Comments (11)
No this is something new.
It happens directly during the initialization process of the console. Somehow the "node" object is not set inside the "sensor" object. This means there exists a sensor in the database, that has a node id which does not exist. I do not know how this could happen (because the node id of the sensor is a foreign key to the id in the node tables, this means the object could not be stored inside the database of the server if something like this happens).
The only idea I have now is the following:
This code searches the node the sensor belongs to (in the console manager):
nodeSensorBelongs = None
for node in self.nodes:
if node.nodeType != "sensor":
continue
if sensor.nodeId == node.nodeId:
nodeSensorBelongs = node
break
This code skips nodes that are not of the type "sensor". This means you could have a node not of the type sensor in your database (for example of type "manager") that has sensors. This can happen if you use the same username for more than one client. Can you please check your configuration? And if this is not the case, can you please post a dump of you database?
[edit]
Just pushed an update to make some more checks to avoid problems with misconfigured clients.
from alertr.
Thanks for the quick reply - i will set up a new VM and test it until monday and give you feedback.
It is possible that i double used the username (..i know you promised strange things could happen...)
What is the best way to dump the sqlite database? Specific table? Did not look into the database for now .
from alertr.
from alertr.
from alertr.
from alertr.
Ok thanks for the images.
Your database is totally messed up. For example your first two sensors point to node 1 and this node is of type "manager". The last two sensors point to node 4 and this one is of type "alert". The only thing I can think about how this could happen is multiple use of the same username.
To fix this I would recommend to delete your database and all "registered" files on the client side. Then restart the server and all clients. This should rebuild the database and fix everything.
Because of a feature I want to implement over Christmas (a kind of rule engine so you can configure a specific order in which sensors have to trigger in a specific time frame to trigger an alert => need this for a path of motion sensors), I have to change the config file format (unfortunately, XML is the only format that models the things I need) and parts of the client registration. I think this messed up database when you use the same username multiple times should then also be fixed.
from alertr.
Sounds like a good improvement!
Maybe you can disable check for certificates if the option is set to false - an option to
completely turn off certificates ( in this case the values could be empty ).
Tell me if i should open a new topic for that.
from alertr.
Sorry, I intentionally did not add the feature to disable the server certificate check. The reason why I will not do this is because it completely undermines the security you gain with TLS. When someone disables it, it is absolutely no problem to gain the user credentials via a MITM attack. And by forcing the server certificate check, I prevent a misconfiguration of the complete alerting system (because someone does not know how or do not want to generate a certificate). You do not even need a CA and the whole certificate signing part to be secure. You only need to generate one certificate for the server (which is one OpenSSL command) and put the certificate on all clients.
Perhaps to get a better usability for the "not so technical" users one could add an install/setup script or something like that. I also thought about a web interface to configure the server/clients. But one step at a time ;)
from alertr.
Security first - it´s important, but in a single homed environment no one should gain access to the systems :) - but i think i should follow the secure way too, started from here to create a CA
http://www.freebsdmadeeasy.com/tutorials/web-server/apache-ssl-certs.php
...it´s a lot of work to generate certificates for each client - and in the future to maintain them...
How should a config with just one cert look like? Maybe you can give an example - currently there are three cert files required in each config file.
Thank you and best regards.
from alertr.
Ok, a whole CA for an isolated home environment is much to maintain. The one cert solution is the one I gave in the example configurations ( https://github.com/sqall01/alertR/blob/master/server/README.md ):
On the server you can do this to create a certificate and key:
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Then you can use this for your server configuration in the configuration file:
[...]
[server]
certificateFile = /home/pi/server/server.crt
keyFile = /home/pi/server/server.key
[...]
Now the server certificate is configured. To disable the clients from offering a client certificate, you have to disable this check first on the server with this switch in the configuration file (which I just see I forgot to update in the example, but it is described in the config template):
[...]
[server]
[...]
useClientCertificates = False
clientCAFile = value not processed
[...]
Now the server is configured to have a self-made certificate without any CA and does not require the clients to offer a certificate for the authentication.
When we now configure a client, we can again use the example ( https://github.com/sqall01/alertR/blob/master/alertClientRaspberryPi/README.md ). We first disable the client certificate authentication:
[general]
[...]
certificateRequired = False
certificateFile = value not processed
keyFile = value not processed
[...]
Ok, now the client needs the CA to check the certificate offered by the server. Because there does not exist any CA for this, we use the certificate (public key) of the server itself (the created file "server.crt"). The configuration on the client would look like this:
[...]
[general]
[...]
serverCAFile = /home/pi/alertClientRaspberryPi/server.crt
[...]
When you use this configuration, you do not need any CA and just have to create one server certificate (and still have a moderate secure connection).
Perhaps I should create a configuration how to for a simple setup. But I do not know when I will do it. The configuration file has changed a lot in the dev branch (now it is with xml instead of ini).
from alertr.
Ok, merged the dev branch with the master branch and updated the basic configuration examples. Everything should be solved now.
from alertr.
Related Issues (20)
- FIFO question = how to?! HOT 4
- Siren Timeout HOT 2
- Problem in config managerClientDatabase NameError: name 'updateServer' is not defined HOT 2
- SSLEOFError: EOF occurred in violation of protocol HOT 7
- Playing (no)sound from keypad to bluetooth speaker HOT 6
- Clear message history in the Android app HOT 2
- Error in dependency version check of installer HOT 1
- Missing files after server installation HOT 1
- Error in sensorClientRaspberryPi interrupt callback HOT 5
- What is the most simple way to activate/deactivate alertR time-controlled? HOT 6
- ManagerClientConsole cant find server HOT 5
- Best way to implement a door sensor HOT 8
- Feature request: allow the use of IMAP IDLE for push notifications HOT 2
- Feature request: installation and configuration assistants HOT 2
- Triggered alert before system active didnt gets triggered again HOT 5
- Problem with alertwebmobilemanager after update to 0.800 HOT 4
- ICalendar exit code 1 HOT 5
- PHP issues with Web Mobile manager HOT 7
- Temperature sensor don't go back to normal state after triggered HOT 4
- Error 404: installing server on windows HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from alertr.