Browse Source

Added password check to telnet

webui
Xose Pérez 6 years ago
parent
commit
8c8a268e5c
18 changed files with 13315 additions and 13286 deletions
  1. BIN
      code/espurna/data/index.all.html.gz
  2. BIN
      code/espurna/data/index.light.html.gz
  3. BIN
      code/espurna/data/index.rfbridge.html.gz
  4. BIN
      code/espurna/data/index.rfm69.html.gz
  5. BIN
      code/espurna/data/index.sensor.html.gz
  6. BIN
      code/espurna/data/index.small.html.gz
  7. +1
    -1
      code/espurna/ota.ino
  8. +2262
    -2262
      code/espurna/static/index.all.html.gz.h
  9. +2210
    -2210
      code/espurna/static/index.light.html.gz.h
  10. +1858
    -1858
      code/espurna/static/index.rfbridge.html.gz.h
  11. +3224
    -3224
      code/espurna/static/index.rfm69.html.gz.h
  12. +1879
    -1879
      code/espurna/static/index.sensor.html.gz.h
  13. +1844
    -1844
      code/espurna/static/index.small.html.gz.h
  14. +28
    -2
      code/espurna/telnet.ino
  15. +4
    -0
      code/espurna/utils.ino
  16. +2
    -2
      code/espurna/web.ino
  17. +2
    -2
      code/espurna/wifi.ino
  18. +1
    -2
      code/espurna/ws.ino

BIN
code/espurna/data/index.all.html.gz View File


BIN
code/espurna/data/index.light.html.gz View File


BIN
code/espurna/data/index.rfbridge.html.gz View File


BIN
code/espurna/data/index.rfm69.html.gz View File


BIN
code/espurna/data/index.sensor.html.gz View File


BIN
code/espurna/data/index.small.html.gz View File


+ 1
- 1
code/espurna/ota.ino View File

@ -16,7 +16,7 @@ void _otaConfigure() {
ArduinoOTA.setPort(OTA_PORT); ArduinoOTA.setPort(OTA_PORT);
ArduinoOTA.setHostname(getSetting("hostname").c_str()); ArduinoOTA.setHostname(getSetting("hostname").c_str());
#if USE_PASSWORD #if USE_PASSWORD
ArduinoOTA.setPassword(getSetting("adminPass", ADMIN_PASS).c_str());
ArduinoOTA.setPassword(getAdminPass().c_str());
#endif #endif
} }


+ 2262
- 2262
code/espurna/static/index.all.html.gz.h
File diff suppressed because it is too large
View File


+ 2210
- 2210
code/espurna/static/index.light.html.gz.h
File diff suppressed because it is too large
View File


+ 1858
- 1858
code/espurna/static/index.rfbridge.html.gz.h
File diff suppressed because it is too large
View File


+ 3224
- 3224
code/espurna/static/index.rfm69.html.gz.h
File diff suppressed because it is too large
View File


+ 1879
- 1879
code/espurna/static/index.sensor.html.gz.h
File diff suppressed because it is too large
View File


+ 1844
- 1844
code/espurna/static/index.small.html.gz.h
File diff suppressed because it is too large
View File


+ 28
- 2
code/espurna/telnet.ino View File

@ -14,6 +14,7 @@ Parts of the code have been borrowed from Thomas Sarlandie's NetServer
AsyncServer * _telnetServer; AsyncServer * _telnetServer;
AsyncClient * _telnetClients[TELNET_MAX_CLIENTS]; AsyncClient * _telnetClients[TELNET_MAX_CLIENTS];
bool _authenticated[TELNET_MAX_CLIENTS];
bool _telnetFirst = true; bool _telnetFirst = true;
// ----------------------------------------------------------------------------- // -----------------------------------------------------------------------------
@ -51,11 +52,20 @@ bool _telnetWrite(unsigned char clientId, void *data, size_t len) {
unsigned char _telnetWrite(void *data, size_t len) { unsigned char _telnetWrite(void *data, size_t len) {
unsigned char count = 0; unsigned char count = 0;
for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) { for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) {
if (_telnetWrite(i, data, len)) ++count;
// Do not send broadcast messages to unauthenticated clients
if (_authenticated[i]) {
if (_telnetWrite(i, data, len)) ++count;
}
} }
return count; return count;
} }
bool _telnetWrite(unsigned char clientId, const char * message) {
_telnetWrite(clientId, (void *) message, strlen(message));
}
void _telnetData(unsigned char clientId, void *data, size_t len) { void _telnetData(unsigned char clientId, void *data, size_t len) {
// Skip first message since it's always garbage // Skip first message since it's always garbage
@ -80,7 +90,20 @@ void _telnetData(unsigned char clientId, void *data, size_t len) {
return; return;
} }
// Inject into Embedis stream
// Password
if (!_authenticated[clientId]) {
String password = getAdminPass();
if (strncmp(p, password.c_str(), password.length()) == 0) {
DEBUG_MSG_P(PSTR("[TELNET] Client #%d authenticated\n"), clientId);
_telnetWrite(clientId, "Welcome!\n");
_authenticated[clientId] = true;
} else {
_telnetWrite(clientId, "Password: ");
}
return;
}
// Inject command
settingsInject(data, len); settingsInject(data, len);
} }
@ -109,6 +132,7 @@ void _telnetNewClient(AsyncClient *client) {
} }
for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) { for (unsigned char i = 0; i < TELNET_MAX_CLIENTS; i++) {
if (!_telnetClients[i] || !_telnetClients[i]->connected()) { if (!_telnetClients[i] || !_telnetClients[i]->connected()) {
_telnetClients[i] = client; _telnetClients[i] = client;
@ -144,6 +168,8 @@ void _telnetNewClient(AsyncClient *client) {
#endif #endif
_telnetFirst = true; _telnetFirst = true;
_authenticated[i] = false;
_telnetWrite(i, "Password: ");
wifiReconnectCheck(); wifiReconnectCheck();
return; return;


+ 4
- 0
code/espurna/utils.ino View File

@ -33,6 +33,10 @@ String getBoardName() {
return getSetting("boardName", DEVICE_NAME); return getSetting("boardName", DEVICE_NAME);
} }
String getAdminPass() {
return getSetting("adminPass", ADMIN_PASS);
}
String getCoreVersion() { String getCoreVersion() {
String version = ESP.getCoreVersion(); String version = ESP.getCoreVersion();
#ifdef ARDUINO_ESP8266_RELEASE #ifdef ARDUINO_ESP8266_RELEASE


+ 2
- 2
code/espurna/web.ino View File

@ -347,7 +347,7 @@ void _onRequest(AsyncWebServerRequest *request){
bool webAuthenticate(AsyncWebServerRequest *request) { bool webAuthenticate(AsyncWebServerRequest *request) {
#if USE_PASSWORD #if USE_PASSWORD
String password = getSetting("adminPass", ADMIN_PASS);
String password = getAdminPass();
char httpPassword[password.length() + 1]; char httpPassword[password.length() + 1];
password.toCharArray(httpPassword, password.length() + 1); password.toCharArray(httpPassword, password.length() + 1);
return request->authenticate(WEB_USERNAME, httpPassword); return request->authenticate(WEB_USERNAME, httpPassword);
@ -422,7 +422,7 @@ void webSetup() {
#else #else
_server->begin(); _server->begin();
#endif #endif
DEBUG_MSG_P(PSTR("[WEBSERVER] Webserver running on port %u\n"), port); DEBUG_MSG_P(PSTR("[WEBSERVER] Webserver running on port %u\n"), port);
} }


+ 2
- 2
code/espurna/wifi.ino View File

@ -34,7 +34,7 @@ void _wifiConfigure() {
jw.setHostname(getSetting("hostname").c_str()); jw.setHostname(getSetting("hostname").c_str());
#if USE_PASSWORD #if USE_PASSWORD
jw.setSoftAP(getSetting("hostname").c_str(), getSetting("adminPass", ADMIN_PASS).c_str());
jw.setSoftAP(getSetting("hostname").c_str(), getAdminPass().c_str());
#else #else
jw.setSoftAP(getSetting("hostname").c_str()); jw.setSoftAP(getSetting("hostname").c_str());
#endif #endif
@ -489,7 +489,7 @@ void wifiDebug(WiFiMode_t modes) {
if (((modes & WIFI_AP) > 0) && ((WiFi.getMode() & WIFI_AP) > 0)) { if (((modes & WIFI_AP) > 0) && ((WiFi.getMode() & WIFI_AP) > 0)) {
DEBUG_MSG_P(PSTR("[WIFI] -------------------------------------- MODE AP\n")); DEBUG_MSG_P(PSTR("[WIFI] -------------------------------------- MODE AP\n"));
DEBUG_MSG_P(PSTR("[WIFI] SSID %s\n"), getSetting("hostname").c_str()); DEBUG_MSG_P(PSTR("[WIFI] SSID %s\n"), getSetting("hostname").c_str());
DEBUG_MSG_P(PSTR("[WIFI] PASS %s\n"), getSetting("adminPass", ADMIN_PASS).c_str());
DEBUG_MSG_P(PSTR("[WIFI] PASS %s\n"), getAdminPass().c_str());
DEBUG_MSG_P(PSTR("[WIFI] IP %s\n"), WiFi.softAPIP().toString().c_str()); DEBUG_MSG_P(PSTR("[WIFI] IP %s\n"), WiFi.softAPIP().toString().c_str());
DEBUG_MSG_P(PSTR("[WIFI] MAC %s\n"), WiFi.softAPmacAddress().c_str()); DEBUG_MSG_P(PSTR("[WIFI] MAC %s\n"), WiFi.softAPmacAddress().c_str());
footer = true; footer = true;


+ 1
- 2
code/espurna/ws.ino View File

@ -302,8 +302,7 @@ bool _wsOnReceive(const char * key, JsonVariant& value) {
void _wsOnStart(JsonObject& root) { void _wsOnStart(JsonObject& root) {
#if USE_PASSWORD && WEB_FORCE_PASS_CHANGE #if USE_PASSWORD && WEB_FORCE_PASS_CHANGE
String adminPass = getSetting("adminPass", ADMIN_PASS);
bool changePassword = adminPass.equals(ADMIN_PASS);
bool changePassword = getAdminPass().equals(ADMIN_PASS);
#else #else
bool changePassword = false; bool changePassword = false;
#endif #endif


Loading…
Cancel
Save