diff --git a/SourceCode/arduino/lib/Firewall/Firewall.cpp b/SourceCode/arduino/lib/Firewall/Firewall.cpp index 9e16889..45de01f 100644 --- a/SourceCode/arduino/lib/Firewall/Firewall.cpp +++ b/SourceCode/arduino/lib/Firewall/Firewall.cpp @@ -1,29 +1,15 @@ #include "Firewall.h" -ESPFirewall::ESPFirewall(int port) +ESPFirewall::ESPFirewall(int api_port) { this->setup_eeprom(); this->setup_certificate(); - this->firewall_api = new httpsserver::HTTPSServer(this->certificate, port); - this->setup_routing(); + this->setup_firewall_api(api_port); } -void ESPFirewall::setup_certificate() +void ESPFirewall::handle_firewall_api_clients() { - this->certificate = new httpsserver::SSLCert(); - int createCertResult = httpsserver::createSelfSignedCert( - *this->certificate, - httpsserver::KEYSIZE_2048, - "CN=myesp32.local,O=FancyCompany,C=DE", - "20190101000000", - "20300101000000"); - if (createCertResult != 0) - { - log_e("Cerating certificate failed. Error Code = 0x%02X, check SSLCert.hpp for details", createCertResult); - while (true) - delay(500); - } - log_i("Creating the certificate was successful"); + this->firewall_api->loop(); } String ESPFirewall::protocol_to_string(firewall_protocol_t &protocol) @@ -224,41 +210,70 @@ bool ESPFirewall::delete_rule_from_firewall(uint8_t key) return true; } -void ESPFirewall::setup_routing() +void ESPFirewall::setup_certificate() { - httpsserver::ResourceNode *firewall_get = new httpsserver::ResourceNode("/api/v1/firewall", "GET", std::bind(&ESPFirewall::get_firewall_rule_handler, this, std::placeholders::_1)); - this->firewall_api->registerNode(firewall_get); - // this->firewall_api->on("^\\/api/v1/firewall\\/([0-9]+)$", HTTP_GET, std::bind(&ESPFirewall::get_firewall_rule_handler, this, std::placeholders::_1)); - // this->firewall_api->on("/api/v1/firewall", HTTP_GET, std::bind(&ESPFirewall::get_firewall_rules_handler, this, std::placeholders::_1)); - // this->firewall_api->on("/api/v1/firewall", HTTP_POST, std::bind(&ESPFirewall::post_firewall_handler, this, std::placeholders::_1)); - // this->firewall_api->on("^\\/api/v1/firewall\\/([0-9]+)$", HTTP_DELETE, std::bind(&ESPFirewall::delete_firewall_handler, this, std::placeholders::_1)); - - // this->firewall_api->on("/api/v1/device/restart", HTTP_GET, std::bind(&ESPFirewall::restart_device_handler, this, std::placeholders::_1)); - // this->firewall_api->onNotFound(std::bind(&ESPFirewall::not_found, this, std::placeholders::_1)); - // this->firewall_api->begin(); + log_i("Creating the certificate..."); + this->certificate = new SSLCert(); + int createCertResult = createSelfSignedCert( + *this->certificate, + KEYSIZE_2048, + "CN=myesp32.local,O=Firewall,C=DE", + "20220101000000", + "20320101000000"); + if (createCertResult != 0) + { + log_e("Cerating certificate failed. Error Code = 0x%02X, check SSLCert.hpp for details", createCertResult); + while (true) + delay(500); + } + log_i("Creating the certificate was successful"); } -void ESPFirewall::json_generic_response(httpsserver::HTTPResponse *response, String serialized, int response_code) +void ESPFirewall::setup_firewall_api(int api_port) +{ + this->firewall_api = new HTTPSServer(this->certificate, api_port, 5); + ResourceNode *get_firewall_rule = new ResourceNode("/api/v1/firewall/*", "GET", std::bind(&ESPFirewall::get_firewall_rule_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *get_firewall_rules = new ResourceNode("/api/v1/firewall", "GET", std::bind(&ESPFirewall::get_firewall_rules_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *post_firewall = new ResourceNode("/api/v1/firewall", "POST", std::bind(&ESPFirewall::post_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *delete_firewall = new ResourceNode("/api/v1/firewall/*", "DELETE", std::bind(&ESPFirewall::delete_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *restart_device = new ResourceNode("/api/v1/device/restart", "GET", std::bind(&ESPFirewall::restart_device_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *not_found = new ResourceNode("", "GET", std::bind(&ESPFirewall::not_found_handler, this, std::placeholders::_1, std::placeholders::_2)); + this->firewall_api->registerNode(get_firewall_rule); + this->firewall_api->registerNode(get_firewall_rules); + this->firewall_api->registerNode(post_firewall); + this->firewall_api->registerNode(delete_firewall); + this->firewall_api->setDefaultNode(restart_device); + this->firewall_api->setDefaultNode(not_found); + + log_i("Starting server..."); + this->firewall_api->start(); + if (this->firewall_api->isRunning()) + { + log_i("Server ready."); + } +} + +void ESPFirewall::json_generic_response(HTTPResponse *response, String serialized, int response_code) { response->setHeader("Content-Type", "application/json"); response->setStatusCode(response_code); - response->print(serialized); + response->println(serialized); } -void ESPFirewall::json_message_response(httpsserver::HTTPResponse *response, String message, int response_code) +void ESPFirewall::json_message_response(HTTPResponse *response, String message, int response_code) { response->setHeader("Content-Type", "application/json"); response->setStatusCode(response_code); - StaticJsonDocument json; + StaticJsonDocument<96> json; String serialized; json["message"] = message; serializeJson(json, serialized); - response->print(serialized); + response->println(serialized); } String ESPFirewall::construct_json_firewall_rule(firewall_rule_t *rule_ptr) { - StaticJsonDocument doc; + StaticJsonDocument<256> doc; doc["key"] = rule_ptr->key; doc["source"] = rule_ptr->source; doc["destination"] = rule_ptr->destination; @@ -291,21 +306,21 @@ String ESPFirewall::construct_json_firewall() return response; } -void ESPFirewall::not_found(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::not_found_handler(HTTPRequest *request, HTTPResponse *response) { this->json_message_response(response, "not found", 404); } -void ESPFirewall::restart_device_handler(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::restart_device_handler(HTTPRequest *request, HTTPResponse *response) { this->json_message_response(response, "restarting device in 2 sec", 200); sleep(2000); esp_restart(); } -void ESPFirewall::get_firewall_rule_handler(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::get_firewall_rule_handler(HTTPRequest *request, HTTPResponse *response) { - httpsserver::ResourceParameters *params = request->getParams(); + ResourceParameters *params = request->getParams(); int rule_number = atoi(params->getPathParameter(0).c_str()); firewall_rule_t *rule_ptr = this->get_rule_from_firewall(rule_number); if (rule_ptr == NULL) @@ -320,19 +335,19 @@ void ESPFirewall::get_firewall_rule_handler(httpsserver::HTTPRequest *request, h } } -void ESPFirewall::get_firewall_rules_handler(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::get_firewall_rules_handler(HTTPRequest *request, HTTPResponse *response) { this->json_generic_response(response, this->construct_json_firewall(), 200); } -bool ESPFirewall::request_has_firewall_parameter(httpsserver::ResourceParameters *params) +bool ESPFirewall::request_has_firewall_parameter(ResourceParameters *params) { return params->isQueryParameterSet("source") || params->isQueryParameterSet("destination") || params->isQueryParameterSet("protocol") || params->isQueryParameterSet("target"); } -void ESPFirewall::post_firewall_handler(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::post_firewall_handler(HTTPRequest *request, HTTPResponse *response) { - httpsserver::ResourceParameters *params = request->getParams(); + ResourceParameters *params = request->getParams(); if (request_has_firewall_parameter(params)) { firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); @@ -363,13 +378,16 @@ void ESPFirewall::post_firewall_handler(httpsserver::HTTPRequest *request, https } } -void ESPFirewall::delete_firewall_handler(httpsserver::HTTPRequest *request, httpsserver::HTTPResponse *response) +void ESPFirewall::delete_firewall_handler(HTTPRequest *request, HTTPResponse *response) { - httpsserver::ResourceParameters *params = request->getParams(); + ResourceParameters *params = request->getParams(); int rule_number = atoi(params->getPathParameter(0).c_str()); if (this->delete_rule_from_firewall(rule_number)) { this->json_message_response(response, "firewall rule deleted", 200); } - this->json_message_response(response, "cannot delete firewall rule", 500); + else + { + this->json_message_response(response, "cannot delete firewall rule", 500); + } } diff --git a/SourceCode/arduino/lib/Firewall/Firewall.h b/SourceCode/arduino/lib/Firewall/Firewall.h index a4aa3c4..75cb181 100644 --- a/SourceCode/arduino/lib/Firewall/Firewall.h +++ b/SourceCode/arduino/lib/Firewall/Firewall.h @@ -11,6 +11,7 @@ #include "HTTPResponse.hpp" #define eeprom_start_firewall_rules 4 +using namespace httpsserver; typedef enum firewall_target : uint8_t { @@ -45,10 +46,8 @@ class ESPFirewall int eeprom_rules_head = eeprom_start_firewall_rules; struct firewall_rule *head = NULL; - httpsserver::HTTPSServer *firewall_api; - httpsserver::SSLCert *certificate; - - void setup_certificate(); + HTTPSServer *firewall_api; + SSLCert *certificate; // Protocol / Target conversion String protocol_to_string(firewall_protocol_t &); @@ -69,21 +68,23 @@ class ESPFirewall bool delete_rule_from_firewall(uint8_t); // Firewall-API Actions - void setup_routing(); - void json_generic_response(httpsserver::HTTPResponse *, String, int); - void json_message_response(httpsserver::HTTPResponse *, String, int); + void setup_certificate(); + void setup_firewall_api(int); + void json_generic_response(HTTPResponse *, String, int); + void json_message_response(HTTPResponse *, String, int); String construct_json_firewall_rule(firewall_rule_t *); String construct_json_firewall(); - void not_found(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); - void restart_device_handler(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); - void get_firewall_rule_handler(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); - void get_firewall_rules_handler(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); - bool request_has_firewall_parameter(httpsserver::ResourceParameters *); - void post_firewall_handler(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); - void delete_firewall_handler(httpsserver::HTTPRequest *, httpsserver::HTTPResponse *); + void not_found_handler(HTTPRequest *, HTTPResponse *); + void restart_device_handler(HTTPRequest *, HTTPResponse *); + void get_firewall_rule_handler(HTTPRequest *, HTTPResponse *); + void get_firewall_rules_handler(HTTPRequest *, HTTPResponse *); + bool request_has_firewall_parameter(ResourceParameters *); + void post_firewall_handler(HTTPRequest *, HTTPResponse *); + void delete_firewall_handler(HTTPRequest *, HTTPResponse *); public: ESPFirewall(int port = 8080); + void handle_firewall_api_clients(); }; #endif diff --git a/SourceCode/arduino/platformio.ini b/SourceCode/arduino/platformio.ini index 556d85d..823bfc9 100644 --- a/SourceCode/arduino/platformio.ini +++ b/SourceCode/arduino/platformio.ini @@ -15,10 +15,8 @@ framework = arduino monitor_speed = 115200 build_flags = -DCORE_DEBUG_LEVEL=3 - -DASYNCWEBSERVER_REGEX lib_deps = bblanchon/ArduinoJson@^6.19.4 - fhessel/esp32_https_server@^1.0.0 [env:esp32-dev] platform = espressif32 @@ -27,7 +25,5 @@ framework = arduino monitor_speed = 115200 build_flags = -DCORE_DEBUG_LEVEL=3 - -DASYNCWEBSERVER_REGEX lib_deps = bblanchon/ArduinoJson@^6.19.4 - fhessel/esp32_https_server@^1.0.0 diff --git a/SourceCode/arduino/src/main.cpp b/SourceCode/arduino/src/main.cpp index 6693c4f..43c95f6 100644 --- a/SourceCode/arduino/src/main.cpp +++ b/SourceCode/arduino/src/main.cpp @@ -31,4 +31,5 @@ void setup() void loop() { + firewall->handle_firewall_api_clients(); } \ No newline at end of file