recalc ClientACL shared_secrets at startup

2026-01-25 01:32:44 +11:00
parent 6336bd5b72
commit 988287bfd7
5 changed files with 7 additions and 6 deletions
--- a/examples/simple_repeater/MyMesh.cpp
+++ b/examples/simple_repeater/MyMesh.cpp
@@ -808,7 +808,7 @@ void MyMesh::begin(FILESYSTEM *fs) {
  _fs = fs;
  // load persisted prefs
  _cli.loadPrefs(_fs);
-  acl.load(_fs);
+  acl.load(_fs, self_id);
  // TODO: key_store.begin();
  region_map.load(_fs);

--- a/examples/simple_room_server/MyMesh.cpp
+++ b/examples/simple_room_server/MyMesh.cpp
@@ -637,7 +637,7 @@ void MyMesh::begin(FILESYSTEM *fs) {
  // load persisted prefs
  _cli.loadPrefs(_fs);

-  acl.load(_fs);
+  acl.load(_fs, self_id);

  radio_set_params(_prefs.freq, _prefs.bw, _prefs.sf, _prefs.cr);
  radio_set_tx_power(_prefs.tx_power_dbm);
--- a/examples/simple_sensor/SensorMesh.cpp
+++ b/examples/simple_sensor/SensorMesh.cpp
@@ -736,7 +736,7 @@ void SensorMesh::begin(FILESYSTEM* fs) {
  // load persisted prefs
  _cli.loadPrefs(_fs);

-  acl.load(_fs);
+  acl.load(_fs, self_id);

  radio_set_params(_prefs.freq, _prefs.bw, _prefs.sf, _prefs.cr);
  radio_set_tx_power(_prefs.tx_power_dbm);
--- a/src/helpers/ClientACL.cpp
+++ b/src/helpers/ClientACL.cpp
@@ -11,7 +11,7 @@ static File openWrite(FILESYSTEM* _fs, const char* filename) {
  #endif
 }

-void ClientACL::load(FILESYSTEM* _fs) {
+void ClientACL::load(FILESYSTEM* fs, const mesh::LocalIdentity& self_id) {
  _fs = fs;
  num_clients = 0;
  if (_fs->exists("/s_contacts")) {
@@ -35,11 +35,12 @@ void ClientACL::load(FILESYSTEM* _fs) {
        success = success && (file.read(unused, 2) == 2);
        success = success && (file.read((uint8_t *)&c.out_path_len, 1) == 1);
        success = success && (file.read(c.out_path, 64) == 64);
-        success = success && (file.read(c.shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE);
+        success = success && (file.read(c.shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE); // will be recalculated below

        if (!success) break; // EOF

        c.id = mesh::Identity(pub_key);
+        self_id.calcSharedSecret(c.shared_secret, pub_key);  // recalculate shared secrets in case our private key changed
        if (num_clients < MAX_CLIENTS) {
          clients[num_clients++] = c;
        } else {
--- a/src/helpers/ClientACL.h
+++ b/src/helpers/ClientACL.h
@@ -45,7 +45,7 @@ public:
    memset(clients, 0, sizeof(clients));
    num_clients = 0;
  }
-  void load(FILESYSTEM* _fs);
+  void load(FILESYSTEM* _fs, const mesh::LocalIdentity& self_id);
  void save(FILESYSTEM* _fs, bool (*filter)(ClientInfo*)=NULL);
  bool clear();