Change cfg bool to byte and some documentation

openshwprojects · Oct 30, 2023 · 1691cd4 · 1691cd4
1 parent af63576
commit 1691cd4
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 17 deletions.
diff --git a/docs/commands.md b/docs/commands.md
@@ -289,4 +289,4 @@ Do not add anything here, as it will overwritten with next rebuild.
 | VCPPublishThreshold | [VoltageDeltaVolts][CurrentDeltaAmpers][PowerDeltaWats][EnergyDeltaWh] | Sets the minimal change between previous reported value over MQTT and next reported value over MQTT. Very useful for BL0942, BL0937, etc. So, if you set, VCPPublishThreshold 0.5 0.001 0.5, it will only report voltage again if the delta from previous reported value is largen than 0.5V. Remember, that the device will also ALWAYS force-report values every N seconds (default 60).<br/><br/>See also [VCPPublishThreshold on forum](https://www.elektroda.com/rtvforum/find.php?q=VCPPublishThreshold). |
 | VoltageSet | Voltage | Measure the real voltage with an external, reliable power meter and enter this voltage via this command to calibrate. The calibration is automatically saved in the flash memory.<br/><br/>See also [VoltageSet on forum](https://www.elektroda.com/rtvforum/find.php?q=VoltageSet). |
 | waitFor | [EventName] [Argument] | Wait forever for event. Can be used within script. For example, you can do: waitFor MQTTState 1 or waitFor NTPState 1. You can also do waitFor NoPingTime 600 to wait for 600 seconds without ping watchdog getting successful reply.<br/><br/>See also [waitFor on forum](https://www.elektroda.com/rtvforum/find.php?q=waitFor). |
-
+| WebServer | [1or0] | Enable/Disable web interface. 1 to Enable. 0 to Disable. No argument, returns the actual state of the web server interface. No effect on safe mode. In safe mode, the web interface is always enabled. |
diff --git a/src/new_cfg.c b/src/new_cfg.c
@@ -172,6 +172,13 @@ void CFG_SetDefaultConfig() {
 
 	CFG_SetDefaultLEDCorrectionTable();
 
+#if MQTT_USE_TLS
+	CFG_SetMQTTUseTls(0);
+	CFG_SetMQTTVerifyTlsCert(0);
+	CFG_SetMQTTCertFile("");
+	CFG_SetDisableWebServer(0);
+#endif
+
 	g_cfg_pendingChanges++;
 }
 
@@ -686,24 +693,24 @@ uint32_t CFG_GetLFS_Size() {
 #endif
 
 #if MQTT_USE_TLS
-bool CFG_GetMQTTUseTls() {
+byte CFG_GetMQTTUseTls() {
 	return g_cfg.mqtt_use_tls;
 }
-bool CFG_GetMQTTVerifyTlsCert() {
+byte CFG_GetMQTTVerifyTlsCert() {
 	return g_cfg.mqtt_verify_tls_cert;
 }
 const char* CFG_GetMQTTCertFile() {
 	return g_cfg.mqtt_cert_file;
 }
-void CFG_SetMQTTUseTls(bool value) {
+void CFG_SetMQTTUseTls(byte value) {
 	// is there a change?
 	if (g_cfg.mqtt_use_tls != value) {
 		g_cfg.mqtt_use_tls = value;
 		// mark as dirty (value has changed)
 		g_cfg_pendingChanges++;
 	}
 }
-void CFG_SetMQTTVerifyTlsCert(bool value) {
+void CFG_SetMQTTVerifyTlsCert(byte value) {
 	// is there a change?
 	if (g_cfg.mqtt_verify_tls_cert != value) {
 		g_cfg.mqtt_verify_tls_cert = value;
@@ -718,10 +725,10 @@ void CFG_SetMQTTCertFile(const char* s) {
 		g_cfg_pendingChanges++;
 	}
 }
-bool CFG_GetDisableWebServer() {
+byte CFG_GetDisableWebServer() {
 	return g_cfg.disable_web_server;
 }
-void CFG_SetDisableWebServer(bool value) {
+void CFG_SetDisableWebServer(byte value) {
 	// is there a change?
 	if (g_cfg.disable_web_server != value) {
 		g_cfg.disable_web_server = value;

diff --git a/src/new_cfg.h b/src/new_cfg.h
@@ -95,14 +95,14 @@ uint32_t CFG_GetLFS_Size();
 #endif 
 
 #if MQTT_USE_TLS
-void CFG_SetMQTTUseTls(bool value);
-void CFG_SetMQTTVerifyTlsCert(bool value);
+void CFG_SetMQTTUseTls(byte value);
+void CFG_SetMQTTVerifyTlsCert(byte value);
 void CFG_SetMQTTCertFile(const char* s);
-bool CFG_GetMQTTUseTls();
-bool CFG_GetMQTTVerifyTlsCert();
+byte CFG_GetMQTTUseTls();
+byte CFG_GetMQTTVerifyTlsCert();
 const char* CFG_GetMQTTCertFile();
-bool CFG_GetDisableWebServer();
-void CFG_SetDisableWebServer(bool value);
+byte CFG_GetDisableWebServer();
+void CFG_SetDisableWebServer(byte value);
 #endif
 
 #endif

diff --git a/src/new_pins.h b/src/new_pins.h
@@ -1186,13 +1186,13 @@ typedef struct mainConfig_s {
 	// offset 0x00000C40 (3136 decimal)
 	char wifi_pass2[68];
 	// offset 0x00000C84 (3204 decimal)
-	bool mqtt_use_tls;
+	byte mqtt_use_tls;
 	// offset 0x00000C85 (3205 decimal)
-	bool mqtt_verify_tls_cert;
+	byte mqtt_verify_tls_cert;
 	// offset 0x00000C86 (3206 decimal)
 	char mqtt_cert_file[20];
 	// offset 0x00000C9A (3226 decimal)
-	bool disable_web_server;
+	byte disable_web_server;
 	// offset 0x00000C9B (3227 decimal)
 	char unused[357];
 #endif

diff --git a/src/user_mbedtls_config.h b/src/user_mbedtls_config.h
@@ -22,8 +22,15 @@
  * To validate the certificate dates, the NTP driver must be enabled,
  * otherwise the build date will be used to validate.
  *
+ * You can use Mqtt TSL without a CA or public certificate if you disable 
+ * validation, but this is not recommended.
+ * Your client will be vulnerable to the MIT attack.
+ *
  * Additionally, an option to disable the web app has been added to 
- * strengthen security. Communication only with secure mqtt connection
+ * strengthen security. After connected to mqtt use 
+ * cmnd/<topic>/WebServer 0 to disable web interface
+ * cmnd/<topic>/WebServer 1 to enable web interface
+ * Communication only with secure mqtt connection
  *
  * Author: [email protected]
  *