-
-
Notifications
You must be signed in to change notification settings - Fork 630
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support random setup codes and saved verifiers #730
Conversation
Does this generate a new setup code on every pairing request? |
In my example and the updated |
Ah, okay. That is the correct way to do it. Looks good :) |
Thanks a lot, great PR. If I may propose some modifications: |
Yes.
That's what I did for
The reason I haven't set a default in
There's a button to use the camera to scan the setup code/QR code on the setup code entry page. IMG_3345 If the helper function to generate a setup code is used by default I'm happy to just emit an event on the Accessory object when a pair request starts/finishes instead as you suggested. That would give us an API like this: import {AccessoryEventTypes, Categories, generateSetupCode} from 'hap-nodejs';
bridge.publish({
username: 'CC:22:3D:E3:CE:30',
port: 51826,
category: Categories.BRIDGE,
});
bridge.on(AccessoryEventTypes.PAIR_SETUP_STARTED, (setupcode: string, setupuri: string, session: Session) => {
// Present the setup code to the user
// If we had some web interface here we could send a message to it to show the setup code and a QR code with the setup URI
// Or if we just want to print the code here like this we don't need to listen to the event and could let HAP-NodeJS handle it
console.log('[%s] Received pair request', bridge.displayName, setupcode, setupuri);
});
bridge.on(AccessoryEventTypes.PAIR_SETUP_FINISHED, (err: Error | null, clientUsername: string | null, session: Session) => {
// Here we don't have to do anything
// If we had some web interface here we could send a message to it to hide the setup code/QR code
}); |
From f5e303f if a setup code (or a function to generate one) isn't provided then one is generated and either emitted on the Accessory (as in the second example) or printed to the console. |
f67c2dd
to
0c7edda
Compare
4cf3090
to
22d99eb
Compare
I've updated this to merge in the current |
Would you mind rebasing the PR onto the beta branch? Some major code changes/cleanups were made. Thanks for keeping up with the PR |
@Supereg I've switched this to the beta branch now. |
Thanks already. I'll check if I have the time to still include that into the latest beta release. |
3882b2b
to
bf825fc
Compare
I'm currently in the process of getting this PR merged. |
bf825fc
to
1283bb5
Compare
@Supereg I've rebased to the current beta branch and enabled maintainer edits so you can add any changes. |
commit 3882b2b Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 21:21:30 2020 +0000 Fix CI tests commit 5e06e26 Merge: d2a1fbc 977d5ad Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 20:52:55 2020 +0000 Merge remote-tracking branch 'KhaosT/beta' into random-setup-codes # Conflicts: # src/lib/Accessory.ts # src/lib/Advertiser.ts # src/lib/HAPServer.ts # src/lib/util/eventedhttp.ts commit d2a1fbc Merge: 130d5d6 d70a1ba Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 19:27:50 2020 +0000 Merge remote-tracking branch 'KhaosT/master' into random-setup-codes # Conflicts: # src/lib/Accessory.ts # src/lib/Advertiser.ts # src/lib/util/eventedhttp.ts commit 130d5d6 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 19:18:42 2020 +0000 Support saved verifiers commit 60a52f7 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 18:59:09 2020 +0000 Move setup ID related functions commit 0903a20 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 18:14:55 2020 +0000 Refactor using async/await commit 3d9ce22 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 17:09:46 2020 +0000 Print a warning when a pair request is rejected due to the attempt limit commit 5329ff4 Merge: f6c89db 5cacbd4 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Nov 2 16:56:24 2020 +0000 Merge remote-tracking branch 'KhaosT/master' into random-setup-codes # Conflicts: # src/CameraCore.ts # src/lib/Accessory.ts # src/lib/HAPServer.ts # src/lib/model/AccessoryInfo.ts # src/lib/util/eventedhttp.ts commit 977d5ad Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 13:54:59 2020 +0200 Adjust idle timeout configuration commit 46c6498 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 13:34:34 2020 +0200 Adding idle timeout to hap connections commit 80ef334 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 10:29:11 2020 +0200 Fixed accessory characteristic-warning event signature commit 77a2042 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 10:22:01 2020 +0200 Pass more characteristic warnings through the event system for homebridge commit a7d2c5b Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 02:21:29 2020 +0200 Correctly transform 0 and 1 to boolean values commit 8234e7b Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 02:21:16 2020 +0200 Force http socket to connect to loopback address commit 14a6424 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 20 02:16:56 2020 +0200 Adding unit tests for net-utils commit bc24a23 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 19 15:02:05 2020 +0200 Only fire characteristic change when value actually changed commit 0a45bbf Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 19 02:19:44 2020 +0200 Removed notify perms from Version characteristic again. Additional Authorization should not be added by default. commit 581298f Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 19 01:47:41 2020 +0200 Don't set the value before calling the set handler commit 9b6a3ce Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 19 00:29:20 2020 +0200 Fixed connection debug output commit 362a5eb Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 19 00:12:03 2020 +0200 Use the correct subclass when deserializing characteristics and services from disk commit 75452d7 Author: Supereg <mail@anderl-bauer.de> Date: Sun Oct 18 22:42:31 2020 +0200 Add deprecated CameraControl service again commit 1b47a4c Author: Supereg <mail@anderl-bauer.de> Date: Sun Oct 18 20:19:44 2020 +0200 Adding debug output for current connection state every minute commit 091e2a4 Author: Supereg <mail@anderl-bauer.de> Date: Fri Oct 16 23:23:07 2020 +0200 Reworked characteristic and service definition generation commit 5e9d970 Author: Supereg <mail@anderl-bauer.de> Date: Wed Oct 14 16:26:17 2020 +0200 Improve default value handling of AccessoryInformation characteristics Removed error thrown when setting undefined commit 7fde47b Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 13 23:32:54 2020 +0200 Improved handling of undefined and null values for AccessoryInformation service commit 8fe0b15 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 13 16:39:38 2020 +0200 Make warnings less dramatic commit 917fa6a Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 12 23:24:58 2020 +0200 Adding ability to track code coverage commit e329727 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 12 22:29:22 2020 +0200 Fixed assertions and tests commit 9b30452 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 12 22:25:04 2020 +0200 Improved some typing. Only assignIds on main accessory commit c8b5791 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 12 15:15:17 2020 +0200 Minor adjustments handling promise errors on characteristic handlers. Additionally we added a custom try-catch for the validateInput function to print a more meaningful error message commit 83804fb Author: oznu <dev@oz.nu> Date: Mon Oct 12 23:48:00 2020 +1100 Add support for promise based Characteristic setters and getters (homebridge#849) commit 3f59de2 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 12 14:39:42 2020 +0200 Mitigate crash when check accessory configuration and aid/iids aren't set yet commit 9d63614 Author: Supereg <mail@anderl-bauer.de> Date: Fri Oct 9 00:27:08 2020 +0200 Ignore empty bind option commit ac57c4d Author: Supereg <mail@anderl-bauer.de> Date: Fri Oct 9 00:09:51 2020 +0200 Adjust the bind option to always bind on unspecified addresses to keep a socket on the loopback address for config-ui commit 6f6a971 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 23:26:53 2020 +0200 Fix event delivery for bridged accessories commit 0bedbc5 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 18:28:10 2020 +0200 Prevent that SerialNumber or Model gets a value assigned with length less or equal to 1 character (fixes homebridge#824) Otherwise HomeKit will reject the whole accessory! commit 5f8a827 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 18:05:31 2020 +0200 Return http error when receiving duplicate values in /characteristics set/get requests commit 0ac698f Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 17:45:47 2020 +0200 Mute event notification calls when aid/iid are not yet set Catch any errors which may occur when sending events commit 7073a82 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 05:52:14 2020 +0200 Fixed bridged accessories not being returned on /accessories request commit 4a3f9e7 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 05:30:32 2020 +0200 Fixed adding bridged accessories commit 7deb450 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 05:20:38 2020 +0200 Ensure timeouts don't prevent shutdown commit df0761d Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 05:15:25 2020 +0200 Boolean values for numeric formats are now properly converted commit 074ede1 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 05:14:59 2020 +0200 Debounce current configuration number increments commit 2d7aaba Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 04:18:42 2020 +0200 Service code cleanup commit 7f00b15 Author: Supereg <mail@anderl-bauer.de> Date: Thu Oct 8 04:05:54 2020 +0200 * Reworked input validation for characteristic values and properties * Send correct -70410 response when receiving invalid value in request (out of range etc) * GET handler is now called on /accessories to have latest value on discover * Added more documentation commit a063bc1 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 16:40:50 2020 +0200 Fixing tests commit 50be234 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 16:06:52 2020 +0200 setValue method will now fire a SET event again commit e16a3e4 Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 01:10:15 2020 +0200 Fix tests commit 89ad4ac Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 00:59:29 2020 +0200 Remove last traces of custom EventEmitter type commit f908a9e Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 00:28:25 2020 +0200 Fixed awfully wrong uuids for iOS 14 characteristics and services commit 73bf81c Author: Supereg <mail@anderl-bauer.de> Date: Tue Oct 6 00:27:56 2020 +0200 Adding timeouts to SET, GET and image request handlers. Some minor code cleanup. commit 3673c8d Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 19:22:03 2020 +0200 Adding support for additional authorization data to be checked by custom handler commit 024b021 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 18:38:23 2020 +0200 Minor code fixes in the AccessoryLoader commit 45b63a7 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 18:24:07 2020 +0200 Some code cleanup regarding the HAPEncryption object commit 9f3887d Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 18:10:35 2020 +0200 Properly delay and combine event notifications commit d765118 Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 16:40:40 2020 +0200 Bump beta to 0.9.0 commit 8f2c80a Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 01:35:39 2020 +0200 Removed some obsolete @ts-expect-error commit 2ef51cf Author: Supereg <mail@anderl-bauer.de> Date: Mon Oct 5 01:31:47 2020 +0200 Major code cleanup in the EventedHTTPServer and HAPServer classes Various fixes, improved typing and more robustness commit 576271b Author: Supereg <mail@anderl-bauer.de> Date: Sat Oct 3 19:05:35 2020 +0200 Reduce daysUntilStale to 23 commit 2b57017 Author: Supereg <mail@anderl-bauer.de> Date: Sat Oct 3 19:03:08 2020 +0200 Set the tcp_keepalive_time to 5 seconds commit 8521c69 Author: Supereg <mail@anderl-bauer.de> Date: Sat Oct 3 19:02:46 2020 +0200 Validate controllerKeySalt length before passing it to the DataStream Server commit bda16db Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 30 01:54:05 2020 +0200 Fixed some tests commit e2ffbd8 Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 30 01:35:11 2020 +0200 Completely reworked /characteristics * Adding support for metadata, events, type, perms query parameters * Moving to promises * Reworked Characteristic code commit 1a6d30b Author: Supereg <mail@anderl-bauer.de> Date: Thu Sep 24 00:54:19 2020 +0200 Minor improvment of removeLinkedService from Service class commit 62348d3 Author: Supereg <mail@anderl-bauer.de> Date: Thu Sep 24 00:54:07 2020 +0200 Fixed removeLinkedService commit c06dbb8 Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 23 19:44:40 2020 +0200 Listen on the loopback interface only for the internal http server commit b9b95d5 Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 23 19:14:07 2020 +0200 Fixed: if a service is removed it is now ensured that no existing services still link to that removed service commit 72baab0 Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 23 18:59:22 2020 +0200 Throw a proper exception if chacha20-poly1305 cipher isn't found commit e858e39 Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 23 18:26:16 2020 +0200 Minor code cleanup commit 0843e2a Author: Supereg <mail@anderl-bauer.de> Date: Wed Sep 23 17:53:56 2020 +0200 Introducing new "bind" publish option, in oder to bind/advertise the hap-nodejs to a certain interface(s)/ip address(es) commit 5eabcf8 Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 15:47:18 2020 +0200 Mitigating warning for memory leak on the UNPAIRED event commit 1fa08d0 Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 15:39:47 2020 +0200 Add some little deprecation notice commit 0afceab Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 15:37:38 2020 +0200 Adding source-map-support for better stack strace translation commit 8ee8888 Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 15:13:30 2020 +0200 Notify active streaming session that the application is about to exit commit 059def9 Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 14:59:53 2020 +0200 Updated service and characteristic definitions to latest iOS 14 release commit eb9dd8a Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 14:56:15 2020 +0200 Adding version note to some of the latest characteristics and services commit 52f61fd Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 14:42:07 2020 +0200 Doing a subnet check as fallback if local interface detection fails for HAP socket commit 00bf51d Author: Supereg <mail@anderl-bauer.de> Date: Mon Sep 21 14:20:30 2020 +0200 Mark the start of beta 0.8.3 commit f6c89db Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Apr 12 02:42:33 2020 +0100 Redo flag checks closer to the spec., add initial transient pair setup support commit a9dc408 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Apr 12 00:54:32 2020 +0100 Fix checking if another client is trying to pair commit c436563 Merge: 4abd809 9e86970 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sat Apr 11 19:07:53 2020 +0100 Merge remote-tracking branch 'KhaosT/master' into random-setup-codes # Conflicts: # src/lib/Accessory.ts # src/lib/HAPServer.ts commit 4abd809 Merge: b4d95e8 6fbafa8 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Thu Nov 28 14:07:31 2019 +0000 Merge remote-tracking branch 'refs/remotes/KhaosT/master' into random-setup-codes # Conflicts: # src/lib/Accessory.ts # src/lib/gen/importAsClasses.ts commit b4d95e8 Merge: f5e303f 50ac924 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Nov 3 20:02:45 2019 +0000 Merge remote-tracking branch 'KhaosT/master' into random-setup-codes # Conflicts: # src/lib/HAPServer.ts # src/lib/util/eventedhttp.ts commit f5e303f Author: Samuel Elliott <samuel@fancy.org.uk> Date: Mon Oct 28 14:06:50 2019 +0000 Use random setup codes by default and add pair setup start/finish events commit 0850c5c Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Oct 27 22:04:44 2019 +0000 Use random setup codes in Bridged/CameraCore.ts and only for accessories without a setup code in Core.ts commit 6830baa Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Oct 27 19:57:22 2019 +0000 Add a function to generate a random setup code commit a6a4810 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Oct 27 19:53:31 2019 +0000 Support using a random setup code commit 322baca Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Oct 27 18:47:32 2019 +0000 Fix pairing, unpairing and pairing again without restarting commit 5babe40 Author: Samuel Elliott <samuel@fancy.org.uk> Date: Sun Oct 27 18:02:49 2019 +0000 Only allow a single pair request
1283bb5
to
0fa64b5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have the desire to still change some stuff here and there.
For one, I need to rethink if it makes sense to multiplex string-based pincode, password generating function and SRP verifier into the PublishInfo.pincode
property (additionally even a fourth option to leave out that option, for automatically generating passwords).
I will probably refactor the script generating SRP verifiers, for one backing it with a more profound command line parsing, as well as maybe even packaging it as a bin
with the hap-nodejs package, such that users can follow a similar "provisioning" workflow like it is the case for the HomeKitADK.
In the end, the goal would even be to move to a SRP verifier based pincode storage for all hap-nodejs and homebridge installations by default.
This probably needs some thoughts around how users running the beta can still properly downgrade (maybe it makes sense to back port the updated AccessoryInfo
model to the 0.8.x line).
I also had planned to do some code cleanup to the current pairing logic, maybe moving it out of the HAPServer even. I think (checking against the ADK code) it makes sense to add a pairing timeout (now it is enforced that only a single session is in a pairing session) so that no client can use that as a denial of service.
EDIT: Additionally what this PR is missing, that transient pairings aren't actually allowed to control anything, they really are only allowed to access the \identify
route and the secure-message
root for software authentication. I already mentioned in #643 that I maybe plan do abuse the transient pairing mechanism to replace the current insecure
mode with a new insecure
mode providing a secure, encrypted and authenticated way of operating hap-nodejs/homebridge instances from third party software.
EDIT2: We should also definitely find a way to properly and throughly unit test the pairing code.
I still plan to do those changes, though I decided that I don't want to include all that in this PR anymore, I think it makes sense to finally get this merged.
Huge thanks for your contribution 🙏🏽
Quick question to the current split pair-setup. To my knowledge the SRP verifier should be saved for the next pair-setup. Do you know if that verifier should be saved on a global level (and forever?) like you do currently or should this SRP verifier be associated with the HAPConnection (and thus also only live as long as the connection does). The current solution e.g. doesn't allow for multiple connections saving their own verifier?
All sound good. The script I included is really just meant as an example of using the generation functions and for generating setup codes for testing; a proper command line tool for this would be great for automatically generating accessories. For users downgrading: the
I remember reading your comments there. The transient pairing mode doesn't really have any use at the moment but it made sense to me to implement it in this PR as it's really just properly implementing the (As well as handling instances where there is no setup code as introduced by this PR...) Something maybe for @oznu to consider is that homebridge-config-ui-x allows controlling other Homebridge servers - any secure replacement would require the user to configure this (although in my opinion this should be manually enabled for each HAP server). Also how this would work with child bridges/external accessories in Homebridge, as from hap-nodejs' perspective they are completely separate HAP servers.
Thank you! I'm very happy this has finally been merged.
The HAP spec. just says "save the SRP verifier for the Setup Code and use it for the next Pair-Setup with kPairingFlag_Split" (nothing about who for or if it should expire). I think the issue with saving the verifier per-connection is that the client could disconnect between the pair attempts, and I guess multiple connections saving their own verifier would already be disallowed anyway as only one can be attempting a |
Adds support for generating random setup codes if one isn't provided, and providing a salt+verifier instead of a setup code, and adds events for pair setup requests to present the setup code to the user. This also rejects pair setup requests if another client is pairing.