Adds an option to skip authentication with localhost calls, watchdog timer on Anykas

Author: wberube

divinus.yaml

@@ -4,6 +4,7 @@ system:
   web_enable_auth: false
   web_auth_user: admin
   web_auth_pass: 12345
+  web_auth_skiplocal: true
   web_enable_static: false
   isp_thread_stack_size: 16384
   venc_stream_thread_stack_size: 16384

src/app_config.c

@@ -86,6 +86,7 @@ int save_app_config(void) {
     fprintf(file, "  web_enable_auth: %s\n", app_config.web_enable_auth ? "true" : "false");
     fprintf(file, "  web_auth_user: %s\n", app_config.web_auth_user);
     fprintf(file, "  web_auth_pass: %s\n", app_config.web_auth_pass);
+    fprintf(file, "  web_auth_skiplocal: %s\n", app_config.web_auth_skiplocal ? "true" : "false");
     fprintf(file, "  web_enable_static: %s\n", app_config.web_enable_static ? "true" : "false");
     fprintf(file, "  isp_thread_stack_size: %d\n", app_config.isp_thread_stack_size);
     fprintf(file, "  venc_stream_thread_stack_size: %d\n", app_config.venc_stream_thread_stack_size);
@@ -217,6 +218,7 @@ enum ConfigError parse_app_config(void) {
     app_config.web_port = 8080;
     *app_config.web_whitelist[0] = '\0';
     app_config.web_enable_auth = false;
+    app_config.web_auth_skiplocal = false;
     app_config.web_enable_static = false;
     app_config.isp_thread_stack_size = 16 * 1024;
     app_config.venc_stream_thread_stack_size = 16 * 1024;
@@ -311,6 +313,7 @@ enum ConfigError parse_app_config(void) {
         &ini, "system", "web_auth_user", app_config.web_auth_user);
     parse_param_value(
         &ini, "system", "web_auth_pass", app_config.web_auth_pass);
+    parse_bool(&ini, "system", "web_auth_skiplocal", &app_config.web_auth_skiplocal);
     err = parse_bool(
         &ini, "system", "web_enable_static", &app_config.web_enable_static);
     if (err != CONFIG_OK)

src/app_config.h

@@ -19,6 +19,7 @@ struct AppConfig {
     bool web_enable_auth;
     char web_auth_user[32];
     char web_auth_pass[32];
+    bool web_auth_skiplocal;
     bool web_enable_static;
     unsigned int isp_thread_stack_size;
     unsigned int venc_stream_thread_stack_size;

src/hal/plus/ak_hal.c

@@ -85,12 +85,14 @@ int ak_pipeline_create(char mirror, char flip)
         config.capt.height = _ak_vi_res.height;
         config.capt.x = 0;
         config.capt.y = 0;
-        for (char i = 0; i < 2; i++) {
-            config.dest[i].width = 640;
-            config.dest[i].height = 480;
-            config.dest[i].maxWidth = 640;
-            config.dest[i].maxHeight = 480;
-        }
+        config.dest[0].width = 640;
+        config.dest[0].height = 480;
+        config.dest[0].maxWidth = 640;
+        config.dest[0].maxHeight = 480;
+        config.dest[1].width = _ak_vi_res.width;
+        config.dest[1].height = _ak_vi_res.height;
+        config.dest[1].maxWidth = _ak_vi_res.width;
+        config.dest[1].maxHeight = _ak_vi_res.height;
 
         if (ak_vi.fnSetDeviceConfig(_ak_vi_dev, &config))
             HAL_ERROR("ak_vi", "Setting the sensor resolution failed with %#x!\n%s\n",
@@ -195,7 +197,7 @@ void *ak_video_thread(void)
     int ret;
 
     while (keepRunning) {
-        for (int i = 0; i < AK_VENC_CHN_NUM; i++) {
+        for (char i = 0; i < AK_VENC_CHN_NUM; i++) {
             if (!ak_state[i].enable) continue;
             if (!ak_state[i].mainLoop) continue;
 
@@ -241,7 +243,10 @@ void ak_system_deinit(void)
 
 int ak_system_init(char *snrConfig)
 {
-    int ret = EXIT_SUCCESS;
+    int ret = EXIT_SUCCESS, val = 0xAA000000;
+
+    // Disable the watchdog timer if it isn't already
+    hal_registry(0x080080E8, &val, OP_WRITE);
 
     if (ak_vi.fnLoadSensorConfig(snrConfig))
         HAL_DANGER("ak_vi", "Loading the sensor config failed"

src/server.c

@@ -54,6 +54,22 @@ int server_fd = -1;
 pthread_t server_thread_id;
 pthread_mutex_t client_fds_mutex;
 
+static bool is_local_address(const char *client_ip) {
+    if (!client_ip) return false;
+    
+    if (!strcmp(client_ip, "127.0.0.1") ||
+        !strncmp(client_ip, "127.", 4))
+        return true;
+    
+    if (!strcmp(client_ip, "::1"))
+        return true;
+    
+    if (!strncmp(client_ip, "::ffff:127.", 11))
+        return true;
+    
+    return false;
+}
+
 static void close_socket_fd(int sockFd) {
     shutdown(sockFd, SHUT_RDWR);
     close(sockFd);
@@ -467,8 +483,8 @@ void parse_request(http_request_t *req) {
         req->total = 0;
         return;
     }
-grant_access:
 
+grant_access:
     req->total = 0;
     int received = recv(req->clntFd, req->input, REQSIZE, 0);
     if (received < 0)
@@ -605,23 +621,38 @@ void respond_request(http_request_t *req) {
     }
 
     if (app_config.web_enable_auth) {
-        char *auth = request_header("Authorization");
-        char cred[66], valid[256];
+        bool should_skip_auth = false;
 
-        strcpy(cred, app_config.web_auth_user);
-        strcpy(cred + strlen(app_config.web_auth_user), ":");
-        strcpy(cred + strlen(app_config.web_auth_user) + 1, app_config.web_auth_pass);
-        strcpy(valid, "Basic ");
-        base64_encode(valid + 6, cred, strlen(cred));
+        if (app_config.web_auth_skiplocal) {
+            struct sockaddr_in client_sock;
+            socklen_t client_sock_len = sizeof(client_sock);
+            memset(&client_sock, 0, client_sock_len);
 
-        if (!auth || !EQUALS(auth, valid)) {
-            respLen = sprintf(response,
-                "HTTP/1.1 401 Unauthorized\r\n"
-                "Content-Type: text/plain\r\n"
-                "WWW-Authenticate: Basic realm=\"Access the camera services\"\r\n"
-                "Connection: close\r\n\r\n");
-            send_and_close(req->clntFd, response, respLen);
-            return;
+            if (getpeername(req->clntFd, (struct sockaddr *)&client_sock, &client_sock_len) == 0) {
+                char *client_ip = inet_ntoa(client_sock.sin_addr);
+                should_skip_auth = is_local_address(client_ip);
+            }
+        }
+
+        if (!should_skip_auth) {
+            char *auth = request_header("Authorization");
+            char cred[66], valid[256];
+
+            strcpy(cred, app_config.web_auth_user);
+            strcpy(cred + strlen(app_config.web_auth_user), ":");
+            strcpy(cred + strlen(app_config.web_auth_user) + 1, app_config.web_auth_pass);
+            strcpy(valid, "Basic ");
+            base64_encode(valid + 6, cred, strlen(cred));
+
+            if (!auth || !EQUALS(auth, valid)) {
+                respLen = sprintf(response,
+                    "HTTP/1.1 401 Unauthorized\r\n"
+                    "Content-Type: text/plain\r\n"
+                    "WWW-Authenticate: Basic realm=\"Access the camera services\"\r\n"
+                    "Connection: close\r\n\r\n");
+                send_and_close(req->clntFd, response, respLen);
+                return;
+            }
         }
     }