mirror of
https://github.com/meshtastic/firmware.git
synced 2025-04-26 09:59:01 +00:00
cleanup ssl cert generation
This commit is contained in:
Kevin Hester
parent
0e91d39b27
commit
2fd74d8f47
@ -5,7 +5,6 @@
|
|||||||
#include <HTTPMultipartBodyParser.hpp>
|
#include <HTTPMultipartBodyParser.hpp>
|
||||||
#include <HTTPURLEncodedBodyParser.hpp>
|
#include <HTTPURLEncodedBodyParser.hpp>
|
||||||
|
|
||||||
|
|
||||||
#include <WebServer.h>
|
#include <WebServer.h>
|
||||||
#include <WiFi.h>
|
#include <WiFi.h>
|
||||||
|
|
||||||
@ -13,7 +12,6 @@
|
|||||||
#include "esp_task_wdt.h"
|
#include "esp_task_wdt.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
// Persistant Data Storage
|
// Persistant Data Storage
|
||||||
#include <Preferences.h>
|
#include <Preferences.h>
|
||||||
Preferences prefs;
|
Preferences prefs;
|
||||||
@ -42,28 +40,23 @@ Preferences prefs;
|
|||||||
using namespace httpsserver;
|
using namespace httpsserver;
|
||||||
#include "mesh/http/ContentHandler.h"
|
#include "mesh/http/ContentHandler.h"
|
||||||
|
|
||||||
SSLCert *cert;
|
static SSLCert *cert;
|
||||||
HTTPSServer *secureServer;
|
static HTTPSServer *secureServer;
|
||||||
HTTPServer *insecureServer;
|
static HTTPServer *insecureServer;
|
||||||
|
|
||||||
|
volatile bool isWebServerReady;
|
||||||
|
volatile bool isCertReady;
|
||||||
|
|
||||||
|
static void handleWebResponse()
|
||||||
|
|
||||||
bool isWebServerReady = 0;
|
|
||||||
bool isCertReady = 0;
|
|
||||||
|
|
||||||
|
|
||||||
void handleWebResponse()
|
|
||||||
{
|
{
|
||||||
if (isWifiAvailable() == 0) {
|
if (isWifiAvailable()) {
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isWebServerReady) {
|
if (isWebServerReady) {
|
||||||
// We're going to handle the DNS responder here so it
|
// We're going to handle the DNS responder here so it
|
||||||
// will be ignored by the NRF boards.
|
// will be ignored by the NRF boards.
|
||||||
handleDNSResponse();
|
handleDNSResponse();
|
||||||
|
|
||||||
|
if(secureServer)
|
||||||
secureServer->loop();
|
secureServer->loop();
|
||||||
insecureServer->loop();
|
insecureServer->loop();
|
||||||
}
|
}
|
||||||
@ -77,11 +70,11 @@ void handleWebResponse()
|
|||||||
setCpuFrequencyMhz(80);
|
setCpuFrequencyMhz(80);
|
||||||
setTimeSpeedUp();
|
setTimeSpeedUp();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void taskCreateCert(void *parameter)
|
static void taskCreateCert(void *parameter)
|
||||||
{
|
{
|
||||||
|
|
||||||
prefs.begin("MeshtasticHTTPS", false);
|
prefs.begin("MeshtasticHTTPS", false);
|
||||||
|
|
||||||
// Delete the saved certs
|
// Delete the saved certs
|
||||||
@ -92,13 +85,32 @@ void taskCreateCert(void *parameter)
|
|||||||
prefs.remove("cert");
|
prefs.remove("cert");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
DEBUG_MSG("Checking if we have a previously saved SSL Certificate.\n");
|
||||||
|
|
||||||
size_t pkLen = prefs.getBytesLength("PK");
|
size_t pkLen = prefs.getBytesLength("PK");
|
||||||
size_t certLen = prefs.getBytesLength("cert");
|
size_t certLen = prefs.getBytesLength("cert");
|
||||||
|
|
||||||
DEBUG_MSG("Checking if we have a previously saved SSL Certificate.\n");
|
|
||||||
|
|
||||||
if (pkLen && certLen) {
|
if (pkLen && certLen) {
|
||||||
DEBUG_MSG("Existing SSL Certificate found!\n");
|
DEBUG_MSG("Existing SSL Certificate found!\n");
|
||||||
|
|
||||||
|
uint8_t *pkBuffer = new uint8_t[pkLen];
|
||||||
|
prefs.getBytes("PK", pkBuffer, pkLen);
|
||||||
|
|
||||||
|
uint8_t *certBuffer = new uint8_t[certLen];
|
||||||
|
prefs.getBytes("cert", certBuffer, certLen);
|
||||||
|
|
||||||
|
cert = new SSLCert(certBuffer, certLen, pkBuffer, pkLen);
|
||||||
|
|
||||||
|
DEBUG_MSG("Retrieved Private Key: %d Bytes\n", cert->getPKLength());
|
||||||
|
// DEBUG_MSG("Retrieved Private Key: " + String(cert->getPKLength()) + " Bytes");
|
||||||
|
// for (int i = 0; i < cert->getPKLength(); i++)
|
||||||
|
// Serial.print(cert->getPKData()[i], HEX);
|
||||||
|
// Serial.println();
|
||||||
|
|
||||||
|
DEBUG_MSG("Retrieved Certificate: %d Bytes\n", cert->getCertLength());
|
||||||
|
// for (int i = 0; i < cert->getCertLength(); i++)
|
||||||
|
// Serial.print(cert->getCertData()[i], HEX);
|
||||||
|
// Serial.println();
|
||||||
} else {
|
} else {
|
||||||
DEBUG_MSG("Creating the certificate. This may take a while. Please wait...\n");
|
DEBUG_MSG("Creating the certificate. This may take a while. Please wait...\n");
|
||||||
yield();
|
yield();
|
||||||
@ -133,16 +145,15 @@ void taskCreateCert(void *parameter)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
isCertReady = 1;
|
isCertReady = true;
|
||||||
|
|
||||||
|
// Must delete self, can't just fall out
|
||||||
vTaskDelete(NULL);
|
vTaskDelete(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
void createSSLCert()
|
void createSSLCert()
|
||||||
{
|
{
|
||||||
|
if (isWifiAvailable() && !isCertReady) {
|
||||||
if (isWifiAvailable() == 0) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create a new process just to handle creating the cert.
|
// Create a new process just to handle creating the cert.
|
||||||
// This is a workaround for Bug: https://github.com/fhessel/esp32_https_server/issues/48
|
// This is a workaround for Bug: https://github.com/fhessel/esp32_https_server/issues/48
|
||||||
@ -162,6 +173,7 @@ void createSSLCert()
|
|||||||
esp_task_wdt_reset();
|
esp_task_wdt_reset();
|
||||||
}
|
}
|
||||||
DEBUG_MSG("SSL Cert Ready!\n");
|
DEBUG_MSG("SSL Cert Ready!\n");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
WebServerThread *webServerThread;
|
WebServerThread *webServerThread;
|
||||||
@ -181,6 +193,8 @@ void initWebServer()
|
|||||||
{
|
{
|
||||||
DEBUG_MSG("Initializing Web Server ...\n");
|
DEBUG_MSG("Initializing Web Server ...\n");
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
// this seems to be a copypaste dup of taskCreateCert
|
||||||
prefs.begin("MeshtasticHTTPS", false);
|
prefs.begin("MeshtasticHTTPS", false);
|
||||||
|
|
||||||
size_t pkLen = prefs.getBytesLength("PK");
|
size_t pkLen = prefs.getBytesLength("PK");
|
||||||
@ -211,6 +225,7 @@ void initWebServer()
|
|||||||
} else {
|
} else {
|
||||||
DEBUG_MSG("Web Server started without SSL keys! How did this happen?\n");
|
DEBUG_MSG("Web Server started without SSL keys! How did this happen?\n");
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
// We can now use the new certificate to setup our server as usual.
|
// We can now use the new certificate to setup our server as usual.
|
||||||
secureServer = new HTTPSServer(cert);
|
secureServer = new HTTPSServer(cert);
|
||||||
@ -218,14 +233,16 @@ void initWebServer()
|
|||||||
|
|
||||||
registerHandlers(insecureServer, secureServer);
|
registerHandlers(insecureServer, secureServer);
|
||||||
|
|
||||||
DEBUG_MSG("Starting Web Servers...\n");
|
if(secureServer) {
|
||||||
|
DEBUG_MSG("Starting Secure Web Server...\n");
|
||||||
secureServer->start();
|
secureServer->start();
|
||||||
|
}
|
||||||
|
DEBUG_MSG("Starting Insecure Web Server...\n");
|
||||||
insecureServer->start();
|
insecureServer->start();
|
||||||
if (secureServer->isRunning() && insecureServer->isRunning()) {
|
if (insecureServer->isRunning()) {
|
||||||
DEBUG_MSG("HTTP and HTTPS Web Servers Ready! :-) \n");
|
DEBUG_MSG("Web Servers Ready! :-) \n");
|
||||||
isWebServerReady = 1;
|
isWebServerReady = true;
|
||||||
} else {
|
} else {
|
||||||
DEBUG_MSG("HTTP and HTTPS Web Servers Failed! ;-( \n");
|
DEBUG_MSG("Web Servers Failed! ;-( \n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -8,10 +8,6 @@
|
|||||||
void initWebServer();
|
void initWebServer();
|
||||||
void createSSLCert();
|
void createSSLCert();
|
||||||
|
|
||||||
|
|
||||||
void handleWebResponse();
|
|
||||||
|
|
||||||
|
|
||||||
class WebServerThread : private concurrency::OSThread
|
class WebServerThread : private concurrency::OSThread
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user