Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle change of Home Controller system password correctly #55

Closed
coeing opened this issue Oct 18, 2020 · 2 comments
Closed

Handle change of Home Controller system password correctly #55

coeing opened this issue Oct 18, 2020 · 2 comments
Assignees
@GerdZanker
Labels
enhancement New feature or request
Milestone
2.0

Comments

@coeing
Copy link
Collaborator

coeing commented Oct 18, 2020
edited by GerdZanker

A change of SHC "system password" is an issue and happening also during initial setup of the binding e.g. if the wrong password was used instead of the App password.

See also comments in openhabCommunity.

The current solution is to delete the /etc/oss_openhab_binding_*.jks file in your openhab installation because the binding will recreate the jks file.

TODO from BoschSslUtil.java:

                // TODO if SHC system password is changed the keystore can't be loaded and an IOException "... password
                // was incorrect" is thrown
                // Either use a different secret instead of the system password (e.g. openHAB UUID?)
                // or recreate a new keystore with the different system password again (needs pairing)

In the meantime the initial pull request is discussed and from comments we can use "reference" code from openhab core how certificate handling is done there.
See CertificateGenerator.java and the generateCertificate() function how the password, and self singed cert creation is done.

With this reference we should get rid of password problems, by using a single fixed password ins the code and avoid at least the bcprov-jdk15on bundle dependency, which increases the jar size a lot.
@coeing coeing added the enhancement New feature or request label Oct 18, 2020
coeing added a commit that referenced this issue Oct 18, 2020
@coeing
#47 Remove TODO from code and add issue #55 instead
b056236 
Signed-off-by: Christian Oeing <christian.oeing@slashgames.org>
coeing added a commit that referenced this issue Oct 22, 2020
@coeing
#47 Remove TODO from code and add issue #55 instead
7095a10 
Signed-off-by: Christian Oeing <christian.oeing@slashgames.org>
coeing added a commit that referenced this issue Nov 18, 2020
@coeing
#47 Remove TODO from code and add issue #55 instead
5ffbc9a 
Signed-off-by: Christian Oeing <christian.oeing@slashgames.org>
@coeing coeing added this to the 2.0 milestone Dec 25, 2020
GerdZanker pushed a commit that referenced this issue Jan 7, 2021
@coeing @GerdZanker
#47 Remove TODO from code and add issue #55 instead
ff3bcba 
Signed-off-by: Christian Oeing <christian.oeing@slashgames.org>
GerdZanker pushed a commit that referenced this issue Jan 7, 2021
@coeing @GerdZanker
#47 Remove TODO from code and add issue #55 instead
7ce0ad7 
Signed-off-by: Christian Oeing <christian.oeing@slashgames.org>
Signed-off-by: Gerd Zanker <gerd.zanker@web.de>
GerdZanker added a commit that referenced this issue Jan 16, 2021
@GerdZanker
#55 replaced the password with a fixed one
19bf56c 
The changeable SHC system password for the keystore is replaced by a static string in the code.
The keyStore name is now based on SHC ipAddress to support multiple SmartHomeControllers.

Signed-off-by: Gerd Zanker <gerd.zanker@web.de>
@GerdZanker GerdZanker mentioned this issue Jan 16, 2021
Merged
GerdZanker added a commit that referenced this issue Jan 16, 2021
@GerdZanker
#55 replaced the password with a fixed one
0136cf0 
The changeable SHC system password for the keystore is replaced by a static string in the code.
The keyStore name is now based on SHC ipAddress to support multiple SmartHomeControllers.

Signed-off-by: Gerd Zanker <gerd.zanker@web.de>
@coeing
Copy link
Collaborator Author

coeing commented Jan 19, 2021

@GerdZanker I think this is fixed with your last pull request, isn't it?

@GerdZanker
Copy link
Collaborator

Yes, its avoided with PR #70, because the keystore password is now a static password defined in code.
The BoschSHC systempassword is only used for pairing.

Drawback: A new keystore will be created using your SHC IP address and a new pairing is needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GerdZanker GerdZanker

Labels
enhancement New feature or request
Projects
None yet
Milestone
2.0
Development

No branches or pull requests
2 participants
@GerdZanker @coeing