DG4MLK/MeshCore-Evo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* refactor: CommonCLI, processing of optional command prefix moved to handleCommand() call sites

Browse Source 
* Sensor, anon_req now just for admin login (guest password now unused)
* special CLI command, "setperm {pubkey-hex} {permissions-int16}" for admin(s) to manage user access (permissions 0 = remove)
This commit is contained in:
Scott Powell
2025-07-08 17:50:06 +10:00
parent ac834922de
commit 9cecbad2a7
6 changed files with 125 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
examples/simple_repeater/main.cpp
View File

@@ -500,12 +500,12 @@ protected:
} }
uint8_t temp[166]; uint8_t temp[166];
const char *command = (const char *) &data[5]; char *command = (char *) &data[5];
char *reply = (char *) &temp[5]; char *reply = (char *) &temp[5];
if (is_retry) { if (is_retry) {
*reply = 0; *reply = 0;
} else { } else {
_cli.handleCommand(sender_timestamp, command, reply); handleCommand(sender_timestamp, command, reply);
} }
int text_len = strlen(reply); int text_len = strlen(reply);
if (text_len > 0) { if (text_len > 0) {
@@ -581,8 +581,6 @@ public:
_prefs.interference_threshold = 0; // disabled _prefs.interference_threshold = 0; // disabled
} }
CommonCLI* getCLI() { return &_cli; }
void begin(FILESYSTEM* fs) { void begin(FILESYSTEM* fs) {
mesh::Mesh::begin(); mesh::Mesh::begin();
_fs = fs; _fs = fs;
@@ -706,6 +704,18 @@ public:
((SimpleMeshTables *)getTables())->resetStats(); ((SimpleMeshTables *)getTables())->resetStats();
} }
void handleCommand(uint32_t sender_timestamp, char* command, char* reply) {
while (*command == ' ') command++; // skip leading spaces
if (strlen(command) > 4 && command[2] == '|') { // optional prefix (for companion radio CLI)
memcpy(reply, command, 3); // reflect the prefix back
reply += 3;
command += 3;
}
_cli.handleCommand(sender_timestamp, command, reply); // common CLI commands
}
void loop() { void loop() {
mesh::Mesh::loop(); mesh::Mesh::loop();
@@ -817,7 +827,7 @@ void loop() {
if (len > 0 && command[len - 1] == '\r') { // received complete line if (len > 0 && command[len - 1] == '\r') { // received complete line
command[len - 1] = 0; // replace newline with C string null terminator command[len - 1] = 0; // replace newline with C string null terminator
char reply[160]; char reply[160];
the_mesh.getCLI()->handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial! the_mesh.handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial!
if (reply[0]) { if (reply[0]) {
Serial.print(" -> "); Serial.println(reply); Serial.print(" -> "); Serial.println(reply);
} }

18
examples/simple_room_server/main.cpp
View File

@@ -555,7 +555,7 @@ protected:
if (is_retry) { if (is_retry) {
temp[5] = 0; // no reply temp[5] = 0; // no reply
} else { } else {
_cli.handleCommand(sender_timestamp, (const char *) &data[5], (char *) &temp[5]); handleCommand(sender_timestamp, (char *) &data[5], (char *) &temp[5]);
temp[4] = (TXT_TYPE_CLI_DATA << 2); // attempt and flags, (NOTE: legacy was: TXT_TYPE_PLAIN) temp[4] = (TXT_TYPE_CLI_DATA << 2); // attempt and flags, (NOTE: legacy was: TXT_TYPE_PLAIN)
} }
send_ack = false; send_ack = false;
@@ -743,8 +743,6 @@ public:
_num_posted = _num_post_pushes = 0; _num_posted = _num_post_pushes = 0;
} }
CommonCLI* getCLI() { return &_cli; }
void begin(FILESYSTEM* fs) { void begin(FILESYSTEM* fs) {
mesh::Mesh::begin(); mesh::Mesh::begin();
_fs = fs; _fs = fs;
@@ -845,6 +843,18 @@ public:
((SimpleMeshTables *)getTables())->resetStats(); ((SimpleMeshTables *)getTables())->resetStats();
} }
void handleCommand(uint32_t sender_timestamp, char* command, char* reply) {
while (*command == ' ') command++; // skip leading spaces
if (strlen(command) > 4 && command[2] == '|') { // optional prefix (for companion radio CLI)
memcpy(reply, command, 3); // reflect the prefix back
reply += 3;
command += 3;
}
_cli.handleCommand(sender_timestamp, command, reply); // common CLI commands
}
void loop() { void loop() {
mesh::Mesh::loop(); mesh::Mesh::loop();
@@ -998,7 +1008,7 @@ void loop() {
if (len > 0 && command[len - 1] == '\r') { // received complete line if (len > 0 && command[len - 1] == '\r') { // received complete line
command[len - 1] = 0; // replace newline with C string null terminator command[len - 1] = 0; // replace newline with C string null terminator
char reply[160]; char reply[160];
the_mesh.getCLI()->handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial! the_mesh.handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial!
if (reply[0]) { if (reply[0]) {
Serial.print(" -> "); Serial.println(reply); Serial.print(" -> "); Serial.println(reply);
} }

150
examples/simple_sensor/SensorMesh.cpp
View File

@@ -92,12 +92,11 @@ void SensorMesh::loadContacts() {
while (!full) { while (!full) {
ContactInfo c; ContactInfo c;
uint8_t pub_key[32]; uint8_t pub_key[32];
uint8_t unused; uint8_t unused[5];
bool success = (file.read(pub_key, 32) == 32); bool success = (file.read(pub_key, 32) == 32);
success = success && (file.read(&c.type, 1) == 1); success = success && (file.read((uint8_t *) &c.permissions, 2) == 2);
success = success && (file.read(&c.flags, 1) == 1); success = success && (file.read(unused, 5) == 5);
success = success && (file.read(&unused, 1) == 1);
success = success && (file.read((uint8_t *)&c.out_path_len, 1) == 1); success = success && (file.read((uint8_t *)&c.out_path_len, 1) == 1);
success = success && (file.read(c.out_path, 64) == 64); success = success && (file.read(c.out_path, 64) == 64);
success = success && (file.read(c.shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE); success = success && (file.read(c.shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE);
@@ -121,16 +120,16 @@ void SensorMesh::loadContacts() {
void SensorMesh::saveContacts() { void SensorMesh::saveContacts() {
File file = openWrite(_fs, "/s_contacts"); File file = openWrite(_fs, "/s_contacts");
if (file) { if (file) {
uint8_t unused = 0; uint8_t unused[5];
memset(unused, 0, sizeof(unused));
for (int i = 0; i < num_contacts; i++) { for (int i = 0; i < num_contacts; i++) {
auto c = &contacts[i]; auto c = &contacts[i];
if (c->type == 0) continue; // don't persist guest contacts if (c->permissions == 0) continue; // skip deleted entries
bool success = (file.write(c->id.pub_key, 32) == 32); bool success = (file.write(c->id.pub_key, 32) == 32);
success = success && (file.write(&c->type, 1) == 1); success = success && (file.write((uint8_t *) &c->permissions, 2) == 2);
success = success && (file.write(&c->flags, 1) == 1); success = success && (file.write(unused, 5) == 5);
success = success && (file.write(&unused, 1) == 1);
success = success && (file.write((uint8_t *)&c->out_path_len, 1) == 1); success = success && (file.write((uint8_t *)&c->out_path_len, 1) == 1);
success = success && (file.write(c->out_path, 64) == 64); success = success && (file.write(c->out_path, 64) == 64);
success = success && (file.write(c->shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE); success = success && (file.write(c->shared_secret, PUB_KEY_SIZE) == PUB_KEY_SIZE);
@@ -141,36 +140,34 @@ void SensorMesh::saveContacts() {
} }
} }
uint8_t SensorMesh::handleRequest(bool is_admin, uint32_t sender_timestamp, uint8_t req_type, uint8_t* payload, size_t payload_len) { uint8_t SensorMesh::handleRequest(uint16_t perms, uint32_t sender_timestamp, uint8_t req_type, uint8_t* payload, size_t payload_len) {
memcpy(reply_data, &sender_timestamp, 4); // reflect sender_timestamp back in response packet (kind of like a 'tag') memcpy(reply_data, &sender_timestamp, 4); // reflect sender_timestamp back in response packet (kind of like a 'tag')
switch (req_type) { if (req_type == REQ_TYPE_GET_TELEMETRY_DATA && (perms & PERM_GET_TELEMETRY) != 0) {
case REQ_TYPE_GET_TELEMETRY_DATA: { telemetry.reset();
telemetry.reset(); telemetry.addVoltage(TELEM_CHANNEL_SELF, (float)board.getBattMilliVolts() / 1000.0f);
telemetry.addVoltage(TELEM_CHANNEL_SELF, (float)board.getBattMilliVolts() / 1000.0f); // query other sensors -- target specific
// query other sensors -- target specific sensors.querySensors(0xFF, telemetry); // allow all telemetry permissions for admin or guest
sensors.querySensors(0xFF, telemetry); // allow all telemetry permissions for admin or guest
uint8_t tlen = telemetry.getSize(); uint8_t tlen = telemetry.getSize();
memcpy(&reply_data[4], telemetry.getBuffer(), tlen); memcpy(&reply_data[4], telemetry.getBuffer(), tlen);
return 4 + tlen; // reply_len return 4 + tlen; // reply_len
} }
case REQ_TYPE_GET_AVG_MIN_MAX: { if (req_type == REQ_TYPE_GET_AVG_MIN_MAX && (perms & PERM_GET_MIN_MAX_AVG) != 0) {
uint32_t start_secs_ago, end_secs_ago; uint32_t start_secs_ago, end_secs_ago;
memcpy(&start_secs_ago, &payload[0], 4); memcpy(&start_secs_ago, &payload[0], 4);
memcpy(&end_secs_ago, &payload[4], 4); memcpy(&end_secs_ago, &payload[4], 4);
uint8_t res1 = payload[8]; // reserved for future (extra query params) uint8_t res1 = payload[8]; // reserved for future (extra query params)
uint8_t res2 = payload[8]; uint8_t res2 = payload[8];
MinMaxAvg data[8]; MinMaxAvg data[8];
int n; int n;
if (res1 == 0 && res2 == 0) { if (res1 == 0 && res2 == 0) {
n = querySeriesData(start_secs_ago, end_secs_ago, data, 8); n = querySeriesData(start_secs_ago, end_secs_ago, data, 8);
} else { } else {
n = 0; n = 0;
}
return 0; // TODO: encode data[0..n)
} }
return 0; // TODO: encode data[0..n)
} }
return 0; // unknown command return 0; // unknown command
} }
@@ -209,6 +206,18 @@ ContactInfo* SensorMesh::putContact(const mesh::Identity& id) {
return c; return c;
} }
void SensorMesh::applyContactPermissions(const uint8_t* pubkey, uint16_t perms) {
mesh::Identity id(pubkey);
auto c = putContact(id);
if (perms == 0) { // no permissions, remove from contacts
memset(c, 0, sizeof(*c));
} else {
c->permissions = perms; // update their permissions
}
dirty_contacts_expiry = futureMillis(LAZY_CONTACTS_WRITE_DELAY); // trigger saveContacts()
}
void SensorMesh::sendAlert(const char* text) { void SensorMesh::sendAlert(const char* text) {
int text_len = strlen(text); int text_len = strlen(text);
@@ -283,12 +292,7 @@ int SensorMesh::getAGCResetInterval() const {
} }
uint8_t SensorMesh::handleLoginReq(const mesh::Identity& sender, const uint8_t* secret, uint32_t sender_timestamp, const uint8_t* data) { uint8_t SensorMesh::handleLoginReq(const mesh::Identity& sender, const uint8_t* secret, uint32_t sender_timestamp, const uint8_t* data) {
bool is_admin; if (strcmp((char *) data, _prefs.password) != 0) { // check for valid password
if (strcmp((char *) data, _prefs.password) == 0) { // check for valid password
is_admin = true;
} else if (strcmp((char *) data, _prefs.guest_password) == 0) { // check guest password
is_admin = false;
} else {
#if MESH_DEBUG #if MESH_DEBUG
MESH_DEBUG_PRINTLN("Invalid password: %s", &data[4]); MESH_DEBUG_PRINTLN("Invalid password: %s", &data[4]);
#endif #endif
@@ -304,46 +308,61 @@ uint8_t SensorMesh::handleLoginReq(const mesh::Identity& sender, const uint8_t*
MESH_DEBUG_PRINTLN("Login success!"); MESH_DEBUG_PRINTLN("Login success!");
client->last_timestamp = sender_timestamp; client->last_timestamp = sender_timestamp;
client->last_activity = getRTCClock()->getCurrentTime(); client->last_activity = getRTCClock()->getCurrentTime();
client->type = is_admin ? 1 : 0; client->permissions = PERM_IS_ADMIN;
memcpy(client->shared_secret, secret, PUB_KEY_SIZE); memcpy(client->shared_secret, secret, PUB_KEY_SIZE);
if (is_admin) { dirty_contacts_expiry = futureMillis(LAZY_CONTACTS_WRITE_DELAY);
// only need to saveContacts() if this is an admin
dirty_contacts_expiry = futureMillis(LAZY_CONTACTS_WRITE_DELAY);
}
uint32_t now = getRTCClock()->getCurrentTimeUnique(); uint32_t now = getRTCClock()->getCurrentTimeUnique();
memcpy(reply_data, &now, 4); // response packets always prefixed with timestamp memcpy(reply_data, &now, 4); // response packets always prefixed with timestamp
reply_data[4] = RESP_SERVER_LOGIN_OK; reply_data[4] = RESP_SERVER_LOGIN_OK;
reply_data[5] = 0; // NEW: recommended keep-alive interval (secs / 16) reply_data[5] = 0; // NEW: recommended keep-alive interval (secs / 16)
reply_data[6] = client->type; reply_data[6] = 1; // 1 = is admin
reply_data[7] = 0; // FUTURE: reserved reply_data[7] = 0; // FUTURE: reserved
getRNG()->random(&reply_data[8], 4); // random blob to help packet-hash uniqueness getRNG()->random(&reply_data[8], 4); // random blob to help packet-hash uniqueness
return 12; // reply length return 12; // reply length
} }
void SensorMesh::handleCommand(uint32_t sender_timestamp, char* command, char* reply) {
while (*command == ' ') command++; // skip leading spaces
if (strlen(command) > 4 && command[2] == '|') { // optional prefix (for companion radio CLI)
memcpy(reply, command, 3); // reflect the prefix back
reply += 3;
command += 3;
}
// handle sensor-specific CLI commands
if (memcmp(command, "setperm ", 8) == 0) { // format: setperm {pubkey-hex} {permissions-int16}
char* hex = &command[8];
char* sp = strchr(hex, ' '); // look for separator char
if (sp == NULL || sp - hex != PUB_KEY_SIZE*2) {
strcpy(reply, "Err - bad pubkey len");
} else {
*sp++ = 0; // replace space with null terminator
uint8_t pubkey[PUB_KEY_SIZE];
if (mesh::Utils::fromHex(pubkey, PUB_KEY_SIZE, hex)) {
uint16_t perms = atoi(sp);
applyContactPermissions(pubkey, perms);
strcpy(reply, "OK");
} else {
strcpy(reply, "Err - bad pubkey");
}
}
} else {
_cli.handleCommand(sender_timestamp, command, reply); // common CLI commands
}
}
void SensorMesh::onAnonDataRecv(mesh::Packet* packet, const uint8_t* secret, const mesh::Identity& sender, uint8_t* data, size_t len) { void SensorMesh::onAnonDataRecv(mesh::Packet* packet, const uint8_t* secret, const mesh::Identity& sender, uint8_t* data, size_t len) {
if (packet->getPayloadType() == PAYLOAD_TYPE_ANON_REQ) { // received an initial request by a possible admin client (unknown at this stage) if (packet->getPayloadType() == PAYLOAD_TYPE_ANON_REQ) { // received an initial request by a possible admin client (unknown at this stage)
uint32_t timestamp; uint32_t timestamp;
memcpy(&timestamp, data, 4); memcpy(&timestamp, data, 4);
data[len] = 0; // ensure null terminator data[len] = 0; // ensure null terminator
uint8_t reply_len = handleLoginReq(sender, secret, timestamp, &data[4]);
uint8_t req_code;
uint8_t i = 4;
if (data[4] < 32) { // non-print char, is a request code
req_code = data[i++];
} else {
req_code = REQ_TYPE_LOGIN;
}
uint8_t reply_len;
if (req_code == REQ_TYPE_LOGIN) {
reply_len = handleLoginReq(sender, secret, timestamp, &data[i]);
} else {
reply_len = handleRequest(false, timestamp, req_code, &data[i], len - i);
}
if (reply_len == 0) return; // invalid request if (reply_len == 0) return; // invalid request
@@ -406,7 +425,7 @@ void SensorMesh::onPeerDataRecv(mesh::Packet* packet, uint8_t type, int sender_i
memcpy(&timestamp, data, 4); memcpy(&timestamp, data, 4);
if (timestamp > from.last_timestamp) { // prevent replay attacks if (timestamp > from.last_timestamp) { // prevent replay attacks
uint8_t reply_len = handleRequest(from.isAdmin(), timestamp, data[4], &data[5], len - 5); uint8_t reply_len = handleRequest(from.isAdmin() ? 0xFFFF : from.permissions, timestamp, data[4], &data[5], len - 5);
if (reply_len == 0) return; // invalid command if (reply_len == 0) return; // invalid command
from.last_timestamp = timestamp; from.last_timestamp = timestamp;
@@ -445,9 +464,9 @@ void SensorMesh::onPeerDataRecv(mesh::Packet* packet, uint8_t type, int sender_i
data[len] = 0; // need to make a C string again, with null terminator data[len] = 0; // need to make a C string again, with null terminator
uint8_t temp[166]; uint8_t temp[166];
const char *command = (const char *) &data[5]; char *command = (char *) &data[5];
char *reply = (char *) &temp[5]; char *reply = (char *) &temp[5];
_cli.handleCommand(sender_timestamp, command, reply); handleCommand(sender_timestamp, command, reply);
int text_len = strlen(reply); int text_len = strlen(reply);
if (text_len > 0) { if (text_len > 0) {
@@ -489,8 +508,9 @@ bool SensorMesh::onPeerPathRecv(mesh::Packet* packet, int sender_idx, const uint
memcpy(from.out_path, path, from.out_path_len = path_len); // store a copy of path, for sendDirect() memcpy(from.out_path, path, from.out_path_len = path_len); // store a copy of path, for sendDirect()
from.last_activity = getRTCClock()->getCurrentTime(); from.last_activity = getRTCClock()->getCurrentTime();
// REVISIT: maybe make ALL out_paths non-persisted to minimise flash writes??
if (from.isAdmin()) { if (from.isAdmin()) {
// only need to saveContacts() if this is an admin // only do saveContacts() (of this out_path change) if this is an admin
dirty_contacts_expiry = futureMillis(LAZY_CONTACTS_WRITE_DELAY); dirty_contacts_expiry = futureMillis(LAZY_CONTACTS_WRITE_DELAY);
} }

14
examples/simple_sensor/SensorMesh.h
View File

@@ -23,17 +23,20 @@
#include <RTClib.h> #include <RTClib.h>
#include <target.h> #include <target.h>
#define PERM_IS_ADMIN 0x8000
#define PERM_GET_TELEMETRY 0x0001
#define PERM_GET_MIN_MAX_AVG 0x0002
struct ContactInfo { struct ContactInfo {
mesh::Identity id; mesh::Identity id;
uint8_t type; // 1 = admin, 0 = guest uint16_t permissions;
uint8_t flags;
int8_t out_path_len; int8_t out_path_len;
uint8_t out_path[MAX_PATH_SIZE]; uint8_t out_path[MAX_PATH_SIZE];
uint8_t shared_secret[PUB_KEY_SIZE]; uint8_t shared_secret[PUB_KEY_SIZE];
uint32_t last_timestamp; // by THEIR clock (transient) uint32_t last_timestamp; // by THEIR clock (transient)
uint32_t last_activity; // by OUR clock (transient) uint32_t last_activity; // by OUR clock (transient)
bool isAdmin() const { return type != 0; } bool isAdmin() const { return (permissions & PERM_IS_ADMIN) != 0; }
}; };
#ifndef FIRMWARE_BUILD_DATE #ifndef FIRMWARE_BUILD_DATE
@@ -56,8 +59,8 @@ class SensorMesh : public mesh::Mesh, public CommonCLICallbacks {
public: public:
SensorMesh(mesh::MainBoard& board, mesh::Radio& radio, mesh::MillisecondClock& ms, mesh::RNG& rng, mesh::RTCClock& rtc, mesh::MeshTables& tables); SensorMesh(mesh::MainBoard& board, mesh::Radio& radio, mesh::MillisecondClock& ms, mesh::RNG& rng, mesh::RTCClock& rtc, mesh::MeshTables& tables);
void begin(FILESYSTEM* fs); void begin(FILESYSTEM* fs);
CommonCLI* getCLI() { return &_cli; }
void loop(); void loop();
void handleCommand(uint32_t sender_timestamp, char* command, char* reply);
// CommonCLI callbacks // CommonCLI callbacks
const char* getFirmwareVer() override { return FIRMWARE_VERSION; } const char* getFirmwareVer() override { return FIRMWARE_VERSION; }
@@ -128,9 +131,10 @@ private:
void loadContacts(); void loadContacts();
void saveContacts(); void saveContacts();
uint8_t handleLoginReq(const mesh::Identity& sender, const uint8_t* secret, uint32_t sender_timestamp, const uint8_t* data); uint8_t handleLoginReq(const mesh::Identity& sender, const uint8_t* secret, uint32_t sender_timestamp, const uint8_t* data);
uint8_t handleRequest(bool is_admin, uint32_t sender_timestamp, uint8_t req_type, uint8_t* payload, size_t payload_len); uint8_t handleRequest(uint16_t perms, uint32_t sender_timestamp, uint8_t req_type, uint8_t* payload, size_t payload_len);
mesh::Packet* createSelfAdvert(); mesh::Packet* createSelfAdvert();
ContactInfo* putContact(const mesh::Identity& id); ContactInfo* putContact(const mesh::Identity& id);
void applyContactPermissions(const uint8_t* pubkey, uint16_t perms);
void sendAlert(const char* text); void sendAlert(const char* text);

2
examples/simple_sensor/main.cpp
View File

@@ -122,7 +122,7 @@ void loop() {
if (len > 0 && command[len - 1] == '\r') { // received complete line if (len > 0 && command[len - 1] == '\r') { // received complete line
command[len - 1] = 0; // replace newline with C string null terminator command[len - 1] = 0; // replace newline with C string null terminator
char reply[160]; char reply[160];
the_mesh.getCLI()->handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial! the_mesh.handleCommand(0, command, reply); // NOTE: there is no sender_timestamp via serial!
if (reply[0]) { if (reply[0]) {
Serial.print(" -> "); Serial.println(reply); Serial.print(" -> "); Serial.println(reply);
} }

8
src/helpers/CommonCLI.cpp
View File

@@ -127,14 +127,6 @@ void CommonCLI::checkAdvertInterval() {
} }
void CommonCLI::handleCommand(uint32_t sender_timestamp, const char* command, char* reply) { void CommonCLI::handleCommand(uint32_t sender_timestamp, const char* command, char* reply) {
while (*command == ' ') command++; // skip leading spaces
if (strlen(command) > 4 && command[2] == '|') { // optional prefix (for companion radio CLI)
memcpy(reply, command, 3); // reflect the prefix back
reply += 3;
command += 3;
}
if (memcmp(command, "reboot", 6) == 0) { if (memcmp(command, "reboot", 6) == 0) {
_board->reboot(); // doesn't return _board->reboot(); // doesn't return
} else if (memcmp(command, "advert", 6) == 0) { } else if (memcmp(command, "advert", 6) == 0) {