Skip to content

Commit

Permalink
Small changes to MQTT auth
Browse files Browse the repository at this point in the history 
Changed mqttPort to uint16 type
Password no longer transmitted to settings page
Chnaged topics and identifiers to last 6 bytes of mac format
Added security warning
  • Loading branch information
@Aircoookie
Aircoookie committed Aug 18, 2019
1 parent c57124e commit 492ec48
Show file tree
Hide file tree
Showing 7 changed files with 35 additions and 30 deletions.
12 changes: 7 additions & 5 deletions wled00/html_settings.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,11 +252,13 @@ For best results, only use one of these services at a time.<br>
Device Auth token: <input name="BK" maxlength="33"><br>
<i>Clear the token field to disable. </i><a href="https://github.com/Aircoookie/WLED/wiki/Blynk" target="_blank">Setup info</a>
<h3>MQTT</h3>
Broker: <input name="MS" maxlength="32"><br>
Port: <input name="MQTTPORT" maxlength="5"><br>
Username: <input name="MQTTUSER" maxlength="40"><br>
Password: <input type="password" input name="MQTTPASS" maxlength="40"><br>
Client ID: <input name="MQTTCID" maxlength="40"><br>
Broker: <input name="MS" maxlength="32">
Port: <input name="MQPORT" type="number" min="1" max="65535" required><br>
<b>The MQTT credentials are sent over an unsecured connection.<br>
Never use the MQTT password for another service!</b><br>
Username: <input name="MQUSER" maxlength="40"><br>
Password: <input type="password" input name="MQPASS" maxlength="40"><br>
Client ID: <input name="MQCID" maxlength="40"><br>
Device Topic: <input name="MD" maxlength="32"><br>
Group Topic: <input name="MG" maxlength="32"><br>
<i>Reboot required to apply changes. </i><a href="https://github.com/Aircoookie/WLED/wiki/MQTT" target="_blank">MQTT info</a>
Expand Down
6 changes: 3 additions & 3 deletions wled00/wled00.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
*/
/*
* @title WLED project sketch
* @version 0.8.5-dev #mqttauth @TimothyBrown
* @version 0.8.5-dev
* @author Christian Schwinne
*/

Expand Down Expand Up @@ -98,7 +98,7 @@


//version code in format yymmddb (b = daily build)
#define VERSION 190817
#define VERSION 1908181
char versionString[] = "0.8.5-dev";


Expand Down Expand Up @@ -207,7 +207,7 @@ char mqttServer[33] = ""; //both domains and IPs should work
char mqttUser[41] = ""; //optional: username for MQTT auth
char mqttPass[41] = ""; //optional: password for MQTT auth
char mqttClientID[41] = ""; //override the client ID
char mqttPort[6] = "";
uint16_t mqttPort = 1883;

bool huePollingEnabled = false; //poll hue bridge for light state
uint16_t huePollIntervalMs = 2500; //low values (< 1sec) may cause lag but offer quicker response
Expand Down
5 changes: 3 additions & 2 deletions wled00/wled01_eeprom.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,7 +260,8 @@ void saveSettingsToEEPROM()
writeStringToEEPROM(2399, mqttUser, 40);
writeStringToEEPROM(2440, mqttPass, 40);
writeStringToEEPROM(2481, mqttClientID, 40);
writeStringToEEPROM(2522, mqttPort, 5);
EEPROM.write(2522, mqttPort & 0xFF);
EEPROM.write(2523, (mqttPort >> 8) & 0xFF);

EEPROM.commit();
}
Expand Down Expand Up @@ -481,7 +482,7 @@ void loadSettingsFromEEPROM(bool first)
readStringFromEEPROM(2399, mqttUser, 40);
readStringFromEEPROM(2440, mqttPass, 40);
readStringFromEEPROM(2481, mqttClientID, 40);
readStringFromEEPROM(2522, mqttPort, 5);
mqttPort = EEPROM.read(2522) + ((EEPROM.read(2523) << 8) & 0xFF00);
}

receiveDirect = !EEPROM.read(2200);
Expand Down
13 changes: 9 additions & 4 deletions wled00/wled02_xml.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -308,10 +308,15 @@ void getSettingsJS(byte subPage, char* dest)
sappend('c',"SA",notifyAlexa);
sappends('s',"BK",(char*)((blynkEnabled)?"Hidden":""));
sappends('s',"MS",mqttServer);
sappends('s',"MQTTPORT",mqttPort);
sappends('s',"MQTTUSER",mqttUser);
sappends('s',"MQTTPASS",mqttPass);
sappends('s',"MQTTCID",mqttClientID);
sappend('v',"MQPORT",mqttPort);
sappends('s',"MQUSER",mqttUser);
sappends('s',"MQPASS",mqttPass);
byte l = strlen(mqttPass);
char fpass[l+1]; //fill password field with ***
fpass[l] = 0;
memset(fpass,'*',l);
sappends('s',"MQPASS",fpass);
sappends('s',"MQCID",mqttClientID);
sappends('s',"MD",mqttDeviceTopic);
sappends('s',"MG",mqttGroupTopic);
sappend('v',"H0",hueIP[0]);
Expand Down
9 changes: 5 additions & 4 deletions wled00/wled03_set.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,10 +177,11 @@ void handleSettingsSet(AsyncWebServerRequest *request, byte subPage)
}

strcpy(mqttServer, request->arg("MS").c_str());
strcpy(mqttPort, request->arg("MQTTPORT").c_str());
strcpy(mqttUser, request->arg("MQTTUSER").c_str());
strcpy(mqttPass, request->arg("MQTTPASS").c_str());
strcpy(mqttClientID, request->arg("MQTTCID").c_str());
t = request->arg("MQPORT").toInt();
if (t > 0) mqttPort = t;
strcpy(mqttUser, request->arg("MQUSER").c_str());
if (request->arg("MQPASS").charAt(0) != '*') strcpy(mqttPass, request->arg("MQPASS").c_str());
strcpy(mqttClientID, request->arg("MQCID").c_str());
strcpy(mqttDeviceTopic, request->arg("MD").c_str());
strcpy(mqttGroupTopic, request->arg("MG").c_str());

Expand Down
12 changes: 4 additions & 8 deletions wled00/wled05_init.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,31 +69,27 @@ void wledInit()
//start captive portal if AP active
if (onlyAP || strlen(apSSID) > 0)
{
dnsServer.setErrorReplyCode(DNSReplyCode::ServerFailure);
dnsServer.start(53, "wled.me", WiFi.softAPIP());
dnsServer.setErrorReplyCode(DNSReplyCode::NoError);
dnsServer.start(53, "*", WiFi.softAPIP());
dnsActive = true;
}

prepareIds(); //UUID from MAC (for Alexa and MQTT)
if (strcmp(cmDNS,"x") == 0) //fill in unique mdns default
{
strcpy(cmDNS, "wled-");
strcat(cmDNS, escapedMac.c_str());
sprintf(cmDNS+5, "%*s", 6, escapedMac.c_str()+6);
}
if (mqttDeviceTopic[0] == 0)
{
strcpy(mqttDeviceTopic, "wled/");
strcat(mqttDeviceTopic, escapedMac.c_str());
sprintf(mqttDeviceTopic+5, "%*s", 6, escapedMac.c_str()+6);
}
if (mqttClientID[0] == 0)
{
strcpy(mqttClientID, "WLED-");
sprintf(mqttClientID+5, "%*s", 6, escapedMac.c_str()+6);
}
if (mqttPort[0] == 0)
{
strcpy(mqttPort, "1883");
}

strip.service();

Expand Down
8 changes: 4 additions & 4 deletions wled00/wled17_mqtt.ino
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,13 @@ void onMqttConnect(bool sessionPresent)

sendHADiscoveryMQTT();
publishMqtt();
DEBUG_PRINTLN("MQTT ready");
DEBUG_PRINTLN("MQ ready");
}


void onMqttMessage(char* topic, char* payload, AsyncMqttClientMessageProperties properties, size_t len, size_t index, size_t total) {

DEBUG_PRINT("MQTT callb rec: ");
DEBUG_PRINT("MQ callb rec: ");
DEBUG_PRINTLN(topic);
DEBUG_PRINTLN(payload);

Expand Down Expand Up @@ -223,9 +223,9 @@ bool initMqtt()
IPAddress mqttIP;
if (mqttIP.fromString(mqttServer)) //see if server is IP or domain
{
mqtt->setServer(mqttIP, atoi(mqttPort));
mqtt->setServer(mqttIP, mqttPort);
} else {
mqtt->setServer(mqttServer, atoi(mqttPort));
mqtt->setServer(mqttServer, mqttPort);
}
mqtt->setClientId(mqttClientID);
if (mqttUser[0] && mqttPass[0] != 0) mqtt->setCredentials(mqttUser, mqttPass);
Expand Down

0 comments on commit 492ec48

Please sign in to comment.