From 060a831abd61371ecbdc8cf5b98f1c7baeb09ea9 Mon Sep 17 00:00:00 2001
From: MiroZ <miroz2009@gmail.com>
Date: Sun, 18 Aug 2024 14:03:38 -0700
Subject: [PATCH] updated mqtt client certificate, added counter to mqtt
 connect fail and reset after 100 consecutive failed attempts, provision wifi
 connect check also uses retry

---
 README.md                  | 10 ++++-----
 certs/client1-authn-ID.pem | 23 +++++++++----------
 main/MqttService.cpp       | 28 ++++++++++++++---------
 main/ProvisionSoftAP.cpp   | 46 ++++++++++++++++++++++----------------
 main/Wifi.cpp              |  2 +-
 utils/mqtt.py              |  2 +-
 6 files changed, 62 insertions(+), 49 deletions(-)

diff --git a/README.md b/README.md
index 2b8aa14..12bc95d 100644
--- a/README.md
+++ b/README.md
@@ -24,12 +24,12 @@ openssl s_client -showcerts -connect mqtt-dev-server.westus2-1.ts.eventgrid.azur
 
 openssl s_client -showcerts -verify 5 -connect mqtt-dev-server.westus2-1.ts.eventgrid.azure.net:8883 < /dev/null
 
-openssl s_client -showcerts -verify 5 -connect mqtt-dev-server.westus2-1.ts.eventgrid.azure.net:8883 < /dev/null |
-   awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
-for cert in *.pem; do 
-        newname=$(openssl x509 -noout -subject -in $cert | sed -nE 's/.*CN ?= ?(.*)/\1/; s/[ ,.*]/_/g; s/__/_/g; s/_-_/-/; s/^_//g;p' | tr '[:upper:]' '[:lower:]').pem
+    openssl s_client -showcerts -verify 5 -connect mqtt-dev-server.westus2-1.ts.eventgrid.azure.net:8883 < /dev/null | awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
+
+    for cert in *.pem; do 
+    newname=$(openssl x509 -noout -subject -in $cert | sed -nE 's/.*CN ?= ?(.*)/\1/; s/[ ,.*]/_/g; s/__/_/g; s/_-_/-/; s/^_//g;p' | tr '[:upper:]' '[:lower:]').pem
         echo "${newname}"; mv "${cert}" "${newname}" 
-done
+    done
 
 convert crl to pem
 openssl crl -in "Microsoft Azure ECC TLS Issuing CA 08 - xsign.crt" -inform PEM -out "Microsoft Azure ECC TLS Issuing CA 08 - xsign.pem"
diff --git a/certs/client1-authn-ID.pem b/certs/client1-authn-ID.pem
index 8de251a..eabfa17 100755
--- a/certs/client1-authn-ID.pem
+++ b/certs/client1-authn-ID.pem
@@ -1,13 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIB8DCCAZagAwIBAgIRAOkYhrcCE+j1PLQ9BDCRPEcwCgYIKoZIzj0EAwIwRjEZ
-MBcGA1UEChMQTXF0dEFwcFNhbXBsZXNDQTEpMCcGA1UEAxMgTXF0dEFwcFNhbXBs
-ZXNDQSBJbnRlcm1lZGlhdGUgQ0EwHhcNMjQwNTAyMTAxNzU0WhcNMjQwODEwMTAx
-NzQ5WjAbMRkwFwYDVQQDExBjbGllbnQxLWF1dGhuLUlEMFkwEwYHKoZIzj0CAQYI
-KoZIzj0DAQcDQgAE8/zOkgtPi53H+J4TEt7WLam+HpzBpwPPIGnXe1j0aw8AW0IX
-f3C59dNjXblYkMnfJetfGC+F1RGit8wltxa/1KOBjzCBjDAOBgNVHQ8BAf8EBAMC
-B4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQZzhke
-y2EVMhqXkvS8f0ShvbfU6TAfBgNVHSMEGDAWgBTP6P7nCctF0+5MHQFtdHOS+9ir
-1zAbBgNVHREEFDASghBjbGllbnQxLWF1dGhuLUlEMAoGCCqGSM49BAMCA0gAMEUC
-IQCjPsQCjTZl+OySx5ggC7501bJ4+aFvFjPgWBPzF/qiNQIgYzyLOyOJqadWYh85
-usAECzpgqLWVXQOkYbqdicc3CtI=
------END CERTIFICATE-----
+MIIBxjCCAWugAwIBAgIRAOkYhrcCE+j1PLQ9BDCRPEcwCgYIKoZIzj0EAwIwGzEZ
+MBcGA1UEAxMQY2xpZW50MS1hdXRobi1JRDAeFw0yNDA4MTAyMjQ3MzNaFw00NDA4
+MDUyMjQ3MzNaMBsxGTAXBgNVBAMTEGNsaWVudDEtYXV0aG4tSUQwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAATz/M6SC0+Lncf4nhMS3tYtqb4enMGnA88gadd7WPRr
+DwBbQhd/cLn102NduViQyd8l618YL4XVEaK3zCW3Fr/Uo4GPMIGMMA4GA1UdDwEB
+/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FBnOGR7LYRUyGpeS9Lx/RKG9t9TpMB8GA1UdIwQYMBaAFM/o/ucJy0XT7kwdAW10
+c5L72KvXMBsGA1UdEQQUMBKCEGNsaWVudDEtYXV0aG4tSUQwCgYIKoZIzj0EAwID
+SQAwRgIhAOay3IFSxWtbsByHePYSEc/t6zP4f08Xi5/hU6JURfMtAiEAr+AL+zZS
+cxY4lsDnl4GhAejnyjB7ptK8DFYLtmOvzjs=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/main/MqttService.cpp b/main/MqttService.cpp
index 5bd328c..31590f2 100644
--- a/main/MqttService.cpp
+++ b/main/MqttService.cpp
@@ -39,6 +39,8 @@ uint8_t buffer[256];
 
 void MqttService::task()
 {
+	int try_connect_count = 0;
+
 	while(true)
 	{
 		if(m_app_if.getBuffer()->waitForDataAvailable(1000))
@@ -46,36 +48,40 @@ void MqttService::task()
 			uint8_t len = 0;
 			if(m_app_if.getBuffer()->getBlock(buffer, len))
 			{
-				char top[64];
+				char buffer[64];
 				uint8_t mac[6];
 				WiFi.macAddress(mac);
 
 				while (!m_mqtt_client->connected()) 
 				{
-					sprintf(top, "wh_%02X%02X%02X%02X%02X%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
+					sprintf(buffer, "wh_%02X%02X%02X%02X%02X%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
 
 					ESP_LOGI(TAG, "connecting to mqtt broker, dev id '%s'...", SETTINGS.mqtt.device_id);
-					if (m_mqtt_client->connect(top, SETTINGS.mqtt.device_id, NULL))
+					if (m_mqtt_client->connect(buffer, SETTINGS.mqtt.device_id, NULL))
 					{
+						try_connect_count = 0;
 						ESP_LOGI(TAG, "connected");
 		
-						sprintf(top, "/%02X%02X%02X%02X%02X%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
+						sprintf(buffer, "/%02X%02X%02X%02X%02X%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
 
-						ESP_LOGI(TAG, "Subscribing to %s", top);
-						if(m_mqtt_client->subscribe(top))
+						ESP_LOGI(TAG, "Subscribing to %s", buffer);
+						if(m_mqtt_client->subscribe(buffer))
 							ESP_LOGI(TAG, "subscribed");
 						else
 							ESP_LOGE(TAG, "subscribe failed");
 
-						sprintf(top, "/%08x", SETTINGS.device.group_id);
-						ESP_LOGI(TAG, "Subscribing to %s", top);
-						if(m_mqtt_client->subscribe(top))
+						sprintf(buffer, "/%08x", SETTINGS.device.group_id);
+						ESP_LOGI(TAG, "Subscribing to %s", buffer);
+						if(m_mqtt_client->subscribe(buffer))
 							ESP_LOGI(TAG, "subscribed");
 						else
 							ESP_LOGE(TAG, "subscribe failed");
 					}
 					else 
 					{
+						try_connect_count++;
+						if(try_connect_count > 100)
+							esp_restart();
 						ESP_LOGE(TAG, "failed with state %d", m_mqtt_client->state());
 						delay(5000);
 					}
@@ -121,8 +127,8 @@ void MqttService::start()
 	
 	m_mqtt_client->setServer(mqtt_broker, mqtt_port);
 	m_mqtt_client->setCallback(std::bind(&MqttService::callback, this, _1, _2, _3));
-	m_mqtt_client->setKeepAlive(30);
-	m_mqtt_client->setSocketTimeout(30);
+	m_mqtt_client->setKeepAlive(50);
+	m_mqtt_client->setSocketTimeout(50);
 
 	m_task = TaskMgr::getInstance().createTask(std::bind(&MqttService::task, this), MQTT_TASK_NAME, MQTT_TASK_STACK_SIZE, MQTT_TASK_PRIORITY, MQTT_TASK_CORE);
 }
\ No newline at end of file
diff --git a/main/ProvisionSoftAP.cpp b/main/ProvisionSoftAP.cpp
index dacbb33..c2d86a1 100755
--- a/main/ProvisionSoftAP.cpp
+++ b/main/ProvisionSoftAP.cpp
@@ -199,7 +199,7 @@ void ProvisionSoftAP::start()
 	ESP_ERROR_CHECK(esp_timer_create(&timer, &m_timer));
 	ESP_ERROR_CHECK(esp_timer_start_periodic(m_timer, INACTIVE_TIMER));	// 5 min
 
-	sprintf(ssid, "Wellhub-%02x%02x%02x%02x%02x%02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
+	sprintf(ssid, "Wellplug-%02x%02x%02x%02x%02x%02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
 	start(ssid, "12345678");
 }
 
@@ -269,29 +269,37 @@ const char wifi_fail[] = "verify_wifi:fail";
 void ProvisionSoftAP::tryConnect()
 {
 	ESP_LOGI(TAG, "trying to connect to %s", m_ssid);
+	
+	int connRes = 0;
 
-	WiFi.begin(m_ssid, m_pwd);
-	int connRes = WiFi.waitForConnectResult(5000);
-	if(connRes == WL_CONNECTED)
+	delay(100);
+
+	for(int n = 0; n < 7; n++)
 	{
-		// all is gud!
-		ESP_LOGI(TAG, "we're connected, sending confirmation");
-		m_webSocket->textAll(wifi_ok, sizeof(wifi_ok)-1);
+		WiFi.begin(m_ssid, m_pwd);
+		connRes = WiFi.waitForConnectResult(8000);
+		if(connRes == WL_CONNECTED)
+		{
+			// all is gud!
+			ESP_LOGI(TAG, "we're connected, sending confirmation");
+			m_webSocket->textAll(wifi_ok, sizeof(wifi_ok)-1);
 
-		strcpy(SETTINGS.wifi.entry[0].ssid, m_ssid);
-		strcpy(SETTINGS.wifi.entry[0].pwd, m_pwd);
-		SETTINGS.wifi.selected = 0;
-		SETTINGS.wifi.num = 1;
-		
-		SETTINGS_SAVE;
+			strcpy(SETTINGS.wifi.entry[0].ssid, m_ssid);
+			strcpy(SETTINGS.wifi.entry[0].pwd, m_pwd);
+			SETTINGS.wifi.selected = 0;
+			SETTINGS.wifi.num = 1;
+			
+			SETTINGS_SAVE;
 
-		vTaskDelay(3000 / portTICK_PERIOD_MS);
-		waitBufferEmpty();
+			vTaskDelay(3000 / portTICK_PERIOD_MS);
+			waitBufferEmpty();
 
-		ESP_LOGI(TAG, "restarting...");
-		WiFi.disconnect();
-		WiFi.mode(WIFI_MODE_NULL);
-		esp_restart();
+			ESP_LOGI(TAG, "restarting...");
+			WiFi.disconnect();
+			WiFi.mode(WIFI_MODE_NULL);
+			esp_restart();
+		}
+		delay(300);
 	}
 	WiFi.mode(WIFI_MODE_AP);
 	ESP_LOGE(TAG, "nuh-uh peppernip, error %d", connRes);
diff --git a/main/Wifi.cpp b/main/Wifi.cpp
index cb9cfe1..0b57202 100644
--- a/main/Wifi.cpp
+++ b/main/Wifi.cpp
@@ -118,7 +118,7 @@ Wifi::WIFI_STATUS Wifi::connectTo(int index)
 	delay(1000);
 
 	WiFi.disconnect();
-	ESP_LOGW(TAG, "Failed to connect");
+	ESP_LOGW(TAG, "Failed to connect, status: %d", status);
 	return WIFI_STATUS::NOT_CONNECTED;
 }
 
diff --git a/utils/mqtt.py b/utils/mqtt.py
index 89e22d8..cd7acf4 100755
--- a/utils/mqtt.py
+++ b/utils/mqtt.py
@@ -20,7 +20,7 @@ def connect_mqtt(client_id):
         else:
             print("Failed to connect, return code %d\n", rc)
 
-    client = mqtt_client.Client(mqtt_client.CallbackAPIVersion.VERSION1, "asdasdadaswd")
+    client = mqtt_client.Client(mqtt_client.CallbackAPIVersion.VERSION1, "asdasxzxdadaswd")
     client.tls_set(
         ca_certs='eventgrid.azure_full.pem',
         certfile='../certs/client1-authn-ID.pem',