thooge/OBPkp61
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Add salt and md5 firmware check to webserver

Browse Source
This commit is contained in:
Thomas Hooge
2026-03-06 09:25:41 +01:00
parent b55ce57ce9
commit 90d5261670
1 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/webserver.cpp
View File

@@ -10,10 +10,15 @@
#include "esp_rom_uart.h" // for uart wait idle #include "esp_rom_uart.h" // for uart wait idle
#include <Update.h> #include <Update.h>
// TODO
// - replace StaticJsonDocument by AsyncResponseStream
// - add lastseen to devices in devicelist
// Logging // Logging
static const char* TAG = "WEB"; static const char* TAG = "WEB";
AsyncWebServer server(80); AsyncWebServer server(80);
uint32_t apiToken = esp_random();
bool updateSuccess = false; bool updateSuccess = false;
String updateError = ""; String updateError = "";
@@ -120,7 +125,6 @@ void webserver_init() {
doc["instDesc2"] = config.getString("instDesc2"); doc["instDesc2"] = config.getString("instDesc2");
doc["logLevel"] = loglevel; doc["logLevel"] = loglevel;
doc["version"] = VERSION; doc["version"] = VERSION;
doc["salt"] = "secret";
doc["AdminPassword"] = "********"; doc["AdminPassword"] = "********";
doc["useAdminPass"] = config.getBool("useAdminPass") ? "true" : "false"; doc["useAdminPass"] = config.getBool("useAdminPass") ? "true" : "false";
doc["apEnable"] = config.getBool("apEnable") ? "true" : "false"; doc["apEnable"] = config.getBool("apEnable") ? "true" : "false";
@@ -220,6 +224,11 @@ void webserver_init() {
doc["n2kstate"] = NMEA2000.stateStr(driverState); doc["n2kstate"] = NMEA2000.stateStr(driverState);
doc["n2knode"] = NMEA2000.GetN2kSource(); doc["n2knode"] = NMEA2000.GetN2kSource();
// use timeBucket of 8s
char salt[9];
sprintf(salt, "%08X", apiToken + (millis()/1000UL & ~0x7UL));
doc["salt"] = salt;
doc["status"] = "OK"; doc["status"] = "OK";
String out; String out;
serializeJson(doc, out); serializeJson(doc, out);
@@ -297,6 +306,11 @@ void webserver_init() {
// this is the new image upload part // this is the new image upload part
if (index == 0) { if (index == 0) {
LOGI(TAG, "Retrieving firmware image named: %s", filename.c_str()); LOGI(TAG, "Retrieving firmware image named: %s", filename.c_str());
if (request->hasParam("md5", true)) {
String md5 = request->getParam("md5", true)->value();
LOGI(TAG, "MD5 hash: %s", md5.c_str());
Update.setMD5(md5.c_str());
}
if (! Update.begin(UPDATE_SIZE_UNKNOWN)) { if (! Update.begin(UPDATE_SIZE_UNKNOWN)) {
Update.printError(Serial); Update.printError(Serial);
updateError = "Update.begin() failed"; updateError = "Update.begin() failed";
@@ -337,8 +351,7 @@ void webserver_init() {
} }
// TODO last seen? // TODO last seen?
uint16_t mfcode = d->GetManufacturerCode(); uint16_t mfcode = d->GetManufacturerCode();
// TODO RAW-String! response->printf(R"DELIM({"source":%d,"name":"%s","manufcode":%d,"model":"%s","manufname":"%s"})DELIM",
response->printf("{\"source\":%d,\"name\":\"%s\",\"manufcode\":\"%d\",\"model\":\"%s\",\"manufname\":\"%s\"}",
i, hex_name, mfcode, d->GetModelID(), NMEA2000.GetManufacturerName(mfcode)); i, hex_name, mfcode, d->GetModelID(), NMEA2000.GetManufacturerName(mfcode));
} }
response->print("]"); response->print("]");