Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 05:00
    laercionit edited #6907
  • 04:54
    laercionit opened #6907
  • 03:27
    Tech-TX synchronize #6898
  • 02:34
    devyte closed #6906
  • 01:13
    Gaus12 opened #6906
  • Dec 12 20:44
  • Dec 12 20:18
    dok-net synchronize #6804
  • Dec 12 19:55
    dok-net synchronize #6047
  • Dec 12 19:51
    dok-net synchronize #6902
  • Dec 12 19:50
    dok-net synchronize #6782
  • Dec 12 19:47
    dok-net synchronize #6857
  • Dec 12 17:56
    devyte labeled #6898
  • Dec 12 17:56
    devyte labeled #6898
  • Dec 12 17:56
    devyte milestoned #6898
  • Dec 12 17:53
    devyte synchronize #6898
  • Dec 12 17:53
    devyte closed #6894
  • Dec 12 17:52

    devyte on master

    fix for #6904: NodeMCU v1.0 boa… (compare)

  • Dec 12 17:51
    devyte closed #6904
  • Dec 12 17:51
    devyte closed #6905
  • Dec 12 17:51
    devyte edited #6905
Me No Dev
@me-no-dev
yeah, but... in case where AP is off and STA is in the same subnet as AP it will false positive
best to check against STA IP
Mehrdad K
@mkeyno
thanks dear @me-no-dev and sorry @hagai-shatz for crossing , but who has the client.IP registration? is there another choose between localIP() & remoteIP() , I want to catch the authorize IP to process it's command
Me No Dev
@me-no-dev
client ip registration?
Mehrdad K
@mkeyno
IP of connected Client
Me No Dev
@me-no-dev
server.client().remoteIP() is it's remote IP
localIP is the IP that the client connected to
Ivan Grokhotkov
@igrr
i think @mkeyno wants to get the IP of the client
so its server.client().remoteIP()
Mehrdad K
@mkeyno
thanks Ivan , yes , but I want to sure that, my way to check authorized IP with server.client().remoteIP() is correct
Ivan Grokhotkov
@igrr
what's "authorized IP"?
Me No Dev
@me-no-dev
and what is your way of checking it?
Mehrdad K
@mkeyno
authorized client , I want check authentication with client's IP
Ivan Grokhotkov
@igrr
lol, how much security that adds I wonder?
Mehrdad K
@mkeyno
compare it with pre save IP's
Ivan Grokhotkov
@igrr
basically, as an attacker, i can set myself any static IP
and then cycle through all subnet IPs until i find one which is authorized
Me No Dev
@me-no-dev
if you are in the subnet
Mehrdad K
@mkeyno
wow!!!?? such dumb I am, so what should I do Ivan
Me No Dev
@me-no-dev
there is authorization in the server
Ivan Grokhotkov
@igrr
yeah, at least use the basic-security thing in the web server, although it won't stand against wireshark.
Mehrdad K
@mkeyno
this is only for users intend to open the webpage from SPIFF
but what if two machine intend to talk each other in pre set secure line
Me No Dev
@me-no-dev
http talk?
Ivan Grokhotkov
@igrr
since we don't have HTTPS in webserver (yet...), your best bet would be to use something like DIGEST-MD5
Me No Dev
@me-no-dev
@igrr I think we can bring real digest md5 to the server for auth
Mehrdad K
@mkeyno
My Sensor ESP module send data to my ESP actuator module , so I must be sure someone else don't send unauthorized action to the actuator module
I can set ip address of sensor module in my actuator module , but as you say it is totally leak
Ivan Grokhotkov
@igrr
quick fix: use MQTT. add an MQTT broker to the system, make sensors and actuators connect to the MQTT broker with TLS and client certificate authentication, and that's going to be pretty secure
Mehrdad K
@mkeyno
wow Ivan your offer is quit lot of time for me
Ivan Grokhotkov
@igrr
another way: authenticate the command from sensor to actuator with HMAC-MD5
Mehrdad K
@mkeyno
what is the HMAC0-MD5?
do you have any example of that
Ivan Grokhotkov
@igrr
it's a hash message authentication code based on MD5
Mehrdad K
@mkeyno
ok , thanks you guys , sorry for this interrupt , please continue to your professional discussion
Hagai Shatz
@hagai-shatz
We are all professionals @mkeyno , you are one of us now! ;-)
Mehrdad K
@mkeyno
no , I'm novice walking in the Gods presence
Hagai Shatz
@hagai-shatz

From RFC6266 section 4.2:

On the other hand, if it matches "inline" (case-insensitively), this implies default processing. Therefore, the disposition type "inline" is only useful when it is augmented with additional parameters, such as the filename (see below).

Hagai Shatz
@hagai-shatz
To my understanding, this code is more to the point (not tested):
  if(download) {
    // set filename and force download
    int filenameStart = path.lastIndexOf('/') + 1;
    char buf[26+path.length()-filenameStart];
    char* filename = (char*)path.c_str() + filenameStart;
    snprintf(buf, sizeof (buf), "attachment; filename='%s'", filename);
    addHeader("Content-Disposition", buf);
  }
Me No Dev
@me-no-dev
@everslick had some issues vewing files, but that could have been due to ContentType
Helio Machado
@0x2b3bfa0
Hi!
Is there any way of setting up SSDP in AP-only mode? What should I use for HTTP.client?
Helio Machado
@0x2b3bfa0
@me-no-dev: I've enabled the web sockets debugging:
[WS-Server][0] new client from 192.168.4.2
[WS-Server][0][handleHeader] RX: GET / HTTP/1.1
[WS-Server][0][handleHeader] RX: Host: 192.168.4.1:81
[WS-Server][0][handleHeader] RX: User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:46.0) Gecko/20100101 Firefox/46.0
[WS-Server][0][handleHeader] RX: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[WS-Server][0][handleHeader] RX: Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
[WS-Server][0][handleHeader] RX: Accept-Encoding: gzip, deflate
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Version: 13
[WS-Server][0][handleHeader] RX: Origin: null
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Protocol: arduino
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Extensions: permessage-deflate
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Key: RrKmoSNY9m6iRvu68YSksw==
[WS-Server][0][handleHeader] RX: Connection: keep-alive, Upgrade
[WS-Server][0][handleHeader] RX: Pragma: no-cache
[WS-Server][0][handleHeader] RX: Cache-Control: no-cache
[WS-Server][0][handleHeader] RX: Upgrade: websocket
[WS-Server][0][handleHeader] Header read fin.
[WS-Server][0][handleHeader]  - cURL: /
[WS-Server][0][handleHeader]  - cIsUpgrade: 1
[WS-Server][0][handleHeader]  - cIsWebsocket: 1
[WS-Server][0][handleHeader]  - cKey: RrKmoSNY9m6iRvu68YSksw==
[WS-Server][0][handleHeader]  - cProtocol: arduino
[WS-Server][0][handleHeader]  - cExtensions: permessage-deflate
[WS-Server][0][handleHeader]  - cVersion: 13
[WS-Server][0][handleHeader]  - base64Authorization:
[WS-Server][0][handleHeader] Websocket connection incoming.
[WS-Server][0][handleHeader]  - sKey: rjv7vPOR2aRzxiFdTzTrSoDFVJk=
[WS][0][headerDone] Header Handling Done (1075851445us).
[WS][0][sendFrame] ------- send massage frame -------
[WS][0][sendFrame] fin: 1 opCode: 9 mask: 0 length: 0 headerToPayload: 0
[WS][0][sendFrame] sending Frame Done (4688us).
[0] Connected from 192.168.4.2 url: /
[WS][0][sendFrame] ------- send massage frame -------
[WS][0][sendFrame] fin: 1 opCode: 1 mask: 0 length: 9 headerToPayload: 0
[WS][0][sendFrame] fin: 1 opCode: 1 mask: 0 length: 9 headerToPayload: 0
[WS][0][sendFrame] text: Connected
[WS][0][sendFrame] pack to one TCP package...
[WS][0][sendFrame] sending Frame Done (13869us).
[WS][0][handleWebsocketWaitFor] size: 2 cWsRXsize: 0
[readCb] n: 2 t: 47745
[WS][0][handleWebsocketWaitFor][readCb] size: 2 ok: 1
[WS][0][handleWebsocket] ------- read massage frame -------
[WS][0][handleWebsocket] fin: 1 rsv1: 0 rsv2: 0 rsv3 0  opCode: 10
[WS][0][handleWebsocket] mask: 1 payloadLen: 0
[WS][0][handleWebsocketWaitFor] size: 6 cWsRXsize: 2
[readCb] n: 4 t: 47768
[WS][0][handleWebsocketWaitFor][readCb] size: 6 ok: 1
[WS][0][handleWebsocket] ------- read massage frame -------
[WS][0][handleWebsocket] fin: 1 rsv1: 0 rsv2: 0 rsv3 0  opCode: 10
[WS][0][handleWebsocket] mask: 1 payloadLen: 0
[WS][0][handleWebsocket] get pong  (<null>)
The client says: Firefox no puede establecer una conexión con el servidor en ws://192.168.1.1:81/.
andig
@andig
stupid question: where do I need to git clone esp8266 on osx?
couldn't find it in the docs and am new to osx...
Helio Machado
@0x2b3bfa0
@andig: Arduino/hardware/esp8266com/esp8266
I don't know where you have the Arduino folder
The first text field on the Arduino preferences has the path to that folder
Helio Machado
@0x2b3bfa0
You can get into the Arduino preferences by pressing Command and comma (,)