Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Ivan Grokhotkov
@igrr
i think @mkeyno wants to get the IP of the client
so its server.client().remoteIP()
Mehrdad K
@mkeyno
thanks Ivan , yes , but I want to sure that, my way to check authorized IP with server.client().remoteIP() is correct
Ivan Grokhotkov
@igrr
what's "authorized IP"?
Me No Dev
@me-no-dev
and what is your way of checking it?
Mehrdad K
@mkeyno
authorized client , I want check authentication with client's IP
Ivan Grokhotkov
@igrr
lol, how much security that adds I wonder?
Mehrdad K
@mkeyno
compare it with pre save IP's
Ivan Grokhotkov
@igrr
basically, as an attacker, i can set myself any static IP
and then cycle through all subnet IPs until i find one which is authorized
Me No Dev
@me-no-dev
if you are in the subnet
Mehrdad K
@mkeyno
wow!!!?? such dumb I am, so what should I do Ivan
Me No Dev
@me-no-dev
there is authorization in the server
Ivan Grokhotkov
@igrr
yeah, at least use the basic-security thing in the web server, although it won't stand against wireshark.
Mehrdad K
@mkeyno
this is only for users intend to open the webpage from SPIFF
but what if two machine intend to talk each other in pre set secure line
Me No Dev
@me-no-dev
http talk?
Ivan Grokhotkov
@igrr
since we don't have HTTPS in webserver (yet...), your best bet would be to use something like DIGEST-MD5
Me No Dev
@me-no-dev
@igrr I think we can bring real digest md5 to the server for auth
Mehrdad K
@mkeyno
My Sensor ESP module send data to my ESP actuator module , so I must be sure someone else don't send unauthorized action to the actuator module
I can set ip address of sensor module in my actuator module , but as you say it is totally leak
Ivan Grokhotkov
@igrr
quick fix: use MQTT. add an MQTT broker to the system, make sensors and actuators connect to the MQTT broker with TLS and client certificate authentication, and that's going to be pretty secure
Mehrdad K
@mkeyno
wow Ivan your offer is quit lot of time for me
Ivan Grokhotkov
@igrr
another way: authenticate the command from sensor to actuator with HMAC-MD5
Mehrdad K
@mkeyno
what is the HMAC0-MD5?
do you have any example of that
Ivan Grokhotkov
@igrr
it's a hash message authentication code based on MD5
Mehrdad K
@mkeyno
ok , thanks you guys , sorry for this interrupt , please continue to your professional discussion
Hagai Shatz
@hagai-shatz
We are all professionals @mkeyno , you are one of us now! ;-)
Mehrdad K
@mkeyno
no , I'm novice walking in the Gods presence
Hagai Shatz
@hagai-shatz

From RFC6266 section 4.2:

On the other hand, if it matches "inline" (case-insensitively), this implies default processing. Therefore, the disposition type "inline" is only useful when it is augmented with additional parameters, such as the filename (see below).

Hagai Shatz
@hagai-shatz
To my understanding, this code is more to the point (not tested):
  if(download) {
    // set filename and force download
    int filenameStart = path.lastIndexOf('/') + 1;
    char buf[26+path.length()-filenameStart];
    char* filename = (char*)path.c_str() + filenameStart;
    snprintf(buf, sizeof (buf), "attachment; filename='%s'", filename);
    addHeader("Content-Disposition", buf);
  }
Me No Dev
@me-no-dev
@everslick had some issues vewing files, but that could have been due to ContentType
Helio Machado
@0x2b3bfa0
Hi!
Is there any way of setting up SSDP in AP-only mode? What should I use for HTTP.client?
Helio Machado
@0x2b3bfa0
@me-no-dev: I've enabled the web sockets debugging:
[WS-Server][0] new client from 192.168.4.2
[WS-Server][0][handleHeader] RX: GET / HTTP/1.1
[WS-Server][0][handleHeader] RX: Host: 192.168.4.1:81
[WS-Server][0][handleHeader] RX: User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:46.0) Gecko/20100101 Firefox/46.0
[WS-Server][0][handleHeader] RX: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[WS-Server][0][handleHeader] RX: Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
[WS-Server][0][handleHeader] RX: Accept-Encoding: gzip, deflate
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Version: 13
[WS-Server][0][handleHeader] RX: Origin: null
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Protocol: arduino
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Extensions: permessage-deflate
[WS-Server][0][handleHeader] RX: Sec-WebSocket-Key: RrKmoSNY9m6iRvu68YSksw==
[WS-Server][0][handleHeader] RX: Connection: keep-alive, Upgrade
[WS-Server][0][handleHeader] RX: Pragma: no-cache
[WS-Server][0][handleHeader] RX: Cache-Control: no-cache
[WS-Server][0][handleHeader] RX: Upgrade: websocket
[WS-Server][0][handleHeader] Header read fin.
[WS-Server][0][handleHeader]  - cURL: /
[WS-Server][0][handleHeader]  - cIsUpgrade: 1
[WS-Server][0][handleHeader]  - cIsWebsocket: 1
[WS-Server][0][handleHeader]  - cKey: RrKmoSNY9m6iRvu68YSksw==
[WS-Server][0][handleHeader]  - cProtocol: arduino
[WS-Server][0][handleHeader]  - cExtensions: permessage-deflate
[WS-Server][0][handleHeader]  - cVersion: 13
[WS-Server][0][handleHeader]  - base64Authorization:
[WS-Server][0][handleHeader] Websocket connection incoming.
[WS-Server][0][handleHeader]  - sKey: rjv7vPOR2aRzxiFdTzTrSoDFVJk=
[WS][0][headerDone] Header Handling Done (1075851445us).
[WS][0][sendFrame] ------- send massage frame -------
[WS][0][sendFrame] fin: 1 opCode: 9 mask: 0 length: 0 headerToPayload: 0
[WS][0][sendFrame] sending Frame Done (4688us).
[0] Connected from 192.168.4.2 url: /
[WS][0][sendFrame] ------- send massage frame -------
[WS][0][sendFrame] fin: 1 opCode: 1 mask: 0 length: 9 headerToPayload: 0
[WS][0][sendFrame] fin: 1 opCode: 1 mask: 0 length: 9 headerToPayload: 0
[WS][0][sendFrame] text: Connected
[WS][0][sendFrame] pack to one TCP package...
[WS][0][sendFrame] sending Frame Done (13869us).
[WS][0][handleWebsocketWaitFor] size: 2 cWsRXsize: 0
[readCb] n: 2 t: 47745
[WS][0][handleWebsocketWaitFor][readCb] size: 2 ok: 1
[WS][0][handleWebsocket] ------- read massage frame -------
[WS][0][handleWebsocket] fin: 1 rsv1: 0 rsv2: 0 rsv3 0  opCode: 10
[WS][0][handleWebsocket] mask: 1 payloadLen: 0
[WS][0][handleWebsocketWaitFor] size: 6 cWsRXsize: 2
[readCb] n: 4 t: 47768
[WS][0][handleWebsocketWaitFor][readCb] size: 6 ok: 1
[WS][0][handleWebsocket] ------- read massage frame -------
[WS][0][handleWebsocket] fin: 1 rsv1: 0 rsv2: 0 rsv3 0  opCode: 10
[WS][0][handleWebsocket] mask: 1 payloadLen: 0
[WS][0][handleWebsocket] get pong  (<null>)
The client says: Firefox no puede establecer una conexión con el servidor en ws://192.168.1.1:81/.
andig
@andig
stupid question: where do I need to git clone esp8266 on osx?
couldn't find it in the docs and am new to osx...
Helio Machado
@0x2b3bfa0
@andig: Arduino/hardware/esp8266com/esp8266
I don't know where you have the Arduino folder
The first text field on the Arduino preferences has the path to that folder
Helio Machado
@0x2b3bfa0
You can get into the Arduino preferences by pressing Command and comma (,)
Miguel Angel Salinas Gancedo
@masalinas
@andig in mac osx arduino folder is on /Users/<you>/Documents
Helio Machado
@0x2b3bfa0
Sin título 2.tiff
Sin título.tiff
andig
@andig
it doesn't have a hardware folder right now which confuses me
Helio Machado
@0x2b3bfa0
Create it
andig
@andig
it has one on windows that contains the regular arduino stuff?
Helio Machado
@0x2b3bfa0
cd /Users/$USER/Documents/Arduino
mkdir hardware
cd hardware
mkdir esp8266com
cd esp8266com
git clone https://github.com/esp8266/Arduino.git esp8266