#define MEM_DEBUG LWIP_DBG_OFF -#define SYS_DEBUG LWIP_DBG_OFF -#define TCP_DEBUG LWIP_DBG_OFF -#define TCP_INPUT_DEBUG LWIP_DBG_OFF -#define TCP_FR_DEBUG LWIP_DBG_OFF -#define TCP_RTO_DEBUG LWIP_DBG_OFF -#define TCP_CWND_DEBUG LWIP_DBG_OFF -#define TCP_WND_DEBUG LWIP_DBG_OFF -#define TCP_OUTPUT_DEBUG LWIP_DBG_OFF -#define TCP_RST_DEBUG LWIP_DBG_OFF -#define TCP_QLEN_DEBUG LWIP_DBG_OFF -#define UDP_DEBUG LWIP_DBG_OFF -#define TCPIP_DEBUG LWIP_DBG_OFF -#define PPP_DEBUG LWIP_DBG_OFF -#define SLIP_DEBUG LWIP_DBG_OFF -#define DHCP_DEBUG LWIP_DBG_OFF -#define AUTOIP_DEBUG LWIP_DBG_OFF -#define SNMP_MSG_DEBUG LWIP_DBG_OFF -#define SNMP_MIB_DEBUG LWIP_DBG_OFF -#define DNS_DEBUG LWIP_DBG_OFF - -/** - * SYS_LIGHTWEIGHT_PROT==1: if you want inter-task protection for certain - * critical regions during buffer allocation, deallocation and memory - * allocation and deallocation. - */ -#define SYS_LIGHTWEIGHT_PROT 1 - - /* - ------------------------------------ - ---------- Memory options ---------- - ------------------------------------ - */ - - /** - * MEM_ALIGNMENT: should be set to the alignment of the CPU - * 4 byte alignment -> #define MEM_ALIGNMENT 4 - * 2 byte alignment -> #define MEM_ALIGNMENT 2 - */ -#define MEM_ALIGNMENT 4 - -#define MAX_SOCKETS_TCP 12 -#define MAX_LISTENING_SOCKETS_TCP 4 -#define MAX_SOCKETS_UDP 18 - - /* Value of TCP_SND_BUF_COUNT denotes the number of buffers and is set by - * CONFIG option available in the SDK - */ -#define TCP_SND_BUF_COUNT 12 - /* Buffer size needed for TCP: Max. number of TCP sockets * Size of pbuf * - * Max. number of TCP sender buffers per socket - * - * Listening sockets for TCP servers do not require the same amount buffer - * space. Hence do not consider these sockets for memory computation - */ -#define TCP_MEM_SIZE (MAX_SOCKETS_TCP * \ - PBUF_POOL_BUFSIZE * (TCP_SND_BUF/TCP_MSS)) - - /* Buffer size needed for UDP: Max. number of UDP sockets * Size of pbuf - */ -#define UDP_MEM_SIZE (MAX_SOCKETS_UDP * PBUF_POOL_BUFSIZE) - - /** - * MEM_SIZE: the size of the heap memory. If the application will send - * a lot of data that needs to be copied, this should be set high. - */ - -#define MEM_SIZE (16*1024) - - - - /* - ------------------------------------------------ - ---------- Internal Memory Pool Sizes ---------- - ------------------------------------------------ - */ - /** - * MEMP_NUM_PBUF: the number of memp struct pbufs (used for PBUF_ROM and PBUF_REF). - * If the application sends a lot of data out of ROM (or other static memory), - * this should be set high. - */ -#define MEMP_NUM_PBUF 12 - - /** - * MEMP_NUM_TCP_PCB: the number of simulatenously active TCP connections. - * (requires the LWIP_TCP option) - */ -#define MEMP_NUM_TCP_PCB MAX_SOCKETS_TCP -#define MEMP_NUM_TCP_PCB_LISTEN MAX_LISTENING_SOCKETS_TCP - - /** - * MEMP_NUM_TCP_SEG: the number of simultaneously queued TCP segments. - * (requires the LWIP_TCP option) - */ - - /** - * MEMP_NUM_TCPIP_MSG_INPKT: the number of struct tcpip_msg, which are used - * for incoming packets. - * (only needed if you use tcpip.c) - */ - -#define MEMP_NUM_TCPIP_MSG_INPKT 20 - - /** - * MEMP_NUM_SYS_TIMEOUT: the number of simulateously active timeouts. - * (requires NO_SYS==0) - */ -#define MEMP_NUM_SYS_TIMEOUT 16 - - /** - * MEMP_NUM_NETBUF: the number of struct netbufs. - * (only needed if you use the sequential API, like api_lib.c) - */ - -#define MEMP_NUM_NETBUF 20 - - /** - * MEMP_NUM_NETCONN: the number of struct netconns. - * (only needed if you use the sequential API, like api_lib.c) - * - * This number corresponds to the maximum number of active sockets at any - * given point in time. This number must be sum of max. TCP sockets, max. TCP - * sockets used for listening, and max. number of UDP sockets - */ -#define MEMP_NUM_NETCONN (MAX_SOCKETS_TCP + \ - MAX_LISTENING_SOCKETS_TCP + MAX_SOCKETS_UDP) - - /** - * PBUF_POOL_SIZE: the number of buffers in the pbuf pool. - */ - -#define PBUF_POOL_SIZE 3 - - - /* - ---------------------------------- - ---------- Pbuf options ---------- - ---------------------------------- - */ - - /** - * PBUF_POOL_BUFSIZE: the size of each pbuf in the pbuf pool. The default is - * designed to accomodate single full size TCP frame in one pbuf, including - * TCP_MSS, IP header, and link header. - */ -#define PBUF_POOL_BUFSIZE 1580 - - - /* - --------------------------------- - ---------- RAW options ---------- - --------------------------------- - */ - /** - * LWIP_RAW==1: Enable application layer to hook into the IP layer itself. - */ -#define LWIP_RAW 1 -#ifdef CONFIG_IPV6 -#define LWIP_IPV6 1 -#endif - - /* Enable IPv4 Auto IP */ -#ifdef CONFIG_AUTOIP -#define LWIP_AUTOIP 1 -#define LWIP_DHCP_AUTOIP_COOP 1 -#define LWIP_DHCP_AUTOIP_COOP_TRIES 5 -#endif - -/* - ------------------------------------ - ---------- Socket options ---------- - ------------------------------------ -*/ -/** - * LWIP_SOCKET==1: Enable Socket API (require to use sockets.c) - */ -#define LWIP_SOCKET 1 -#define LWIP_NETIF_API 1 - - /** - * LWIP_RECV_CB==1: Enable callback when a socket receives data. - */ -#define LWIP_RECV_CB 1 - /** - * SO_REUSE==1: Enable SO_REUSEADDR option. - */ -#define SO_REUSE 1 -#define SO_REUSE_RXTOALL 1 - - /** - * Enable TCP_KEEPALIVE - */ -#define LWIP_TCP_KEEPALIVE 1 - - /* - ---------------------------------------- - ---------- Statistics options ---------- - ---------------------------------------- - */ - /** - * LWIP_STATS==1: Enable statistics collection in lwip_stats. - */ -#define LWIP_STATS 1 - - /** - * LWIP_STATS_DISPLAY==1: Compile in the statistics output functions. - */ -#define LWIP_STATS_DISPLAY 0 - - /* - ---------------------------------- - ---------- DHCP options ---------- - ---------------------------------- - */ - /** - * LWIP_DHCP==1: Enable DHCP module. - */ -#define LWIP_DHCP 1 -#define LWIP_NETIF_STATUS_CALLBACK 1 - - /** - * DNS related options, revisit later to fine tune. - */ -#define LWIP_DNS 1 -#define DNS_TABLE_SIZE 2 // number of table entries, default 4 - //#define DNS_MAX_NAME_LENGTH 64 // max. name length, default 256 -#define DNS_MAX_SERVERS 2 // number of DNS servers, default 2 -#define DNS_DOES_NAME_CHECK 1 // compare received name with given,def 0 -#define DNS_MSG_SIZE 512 -#define MDNS_MSG_SIZE 512 - -#define MDNS_TABLE_SIZE 1 // number of mDNS table entries -#define MDNS_MAX_SERVERS 1 // number of mDNS multicast addresses -/* TODO: Number of active UDP PCBs is equal to number of active UDP sockets plus - * two. Need to find the users of these 2 PCBs - */ -#define MEMP_NUM_UDP_PCB (MAX_SOCKETS_UDP + 2) - /* NOTE: some times the socket() call for SOCK_DGRAM might fail if you dont - * have enough MEMP_NUM_UDP_PCB */ - - /* - ---------------------------------- - ---------- IGMP options ---------- - ---------------------------------- - */ - /** - * LWIP_IGMP==1: Turn on IGMP module. - */ -#define LWIP_IGMP 1 - - /** - * LWIP_SO_SNDTIMEO==1: Enable send timeout for sockets/netconns and - * SO_SNDTIMEO processing. - */ -#define LWIP_SO_SNDTIMEO 1 - - /** - * LWIP_SO_RCVTIMEO==1: Enable receive timeout for sockets/netconns and - * SO_RCVTIMEO processing. - */ -#define LWIP_SO_RCVTIMEO 1 -#define LWIP_SO_SNDTIMEO 1 - /** - * TCP_LISTEN_BACKLOG==1: Handle backlog connections. - */ -#define TCP_LISTEN_BACKLOG 1 -#define LWIP_PROVIDE_ERRNO 1 - -#include -#define ERRNO 1 - - //#define LWIP_SNMP 1 - - - /* - ------------------------------------------------ - ---------- Network Interfaces options ---------- - ------------------------------------------------ - */ - /** - * LWIP_NETIF_HOSTNAME==1: use DHCP_OPTION_HOSTNAME with netif's hostname - * field. - */ -#define LWIP_NETIF_HOSTNAME 1 - - - /* - The STM32F107 allows computing and verifying the IP, UDP, TCP and ICMP checksums by hardware: - - To use this feature let the following define uncommented. - - To disable it and process by CPU comment the the checksum. - */ - //#define CHECKSUM_BY_HARDWARE - - -#ifdef CHECKSUM_BY_HARDWARE - /* CHECKSUM_GEN_IP==0: Generate checksums by hardware for outgoing IP packets.*/ -#define CHECKSUM_GEN_IP 0 -/* CHECKSUM_GEN_UDP==0: Generate checksums by hardware for outgoing UDP packets.*/ -#define CHECKSUM_GEN_UDP 0 -/* CHECKSUM_GEN_TCP==0: Generate checksums by hardware for outgoing TCP packets.*/ -#define CHECKSUM_GEN_TCP 0 -/* CHECKSUM_CHECK_IP==0: Check checksums by hardware for incoming IP packets.*/ -#define CHECKSUM_CHECK_IP 0 -/* CHECKSUM_CHECK_UDP==0: Check checksums by hardware for incoming UDP packets.*/ -#define CHECKSUM_CHECK_UDP 0 -/* CHECKSUM_CHECK_TCP==0: Check checksums by hardware for incoming TCP packets.*/ -#define CHECKSUM_CHECK_TCP 0 -#else - /* CHECKSUM_GEN_IP==1: Generate checksums in software for outgoing IP packets.*/ -#define CHECKSUM_GEN_IP 1 -/* CHECKSUM_GEN_UDP==1: Generate checksums in software for outgoing UDP packets.*/ -#define CHECKSUM_GEN_UDP 1 -/* CHECKSUM_GEN_TCP==1: Generate checksums in software for outgoing TCP packets.*/ -#define CHECKSUM_GEN_TCP 1 -/* CHECKSUM_CHECK_IP==1: Check checksums in software for incoming IP packets.*/ -#define CHECKSUM_CHECK_IP 1 -/* CHECKSUM_CHECK_UDP==1: Check checksums in software for incoming UDP packets.*/ -#define CHECKSUM_CHECK_UDP 1 -/* CHECKSUM_CHECK_TCP==1: Check checksums in software for incoming TCP packets.*/ -#define CHECKSUM_CHECK_TCP 1 -#endif - -/** - * TCP_RESOURCE_FAIL_RETRY_LIMIT: limit for retrying sending of tcp segment - * on resource failure error returned by driver. - */ -#define TCP_RESOURCE_FAIL_RETRY_LIMIT 50 - - //#ifdef CONFIG_ENABLE_MXCHIP - /* save memory */ - ///#define PBUF_POOL_SIZE (3) -#define TCP_MSS (1500 - 40) -/* TCP receive window. */ -#define TCP_WND (3 * TCP_MSS) -/* TCP sender buffer space (bytes). */ -#define TCP_SND_BUF (10 * TCP_MSS) - -#define TCP_SND_QUEUELEN (40) - -/* ARP before DHCP causes multi-second delay - turn it off */ -#define DHCP_DOES_ARP_CHECK (0) - -#define TCP_MAX_ACCEPT_CONN 5 -#define MEMP_NUM_TCP_SEG (TCP_SND_QUEUELEN*2) - -#define IP_REASS_MAX_PBUFS 0 -#define IP_REASSEMBLY 0 -#define IP_REASS_MAX_PBUFS 0 -#define IP_REASSEMBLY 0 -#define MEMP_NUM_REASSDATA 0 -#define IP_FRAG 0 - -#define MEM_LIBC_MALLOC (0) - -#define DEFAULT_UDP_RECVMBOX_SIZE 3 //each udp socket max buffer 3 packets. - -#define MEMP_MEM_MALLOC (0) -#define TCP_MSL (TCP_TMR_INTERVAL) - -#define LWIP_COMPAT_MUTEX_ALLOWED (1) - -#define MEMP_STATS 1 -#define MEM_STATS 1 - -#define LWIP_DONT_PROVIDE_BYTEORDER_FUNCTIONS - -#define ETHARP_SUPPORT_STATIC_ENTRIES 1 -#define LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS 1 - -#endif /* __LWIPOPTS_H__ */ - From 6c0971d4d04f45b58d68009ffff923e8b9d85b3f Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 17:44:14 -0300 Subject: [PATCH 32/39] Remove format only changes --- .vscode/settings.json | 12 +---- components.mk | 57 +--------------------- src/mqtt/new_mqtt.c | 111 ++++++++++++++++++++---------------------- src/user_main.c | 2 +- 4 files changed, 56 insertions(+), 126 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index a4473523f..e0bdf2d12 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -15,15 +15,5 @@ "C_Cpp.clang_format_fallbackStyle": "{ BasedOnStyle: LLVM, UseTab: Always, IndentWidth: 4, TabWidth: 4, BreakBeforeBraces: Attach, AllowShortIfStatementsOnASingleLine: false, IndentCaseLabels: false, ColumnLimit: 0, AccessModifierOffset: -4, NamespaceIndentation: All, FixNamespaceComments: false }", "prettier.tabWidth": 4, "prettier.useTabs": true, - "prettier.printWidth": 120, - "files.associations": { - "altcp_tls.h": "c", - "system_error": "cpp", - "logging.h": "c", - "opt.h": "c", - "altcp_tls_mbedtls_opts.h": "c", - "fake_clock_pub.h": "c", - "check_config.h": "c", - "cmd_public.h": "c" - } + "prettier.printWidth": 120 } \ No newline at end of file diff --git a/components.mk b/components.mk index 173954060..796fca494 100644 --- a/components.mk +++ b/components.mk @@ -14,7 +14,6 @@ MQTT_TLS_DEFS += -DMEMP_NUM_ALTCP_PCB=4 MQTT_TLS_DEFS += -DMBEDTLS_CONFIG_FILE='"user_mbedtls_config.h"' CPPDEFINES += $(MQTT_TLS_DEFS) -Wno-misleading-indentation OSFLAGS += $(MQTT_TLS_DEFS) -LFLAGS += -Wl,--print-memory-usage SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls.c SRC_C += ./beken378/func/lwip_intf/lwip-2.1.3/src/apps/altcp_tls/altcp_tls_mbedtls_mem.c @@ -67,58 +66,4 @@ SRC_C += ${MBEDTLS_DIR}/library/camellia.c SRC_C += ${MBEDTLS_DIR}/library/ssl_cli.c endif #ifeq ($(CFG_USE_MQTT_TLS),1) -endif #ifeq ($(TARGET_PLATFORM),bk7231n) - - -# Wolfssl sources -# ifeq ($(CFG_ENABLE_MQTT_TLS),1) -# SRC_TLS_C += $(WOLFSSL_DIR)/src/ssl.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/internal.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/tls.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/keys.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/wolfio.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/crl.c -# SRC_TLS_C += $(WOLFSSL_DIR)/src/ocsp.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wc_port.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/hash.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/memory.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/asn.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha3.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/rsa.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/random.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/md5.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/dh.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/arc4.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/des3.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/aes.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha256.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sha512.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/integer.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/hmac.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/coding.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/error.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/sp_int.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/kdf.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/dsa.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wolfmath.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ecc.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/tfm.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/srp.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/chacha.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/poly1305.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/curve448.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ed448.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_448.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_448.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/curve25519.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ed25519.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_operations.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/fe_low_mem.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_operations.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/ge_low_mem.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/wc_encrypt.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/pwdbased.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/camellia.c -# SRC_TLS_C += $(WOLFSSL_DIR)/wolfcrypt/src/logging.c -# endif \ No newline at end of file +endif #ifeq ($(TARGET_PLATFORM),bk7231n) \ No newline at end of file diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 40cf9096f..1e9327f7c 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -94,14 +94,14 @@ int mqtt_rx_buffer_count; unsigned char temp_topic[128]; unsigned char temp_data[2048]; -int addLenData(int len, const unsigned char* data) { +int addLenData(int len, const unsigned char *data){ mqtt_rx_buffer[mqtt_rx_buffer_head] = (len >> 8) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; mqtt_rx_buffer[mqtt_rx_buffer_head] = (len) & 0xff; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; - for (int i = 0; i < len; i++) { + for (int i = 0; i < len; i++){ mqtt_rx_buffer[mqtt_rx_buffer_head] = data[i]; mqtt_rx_buffer_head = (mqtt_rx_buffer_head + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count++; @@ -109,33 +109,32 @@ int addLenData(int len, const unsigned char* data) { return len + 2; } -int getLenData(int* len, unsigned char* data, int maxlen) { +int getLenData(int *len, unsigned char *data, int maxlen){ int l; l = mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - l = l << 8; + l = l<<8; l |= mqtt_rx_buffer[mqtt_rx_buffer_tail]; mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; - for (int i = 0; i < l; i++) { - if (i < maxlen) { + for (int i = 0; i < l; i++){ + if (i < maxlen){ data[i] = mqtt_rx_buffer[mqtt_rx_buffer_tail]; } mqtt_rx_buffer_tail = (mqtt_rx_buffer_tail + 1) % MQTT_RX_BUFFER_MAX; mqtt_rx_buffer_count--; } - if (mqtt_rx_buffer_count < 0) { + if (mqtt_rx_buffer_count < 0){ addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer underflow!!!"); mqtt_rx_buffer_count = 0; mqtt_rx_buffer_tail = mqtt_rx_buffer_head = 0; } - if (l > maxlen) { + if (l > maxlen){ *len = maxlen; - } - else { + } else { *len = l; } return l + 2; @@ -168,13 +167,12 @@ static void MQTT_Mutex_Free() // NOTE: this function is now public, but only because my unit tests // system can use it to spoof MQTT packets to check if MQTT commands // are working... -int MQTT_Post_Received(const char* topic, int topiclen, const unsigned char* data, int datalen) { +int MQTT_Post_Received(const char *topic, int topiclen, const unsigned char *data, int datalen){ MQTT_Mutex_Take(100); - if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2) { + if ((MQTT_RX_BUFFER_MAX - 1 - mqtt_rx_buffer_count) < topiclen + datalen + 2 + 2){ addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "MQTT_rx buffer overflow for topic %s", topic); - } - else { - addLenData(topiclen, (unsigned char*)topic); + } else { + addLenData(topiclen, (unsigned char *)topic); addLenData(datalen, data); } MQTT_Mutex_Free(); @@ -185,18 +183,18 @@ int MQTT_Post_Received(const char* topic, int topiclen, const unsigned char* dat #endif return 1; } -int MQTT_Post_Received_Str(const char* topic, const char* data) { +int MQTT_Post_Received_Str(const char *topic, const char *data) { return MQTT_Post_Received(topic, strlen(topic), (const unsigned char*)data, strlen(data)); } -int get_received(char** topic, int* topiclen, unsigned char** data, int* datalen) { +int get_received(char **topic, int *topiclen, unsigned char **data, int *datalen){ int res = 0; MQTT_Mutex_Take(100); - if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head) { - getLenData(topiclen, temp_topic, sizeof(temp_topic) - 1); + if (mqtt_rx_buffer_tail != mqtt_rx_buffer_head){ + getLenData(topiclen, temp_topic, sizeof(temp_topic)-1); temp_topic[*topiclen] = 0; - getLenData(datalen, temp_data, sizeof(temp_data) - 1); + getLenData(datalen, temp_data, sizeof(temp_data)-1); temp_data[*datalen] = 0; - *topic = (char*)temp_topic; + *topic = (char *)temp_topic; *data = temp_data; res = 1; } @@ -522,7 +520,7 @@ int MQTT_RemoveCallback(int ID) { return 0; } -const char* skipExpected(const char* p, const char* tok) { +const char *skipExpected(const char *p, const char *tok) { while (1) { if (*p == 0) return 0; @@ -546,9 +544,9 @@ const char* skipExpected(const char* p, const char* tok) { * @param topic The topic to parse * @return The topic without the client, or NULL if / wasn't present */ -const char* MQTT_RemoveClientFromTopic(const char* topic, const char* prefix) { - const char* p2; - const char* p = topic; +const char* MQTT_RemoveClientFromTopic(const char* topic, const char *prefix) { + const char *p2; + const char *p = topic; if (prefix) { p = skipExpected(p, prefix); if (p == 0) { @@ -562,7 +560,7 @@ const char* MQTT_RemoveClientFromTopic(const char* topic, const char* prefix) { } return p2; } -bool stribegins(const char* str, const char* needle) { +bool stribegins(const char *str, const char *needle) { int l = strlen(needle); return !wal_strnicmp(str, needle, l); } @@ -580,7 +578,7 @@ int channelGet(obk_mqtt_request_t* request) { addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelGet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic, 0); + p = MQTT_RemoveClientFromTopic(request->topic,0); if (p == NULL) { return 0; @@ -631,11 +629,11 @@ int channelSet(obk_mqtt_request_t* request) { int channel = 0; int iValue = 0; const char* p; - const char* argument; + const char *argument; addLogAdv(LOG_DEBUG, LOG_FEATURE_MQTT, "channelSet topic %i with arg %s", request->topic, request->received); - p = MQTT_RemoveClientFromTopic(request->topic, 0); + p = MQTT_RemoveClientFromTopic(request->topic,0); if (p == NULL) { return 0; @@ -692,16 +690,16 @@ int channelSet(obk_mqtt_request_t* request) { // -void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { - const char* toUse; +void MQTT_PublishPrinterContentsToStat(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { + const char *toUse; if (printer->allocated) toUse = printer->allocated; else toUse = printer->stackBuffer; MQTT_PublishStat(statName, toUse); } -void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t* printer, const char* statName) { - const char* toUse; +void MQTT_PublishPrinterContentsToTele(obk_mqtt_publishReplyPrinter_t *printer, const char *statName) { + const char *toUse; if (printer->allocated) toUse = printer->allocated; else @@ -738,7 +736,7 @@ int mqtt_printf255(obk_mqtt_publishReplyPrinter_t* request, const char* fmt, ... request->curLen += myLen; return 0; } -void MQTT_ProcessCommandReplyJSON(const char* cmd, const char* args, int flags) { +void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) { obk_mqtt_publishReplyPrinter_t replyBuilder; memset(&replyBuilder, 0, sizeof(obk_mqtt_publishReplyPrinter_t)); JSON_ProcessCommandReply(cmd, args, &replyBuilder, (jsonCb_t)mqtt_printf255, flags); @@ -747,7 +745,7 @@ void MQTT_ProcessCommandReplyJSON(const char* cmd, const char* args, int flags) } } int tasCmnd(obk_mqtt_request_t* request) { - const char* p, * args; + const char *p, *args; //const char *p2; p = MQTT_RemoveClientFromTopic(request->topic, "cmnd"); @@ -764,7 +762,7 @@ int tasCmnd(obk_mqtt_request_t* request) { return 1; #if 1 - args = (const char*)request->received; + args = (const char *)request->received; // I think that our function get_received always ensured that // there is a NULL terminating character after payload of MQTT // So we can feed it directly as command @@ -773,7 +771,7 @@ int tasCmnd(obk_mqtt_request_t* request) { #else int len = request->receivedLen; char copy[64]; - char* allocated; + char *allocated; // assume a string input here, copy and terminate // Try to avoid free/malloc if (len > sizeof(copy) - 2) { @@ -951,7 +949,7 @@ OBK_Publish_Result MQTT_PublishTele(const char* teleName, const char* teleValue) OBK_Publish_Result MQTT_PublishStat(const char* statName, const char* statValue) { char topic[64]; - snprintf(topic, sizeof(topic), "stat/%s", CFG_GetMQTTClientId()); + snprintf(topic,sizeof(topic),"stat/%s", CFG_GetMQTTClientId()); return MQTT_PublishTopicToClient(mqtt_client, topic, statName, statValue, 0, false); } /// @brief Publish a MQTT message immediately. @@ -1012,16 +1010,16 @@ static void mqtt_incoming_data_cb(void* arg, const u8_t* data, u16_t len, u8_t f // run from userland (quicktick or wakeable thread) -int MQTT_process_received() { - char* topic; +int MQTT_process_received(){ + char *topic; int topiclen; - unsigned char* data; + unsigned char *data; int datalen; int found = 0; int count = 0; - do { + do{ found = get_received(&topic, &topiclen, &data, &datalen); - if (found) { + if (found){ count++; strncpy(g_mqtt_request_cb.topic, topic, sizeof(g_mqtt_request_cb.topic)); g_mqtt_request_cb.received = data; @@ -1190,7 +1188,7 @@ static int MQTT_do_connect(mqtt_client_t* client) addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "mqtt_userName %s\r\nmqtt_pass %s\r\nmqtt_clientID %s\r\nmqtt_host %s:%d\r\n", mqtt_userName, - "********", + mqtt_pass, mqtt_clientID, mqtt_host, mqtt_port @@ -1200,16 +1198,14 @@ static int MQTT_do_connect(mqtt_client_t* client) // empty field for us means "no password", etc, // but LWIP (without mods) expects a NULL pointer in that case... mqtt_client_info.client_id = mqtt_clientID; - if (mqtt_pass[0] != 0) { + if(mqtt_pass[0] != 0) { mqtt_client_info.client_pass = mqtt_pass; - } - else { + } else { mqtt_client_info.client_pass = 0; } - if (mqtt_userName[0] != 0) { + if(mqtt_userName[0] != 0) { mqtt_client_info.client_user = mqtt_userName; - } - else { + } else { mqtt_client_info.client_user = 0; } @@ -1326,7 +1322,6 @@ static int MQTT_do_connect(mqtt_client_t* client) return 0; } - OBK_Publish_Result MQTT_PublishMain_StringInt(const char* sChannel, int iv, int flags) { char valueStr[16]; @@ -1414,7 +1409,7 @@ commandResult_t MQTT_PublishChannel(const void* context, const char* cmd, const } channelIndex = Tokenizer_GetArgInteger(0); - MQTT_ChannelPublish(channelIndex, 0); + MQTT_ChannelPublish(channelIndex,0); return CMD_RES_OK; } @@ -1423,7 +1418,7 @@ commandResult_t MQTT_PublishCommand(const void* context, const char* cmd, const OBK_Publish_Result ret; int flags = 0; - Tokenizer_TokenizeString(args, TOKENIZER_ALLOW_QUOTES | TOKENIZER_ALLOW_ESCAPING_QUOTATIONS); + Tokenizer_TokenizeString(args, 0); if (Tokenizer_GetArgsCount() < 2) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Publish command requires two arguments (topic and value)"); @@ -1943,7 +1938,7 @@ OBK_Publish_Result MQTT_DoItemPublish(int idx) } // from 5ms quicktick -int MQTT_RunQuickTick() { +int MQTT_RunQuickTick(){ #ifndef PLATFORM_BEKEN // on Beken, we use a one-shot timer for this. MQTT_process_received(); @@ -2010,7 +2005,7 @@ int MQTT_RunEverySecondUpdate() } int res = 0; - if (mqtt_client) { + if (mqtt_client){ LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); @@ -2075,7 +2070,7 @@ int MQTT_RunEverySecondUpdate() } else { // things to do in our threads on connection accepted. - if (g_just_connected) { + if (g_just_connected){ g_just_connected = 0; // publish all values on state if (CFG_HasFlag(OBK_FLAG_MQTT_BROADCASTSELFSTATEONCONNECT)) { @@ -2273,7 +2268,7 @@ void MQTT_QueuePublishWithCommand(const char* topic, const char* channel, const /// @param command void MQTT_InvokeCommandAtEnd(PostPublishCommands command) { MqttPublishItem_t* tail = get_queue_tail(g_MqttPublishQueueHead); - if (tail == NULL) { + if (tail == NULL){ addLogAdv(LOG_ERROR, LOG_FEATURE_MQTT, "InvokeCommandAtEnd invoked but queue is empty"); } else { @@ -2338,7 +2333,7 @@ OBK_Publish_Result PublishQueuedItems() { /// @return bool MQTT_IsReady() { int res = 0; - if (mqtt_client) { + if (mqtt_client){ LOCK_TCPIP_CORE(); res = mqtt_client_is_connected(mqtt_client); UNLOCK_TCPIP_CORE(); diff --git a/src/user_main.c b/src/user_main.c index 97ff1cb38..ff0dd765e 100644 --- a/src/user_main.c +++ b/src/user_main.c @@ -1149,7 +1149,7 @@ void Main_Init_After_Delay() } ADDLOGF_INFO("Using SSID [%s]\r\n", wifi_ssid); - ADDLOGF_INFO("Using Pass [%s]\r\n", "********"); + ADDLOGF_INFO("Using Pass [%s]\r\n", wifi_pass); // NOT WORKING, I done it other way, see ethernetif.c //net_dhcp_hostname_set(g_shortDeviceName); From dea7a2f924859584b6fb4ea7eb6495b6ce3d4514 Mon Sep 17 00:00:00 2001 From: alexsandroz <93751123+alexsandroz@users.noreply.github.com> Date: Sun, 29 Oct 2023 18:40:03 -0300 Subject: [PATCH 33/39] Delete src/driver/drv_ir.cpp Space changes only --- src/driver/drv_ir.cpp | 872 ------------------------------------------ 1 file changed, 872 deletions(-) delete mode 100644 src/driver/drv_ir.cpp diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp deleted file mode 100644 index 73492f74d..000000000 --- a/src/driver/drv_ir.cpp +++ /dev/null @@ -1,872 +0,0 @@ - -#if PLATFORM_BEKEN -extern "C" { - // these cause error: conflicting declaration of 'int bk_wlan_mcu_suppress_and_sleep(unsigned int)' with 'C' linkage - #include "../new_common.h" - - #include "include.h" - #include "arm_arch.h" - #include "../new_pins.h" - #include "../new_cfg.h" - #include "../logging/logging.h" - #include "../obk_config.h" - #include "../cmnds/cmd_public.h" - #include "bk_timer_pub.h" - #include "drv_model_pub.h" - - // why can;t I call this? - #include "../mqtt/new_mqtt.h" - - #include - //#include "pwm.h" - #include "pwm_pub.h" - - #include "../../beken378/func/include/net_param_pub.h" - #include "../../beken378/func/user_driver/BkDriverPwm.h" - #include "../../beken378/func/user_driver/BkDriverI2c.h" - #include "../../beken378/driver/i2c/i2c1.h" - #include "../../beken378/driver/gpio/gpio.h" - - #include - - unsigned long ir_counter = 0; - uint8_t gEnableIRSendWhilstReceive = 0; - uint32_t gIRProtocolEnable = 0xFFFFFFFF; - // 0 == active low. 1 = active hi - uint8_t gIRPinPolarity = 0; - - extern int my_strnicmp(const char* a, const char* b, int len); -} - -#include "drv_ir.h" - -//#define USE_IRREMOTE_HPP_AS_PLAIN_INCLUDE 1 -#undef read -#undef write -#define PROGMEM - - -#define NO_LED_FEEDBACK_CODE 1 - -//typedef unsigned char uint_fast8_t; -typedef unsigned short uint16_t; - -#define __FlashStringHelper char - -// dummy functions -void noInterrupts(){} -void interrupts(){} - -unsigned long millis(){ - return 0; -} -unsigned long micros(){ - return 0; -} - - -void delay(int n){ - return; -} - -void delayMicroseconds(int n){ - return; -} - -class Print { - public: - void println(const char *p){ - return; - } - void print(...){ - return; - } -}; - -Print Serial; - - -#define INPUT 0 -#define OUTPUT 1 -#define HIGH 1 -#define LOW 1 - - -void digitalToggleFast(unsigned char P) { - bk_gpio_output((GPIO_INDEX)P, !bk_gpio_input((GPIO_INDEX)P)); -} - -unsigned char digitalReadFast(unsigned char P) { - return bk_gpio_input((GPIO_INDEX)P); -} - -void digitalWriteFast(unsigned char P, unsigned char V) { - //RAW_SetPinValue(P, V); - //HAL_PIN_SetOutputValue(index, iVal); - bk_gpio_output((GPIO_INDEX)P, V); -} - -void pinModeFast(unsigned char P, unsigned char V) { - if (V == INPUT){ - bk_gpio_config_input_pup((GPIO_INDEX)P); - } -} - - -#define EXTERNAL_IR_TIMER_ISR - -////////////////////////////////////////// -// our external timer interrupt stuff -// this will have already been done -#define TIMER_RESET_INTR_PENDING - - -# if defined(ISR) -#undef ISR -# endif -#define ISR void IR_ISR -extern "C" void DRV_IR_ISR(UINT8 t); - -static UINT32 ir_chan = BKTIMER0; -static UINT32 ir_div = 1; -static UINT32 ir_periodus = 50; - -void timerConfigForReceive(){ - // nothing here` -} - -void _timerConfigForReceive() { - ir_counter = 0; - - timer_param_t params = { - (unsigned char) ir_chan, - (unsigned char) ir_div, // div - ir_periodus, // us - DRV_IR_ISR - }; - //GLOBAL_INT_DECLARATION(); - - - UINT32 res; - // test what error we get with an invalid command - res = sddev_control((char *)TIMER_DEV_NAME, -1, nullptr); - - if (res == 1){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"bk_timer already initialised"); - } else { - ADDLOG_ERROR(LOG_FEATURE_IR, (char *)"bk_timer driver not initialised?"); - if ((int)res == -5){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"bk_timer sddev not found - not initialised?"); - return; - } - return; - } - - - //ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer init"); - // do not need to do this - //bk_timer_init(); - //ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer init done"); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"will ir timer setup %u", res); - res = sddev_control((char *)TIMER_DEV_NAME, CMD_TIMER_INIT_PARAM_US, ¶ms); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer setup %u", res); - res = sddev_control((char *)TIMER_DEV_NAME, CMD_TIMER_UNIT_ENABLE, &ir_chan); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer enabled %u", res); -} - -static void timer_enable(){ -} -static void timer_disable(){ -} -static void _timer_enable(){ - UINT32 res; - res = sddev_control((char *)TIMER_DEV_NAME, CMD_TIMER_UNIT_ENABLE, &ir_chan); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer enabled %u", res); -} -static void _timer_disable(){ - UINT32 res; - res = sddev_control((char *)TIMER_DEV_NAME, CMD_TIMER_UNIT_DISABLE, &ir_chan); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"ir timer disabled %u", res); -} - -#define TIMER_ENABLE_RECEIVE_INTR timer_enable(); -#define TIMER_DISABLE_RECEIVE_INTR timer_disable(); - -////////////////////////////////////////// - -class SpoofIrReceiver { - public: - static void restartAfterSend(){ - - } -}; - -SpoofIrReceiver IrReceiver; - -#include "../libraries/Arduino-IRremote-mod/src/IRProtocol.h" - -// this is to replicate places where the library uses the static class. -// will need to update to call our dynamic class -class SpoofIrSender { - public: - void enableIROut(uint_fast8_t freq){ - - } - void mark(unsigned int aMarkMicros){ - - } - void space(unsigned int aMarkMicros){ - - } - void sendPulseDistanceWidthFromArray(uint_fast8_t aFrequencyKHz, unsigned int aHeaderMarkMicros, - unsigned int aHeaderSpaceMicros, unsigned int aOneMarkMicros, unsigned int aOneSpaceMicros, unsigned int aZeroMarkMicros, - unsigned int aZeroSpaceMicros, uint32_t *aDecodedRawDataArray, unsigned int aNumberOfBits, bool aMSBFirst, - bool aSendStopBit, unsigned int aRepeatPeriodMillis, int_fast8_t aNumberOfRepeats) { - - } - void sendPulseDistanceWidthFromArray(PulsePauseWidthProtocolConstants *aProtocolConstants, uint32_t *aDecodedRawDataArray, - unsigned int aNumberOfBits, int_fast8_t aNumberOfRepeats) { - - } - -}; - -SpoofIrSender IrSender; - -// this is the actual IR library include. -// it's all in .h and .hpp files, no .c or .cpp -#include "../libraries/Arduino-IRremote-mod/src/IRremote.hpp" - -extern "C" int PIN_GetPWMIndexForPinIndex(int pin) ; - -// override aspects of sending for our own interrupt driven sends -// basically, IRsend calls mark(us) and space(us) to send. -// we simply note the numbers into a rolling buffer, assume the first is a mark() -// and then every 50us service the rolling buffer, changing the PWM from 0 duty to 50% duty -// appropriately. -#define SEND_MAXBITS 128 -class myIRsend : public IRsend { - public: - myIRsend(uint_fast8_t aSendPin){ - //IRsend::IRsend(aSendPin); - has been called already? - our_us = 0; - our_ms = 0; - resetsendqueue(); - } - ~myIRsend() { } - - void enableIROut(uint_fast8_t aFrequencyKHz){ - // just setup variables for use in ISR - pwmfrequency = ((uint32_t)aFrequencyKHz) * 1000; - pwmperiod = (26000000 / pwmfrequency); - pwmduty = pwmperiod/2; - } - - uint32_t millis(){ - return our_ms; - } - void delay(long int ms){ - // add a pure delay to our queue - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Delay %dms", ms); - space(ms*1000); - } - - - using IRsend::write; - - void mark(unsigned int aMarkMicros){ - // sends a high for aMarkMicros - uint32_t newtimein = (timein + 1)%(SEND_MAXBITS * 2); - if (newtimein != timeout){ - // store mark bits in highest +ve bit of count - times[timein] = aMarkMicros | 0x10000000; - timein = newtimein; - timecount++; - timecounttotal++; - } else { - overflows++; - } - } - void space(unsigned int aMarkMicros){ - // sends a low for aMarkMicros - uint32_t newtimein = (timein + 1)%(SEND_MAXBITS * 2); - if (newtimein != timeout){ - times[timein] = aMarkMicros; - timein = newtimein; - timecount++; - timecounttotal++; - } else { - overflows++; - } - } - - void resetsendqueue(){ - // sends a low for aMarkMicros - timein = timeout = 0; - timecount = 0; - overflows = 0; - currentsendtime = 0; - currentbitval = 0; - timecounttotal = 0; - } - int32_t times[SEND_MAXBITS * 2]; // enough for 128 bits - unsigned short timein; - unsigned short timeout; - unsigned short timecount; - unsigned short overflows; - uint32_t timecounttotal; - - int32_t getsendqueue(){ - int32_t val = 0; - if (timein != timeout){ - val = times[timeout]; - timeout = (timeout + 1)%(SEND_MAXBITS * 2); - timecount--; - } - return val; - } - - int currentsendtime; - int currentbitval; - - uint8_t sendPin; - uint8_t pwmIndex; - uint32_t pwmfrequency; - uint32_t pwmperiod; - uint32_t pwmduty; - - uint32_t our_ms; - uint32_t our_us; -}; - - -// our send/receive instances -myIRsend *pIRsend = NULL; -IRrecv *ourReceiver = NULL; - -// this is our ISR. -// it is called every 50us, so we need to work on making it as efficient as possible. -extern "C" void DRV_IR_ISR(UINT8 t){ - int sending = 0; - if (pIRsend && (pIRsend->pwmIndex >= 0)){ - pIRsend->our_us += 50; - if (pIRsend->our_us > 1000){ - pIRsend->our_ms++; - pIRsend->our_us -= 1000; - } - - int pinval = 0; - if (pIRsend->currentsendtime){ - sending = 1; - pIRsend->currentsendtime -= ir_periodus; - if (pIRsend->currentsendtime <= 0){ - int32_t remains = pIRsend->currentsendtime; - int32_t newtime = pIRsend->getsendqueue(); - if (0 == newtime){ - // if it was the last one - pIRsend->currentsendtime = 0; - pIRsend->currentbitval = 0; - } else { - // we got a new time - // store mark bits in highest +ve bit of count - pIRsend->currentbitval = (newtime & 0x10000000)? 1:0; - pIRsend->currentsendtime = (newtime & 0xfffffff); - // adjust the us value to keep the running accuracy - // and avoid a running error? - // note remains is -ve - pIRsend->currentsendtime += remains; - } - } - } else { - int32_t newtime = pIRsend->getsendqueue(); - if (!newtime){ - pIRsend->currentsendtime = 0; - pIRsend->currentbitval = 0; - } else { - sending = 1; - pIRsend->currentsendtime = (newtime & 0xfffffff); - pIRsend->currentbitval = (newtime & 0x10000000)? 1:0; - } - } - pinval = pIRsend->currentbitval; - - uint32_t duty = pIRsend->pwmduty; - if (!pinval){ - if (gIRPinPolarity){ - duty = pIRsend->pwmperiod; - } else { - duty = 0; - } - } -#if PLATFORM_BK7231N - bk_pwm_update_param((bk_pwm_t)pIRsend->pwmIndex, pIRsend->pwmperiod, duty,0,0); -#else - bk_pwm_update_param((bk_pwm_t)pIRsend->pwmIndex, pIRsend->pwmperiod, duty); -#endif - } - - // is someone really wants rx and TX at the same time, then allow it. - if (gEnableIRSendWhilstReceive){ - sending = 0; - } - - // don't receive if we are currently sending - if (ourReceiver && !sending){ - IR_ISR(); - } - ir_counter++; -} - -extern "C" commandResult_t IR_Send_Cmd(const void *context, const char *cmd, const char *args_in, int cmdFlags) { - int numProtocols = sizeof(ProtocolNames)/sizeof(*ProtocolNames); - if (!args_in) return CMD_RES_NOT_ENOUGH_ARGUMENTS; - char args[20]; - strncpy(args, args_in, 19); - args[19] = 0; - - // split arg at hyphen; - char *p = args; - while (*p && (*p != '-') && (*p != ' ')){ - p++; - } - - if ((*p != '-') && (*p != ' ')) { - ADDLOG_ERROR(LOG_FEATURE_IR, (char *)"IRSend cmnd not valid [%s] not like [NEC-0-1A] or [NEC 0 1A 1].", args); - return CMD_RES_BAD_ARGUMENT; - } - - int ournamelen = (p - args); - int protocol = 0; - for (int i = 0; i < numProtocols; i++){ - const char *name = ProtocolNames[i]; - int namelen = strlen(name); - if (!my_strnicmp(name, args, namelen) && (ournamelen == namelen)){ - protocol = i; - break; - } - } - - p++; - int addr = strtol(p, &p, 16); - if ((*p != '-') && (*p != ' ')) { - ADDLOG_ERROR(LOG_FEATURE_IR, (char *)"IRSend cmnd not valid [%s] not like [NEC-0-1A] or [NEC 0 1A 1].", args); - return CMD_RES_BAD_ARGUMENT; - } - p++; - int command = strtol(p, &p, 16); - - IRData data; - memset(&data, 0, sizeof(data)); - int repeats = 0; - - if ((*p == '-') || (*p == ' ')) { - p++; - repeats = strtol(p, &p, 16); - } - - data.protocol = (decode_type_t)protocol; - data.address = addr; - data.command = command; - data.flags = 0; - - if (pIRsend){ - pIRsend->write(&data, (int_fast8_t) repeats); - // add a 100ms delay after command - // NOTE: this is NOT a delay here. it adds 100ms 'space' in the TX queue - pIRsend->delay(100); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR send %s protocol %d addr 0x%X cmd 0x%X repeats %d", args, (int)data.protocol, (int)data.address, (int)data.command, (int)repeats); - return CMD_RES_OK; - } else { - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR NOT send (no IRsend running) %s protocol %d addr 0x%X cmd 0x%X repeats %d", args, (int)data.protocol, (int)data.address, (int)data.command, (int)repeats); - } - return CMD_RES_ERROR; -} - -extern "C" commandResult_t IR_Enable(const void *context, const char *cmd, const char *args_in, int cmdFlags) { - if (!args_in || !args_in[0]) { - ADDLOG_ERROR(LOG_FEATURE_IR, (char *)"IREnable expects arguments"); - return CMD_RES_NOT_ENOUGH_ARGUMENTS; - } - - char args[20]; - strncpy(args, args_in, 19); - args[19] = 0; - char *p = args; - int enable = 1; - if (!my_strnicmp(p, "RXTX", 4)){ - p += 4; - if (*p == ' '){ - p++; - if (*p){ - enable = atoi(p); - } - } - gEnableIRSendWhilstReceive = enable; - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IREnable RX whilst TX enable set %d", enable); - return CMD_RES_OK; - } - - if (!my_strnicmp(p, "invert", 6)){ - // default normal. - enable = 0; - p += 6; - if (*p == ' '){ - p++; - if (*p){ - enable = atoi(p); - } - } - gIRPinPolarity = enable; - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IREnable invert set %d", enable); - return CMD_RES_OK; - } - - - // find length of first arg. - while (*p && (*p != ' ')){ - p++; - } - - int numProtocols = sizeof(ProtocolNames)/sizeof(*ProtocolNames); - int ournamelen = (p - args); - int protocol = -1; - for (int i = 0; i < numProtocols; i++){ - const char *name = ProtocolNames[i]; - int namelen = strlen(name); - if (!my_strnicmp(name, args, namelen) && (ournamelen == namelen)){ - protocol = i; - break; - } - } - if (*p == ' '){ - p++; - if (*p){ - enable = atoi(p); - } - } - - uint32_t thisbit = (1 << protocol); - if (protocol < 0){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IREnable invalid protocol %s", args); - return CMD_RES_BAD_ARGUMENT; - } else { - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IREnable found protocol %s(%d), enable %d from %s, bitmask 0x%08X", ProtocolNames[protocol], protocol, enable, p, thisbit); - } - if (enable) { - gIRProtocolEnable = gIRProtocolEnable | thisbit; - } else { - gIRProtocolEnable = gIRProtocolEnable & (~thisbit); - } - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IREnable Protocol mask now 0x%08X", gIRProtocolEnable); - return CMD_RES_OK; - -} - - -// test routine to start IR RX and TX -// currently fixed pins for testing. -extern "C" void DRV_IR_Init(){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Log from extern C CPP"); - - int pin = -1; //9;// PWM3/25 - int txpin = -1; //24;// PWM3/25 - - // allow user to change them - pin = PIN_FindPinIndexForRole(IOR_IRRecv,pin); - txpin = PIN_FindPinIndexForRole(IOR_IRSend,txpin); - - if (ourReceiver){ - IRrecv *temp = ourReceiver; - ourReceiver = NULL; - delete temp; - } - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"DRV_IR_Init: recv pin %i",pin); - if ((pin > 0) || (txpin > 0)){ - } else { - _timer_disable(); - } - - - if (pin > 0){ - // setup IRrecv pin as input - bk_gpio_config_input_pup((GPIO_INDEX)pin); - - ourReceiver = new IRrecv(pin); - ourReceiver->start(); - } - - if (pIRsend){ - myIRsend *pIRsendTemp = pIRsend; - pIRsend = NULL; - delete pIRsendTemp; - } - - if (txpin > 0){ - int pwmIndex = PIN_GetPWMIndexForPinIndex(txpin); - // is this pin capable of PWM? - if(pwmIndex != -1) { - uint32_t pwmfrequency = 38000; - uint32_t period = (26000000 / pwmfrequency); - uint32_t duty = period/2; - #if PLATFORM_BK7231N - // OSStatus bk_pwm_initialize(bk_pwm_t pwm, uint32_t frequency, uint32_t duty_cycle); - bk_pwm_initialize((bk_pwm_t)pwmIndex, period, duty, 0, 0); - #else - bk_pwm_initialize((bk_pwm_t)pwmIndex, period, duty); - #endif - bk_pwm_start((bk_pwm_t)pwmIndex); - myIRsend *pIRsendTemp = new myIRsend((uint_fast8_t) txpin); - pIRsendTemp->resetsendqueue(); - pIRsendTemp->pwmIndex = pwmIndex; - pIRsendTemp->pwmfrequency = pwmfrequency; - pIRsendTemp->pwmperiod = period; - pIRsendTemp->pwmduty = duty; - - pIRsend = pIRsendTemp; - //bk_pwm_stop((bk_pwm_t)pIRsend->pwmIndex); - - //cmddetail:{"name":"IRSend","args":"[PROT-ADDR-CMD-REP]", - //cmddetail:"descr":"Sends IR commands in the form PROT-ADDR-CMD-REP, e.g. NEC-1-1A-0", - //cmddetail:"fn":"IR_Send_Cmd","file":"driver/drv_ir.cpp","requires":"", - //cmddetail:"examples":""} - CMD_RegisterCommand("IRSend",IR_Send_Cmd, NULL); - //cmddetail:{"name":"IREnable","args":"[Str][1or0]", - //cmddetail:"descr":"Enable/disable aspects of IR. IREnable RXTX 0/1 - enable Rx whilst Tx. IREnable [protocolname] 0/1 - enable/disable a specified protocol", - //cmddetail:"fn":"IR_Enable","file":"driver/drv_ir.cpp","requires":"", - //cmddetail:"examples":""} - CMD_RegisterCommand("IREnable", IR_Enable, NULL); - } - } - if ((pin > 0) || (txpin > 0)){ - // both tx and rx need the interrupt - _timerConfigForReceive(); - _timer_enable(); - } -} - - -// log the received IR -void PrintIRData(IRData *aIRDataPtr){ - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"IR decode returned true, protocol %d", (int)aIRDataPtr->protocol); - if (aIRDataPtr->protocol == UNKNOWN) { -#if defined(DECODE_HASH) - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Hash=0x%X", (int)aIRDataPtr->decodedRawData); -#endif - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"%d bits (incl. gap and start) received", (int)((aIRDataPtr->rawDataPtr->rawlen + 1) / 2)); - } else { -#if defined(DECODE_DISTANCE) - if(aIRDataPtr->protocol != PULSE_DISTANCE) { -#endif - /* - * New decoders have address and command - */ - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"Address=0x%X Command=0x%X", (int)aIRDataPtr->address, (int)aIRDataPtr->command); - - if (aIRDataPtr->flags & IRDATA_FLAGS_EXTRA_INFO) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Extra=0x%X", (int)aIRDataPtr->extra); - } - - if (aIRDataPtr->flags & IRDATA_FLAGS_PARITY_FAILED) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Parity fail"); - } - - if (aIRDataPtr->flags & IRDATA_TOGGLE_BIT_MASK) { - if (aIRDataPtr->protocol == NEC) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Special repeat"); - } else { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Toggle=1"); - } - } -#if defined(DECODE_DISTANCE) - } -#endif - if (aIRDataPtr->flags & (IRDATA_FLAGS_IS_AUTO_REPEAT | IRDATA_FLAGS_IS_REPEAT)) { - if (aIRDataPtr->flags & IRDATA_FLAGS_IS_AUTO_REPEAT) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"Auto-Repeat"); - } else { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"Repeat"); - } - if (1) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Gap %uus", (uint32_t)aIRDataPtr->rawDataPtr->rawbuf[0] * MICROS_PER_TICK); - } - } - - /* - * Print raw data - */ - if (!(aIRDataPtr->flags & IRDATA_FLAGS_IS_REPEAT) || aIRDataPtr->decodedRawData != 0) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" Raw-Data=0x%X", aIRDataPtr->decodedRawData); - /* - * Print number of bits processed - */ - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" %d bits", aIRDataPtr->numberOfBits); - - if (aIRDataPtr->flags & IRDATA_FLAGS_IS_MSB_FIRST) { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" MSB first", aIRDataPtr->numberOfBits); - } else { - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)" LSB first", aIRDataPtr->numberOfBits); - } - } - } -} - - -//////////////////////////////////////////////////// -// this polls the IR receive to see off there was any IR received -extern "C" void DRV_IR_RunFrame(){ - // Debug-only check to see if the timer interrupt is running - if (ir_counter){ - //ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR counter: %u", ir_counter); - } - if (pIRsend){ - if (pIRsend->overflows){ - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"##### IR send overflows %d", (int)pIRsend->overflows); - pIRsend->resetsendqueue(); - } else { - //ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR send count %d remains %d currentus %d", (int)pIRsend->timecounttotal, (int)pIRsend->timecount, (int)pIRsend->currentsendtime); - } - } - - if (ourReceiver){ - if (ourReceiver->decode()) { - const char *name = ProtocolNames[ourReceiver->decodedIRData.protocol]; - if (!(gIRProtocolEnable & (1 << (int)ourReceiver->decodedIRData.protocol))){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR decode ignore masked protocol %s (%d) - mask 0x%08X", name, (int)ourReceiver->decodedIRData.protocol, gIRProtocolEnable); - } - - // 'UNKNOWN' protocol is by default disabled in flags - // This is because I am getting a lot of 'UNKNOWN' spam with no IR signals in room - if (((ourReceiver->decodedIRData.protocol != UNKNOWN) || - (ourReceiver->decodedIRData.protocol == UNKNOWN && CFG_HasFlag(OBK_FLAG_IR_ALLOW_UNKNOWN))) && - // only process if this protocol is enabled. all by default. - (gIRProtocolEnable & (1 << (int)ourReceiver->decodedIRData.protocol)) - ) { - - - char out[128]; - PrintIRData(&ourReceiver->decodedIRData); - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"IR decode returned true, protocol %s (%d)", name, (int)ourReceiver->decodedIRData.protocol); - int repeat = 0; - if (ourReceiver->decodedIRData.flags & (IRDATA_FLAGS_IS_AUTO_REPEAT | IRDATA_FLAGS_IS_REPEAT)) { - if (ourReceiver->decodedIRData.flags & IRDATA_FLAGS_IS_AUTO_REPEAT) { - repeat = 2; - } else { - repeat = 1; - } - } - - if (ourReceiver->decodedIRData.protocol == UNKNOWN){ - snprintf(out, sizeof(out), "IR_%s 0x%lX %d", name, (unsigned long)ourReceiver->decodedIRData.decodedRawData, repeat); - } else { - snprintf(out, sizeof(out), "IR_%s 0x%X 0x%X %d", name, ourReceiver->decodedIRData.address, ourReceiver->decodedIRData.command, repeat); - } - // if user wants us to publish every received IR data, do it now - if(CFG_HasFlag(OBK_FLAG_IR_PUBLISH_RECEIVED)) { - - // another flag required? - int publishrepeats = 1; - - if (publishrepeats || !repeat){ - //ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR MQTT publish %s", out); - - uint32_t counter_in = ir_counter; - MQTT_PublishMain_StringString("ir",out, 0); - uint32_t counter_dur = ((ir_counter - counter_in)*50)/1000; - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR MQTT publish %s took %dms", out, counter_dur); - } else { - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR %s", out); - } - } else { - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"IR %s", out); - } - - if (CFG_HasFlag(OBK_FLAG_IR_PUBLISH_RECEIVED_IN_JSON)) { - // {"IrReceived":{"Protocol":"RC_5","Bits":0x1,"Data":"0xC"}} - // - snprintf(out, sizeof(out), "{\"IrReceived\":{\"Protocol\":\"%s\",\"Bits\":%i,\"Data\":\"0x%lX\"}}", - name, (int)ourReceiver->decodedIRData.numberOfBits, (unsigned long)ourReceiver->decodedIRData.decodedRawData); - MQTT_PublishMain_StringString("RESULT", out, OBK_PUBLISH_FLAG_FORCE_REMOVE_GET); - } - - if(ourReceiver->decodedIRData.protocol != UNKNOWN) { - snprintf(out, sizeof(out), "%X", ourReceiver->decodedIRData.command); - int tgType = 0; - switch(ourReceiver->decodedIRData.protocol) - { - case NEC: - tgType = CMD_EVENT_IR_NEC; - break; - case SAMSUNG: - tgType = CMD_EVENT_IR_SAMSUNG; - break; - case SHARP: - tgType = CMD_EVENT_IR_SHARP; - break; - case RC5: - tgType = CMD_EVENT_IR_RC5; - break; - case RC6: - tgType = CMD_EVENT_IR_RC6; - break; - case SONY: - tgType = CMD_EVENT_IR_SONY; - break; - default: - break; - } - - // we should include repeat here? - // e.g. on/off button should not toggle on repeats, but up/down probably should eat them. - uint32_t counter_in = ir_counter; - EventHandlers_FireEvent2(tgType,ourReceiver->decodedIRData.address,ourReceiver->decodedIRData.command); - uint32_t counter_dur = ((ir_counter - counter_in)*50)/1000; - ADDLOG_DEBUG(LOG_FEATURE_IR, (char *)"IR fire event took %dms", counter_dur); - } - } - /* - * !!!Important!!! Enable receiving of the next value, - * since receiving has stopped after the end of the current received data packet. - */ - ourReceiver->resume(); // Enable receiving of the next value - } - } -} - - - - - -#ifdef TEST_CPP -// routines to test C++ -class cpptest2 { - public: - int initialised; - cpptest2(){ - // remove else static class may kill us!!!ADDLOG_INFO(LOG_FEATURE_IR, "Log from Class constructor"); - initialised = 42; - }; - ~cpptest2(){ - initialised = 24; - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Log from Class destructor"); - } - - void print(){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Log from Class %d", initialised); - } -}; - -cpptest2 staticclass; - -void cpptest(){ - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Log from CPP"); - cpptest2 test; - test.print(); - cpptest2 *test2 = new cpptest2(); - test2->print(); - ADDLOG_INFO(LOG_FEATURE_IR, (char *)"Log from static class (is it initialised?):"); - staticclass.print(); -} -#endif - -#endif - From b80fe848dbd1914d5844c5ed4764cce9f8a24a5a Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 18:41:22 -0300 Subject: [PATCH 34/39] Updates to pull request --- package.json | 6 +++--- src/driver/drv_ir.cpp | 1 + src/driver/drv_main.c | 2 -- src/httpserver/http_fns.c | 17 +++++------------ src/mqtt/new_mqtt.c | 2 +- src/new_cfg.c | 1 - src/obk_config.h | 5 ++--- src/user_mbedtls_config.h | 3 +++ 8 files changed, 15 insertions(+), 22 deletions(-) diff --git a/package.json b/package.json index 22ef9cc03..1a027178c 100644 --- a/package.json +++ b/package.json @@ -9,14 +9,14 @@ }, "repository": { "type": "git", - "url": "git+https://github.com/alexsandroz/OpenBK7231T_App.git" + "url": "git+https://github.com/openshwprojects/OpenBK7231T_App.git" }, "author": "", "license": "ISC", "bugs": { - "url": "https://github.com/alexsandroz/OpenBK7231T_App/issues" + "url": "https://github.com/openshwprojects/OpenBK7231T_App/issues" }, - "homepage": "https://github.com/alexsandroz/OpenBK7231T_App#readme", + "homepage": "https://github.com/openshwprojects/OpenBK7231T_App#readme", "devDependencies": { "gulp": "^4.0.2", "gulp-cssnano": "^2.1.3", diff --git a/src/driver/drv_ir.cpp b/src/driver/drv_ir.cpp index 73492f74d..d2f2573b0 100644 --- a/src/driver/drv_ir.cpp +++ b/src/driver/drv_ir.cpp @@ -1,5 +1,6 @@ #if PLATFORM_BEKEN + extern "C" { // these cause error: conflicting declaration of 'int bk_wlan_mcu_suppress_and_sleep(unsigned int)' with 'C' linkage #include "../new_common.h" diff --git a/src/driver/drv_main.c b/src/driver/drv_main.c index 183e05dac..b744e4a6d 100644 --- a/src/driver/drv_main.c +++ b/src/driver/drv_main.c @@ -154,14 +154,12 @@ static driver_t g_drivers[] = { //drvdetail:"requires":""} { "SM16703P", SM16703P_Init, NULL, NULL, NULL, NULL, NULL, false }, #endif -#if ENABLE_DRIVER_IR //drvdetail:{"name":"IR", //drvdetail:"title":"TODO", //drvdetail:"descr":"IRLibrary wrapper, so you can receive remote signals and send them. See [forum discussion here](https://www.elektroda.com/rtvforum/topic3920360.html), also see [LED strip and IR YT video](https://www.youtube.com/watch?v=KU0tDwtjfjw)", //drvdetail:"requires":""} { "IR", DRV_IR_Init, NULL, NULL, DRV_IR_RunFrame, NULL, NULL, false }, #endif -#endif #if defined(PLATFORM_BEKEN) || defined(WINDOWS) || defined(PLATFORM_BL602) //drvdetail:{"name":"DDP", //drvdetail:"title":"TODO", diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 55fbb72a2..2bdd2369e 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -1052,11 +1052,6 @@ int http_fn_cfg_mqtt(http_request_t* request) { add_label_text_field(request, "Host", "host", CFG_GetMQTTHost(), ""); add_label_numeric_field(request, "Port", "port", CFG_GetMQTTPort(), "
"); - // poststr(request, "
"); - // poststr(request, "url, "url", tmpA, sizeof(tmpA))) { - CFG_SetWebappRoot(tmpA); + CFG_SetWebappRoot(tmpA); CFG_Save_IfThereArePendingChanges(); hprintf255(request, "Webapp url set to %s", tmpA); } @@ -1214,7 +1209,7 @@ int http_fn_cfg_webapp_set(http_request_t* request) { #if MQTT_USE_TLS CFG_SetDisableWebServer(!http_getArg(request->url, "enable_web_server", tmpA, sizeof(tmpA))); - if (CFG_GetDisableWebServer()){ + if (CFG_GetDisableWebServer()) { poststr(request, "
"); poststr(request, "Webapp will be disabled on next boot!"); } @@ -2396,8 +2391,7 @@ int http_fn_cm(http_request_t* request) { if (request->method == HTTP_GET) { commandLen = http_getArg(request->url, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (GET) %s;%s;%d\n", request->url, tmpA, commandLen); - } - else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { commandLen = http_getRawArg(request->bodystart, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (POST) %s;%s;%d\n", request->bodystart, tmpA, commandLen); } @@ -2408,8 +2402,7 @@ int http_fn_cm(http_request_t* request) { if (long_str_alloced) { if (request->method == HTTP_GET) { http_getArg(request->url, "cmnd", long_str_alloced, commandLen); - } - else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { http_getRawArg(request->bodystart, "cmnd", long_str_alloced, commandLen); } CMD_ExecuteCommand(long_str_alloced, COMMAND_FLAG_SOURCE_HTTP); diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 1e9327f7c..31efa8e9f 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -1418,7 +1418,7 @@ commandResult_t MQTT_PublishCommand(const void* context, const char* cmd, const OBK_Publish_Result ret; int flags = 0; - Tokenizer_TokenizeString(args, 0); + Tokenizer_TokenizeString(args, TOKENIZER_ALLOW_QUOTES | TOKENIZER_ALLOW_ESCAPING_QUOTATIONS); if (Tokenizer_GetArgsCount() < 2) { addLogAdv(LOG_INFO, LOG_FEATURE_MQTT, "Publish command requires two arguments (topic and value)"); diff --git a/src/new_cfg.c b/src/new_cfg.c index 338ded4a6..e5d7dc46a 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -286,7 +286,6 @@ const char *CFG_GetOpenBekenHostName() { int CFG_GetMQTTPort() { return g_cfg.mqtt_port; } - void CFG_SetShortDeviceName(const char *s) { // this will return non-zero if there were any changes diff --git a/src/obk_config.h b/src/obk_config.h index a3da1e06e..b21c344b8 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -13,7 +13,7 @@ //ENABLE_DRIVER_BL0942 - Enable support for BL0942 //ENABLE_DRIVER_CSE7766 - Enable support for CSE7766 //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor -//ENABLE_DRIVER_IR - Enable suporte for IR + #if PLATFORM_XR809 @@ -67,14 +67,13 @@ // set to 0 to disable #define ENABLE_LITTLEFS 1 -#define ENABLE_NTP 1 +#define ENABLE_NTP 1 #define ENABLE_DRIVER_LED 1 #define ENABLE_DRIVER_BL0937 1 #define ENABLE_DRIVER_BL0942 1 #define ENABLE_DRIVER_BL0942SPI 1 #define ENABLE_DRIVER_CSE7766 1 #define ENABLE_DRIVER_TUYAMCU 1 -#define ENABLE_DRIVER_IR 1 //#define ENABLE_DRIVER_HT16K33 1 //#define ENABLE_DRIVER_MAX72XX 1 #define ENABLE_I2C 1 diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index fc3c482f3..63d872a0a 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -22,6 +22,9 @@ * To validate the certificate dates, the NTP driver must be enabled, * otherwise the build date will be used to validate. * + * Additionally, an option to disable the web app has been added to + * strengthen security. Communication only with secure mqtt connection + * * Author: alexsandroz@gmail.com * ******************************************************************************/ From af635764a10028c52cd56bf461804e8e83f0cf8e Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sun, 29 Oct 2023 19:06:28 -0300 Subject: [PATCH 35/39] Revert space only changes --- src/httpserver/http_fns.c | 372 +++++++++++++++++++------------------- src/mqtt/new_mqtt.c | 8 +- src/obk_config.h | 2 +- 3 files changed, 191 insertions(+), 191 deletions(-) diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 2bdd2369e..ad532f9bb 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -501,7 +501,7 @@ int http_fn_index(http_request_t* request) { types = types6; numTypes = 6; } - + iValue = CHANNEL_Get(i); poststr(request, ""); @@ -1799,23 +1799,23 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } #endif //if (relayCount > 0) { - for (i = 0; i < CHANNEL_MAX; i++) { - bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; - if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { - // TODO: flags are 32 bit and there are 64 max channels - BIT_SET(flagsChannelPublished, i); - if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { - dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); - } - else { - dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); + for (i = 0; i < CHANNEL_MAX; i++) { + bool bToggleInv = g_cfg.pins.channelTypes[i] == ChType_Toggle_Inv; + if (h_isChannelRelay(i) || g_cfg.pins.channelTypes[i] == ChType_Toggle || bToggleInv) { + // TODO: flags are 32 bit and there are 64 max channels + BIT_SET(flagsChannelPublished, i); + if (CFG_HasFlag(OBK_FLAG_MQTT_HASS_ADD_RELAYS_AS_LIGHTS)) { + dev_info = hass_init_relay_device_info(i, LIGHT_ON_OFF, bToggleInv); + } + else { + dev_info = hass_init_relay_device_info(i, RELAY, bToggleInv); + } + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); + dev_info = NULL; + discoveryQueued = true; } - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); - dev_info = NULL; - discoveryQueued = true; } - } //} if (dInputCount > 0) { @@ -1937,195 +1937,195 @@ void doHomeAssistantDiscovery(const char* topic, http_request_t* request) { } switch (type) { - case ChType_OpenClosed: - { - dev_info = hass_init_binary_sensor_device_info(i, false); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + case ChType_OpenClosed: + { + dev_info = hass_init_binary_sensor_device_info(i, false); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_OpenClosed_Inv: - { - dev_info = hass_init_binary_sensor_device_info(i, true); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_OpenClosed_Inv: + { + dev_info = hass_init_binary_sensor_device_info(i, true); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div10: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div10: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Voltage_div100: - { - dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Voltage_div100: + { + dev_info = hass_init_sensor_device_info(VOLTAGE_SENSOR, i, 2, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnlyLowMidHigh: - { - dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnlyLowMidHigh: + { + dev_info = hass_init_sensor_device_info(READONLYLOWMIDHIGH_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_SmokePercent: - { - dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_SmokePercent: + { + dev_info = hass_init_sensor_device_info(SMOKE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Illuminance: - { - dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Illuminance: + { + dev_info = hass_init_sensor_device_info(ILLUMINANCE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_ReadOnly: - { - dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_ReadOnly: + { + dev_info = hass_init_sensor_device_info(CUSTOM_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div2: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div2: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 5); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Temperature_div10: - { - dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Temperature_div10: + { + dev_info = hass_init_sensor_device_info(TEMPERATURE_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Humidity_div10: - { - dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Humidity_div10: + { + dev_info = hass_init_sensor_device_info(HUMIDITY_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div100: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div100: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Current_div1000: - { - dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Current_div1000: + { + dev_info = hass_init_sensor_device_info(CURRENT_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, -1, -1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Power_div10: - { - dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Power_div10: + { + dev_info = hass_init_sensor_device_info(POWER_SENSOR, i, 2, 1, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_PowerFactor_div1000: - { - dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_PowerFactor_div1000: + { + dev_info = hass_init_sensor_device_info(POWERFACTOR_SENSOR, i, 4, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_Frequency_div100: - { - dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_Frequency_div100: + { + dev_info = hass_init_sensor_device_info(FREQUENCY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div100: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div100: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 2, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; - case ChType_EnergyTotal_kWh_div1000: - { - dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); - MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); - hass_free_device_info(dev_info); + discoveryQueued = true; + } + break; + case ChType_EnergyTotal_kWh_div1000: + { + dev_info = hass_init_sensor_device_info(ENERGY_SENSOR, i, 3, 3, 1); + MQTT_QueuePublish(topic, dev_info->channel, hass_build_discovery_json(dev_info), OBK_PUBLISH_FLAG_RETAIN); + hass_free_device_info(dev_info); - discoveryQueued = true; - } - break; + discoveryQueued = true; + } + break; } } #endif @@ -2391,10 +2391,10 @@ int http_fn_cm(http_request_t* request) { if (request->method == HTTP_GET) { commandLen = http_getArg(request->url, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (GET) %s;%s;%d\n", request->url, tmpA, commandLen); - } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { + } else if (request->method == HTTP_POST || request->method == HTTP_PUT) { commandLen = http_getRawArg(request->bodystart, "cmnd", tmpA, sizeof(tmpA)); //ADDLOG_INFO(LOG_FEATURE_HTTP, "Got here (POST) %s;%s;%d\n", request->bodystart, tmpA, commandLen); - } + } if (commandLen) { if (commandLen > (sizeof(tmpA) - 5)) { commandLen += 8; diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index 31efa8e9f..e7b6b2844 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -746,7 +746,7 @@ void MQTT_ProcessCommandReplyJSON(const char *cmd, const char *args, int flags) } int tasCmnd(obk_mqtt_request_t* request) { const char *p, *args; - //const char *p2; + //const char *p2; p = MQTT_RemoveClientFromTopic(request->topic, "cmnd"); if (p == 0) { @@ -888,7 +888,7 @@ static OBK_Publish_Result MQTT_PublishTopicToClient(mqtt_client_t* client, const { strcpy(pub_topic, sChannel); } - else + else { sprintf(pub_topic, "%s/%s%s", sTopic, sChannel, (appendGet == true ? "/get" : "")); } @@ -1762,8 +1762,8 @@ void MQTT_InitCallbacks() { MQTT_RegisterCallback(cbtopicbase, cbtopicsub, 7, tasCmnd); } } -// initialise things MQTT -// called from user_main + // initialise things MQTT + // called from user_main void MQTT_init() { // WINDOWS must support reinit diff --git a/src/obk_config.h b/src/obk_config.h index b21c344b8..c9dae81d7 100644 --- a/src/obk_config.h +++ b/src/obk_config.h @@ -13,7 +13,7 @@ //ENABLE_DRIVER_BL0942 - Enable support for BL0942 //ENABLE_DRIVER_CSE7766 - Enable support for CSE7766 //ENABLE_DRIVER_TUYAMCU - Enable support for TuyaMCU and tmSensor - + #if PLATFORM_XR809 From 1691cd467edf8520e76c12efa37ce56c3e28a1f4 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Mon, 30 Oct 2023 10:18:24 -0300 Subject: [PATCH 36/39] Change cfg bool to byte and some documentation --- docs/commands.md | 2 +- src/new_cfg.c | 19 +++++++++++++------ src/new_cfg.h | 12 ++++++------ src/new_pins.h | 6 +++--- src/user_mbedtls_config.h | 9 ++++++++- 5 files changed, 31 insertions(+), 17 deletions(-) diff --git a/docs/commands.md b/docs/commands.md index c4cb5fc68..c2145c3de 100644 --- a/docs/commands.md +++ b/docs/commands.md @@ -289,4 +289,4 @@ Do not add anything here, as it will overwritten with next rebuild. | VCPPublishThreshold | [VoltageDeltaVolts][CurrentDeltaAmpers][PowerDeltaWats][EnergyDeltaWh] | Sets the minimal change between previous reported value over MQTT and next reported value over MQTT. Very useful for BL0942, BL0937, etc. So, if you set, VCPPublishThreshold 0.5 0.001 0.5, it will only report voltage again if the delta from previous reported value is largen than 0.5V. Remember, that the device will also ALWAYS force-report values every N seconds (default 60).

See also [VCPPublishThreshold on forum](https://www.elektroda.com/rtvforum/find.php?q=VCPPublishThreshold). | | VoltageSet | Voltage | Measure the real voltage with an external, reliable power meter and enter this voltage via this command to calibrate. The calibration is automatically saved in the flash memory.

See also [VoltageSet on forum](https://www.elektroda.com/rtvforum/find.php?q=VoltageSet). | | waitFor | [EventName] [Argument] | Wait forever for event. Can be used within script. For example, you can do: waitFor MQTTState 1 or waitFor NTPState 1. You can also do waitFor NoPingTime 600 to wait for 600 seconds without ping watchdog getting successful reply.

See also [waitFor on forum](https://www.elektroda.com/rtvforum/find.php?q=waitFor). | - +| WebServer | [1or0] | Enable/Disable web interface. 1 to Enable. 0 to Disable. No argument, returns the actual state of the web server interface. No effect on safe mode. In safe mode, the web interface is always enabled. | \ No newline at end of file diff --git a/src/new_cfg.c b/src/new_cfg.c index e5d7dc46a..6a05bd36f 100644 --- a/src/new_cfg.c +++ b/src/new_cfg.c @@ -172,6 +172,13 @@ void CFG_SetDefaultConfig() { CFG_SetDefaultLEDCorrectionTable(); +#if MQTT_USE_TLS + CFG_SetMQTTUseTls(0); + CFG_SetMQTTVerifyTlsCert(0); + CFG_SetMQTTCertFile(""); + CFG_SetDisableWebServer(0); +#endif + g_cfg_pendingChanges++; } @@ -686,16 +693,16 @@ uint32_t CFG_GetLFS_Size() { #endif #if MQTT_USE_TLS -bool CFG_GetMQTTUseTls() { +byte CFG_GetMQTTUseTls() { return g_cfg.mqtt_use_tls; } -bool CFG_GetMQTTVerifyTlsCert() { +byte CFG_GetMQTTVerifyTlsCert() { return g_cfg.mqtt_verify_tls_cert; } const char* CFG_GetMQTTCertFile() { return g_cfg.mqtt_cert_file; } -void CFG_SetMQTTUseTls(bool value) { +void CFG_SetMQTTUseTls(byte value) { // is there a change? if (g_cfg.mqtt_use_tls != value) { g_cfg.mqtt_use_tls = value; @@ -703,7 +710,7 @@ void CFG_SetMQTTUseTls(bool value) { g_cfg_pendingChanges++; } } -void CFG_SetMQTTVerifyTlsCert(bool value) { +void CFG_SetMQTTVerifyTlsCert(byte value) { // is there a change? if (g_cfg.mqtt_verify_tls_cert != value) { g_cfg.mqtt_verify_tls_cert = value; @@ -718,10 +725,10 @@ void CFG_SetMQTTCertFile(const char* s) { g_cfg_pendingChanges++; } } -bool CFG_GetDisableWebServer() { +byte CFG_GetDisableWebServer() { return g_cfg.disable_web_server; } -void CFG_SetDisableWebServer(bool value) { +void CFG_SetDisableWebServer(byte value) { // is there a change? if (g_cfg.disable_web_server != value) { g_cfg.disable_web_server = value; diff --git a/src/new_cfg.h b/src/new_cfg.h index 419b45526..2410329d3 100644 --- a/src/new_cfg.h +++ b/src/new_cfg.h @@ -95,14 +95,14 @@ uint32_t CFG_GetLFS_Size(); #endif #if MQTT_USE_TLS -void CFG_SetMQTTUseTls(bool value); -void CFG_SetMQTTVerifyTlsCert(bool value); +void CFG_SetMQTTUseTls(byte value); +void CFG_SetMQTTVerifyTlsCert(byte value); void CFG_SetMQTTCertFile(const char* s); -bool CFG_GetMQTTUseTls(); -bool CFG_GetMQTTVerifyTlsCert(); +byte CFG_GetMQTTUseTls(); +byte CFG_GetMQTTVerifyTlsCert(); const char* CFG_GetMQTTCertFile(); -bool CFG_GetDisableWebServer(); -void CFG_SetDisableWebServer(bool value); +byte CFG_GetDisableWebServer(); +void CFG_SetDisableWebServer(byte value); #endif #endif diff --git a/src/new_pins.h b/src/new_pins.h index ffdf367cf..81cb5e92a 100644 --- a/src/new_pins.h +++ b/src/new_pins.h @@ -1186,13 +1186,13 @@ typedef struct mainConfig_s { // offset 0x00000C40 (3136 decimal) char wifi_pass2[68]; // offset 0x00000C84 (3204 decimal) - bool mqtt_use_tls; + byte mqtt_use_tls; // offset 0x00000C85 (3205 decimal) - bool mqtt_verify_tls_cert; + byte mqtt_verify_tls_cert; // offset 0x00000C86 (3206 decimal) char mqtt_cert_file[20]; // offset 0x00000C9A (3226 decimal) - bool disable_web_server; + byte disable_web_server; // offset 0x00000C9B (3227 decimal) char unused[357]; #endif diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h index 63d872a0a..2deadf633 100644 --- a/src/user_mbedtls_config.h +++ b/src/user_mbedtls_config.h @@ -22,8 +22,15 @@ * To validate the certificate dates, the NTP driver must be enabled, * otherwise the build date will be used to validate. * + * You can use Mqtt TSL without a CA or public certificate if you disable + * validation, but this is not recommended. + * Your client will be vulnerable to the MIT attack. + * * Additionally, an option to disable the web app has been added to - * strengthen security. Communication only with secure mqtt connection + * strengthen security. After connected to mqtt use + * cmnd//WebServer 0 to disable web interface + * cmnd//WebServer 1 to enable web interface + * Communication only with secure mqtt connection * * Author: alexsandroz@gmail.com * From 06ea5e922e9b5450aa2032a0599b32704fead47b Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 23 Mar 2024 13:10:15 -0300 Subject: [PATCH 37/39] Fix get initial time from compile time --- src/mqtt/new_mqtt.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/mqtt/new_mqtt.c b/src/mqtt/new_mqtt.c index e7b6b2844..37f4a22ba 100644 --- a/src/mqtt/new_mqtt.c +++ b/src/mqtt/new_mqtt.c @@ -2379,14 +2379,18 @@ struct tm* cvt_date(char const* date, char const* time, struct tm* t) sscanf(date, "%s %d %d", s_month, &t->tm_mday, &year); sscanf(time, "%2d %*c %2d %*c %2d", &t->tm_hour, &t->tm_min, &t->tm_sec); // Find where is s_month in month_names. Deduce month value. - t->tm_mon = (strstr(month_names, s_month) - month_names) / 3 + 1; + t->tm_mon = (strstr(month_names, s_month) - month_names) / 3; t->tm_year = year - 1900; return t; } struct tm* mbedtls_platform_gmtime_r(const mbedtls_time_t* tt, struct tm* tm_buf) { // If NTP time not synced return compile time - if (!NTP_IsTimeSynced()) { - return cvt_date(__DATE__, __TIME__, tm_buf); + struct tm* ltm; + if (!NTP_IsTimeSynced()) { + ltm = cvt_date(__DATE__, __TIME__, tm_buf); + //addLogAdv(LOG_INFO, LOG_FEATURE_NTP, "MBEDTLS Time : %04d/%02d/%02d %02d:%02d:%02d", + // ltm->tm_year + 1900, ltm->tm_mon + 1, ltm->tm_mday, ltm->tm_hour, ltm->tm_min, ltm->tm_sec); + return ltm; } return gmtime_r((time_t*)&g_ntpTime, tm_buf); } From 19b32f361e8a63d95f1c4ee5b8db4e5cbd51a215 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 23 Mar 2024 21:56:00 -0300 Subject: [PATCH 38/39] Fix base64.c duplicate module --- Makefile | 1 + components.mk | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 07ad4fb1d..6a7634c2a 100644 --- a/Makefile +++ b/Makefile @@ -6,6 +6,7 @@ all: @echo Calling original build_app.sh script mkdir -p output if [ ! -d "$(MBEDTLS)" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi + mv $(MBEDTLS)/library/base64.c $(MBEDTLS)/library/base64_mbedtls.c cd $(PWD)/../../platforms/$(TARGET_PLATFORM)/toolchain/$(TUYA_APPS_BUILD_PATH) && sh $(TUYA_APPS_BUILD_CMD) $(APP_NAME) $(APP_VERSION) $(TARGET_PLATFORM) $(USER_CMD) else diff --git a/components.mk b/components.mk index 796fca494..07ccb8064 100644 --- a/components.mk +++ b/components.mk @@ -41,7 +41,7 @@ SRC_C += ${MBEDTLS_DIR}/library/poly1305.c SRC_C += ${MBEDTLS_DIR}/library/pem.c SRC_C += ${MBEDTLS_DIR}/library/des.c SRC_C += ${MBEDTLS_DIR}/library/asn1parse.c -SRC_C += ${MBEDTLS_DIR}/library/base64.c +SRC_C += ${MBEDTLS_DIR}/library/base64_mbedtls.c SRC_C += ${MBEDTLS_DIR}/library/x509.c SRC_C += ${MBEDTLS_DIR}/library/oid.c SRC_C += ${MBEDTLS_DIR}/library/pkparse.c From fc30134ceb22945f8c050eb719fcc52193e74892 Mon Sep 17 00:00:00 2001 From: alexsandroz Date: Sat, 23 Mar 2024 22:12:13 -0300 Subject: [PATCH 39/39] Fix base64.c duplicate module for git workflow --- Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Makefile b/Makefile index 6a7634c2a..3d68646cb 100644 --- a/Makefile +++ b/Makefile @@ -81,11 +81,15 @@ sdk/OpenLN882H/project/OpenBeken/app: # Build main binaries OpenBK7231T: + mkdir -p output + if [ ! -d "$(MBEDTLS)" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi + mv $(MBEDTLS)/library/base64.c $(MBEDTLS)/library/base64_mbedtls.c $(MAKE) APP_NAME=OpenBK7231T TARGET_PLATFORM=bk7231t SDK_PATH=sdk/OpenBK7231T APPS_BUILD_PATH=../bk7231t_os build-BK7231 OpenBK7231N: mkdir -p output if [ ! -d "$(MBEDTLS)" ]; then wget -q "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v2.28.5.tar.gz"; tar -xf v2.28.5.tar.gz -C output; rm -f v2.28.5.tar.gz; fi + mv $(MBEDTLS)/library/base64.c $(MBEDTLS)/library/base64_mbedtls.c $(MAKE) APP_NAME=OpenBK7231N TARGET_PLATFORM=bk7231n SDK_PATH=sdk/OpenBK7231N APPS_BUILD_PATH=../bk7231n_os build-BK7231 sdk/OpenXR809/tools/gcc-arm-none-eabi-4_9-2015q2: