From c6d8b63e54b93bdafa0a10ae0d648d8de820e4dd Mon Sep 17 00:00:00 2001 From: Timothy Brown Date: Sat, 17 Aug 2019 06:27:06 -0400 Subject: [PATCH 1/4] Added MQTT authentication support --- platformio.ini | 5 +- wled00/data/settings_sync.htm | Bin 11132 -> 11330 bytes wled00/html_settings.h | 7 +- wled00/wled00.ino | 25 +++---- wled00/wled01_eeprom.ino | 95 ++++++++++++++------------ wled00/wled02_xml.ino | 33 +++++----- wled00/wled03_set.ino | 121 +++++++++++++++++----------------- wled00/wled05_init.ino | 21 +++--- wled00/wled17_mqtt.ino | 20 +++--- 9 files changed, 178 insertions(+), 149 deletions(-) diff --git a/platformio.ini b/platformio.ini index 5402f5315..009f71dc6 100644 --- a/platformio.ini +++ b/platformio.ini @@ -57,7 +57,7 @@ arduino_core_2_4_1 = espressif8266@1.7.3 arduino_core_2_4_2 = espressif8266@1.8.0 arduino_core_2_5_0 = espressif8266@2.0.4 arduino_core_stage = https://github.com/platformio/platform-espressif8266.git#feature/stage -platform = ${common:esp8266.arduino_core_2_4_2} +platform = ${common:esp8266.arduino_core_2_5_0} build_flags = -D PIO_FRAMEWORK_ARDUINO_LWIP2_HIGHER_BANDWIDTH -Wl,-Teagle.flash.4m1m.ld ;;;; Required for core > v2.5.0 or staging version 4MB Flash 3MB SPIFFs @@ -159,5 +159,4 @@ build_flags = lib_deps = ${common.lib_deps_external} lib_ignore = - IRremoteESP8266 - \ No newline at end of file + IRremoteESP8266 \ No newline at end of file diff --git a/wled00/data/settings_sync.htm b/wled00/data/settings_sync.htm index 63a1fd4be9b430a00d41d1cf1468080f67e14462..a06f9538642f0c97c76edb7373f4eb7704252328 100644 GIT binary patch delta 212 zcmewpb|`}F{r>8w`kegVM zlbV-al3}Z4Y@}polT>8K#lXqH8IV|9T%KQ)0@qklSpd{n02NkJKsPSHF*q2*I9s@R g&N-Q>c_j*-E^q@8E^+pB!O#iPxcPzH93Dn40N64|SO5S3 delta 20 ccmX>U@h6Pw|G$lFkL4!6mf_#LQ@(=-0CUy}>;M1& diff --git a/wled00/html_settings.h b/wled00/html_settings.h index b05d2f478..e7c0d3491 100644 --- a/wled00/html_settings.h +++ b/wled00/html_settings.h @@ -1,7 +1,7 @@ /* * Settings html */ - + //common CSS of settings pages const char PAGE_settingsCss[] PROGMEM = R"=====(body{font-family:var(--cFn),sans-serif;text-align:center;background:var(--cCol);color:var(--tCol);line-height:200%%;margin:0;background-attachment:fixed}hr{border-color:var(--dCol);filter:drop-shadow(-5px -5px 5px var(--sCol))}button{background:var(--bCol);color:var(--tCol);font-family:var(--cFn),sans-serif;border:.3ch solid var(--bCol);display:inline-block;filter:drop-shadow(-5px -5px 5px var(--sCol));font-size:20px;margin:8px;margin-top:12px}.helpB{text-align:left;position:absolute;width:60px}input{background:var(--bCol);color:var(--tCol);font-family:var(--cFn),sans-serif;border:.5ch solid var(--bCol);filter:drop-shadow(-5px -5px 5px var(--sCol))}input[type=number]{width:4em}select{background:var(--bCol);color:var(--tCol);font-family:var(--cFn),sans-serif;border:0.5ch solid var(--bCol);filter:drop-shadow( -5px -5px 5px var(--sCol) );}td{padding:2px;})====="; @@ -253,6 +253,9 @@ Device Auth token:
Clear the token field to disable. Setup info

MQTT

Broker:
+Username:
+Password:
+Client ID:
Device Topic:
Group Topic:
Reboot required to apply changes. MQTT info @@ -289,7 +292,7 @@ function Wd(){a=[0,0,0,0,0,0,0,0];for(i=0;i<8;i++){m=1;for(j=0;j<8;j++){a[i]+=gI

Time setup

Get time from NTP server:
Use 24h format:
-Time zone: +Time zone:
Clear the token field to disable. Setup info

MQTT

Broker:
-Username:
-Password:
-Client ID:
+Port:
+Username:
+Password:
+Client ID:
Device Topic:
Group Topic:
Reboot required to apply changes. MQTT info diff --git a/wled00/wled00.ino b/wled00/wled00.ino index 276072360..a87e32249 100644 --- a/wled00/wled00.ino +++ b/wled00/wled00.ino @@ -98,7 +98,7 @@ //version code in format yymmddb (b = daily build) -#define VERSION 1906201 +#define VERSION 190817 char versionString[] = "0.8.5-dev"; @@ -204,9 +204,10 @@ bool e131Multicast = false; char mqttDeviceTopic[33] = ""; //main MQTT topic (individual per device, default is wled/mac) char mqttGroupTopic[33] = "wled/all"; //second MQTT topic (for example to group devices) char mqttServer[33] = ""; //both domains and IPs should work (no SSL) -char mqttUser[33] = ""; //optional: username for MQTT auth -char mqttPass[33] = ""; //optional: password for MQTT auth -char mqttClientID[33] = ""; //override the client ID +char mqttUser[41] = ""; //optional: username for MQTT auth +char mqttPass[41] = ""; //optional: password for MQTT auth +char mqttClientID[41] = ""; //override the client ID +char mqttPort[6] = ""; bool huePollingEnabled = false; //poll hue bridge for light state uint16_t huePollIntervalMs = 2500; //low values (< 1sec) may cause lag but offer quicker response diff --git a/wled00/wled01_eeprom.ino b/wled00/wled01_eeprom.ino index faaf3a538..d3787b3a5 100644 --- a/wled00/wled01_eeprom.ino +++ b/wled00/wled01_eeprom.ino @@ -257,9 +257,10 @@ void saveSettingsToEEPROM() writeStringToEEPROM(2300, mqttServer, 32); writeStringToEEPROM(2333, mqttDeviceTopic, 32); writeStringToEEPROM(2366, mqttGroupTopic, 32); - writeStringToEEPROM(2399, mqttUser, 32); - writeStringToEEPROM(2432, mqttPass, 32); - writeStringToEEPROM(2465, mqttClientID, 32); + writeStringToEEPROM(2399, mqttUser, 40); + writeStringToEEPROM(2440, mqttPass, 40); + writeStringToEEPROM(2481, mqttClientID, 40); + writeStringToEEPROM(2522, mqttPort, 5); EEPROM.commit(); } @@ -477,9 +478,10 @@ void loadSettingsFromEEPROM(bool first) if (lastEEPROMversion > 10) { - readStringFromEEPROM(2399, mqttUser, 32); - readStringFromEEPROM(2432, mqttPass, 32); - readStringFromEEPROM(2465, mqttClientID, 32); + readStringFromEEPROM(2399, mqttUser, 40); + readStringFromEEPROM(2440, mqttPass, 40); + readStringFromEEPROM(2481, mqttClientID, 40); + readStringFromEEPROM(2522, mqttPort, 5); } receiveDirect = !EEPROM.read(2200); diff --git a/wled00/wled02_xml.ino b/wled00/wled02_xml.ino index 4b4bc4970..5e465aeb7 100644 --- a/wled00/wled02_xml.ino +++ b/wled00/wled02_xml.ino @@ -308,6 +308,7 @@ void getSettingsJS(byte subPage, char* dest) sappend('c',"SA",notifyAlexa); sappends('s',"BK",(char*)((blynkEnabled)?"Hidden":"")); sappends('s',"MS",mqttServer); + sappends('s',"MQTTPORT",mqttPort); sappends('s',"MQTTUSER",mqttUser); sappends('s',"MQTTPASS",mqttPass); sappends('s',"MQTTCID",mqttClientID); diff --git a/wled00/wled03_set.ino b/wled00/wled03_set.ino index a45d6a563..28b76fb00 100644 --- a/wled00/wled03_set.ino +++ b/wled00/wled03_set.ino @@ -177,6 +177,7 @@ void handleSettingsSet(AsyncWebServerRequest *request, byte subPage) } strcpy(mqttServer, request->arg("MS").c_str()); + strcpy(mqttPort, request->arg("MQTTPORT").c_str()); strcpy(mqttUser, request->arg("MQTTUSER").c_str()); strcpy(mqttPass, request->arg("MQTTPASS").c_str()); strcpy(mqttClientID, request->arg("MQTTCID").c_str()); diff --git a/wled00/wled05_init.ino b/wled00/wled05_init.ino index ea383851f..b414de1e3 100644 --- a/wled00/wled05_init.ino +++ b/wled00/wled05_init.ino @@ -90,6 +90,10 @@ void wledInit() strcpy(mqttClientID, "WLED-"); sprintf(mqttClientID+5, "%*s", 6, escapedMac.c_str()+6); } + if (mqttPort[0] == 0) + { + strcpy(mqttPort, "1883"); + } strip.service(); diff --git a/wled00/wled17_mqtt.ino b/wled00/wled17_mqtt.ino index 795d62723..8350ee843 100644 --- a/wled00/wled17_mqtt.ino +++ b/wled00/wled17_mqtt.ino @@ -2,7 +2,7 @@ * MQTT communication protocol for home automation */ -#define WLED_MQTT_PORT 1883 +//#define WLED_MQTT_PORT 1883 void parseMQTTBriPayload(char* payload) { @@ -223,9 +223,9 @@ bool initMqtt() IPAddress mqttIP; if (mqttIP.fromString(mqttServer)) //see if server is IP or domain { - mqtt->setServer(mqttIP, WLED_MQTT_PORT); + mqtt->setServer(mqttIP, atoi(mqttPort)); } else { - mqtt->setServer(mqttServer, WLED_MQTT_PORT); + mqtt->setServer(mqttServer, atoi(mqttPort)); } mqtt->setClientId(mqttClientID); if (mqttUser[0] && mqttPass[0] != 0) mqtt->setCredentials(mqttUser, mqttPass); From 492ec489a1c82e1a92bd6a46a50dace1d8e0dc0f Mon Sep 17 00:00:00 2001 From: cschwinne Date: Sun, 18 Aug 2019 18:14:17 +0200 Subject: [PATCH 4/4] Small changes to MQTT auth Changed mqttPort to uint16 type Password no longer transmitted to settings page Chnaged topics and identifiers to last 6 bytes of mac format Added security warning --- wled00/html_settings.h | 12 +++++++----- wled00/wled00.ino | 6 +++--- wled00/wled01_eeprom.ino | 5 +++-- wled00/wled02_xml.ino | 13 +++++++++---- wled00/wled03_set.ino | 9 +++++---- wled00/wled05_init.ino | 12 ++++-------- wled00/wled17_mqtt.ino | 8 ++++---- 7 files changed, 35 insertions(+), 30 deletions(-) diff --git a/wled00/html_settings.h b/wled00/html_settings.h index 3fa1dd59e..52b5c3315 100644 --- a/wled00/html_settings.h +++ b/wled00/html_settings.h @@ -252,11 +252,13 @@ For best results, only use one of these services at a time.
Device Auth token:
Clear the token field to disable. Setup info

MQTT

-Broker:
-Port:
-Username:
-Password:
-Client ID:
+Broker: +Port:
+The MQTT credentials are sent over an unsecured connection.
+Never use the MQTT password for another service!
+Username:
+Password:
+Client ID:
Device Topic:
Group Topic:
Reboot required to apply changes. MQTT info diff --git a/wled00/wled00.ino b/wled00/wled00.ino index a87e32249..7cc25eaa8 100644 --- a/wled00/wled00.ino +++ b/wled00/wled00.ino @@ -3,7 +3,7 @@ */ /* * @title WLED project sketch - * @version 0.8.5-dev #mqttauth @TimothyBrown + * @version 0.8.5-dev * @author Christian Schwinne */ @@ -98,7 +98,7 @@ //version code in format yymmddb (b = daily build) -#define VERSION 190817 +#define VERSION 1908181 char versionString[] = "0.8.5-dev"; @@ -207,7 +207,7 @@ char mqttServer[33] = ""; //both domains and IPs should work char mqttUser[41] = ""; //optional: username for MQTT auth char mqttPass[41] = ""; //optional: password for MQTT auth char mqttClientID[41] = ""; //override the client ID -char mqttPort[6] = ""; +uint16_t mqttPort = 1883; bool huePollingEnabled = false; //poll hue bridge for light state uint16_t huePollIntervalMs = 2500; //low values (< 1sec) may cause lag but offer quicker response diff --git a/wled00/wled01_eeprom.ino b/wled00/wled01_eeprom.ino index d3787b3a5..8b57a060e 100644 --- a/wled00/wled01_eeprom.ino +++ b/wled00/wled01_eeprom.ino @@ -260,7 +260,8 @@ void saveSettingsToEEPROM() writeStringToEEPROM(2399, mqttUser, 40); writeStringToEEPROM(2440, mqttPass, 40); writeStringToEEPROM(2481, mqttClientID, 40); - writeStringToEEPROM(2522, mqttPort, 5); + EEPROM.write(2522, mqttPort & 0xFF); + EEPROM.write(2523, (mqttPort >> 8) & 0xFF); EEPROM.commit(); } @@ -481,7 +482,7 @@ void loadSettingsFromEEPROM(bool first) readStringFromEEPROM(2399, mqttUser, 40); readStringFromEEPROM(2440, mqttPass, 40); readStringFromEEPROM(2481, mqttClientID, 40); - readStringFromEEPROM(2522, mqttPort, 5); + mqttPort = EEPROM.read(2522) + ((EEPROM.read(2523) << 8) & 0xFF00); } receiveDirect = !EEPROM.read(2200); diff --git a/wled00/wled02_xml.ino b/wled00/wled02_xml.ino index 5e465aeb7..cff0ddd46 100644 --- a/wled00/wled02_xml.ino +++ b/wled00/wled02_xml.ino @@ -308,10 +308,15 @@ void getSettingsJS(byte subPage, char* dest) sappend('c',"SA",notifyAlexa); sappends('s',"BK",(char*)((blynkEnabled)?"Hidden":"")); sappends('s',"MS",mqttServer); - sappends('s',"MQTTPORT",mqttPort); - sappends('s',"MQTTUSER",mqttUser); - sappends('s',"MQTTPASS",mqttPass); - sappends('s',"MQTTCID",mqttClientID); + sappend('v',"MQPORT",mqttPort); + sappends('s',"MQUSER",mqttUser); + sappends('s',"MQPASS",mqttPass); + byte l = strlen(mqttPass); + char fpass[l+1]; //fill password field with *** + fpass[l] = 0; + memset(fpass,'*',l); + sappends('s',"MQPASS",fpass); + sappends('s',"MQCID",mqttClientID); sappends('s',"MD",mqttDeviceTopic); sappends('s',"MG",mqttGroupTopic); sappend('v',"H0",hueIP[0]); diff --git a/wled00/wled03_set.ino b/wled00/wled03_set.ino index 28b76fb00..c1a51bd49 100644 --- a/wled00/wled03_set.ino +++ b/wled00/wled03_set.ino @@ -177,10 +177,11 @@ void handleSettingsSet(AsyncWebServerRequest *request, byte subPage) } strcpy(mqttServer, request->arg("MS").c_str()); - strcpy(mqttPort, request->arg("MQTTPORT").c_str()); - strcpy(mqttUser, request->arg("MQTTUSER").c_str()); - strcpy(mqttPass, request->arg("MQTTPASS").c_str()); - strcpy(mqttClientID, request->arg("MQTTCID").c_str()); + t = request->arg("MQPORT").toInt(); + if (t > 0) mqttPort = t; + strcpy(mqttUser, request->arg("MQUSER").c_str()); + if (request->arg("MQPASS").charAt(0) != '*') strcpy(mqttPass, request->arg("MQPASS").c_str()); + strcpy(mqttClientID, request->arg("MQCID").c_str()); strcpy(mqttDeviceTopic, request->arg("MD").c_str()); strcpy(mqttGroupTopic, request->arg("MG").c_str()); diff --git a/wled00/wled05_init.ino b/wled00/wled05_init.ino index b414de1e3..88d1904fa 100644 --- a/wled00/wled05_init.ino +++ b/wled00/wled05_init.ino @@ -69,8 +69,8 @@ void wledInit() //start captive portal if AP active if (onlyAP || strlen(apSSID) > 0) { - dnsServer.setErrorReplyCode(DNSReplyCode::ServerFailure); - dnsServer.start(53, "wled.me", WiFi.softAPIP()); + dnsServer.setErrorReplyCode(DNSReplyCode::NoError); + dnsServer.start(53, "*", WiFi.softAPIP()); dnsActive = true; } @@ -78,22 +78,18 @@ void wledInit() if (strcmp(cmDNS,"x") == 0) //fill in unique mdns default { strcpy(cmDNS, "wled-"); - strcat(cmDNS, escapedMac.c_str()); + sprintf(cmDNS+5, "%*s", 6, escapedMac.c_str()+6); } if (mqttDeviceTopic[0] == 0) { strcpy(mqttDeviceTopic, "wled/"); - strcat(mqttDeviceTopic, escapedMac.c_str()); + sprintf(mqttDeviceTopic+5, "%*s", 6, escapedMac.c_str()+6); } if (mqttClientID[0] == 0) { strcpy(mqttClientID, "WLED-"); sprintf(mqttClientID+5, "%*s", 6, escapedMac.c_str()+6); } - if (mqttPort[0] == 0) - { - strcpy(mqttPort, "1883"); - } strip.service(); diff --git a/wled00/wled17_mqtt.ino b/wled00/wled17_mqtt.ino index 8350ee843..c70048868 100644 --- a/wled00/wled17_mqtt.ino +++ b/wled00/wled17_mqtt.ino @@ -47,13 +47,13 @@ void onMqttConnect(bool sessionPresent) sendHADiscoveryMQTT(); publishMqtt(); - DEBUG_PRINTLN("MQTT ready"); + DEBUG_PRINTLN("MQ ready"); } void onMqttMessage(char* topic, char* payload, AsyncMqttClientMessageProperties properties, size_t len, size_t index, size_t total) { - DEBUG_PRINT("MQTT callb rec: "); + DEBUG_PRINT("MQ callb rec: "); DEBUG_PRINTLN(topic); DEBUG_PRINTLN(payload); @@ -223,9 +223,9 @@ bool initMqtt() IPAddress mqttIP; if (mqttIP.fromString(mqttServer)) //see if server is IP or domain { - mqtt->setServer(mqttIP, atoi(mqttPort)); + mqtt->setServer(mqttIP, mqttPort); } else { - mqtt->setServer(mqttServer, atoi(mqttPort)); + mqtt->setServer(mqttServer, mqttPort); } mqtt->setClientId(mqttClientID); if (mqttUser[0] && mqttPass[0] != 0) mqtt->setCredentials(mqttUser, mqttPass);