Added password check to telnet

5 years ago · 8c8a268e5c
--- a/code/espurna/data/index.all.html.gz
+++ b/code/espurna/data/index.all.html.gz
--- a/code/espurna/data/index.light.html.gz
+++ b/code/espurna/data/index.light.html.gz
--- a/code/espurna/data/index.rfbridge.html.gz
+++ b/code/espurna/data/index.rfbridge.html.gz
--- a/code/espurna/data/index.rfm69.html.gz
+++ b/code/espurna/data/index.rfm69.html.gz
--- a/code/espurna/data/index.sensor.html.gz
+++ b/code/espurna/data/index.sensor.html.gz
--- a/code/espurna/data/index.small.html.gz
+++ b/code/espurna/data/index.small.html.gz
--- a/code/espurna/ota.ino
+++ b/code/espurna/ota.ino
@ -16,7 +16,7 @@ void _otaConfigure() {
    ArduinoOTA.setPort(OTA_PORT);
    ArduinoOTA.setHostname(getSetting("hostname").c_str());
    #if USE_PASSWORD
        ArduinoOTA.setPassword(getSetting("adminPass", ADMIN_PASS).c_str());
        ArduinoOTA.setPassword(getAdminPass().c_str());
    #endif
 }

--- a/code/espurna/static/index.all.html.gz.h
+++ b/code/espurna/static/index.all.html.gz.h
--- a/code/espurna/static/index.light.html.gz.h
+++ b/code/espurna/static/index.light.html.gz.h
--- a/code/espurna/static/index.rfbridge.html.gz.h
+++ b/code/espurna/static/index.rfbridge.html.gz.h
--- a/code/espurna/static/index.rfm69.html.gz.h
+++ b/code/espurna/static/index.rfm69.html.gz.h
--- a/code/espurna/static/index.sensor.html.gz.h
+++ b/code/espurna/static/index.sensor.html.gz.h
--- a/code/espurna/static/index.small.html.gz.h
+++ b/code/espurna/static/index.small.html.gz.h
--- a/code/espurna/telnet.ino
+++ b/code/espurna/telnet.ino
@ -14,6 +14,7 @@ Parts of the code have been borrowed from Thomas Sarlandie's NetServer

 AsyncServer * _telnetServer;
 AsyncClient * _telnetClients[TELNET_MAX_CLIENTS];
 bool _authenticated[TELNET_MAX_CLIENTS];
 bool _telnetFirst = true;

 // -----------------------------------------------------------------------------
@ -51,11 +52,20 @@ bool _telnetWrite(unsigned char clientId, void *data, size_t len) {
 unsigned char _telnetWrite(void *data, size_t len) {
    unsigned char count = 0;
    for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) {
        if (_telnetWrite(i, data, len)) ++count;

        // Do not send broadcast messages to unauthenticated clients
        if (_authenticated[i]) {
            if (_telnetWrite(i, data, len)) ++count;
        }

    }
    return count;
 }

 bool _telnetWrite(unsigned char clientId, const char * message) {
    _telnetWrite(clientId, (void *) message, strlen(message));
 }

 void _telnetData(unsigned char clientId, void *data, size_t len) {

    // Skip first message since it's always garbage
@ -80,7 +90,20 @@ void _telnetData(unsigned char clientId, void *data, size_t len) {
        return;
    }

    // Inject into Embedis stream
    // Password
    if (!_authenticated[clientId]) {
        String password = getAdminPass();
        if (strncmp(p, password.c_str(), password.length()) == 0) {
            DEBUG_MSG_P(PSTR("[TELNET] Client #%d authenticated\n"), clientId);
            _telnetWrite(clientId, "Welcome!\n");
            _authenticated[clientId] = true;
        } else {
            _telnetWrite(clientId, "Password: ");
        }
        return;
    }

    // Inject command
    settingsInject(data, len);

 }
@ -109,6 +132,7 @@ void _telnetNewClient(AsyncClient *client) {
    }

    for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) {

        if (!_telnetClients[i] || !_telnetClients[i]->connected()) {

            _telnetClients[i] = client;
@ -144,6 +168,8 @@ void _telnetNewClient(AsyncClient *client) {
            #endif

            _telnetFirst = true;
            _authenticated[i] = false;
            _telnetWrite(i, "Password: ");
            wifiReconnectCheck();
            return;

--- a/code/espurna/utils.ino
+++ b/code/espurna/utils.ino
@ -33,6 +33,10 @@ String getBoardName() {
    return getSetting("boardName", DEVICE_NAME);
 }

 String getAdminPass() {
    return getSetting("adminPass", ADMIN_PASS);
 }

 String getCoreVersion() {
    String version = ESP.getCoreVersion();
    #ifdef ARDUINO_ESP8266_RELEASE
--- a/code/espurna/web.ino
+++ b/code/espurna/web.ino
@ -347,7 +347,7 @@ void _onRequest(AsyncWebServerRequest *request){

 bool webAuthenticate(AsyncWebServerRequest *request) {
    #if USE_PASSWORD
        String password = getSetting("adminPass", ADMIN_PASS);
        String password = getAdminPass();
        char httpPassword[password.length() + 1];
        password.toCharArray(httpPassword, password.length() + 1);
        return request->authenticate(WEB_USERNAME, httpPassword);
@ -422,7 +422,7 @@ void webSetup() {
    #else
        _server->begin();
    #endif
    

    DEBUG_MSG_P(PSTR("[WEBSERVER] Webserver running on port %u\n"), port);

 }
--- a/code/espurna/wifi.ino
+++ b/code/espurna/wifi.ino
@ -34,7 +34,7 @@ void _wifiConfigure() {

    jw.setHostname(getSetting("hostname").c_str());
    #if USE_PASSWORD
        jw.setSoftAP(getSetting("hostname").c_str(), getSetting("adminPass", ADMIN_PASS).c_str());
        jw.setSoftAP(getSetting("hostname").c_str(), getAdminPass().c_str());
    #else
        jw.setSoftAP(getSetting("hostname").c_str());
    #endif
@ -489,7 +489,7 @@ void wifiDebug(WiFiMode_t modes) {
    if (((modes & WIFI_AP) > 0) && ((WiFi.getMode() & WIFI_AP) > 0)) {
        DEBUG_MSG_P(PSTR("[WIFI] -------------------------------------- MODE AP\n"));
        DEBUG_MSG_P(PSTR("[WIFI] SSID  %s\n"), getSetting("hostname").c_str());
        DEBUG_MSG_P(PSTR("[WIFI] PASS  %s\n"), getSetting("adminPass", ADMIN_PASS).c_str());
        DEBUG_MSG_P(PSTR("[WIFI] PASS  %s\n"), getAdminPass().c_str());
        DEBUG_MSG_P(PSTR("[WIFI] IP    %s\n"), WiFi.softAPIP().toString().c_str());
        DEBUG_MSG_P(PSTR("[WIFI] MAC   %s\n"), WiFi.softAPmacAddress().c_str());
        footer = true;
--- a/code/espurna/ws.ino
+++ b/code/espurna/ws.ino
@ -302,8 +302,7 @@ bool _wsOnReceive(const char * key, JsonVariant& value) {
 void _wsOnStart(JsonObject& root) {

    #if USE_PASSWORD && WEB_FORCE_PASS_CHANGE
        String adminPass = getSetting("adminPass", ADMIN_PASS);
        bool changePassword = adminPass.equals(ADMIN_PASS);
        bool changePassword = getAdminPass().equals(ADMIN_PASS);
    #else
        bool changePassword = false;
    #endif