Code to query the IP address data for our WiFi interface. #206
Conversation
This allows the microcontroller to query e.g. the IP address of the IoT device and communicate it to trusted parties.
This basically parameterizes the serial bridges to ports 23 and 2323.
|
Looks like most of the code to this point modifies serial bridge settings. (Might be what I need to address an odd issue I ran into with my pull request #205) I don't see how this sends the IP to other hosts. Am I missing something here? |
|
On 10/30/2016 04:05 PM, Alex wrote:
Alex, My code submission consists of two pieces :
An Arduino example sketch for this is in http://danny.backx.info/danny/backup/test1.ino . I should add this to the ELClient/examples tree I guess. Output of this sample sketch (with debug off in the library code) is :
Danny Backx - danny.backx@scarlet.be - http://danny.backx.info |
|
On 10/30/2016 05:15 PM, Danny Backx wrote:
I only answered your second question and didn't look deep enough into the link you sent. I am indeed also working on security, it looks like that'll fix issue #167 . My security issue is that I want you to be disable the ports, hide the access at another port number, or password-protect them. Danny Backx - danny.backx@scarlet.be - http://danny.backx.info |
|
I already created a pull request with web interface to choose the ports. |
|
Nice work on everything else sir - I don't see any obvious issues. |
|
On 10/30/2016 06:23 PM, Alex wrote:
Thanks for pointing me to our parallel development. I found myself writing and debugging javascript for the first time so I'll look into your code, it may be more efficient to continue my efforts based on yours. Or something like that :-) Danny Backx - danny.backx@scarlet.be - http://danny.backx.info |
Makefile
Outdated
| # | ||
| # Default settings for access over TCP/IP connections | ||
| # | ||
| # Modes are 0 (unsecure), 1 (disabled), 2 (secure) |
Makefile
Outdated
| @@ -99,6 +99,15 @@ MCU_ISP_PIN ?= 13 | |||
| LED_CONN_PIN ?= 0 | |||
| # GPIO pin used for "serial activity" LED, active low | |||
| LED_SERIAL_PIN ?= 14 | |||
| # | |||
| # Default settings for access over TCP/IP connections | |||
There was a problem hiding this comment.
HTTP uses TCP/IP, did you mean "telnet"?
Makefile
Outdated
| PORT1_MODE ?= 0 | ||
| PORT1_PORTNUMBER ?= 23 | ||
| PORT2_MODE ?= 0 | ||
| PORT2_PORTNUMBER ?= 2323 |
There was a problem hiding this comment.
There is a PR #205 that going to get merged to change the ports via the web UI. I'd rather not have additional settings in the Makefile too. It gets very confusing when there are settings in the Makefile 'cause it's not obvious at all which take effect when. There are settings for Wifi in the Makefile and that has been a confusing mess, and those are necessary because without wifi it's hard to connect after flashing, so at least there's a good reason for them.
cmd/cmd.h
Outdated
| @@ -58,6 +58,8 @@ typedef enum { | |||
| CMD_SOCKET_SETUP = 40, // set-up callbacks | |||
| CMD_SOCKET_SEND, // send data over UDP socket | |||
|
|
|||
| CMD_GET_WIFI_INFO = 50,// Query IP address info | |||
There was a problem hiding this comment.
Please put this sequentially after CMD_GET_TIME, no need to start a new section for this.
cmd/handlers.c
Outdated
| cmdResponseBody(&info.gw.addr, sizeof(info.gw.addr)); | ||
| cmdResponseEnd(); | ||
|
|
||
| return; |
| CmdRequest req; | ||
|
|
||
| cmdRequest(&req, cmd); | ||
| if(cmd->argc != 0 || cmd->value == 0) { |
There was a problem hiding this comment.
Mhh, I have to look what has been done elsewhere, but I'm not sure why this should return anything if no callback has been passed.
| uint32_t callback = req.cmd->value; | ||
|
|
||
| struct ip_info info; | ||
| wifi_get_ip_info(0, &info); |
There was a problem hiding this comment.
This gets the STA info. Shouldn't this thing return both the STA and AP info? Or provide two calls for the two?
There was a problem hiding this comment.
I think there have also been requests to get the MAC address, maybe that easy to include as well.
esp-link/cgiwifi.c
Outdated
| @@ -54,6 +54,8 @@ static char *wifiReasons[] = { | |||
| static char *wifiMode[] = { 0, "STA", "AP", "AP+STA" }; | |||
| static char *wifiPhy[] = { 0, "11b", "11g", "11n" }; | |||
|
|
|||
| static char *portMode[] = { "unsecure", "disabled", "secure" }; | |||
|
Guys, I'm getting confused, maybe you are as well. I thought the point where I issued a pull request indicated the work I finished (unreviewed but a working prototype) for one functionality. And now it seems we're all looking at my work in progress which obviously is a mess. Goal #1 I had was to be able to identify the IoT device even if it's on another network than mine. My idea (mentioned on the chat this weekend, no replies) was to be able to password protect and/or disable the 23 and 2323 accesses. Securing the web interface is also something that comes to mind. Haven't acted on this yet. Comments welcomed :-) |
|
I'll clean up this mess tomorrow. Leave only the stuff that belongs here, and make changes based on @tve 's review. |
|
I follow you sir. Enjoying my Sunday, so ill go over my stuff tomorrow as On Sun, Oct 30, 2016, 4:23 PM dannybackx notifications@github.com wrote:
|
|
Hey, no rush, this is supposed to be fun. Take your time, nothing is running away ;-) |
|
On 10/31/2016 12:56 AM, Thorsten von Eicken wrote:
Well, that's good because I don't know very well how to proceed. I'll try to roll back all the commits I did after the work I wanted to share. (So I'll leave only the stuff that matches issue #206.) The next question is how I can proceed with the other work. Given Alex's userid, I guessed I could find his work at github.com/fuzzball03/esp-link so I just checked out that code base to my disk. I don't know how we can use github to work together on this. Should e.g. Alex give me permissions on his fork so we make a joint submission ? I see an additional field down in the Home window (home.html changes). I think the C language source code changes I supplied can implement that user interface. I have no problem admitting I've not done any javascript work before, so I'm really learning there. I have a lot of experience with C though. Also what do we want to implement ? As I wrote earlier I want to secure my device before putting it in the wild. That's not Alex's goal. Thorsten, are you the one saying which functionality we implement ? Thanks, Danny Backx - danny.backx@scarlet.be - http://danny.backx.info |
|
@dannybackx ill be happy to give you write permission to my repo. You're spot on - C is far from a strength of mine. I've never done anything C consisting of more than 3 headers till this project. Give me java, html, or php any day. I'm certainly not use to trying to manage or reduce memory/ram usage. I believe focusing work on one change per pull would be easier for @tve and everyone else. Not to say you're not welcome to use my repo to implement your planned security features. Quick question for you Danny - what's your reasoning for placing telnet/serial bridge settings in the Wi-Fi page? |
|
Cleaned up now, I think. |
|
On 11/01/2016 01:14 AM, Alex wrote:
I'm happy with discussing what and how to implement for a few days before actually doing it. After that, we'll also know which changes to combine, or not, into pull requests. You asked why I put the serial bridge security stuff on the "WiFi Station" page. That's because I found that it belonged with the "Special Settings" on that page. But you can follow similar arguments to put it on the same page as "Pin assignment" which is on the Home page. Should the duplication remain ? Danny Backx - danny.backx@scarlet.be - http://danny.backx.info |
Increase one variable's size to cope with program size larger than 64K
…d to connect to).
Bugfix in query firewall external address.
| # -DLED_CONN_PIN=$(LED_CONN_PIN) -DLED_SERIAL_PIN=$(LED_SERIAL_PIN) \ | ||
| # -DVERSION="$(VERSION)" | ||
| # | ||
| CFLAGS += -Os -ggdb -std=c99 -Wpointer-arith -Wundef -Wall -Wl,-EL -fno-inline-functions \ |
| #SDK_BASE := $(wildcard $(XTENSA_TOOLS_ROOT)/../../$(SDK_VERS)) | ||
| #endif | ||
| ifeq ($(SDK_BASE),) | ||
| SDK_BASE := $(wildcard $(XTENSA_TOOLS_ROOT)/../../$(SDK_VERS)) |
There was a problem hiding this comment.
Please don't uncomment in what you submit.
| @@ -52,12 +52,15 @@ ESP_HOSTNAME ?= esp-link | |||
| # Base directory for the compiler. Needs a / at the end. | |||
| # Typically you'll install https://github.com/pfalcon/esp-open-sdk | |||
| # IMPORTANT: use esp-open-sdk `make STANDALONE=n`: the SDK bundled with esp-open-sdk will *not* work! | |||
| XTENSA_TOOLS_ROOT ?= $(abspath ../esp-open-sdk/xtensa-lx106-elf/bin)/ | |||
| XTENSA_TOOLS_ROOT ?= $(abspath ../espressif/xtensa-lx106-elf/bin)/ | |||
| @@ -387,6 +407,7 @@ $(FW_BASE)/user2.bin: $(USER2_OUT) $(FW_BASE) | |||
| $(Q) COMPILE=gcc PATH=$(XTENSA_TOOLS_ROOT):$(PATH) python $(APPGEN_TOOL) $(USER2_OUT) 2 $(ESP_FLASH_MODE) $(ESP_FLASH_FREQ_DIV) $(ESP_SPI_SIZE) 1 >/dev/null | |||
| $(Q) rm -f eagle.app.v6.*.bin | |||
| $(Q) mv eagle.app.flash.bin $@ | |||
| @echo "** user2.bin uses $$(stat -c '%s' $@) bytes of" $(ESP_FLASH_MAX) "available" | |||
There was a problem hiding this comment.
user2 is the same size as user1, so this is just noise, isn't it?
This allows the microcontroller to query e.g. the IP address of the IoT
device and communicate it to trusted parties.