ssl UI is working, but not on the backend. shelved.

.gitignore

@@ -6,3 +6,5 @@ boards/8ch-mosfet/bom/ibom.html
 *.log
 *.DS_STORE
 **/bom/*
+firmware/cert.pem
+firmware/key.pem

firmware/TODO

@@ -1,18 +1,22 @@
 Firmware:
-    * mongoose conversion
-        * make sure we arent crashing
-        * test new https
-        * test new login auth system
-        * update to latest version of mongoose 6.x
-        * long term: update to mongoose 7.x
-    * change app_enable_https to app_enable_ssl
+    * on status (error, udpate, etc) focus/scroll the window to the alert.
+    * 3 column display extending outside main column
     * hacky semver implementation on client side js not working well.
     * add a "framerate" counter to the loop: https://stackoverflow.com/questions/87304/calculating-frames-per-second-in-a-game
     * add a total row to the mosfet stats page
     * find in signalk app where it sends the discovery info to mfd's and see if we can copy?
         * I think the magic happens here: https://github.com/SignalK/signalk-server/blob/master/src/interfaces/mfd_webapp.ts
     * protocol documentation
     * learn about building components for node-red, maybe make a yarrboard toolkit
+    * mongoose conversion
+        * make sure we arent crashing
+        * test new https
+        * test new login auth system
+        * update to latest version of mongoose 6.x
+        * long term: update to mongoose 7.x
+    * ssl
+        * change app_enable_https to app_enable_ssl
+        * global rename server_pem to server_cert
 
 Webserver Comparison:
     * arduinomongoose: https://github.com/jeremypoulter/ArduinoMongoose

firmware/commands.txt

@@ -44,3 +44,6 @@ git grep -lz YB_HAS_ADC | xargs -0 sed -i '' -e 's/YB_HAS_ADC/YB_HAS_ADC_CHANNEL
 git grep -lz YB_HAS_RGB_OUTPUT | xargs -0 sed -i '' -e 's/YB_HAS_RGB_OUTPUT/YB_HAS_RGB_CHANNELS/g'
 
 curl -i -d '{"cmd":"ping"}'  -H "Content-Type: application/json"  -X POST https://rgbinput.local/api/endpoint
+
+#generate self signed key:
+openssl req  -nodes -new -x509  -keyout key.pem -out cert.pem

firmware/html/yarrboard.js

@@ -854,8 +854,8 @@ function start_websocket()
 
       //for our ssl stuff
       $("#app_enable_https").prop("checked", msg.app_enable_https);
-      $("#server_pem").value(msg.server_pem);
-      $("#server_key").value(msg.server_key);
+      $("#server_pem").val(msg.server_pem);
+      $("#server_key").val(msg.server_key);
 
       //hide/show these guys
       if (msg.app_enable_https)

firmware/platformio.ini

@@ -17,8 +17,8 @@ lib_deps =
 	rodolfoprieto/MCP3208@^1.0.0
 	https://github.com/hoeken/tlc5947-spi
 	rlogiacco/CircularBuffer@^1.3.3
-	#jeremypoulter/ArduinoMongoose@^0.0.20
-  https://github.com/jeremypoulter/MicroDebug
+	jeremypoulter/ArduinoMongoose@^0.0.20
+  #https://github.com/jeremypoulter/MicroDebug
   #https://github.com/hoeken/ArduinoMongoose
 platform = espressif32
 board = esp32dev

firmware/src/config.h

@@ -42,7 +42,7 @@
 #define YBP_MODE_SERIAL    2
 
 //for handling messages outside of the loop
-#define YB_RECEIVE_BUFFER_LENGTH 512
+#define YB_RECEIVE_BUFFER_LENGTH 4096
 #define YB_RECEIVE_BUFFER_COUNT 16
 
 //milliseconds between sending updates on websocket and serial

firmware/src/protocol.cpp

@@ -365,14 +365,20 @@ void handleSetAppConfig(JsonVariantConst input, JsonVariant output)
     preferences.putBool("appEnableHttps", app_enable_https);
 
     //write our pem to local storage
-    File fp = LittleFS.open("server.pem", "w");
+    File fp = LittleFS.open("/server.pem", "w");
     fp.print(input["server_pem"] | "");
     fp.close();
 
+    Serial.println("ssl cert:");
+    Serial.println(input["server_pem"] | "");
+
     //write our key to local storage
-    File fp2 = LittleFS.open("server.key", "w");
+    File fp2 = LittleFS.open("/server.key", "w");
     fp2.print(input["server_key"] | "");
     fp2.close();
+
+    Serial.println("ssl key:");
+    Serial.println(input["server_key"] | "");
 }
 
 void handleLogin(JsonVariantConst input, JsonVariant output, byte mode, MongooseHttpWebSocketConnection *connection)

firmware/src/server.cpp

@@ -20,13 +20,25 @@ void server_setup()
   //do we want https?
   if (preferences.isKey("appEnableHttps"))
     app_enable_https = preferences.getBool("appEnableHttps");
+  else
+    app_enable_https = false;
+
+  if (app_enable_https)
+    Serial.println("SSL enabled");
+  else
+    Serial.println("SSL disabled");
 
   //look up our keys?
   if (app_enable_https)
   {
     File fp = LittleFS.open("/server.pem");
     if (fp)
+    {
       server_pem = fp.readString();
+
+      Serial.println("Server Cert:");
+      Serial.println(server_pem);
+    }
     else
     {
       Serial.println("server.pem not found, SSL not available");
@@ -36,7 +48,12 @@ void server_setup()
 
     File fp2 = LittleFS.open("/server.key");
     if (fp2)
+    {
       server_key = fp2.readString();
+
+      Serial.println("Server Key:");
+      Serial.println(server_key);
+    }
     else
     {
       Serial.println("server.key not found, SSL not available");
@@ -52,7 +69,7 @@ void server_setup()
   {
     if(false == server.begin(443, server_pem.c_str(), server_key.c_str())) {
       Serial.print("Failed to start HTTPS server");
-      return;
+      app_enable_https = false;
     }
   }
   else
@@ -191,9 +208,7 @@ void sendToAllWebsockets(const char * jsonString)
   {
     for (byte i=0; i<YB_CLIENT_LIMIT; i++)
       if (authenticatedConnections[i] != NULL)
-          authenticatedConnections[i]->send(jsonString);
-        else
-          Serial.println("[socket] client queue full");
+        authenticatedConnections[i]->send(jsonString);
   }
   //nope, just sent it to all.
   else