diff options
| -rw-r--r-- | CHECKLIST.md | 89 | ||||
| -rw-r--r-- | main/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | main/cashu.c | 32 | ||||
| -rw-r--r-- | main/config.c | 2 | ||||
| -rw-r--r-- | main/tollgate_api.c | 25 |
5 files changed, 84 insertions, 66 deletions
diff --git a/CHECKLIST.md b/CHECKLIST.md index fe5894f..ba17adc 100644 --- a/CHECKLIST.md +++ b/CHECKLIST.md | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | # TollGate ESP32 — Progress Checklist | 1 | # TollGate ESP32 — Progress Checklist |
| 2 | 2 | ||
| 3 | ## Phase 0: Bootstrap | 3 | ## Phase 0: Bootstrap — COMPLETE |
| 4 | - [x] Create project directory and git repo | 4 | - [x] Create project directory and git repo |
| 5 | - [x] Create .env, .env.example, .gitignore | 5 | - [x] Create .env, .env.example, .gitignore |
| 6 | - [x] Persist PLAN.md and CHECKLIST.md | 6 | - [x] Persist PLAN.md and CHECKLIST.md |
| @@ -9,66 +9,67 @@ | |||
| 9 | - [x] Run `make detect-all` — identified both boards as ESP32-S3 (16MB flash) | 9 | - [x] Run `make detect-all` — identified both boards as ESP32-S3 (16MB flash) |
| 10 | - [x] Fix ESP-IDF v5.4.1 installation (was deeply corrupted, re-cloned) | 10 | - [x] Fix ESP-IDF v5.4.1 installation (was deeply corrupted, re-cloned) |
| 11 | 11 | ||
| 12 | ## Phase 1: Captive Portal + Firewall — COMPLETE | 12 | ## Phase 1: Captive Portal + Firewall — COMPLETE (commit `a7d0a67`) |
| 13 | - [x] Implement tollgate_main.c (WiFi AP+STA, event loop) | 13 | - [x] Implement tollgate_main.c (WiFi AP+STA, event loop) |
| 14 | - [x] Implement config.c/h (SPIFFS JSON config loading) | 14 | - [x] Implement config.c/h (SPIFFS JSON config loading) |
| 15 | - [x] Implement dns_server.c/h (DNS hijack/forward per-client) | 15 | - [x] Implement dns_server.c/h (DNS hijack/forward per-client) |
| 16 | - [x] Implement captive_portal.c/h (HTTP :80, portal HTML) | 16 | - [x] Implement captive_portal.c/h (HTTP :80, portal HTML) |
| 17 | - [x] Implement firewall.c/h (NAPT on/off per auth state) | 17 | - [x] Implement firewall.c/h (NAPT on/off per auth state) |
| 18 | - [x] Set up test infrastructure (Node.js tests, helpers, Playwright) | 18 | - [x] Set up test infrastructure (Node.js tests, helpers, Playwright) |
| 19 | - [x] Fix WiFi init order bug (netif before esp_wifi_init, set_mode before set_config) | 19 | - [x] Fix WiFi init order bug |
| 20 | - [x] Fix DNS hijack test (nslookup exits 1 for AAAA, catch stderr) | 20 | - [x] Fix DNS hijack test (nslookup exits 1 for AAAA) |
| 21 | - [x] Fix ping tests (use `-I wlp59s0` to force through TollGate AP) | 21 | - [x] Fix ping tests (use `-I wlp59s0`) |
| 22 | - [x] Test 1: Boot and AP appears | 22 | - [x] Tests 1-14: ALL PASSING |
| 23 | - [x] Test 2: DHCP lease | ||
| 24 | - [x] Test 3: Captive portal serves HTML | ||
| 25 | - [x] Test 4: Captive detection URIs work (8 URIs) | ||
| 26 | - [x] Test 5: DNS hijack before auth | ||
| 27 | - [x] Test 6: No internet before auth | ||
| 28 | - [x] Test 7: /whoami returns MAC | ||
| 29 | - [x] Test 8: /usage returns no session | ||
| 30 | - [x] Test 9: Grant access via API | ||
| 31 | - [x] Test 10: DNS forward after auth | ||
| 32 | - [x] Test 11: Internet after auth | ||
| 33 | - [x] Test 12: HTTP browsing works | ||
| 34 | - [x] Test 13: Reset auth | ||
| 35 | - [x] Test 14: Internet blocked after reset | ||
| 36 | - [x] **All 20 API tests pass, all 6 smoke tests pass** | ||
| 37 | - [x] Committed: `a7d0a67` | ||
| 38 | 23 | ||
| 39 | ## Phase 2: E-Cash Payments — IN PROGRESS (code written, bugs to fix) | 24 | ## Phase 2: E-Cash Payments — IN PROGRESS |
| 25 | ### Code Written (commit `1263d86`) | ||
| 40 | - [x] Implement cashu.c/h (Cashu token parse, base64url, checkstate, mint validation) | 26 | - [x] Implement cashu.c/h (Cashu token parse, base64url, checkstate, mint validation) |
| 41 | - [x] Implement session.c/h (time-based allotment, expiry, secret tracking) | 27 | - [x] Implement session.c/h (time-based allotment, expiry, secret tracking) |
| 42 | - [x] Implement tollgate_api.c/h (:2121 server, GET/POST /, /usage, /whoami) | 28 | - [x] Implement tollgate_api.c/h (:2121 server, GET/POST /, /usage, /whoami) |
| 43 | - [x] Update captive portal HTML with payment form (token textarea, Pay & Connect button) | 29 | - [x] Update captive portal HTML with payment form |
| 44 | - [x] Wire into tollgate_main.c (session_init, api_start, session_tick loop) | 30 | - [x] Wire into tollgate_main.c (session_init, api_start, session_tick loop) |
| 31 | |||
| 32 | ### Bug Fixes (commit `aed51d8`) | ||
| 33 | - [x] Stack overflow: httpd stack_size increased to 16384 in tollgate_api.c | ||
| 34 | - [x] Heap allocations: b64, json_buf, post_body, resp_buf moved to heap in cashu.c | ||
| 35 | - [x] .env: MINT_URL updated to testnut.cashu.space | ||
| 36 | - [x] Makefile: replaced Go-based tokens target with nutshell wallet targets | ||
| 37 | |||
| 38 | ### Infrastructure (ready now) | ||
| 39 | - [x] Upstream gateway on enx00e04c633a90 (192.168.2.0/24, metric 101, default route) | ||
| 40 | - [x] OpenWRT TollGate on enx00e04c683d2d (10.47.41.0/24, metric 20100, never-default) | ||
| 41 | - [x] WiFi wlp59s0 free for ESP32 TollGate connection | ||
| 42 | - [x] NetworkManager profile "TollGate-ESP32" created (manual 192.168.4.2/24, autoconnect=no) | ||
| 43 | |||
| 44 | ### Tests Passing | ||
| 45 | - [x] Test 15: Advertisement valid (kind=10021 with price_per_step) — PASSING | 45 | - [x] Test 15: Advertisement valid (kind=10021 with price_per_step) — PASSING |
| 46 | - [ ] **BUG FIX: Stack overflow in httpd task** — POST to :2121 crashes (Guru Meditation LoadProhibited). Need to increase httpd stack_size to 16384 and heap-allocate large buffers in cashu.c | 46 | |
| 47 | - [ ] **BUG FIX: cashu_decode_token has 2048B stack buffer** — move json_buf to heap | 47 | ### Tests Blocked (need hardware flash + test) |
| 48 | - [ ] **BUG FIX: cashu_check_proof_states has 4096B stack buffer** — move resp_buf to heap | 48 | - [ ] Test 16: Valid payment (POST :2121/ with valid Cashu token → kind=1022 session) |
| 49 | - [ ] Test 16: Valid payment (needs valid Cashu token from nutshell) | 49 | - [ ] Test 17: Usage tracking after payment (GET :2121/usage → active usage) |
| 50 | - [ ] Test 17: Usage tracking after payment | 50 | - [ ] Test 18: Internet after payment (ping through TollGate works) |
| 51 | - [ ] Test 18: Internet after payment | 51 | - [ ] Test 19: Invalid token rejected (POST garbage → 400, kind=21023) |
| 52 | - [ ] Test 19: Invalid token rejected — blocked by stack overflow crash | 52 | - [ ] Test 20: Spent token rejected (reuse token → 402, kind=21023) |
| 53 | - [ ] Test 20: Spent token rejected | 53 | - [ ] Test 21: Wrong mint rejected (POST token from wrong mint → 402) |
| 54 | - [ ] Test 21: Wrong mint rejected — blocked by stack overflow crash | 54 | - [ ] Test 22: Session expiry (wait for allotment → internet blocked) |
| 55 | - [ ] Test 22: Session expiry | 55 | - [ ] Test 23: Session renewal (second payment → allotment extended) |
| 56 | - [ ] Test 23: Session renewal | 56 | - [ ] Test 24: Portal payment form visible in browser |
| 57 | - [ ] Test 24: Portal payment form — blocked by stack overflow crash | ||
| 58 | - [ ] Test 25: Two clients pay independently | 57 | - [ ] Test 25: Two clients pay independently |
| 59 | - [ ] Test 26: Client isolation | 58 | - [ ] Test 26: Client isolation (only payer gets internet) |
| 60 | - [ ] Test 27: Full e2e browser flow | 59 | - [ ] Test 27: Full e2e: portal → pay → browse |
| 61 | 60 | ||
| 62 | ## Infrastructure Setup — TODO (before next hardware session) | 61 | ### Next Steps (TDD cycle) |
| 63 | - [ ] Update .env: change mint from nofee.testnut.cashu.space → testnut.cashu.space | 62 | 1. Flash firmware to ESP32 board A (`make flash-a`) |
| 64 | - [ ] Update Makefile: add nutshell wallet targets (mint-token, send-token, balance) | 63 | 2. Connect WiFi to TollGate AP: `nmcli con up TollGate-ESP32` |
| 65 | - [ ] Create Ansible playbook for full dev environment setup | 64 | 3. Run Phase 2 discovery test: `TOLLGATE_IP=192.168.4.1 node tests/phase2.mjs` |
| 66 | - [ ] Create NetworkManager profile for TollGate testing (ethernet=upstream, wifi=tollgate only) | 65 | 4. If Test 15 still passes, proceed to Test 19 (invalid token — no mint needed) |
| 67 | - [ ] Verify network routing works (ethernet default route, WiFi 192.168.4.0/24 only) | 66 | 5. Mint a test token: `make mint-token AMOUNT=21` |
| 67 | 6. Run full Phase 2 with token: `TEST_TOKEN=$(cashu --env-mint testnut.cashu.space send --legacy 21) TOLLGATE_IP=192.168.4.1 node tests/phase2.mjs` | ||
| 68 | 7. Fix any failures, commit + push when tests pass | ||
| 68 | 69 | ||
| 69 | ## Phase 3: nucula Wallet + Reseller — NOT STARTED | 70 | ## Phase 3: nucula Wallet + Reseller — NOT STARTED |
| 70 | - [ ] Extract nucula wallet into components/cashu_wallet/ | 71 | - [ ] Extract nucula wallet into components/cashu_wallet/ |
| 71 | - [ ] Replace simple melt with Wallet::receive() | 72 | - [ ] Replace simple melt with Wallet::receive() |
| 72 | - [ ] Implement payout.c/h (background melt-to-LN) | 73 | - [ ] Implement payout.c/h (background melt-to-LN) |
| 73 | - [ ] Implement upstream_client.c/h (reseller mode) | 74 | - [ ] Implement upstream_client.c/h (reseller mode) |
| 74 | - [ ] Test 28-38: All Phase 3 tests | 75 | - [ ] Tests 28-38 |
diff --git a/main/CMakeLists.txt b/main/CMakeLists.txt index 97b4c37..5650309 100644 --- a/main/CMakeLists.txt +++ b/main/CMakeLists.txt | |||
| @@ -8,5 +8,5 @@ idf_component_register(SRCS "tollgate_main.c" | |||
| 8 | "tollgate_api.c" | 8 | "tollgate_api.c" |
| 9 | INCLUDE_DIRS "." "${IDF_PATH}/components/lwip/include/apps" | 9 | INCLUDE_DIRS "." "${IDF_PATH}/components/lwip/include/apps" |
| 10 | REQUIRES esp_wifi esp_event esp_netif nvs_flash esp_http_server | 10 | REQUIRES esp_wifi esp_event esp_netif nvs_flash esp_http_server |
| 11 | lwip json esp_http_client mbedtls log spiffs | 11 | lwip json esp_http_client mbedtls esp-tls log spiffs |
| 12 | PRIV_REQUIRES esp-tls) | 12 | PRIV_REQUIRES esp-tls) |
diff --git a/main/cashu.c b/main/cashu.c index 8dffacc..ba6d9ef 100644 --- a/main/cashu.c +++ b/main/cashu.c | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | #include "cJSON.h" | 5 | #include "cJSON.h" |
| 6 | #include "mbedtls/base64.h" | 6 | #include "mbedtls/base64.h" |
| 7 | #include "mbedtls/sha256.h" | 7 | #include "mbedtls/sha256.h" |
| 8 | #include <string.h> | 8 | #include "esp_crt_bundle.h" |
| 9 | 9 | ||
| 10 | static const char *TAG = "cashu"; | 10 | static const char *TAG = "cashu"; |
| 11 | 11 | ||
| @@ -78,6 +78,10 @@ esp_err_t cashu_decode_token(const char *token_str, cashu_token_t *out) | |||
| 78 | memset(out, 0, sizeof(*out)); | 78 | memset(out, 0, sizeof(*out)); |
| 79 | 79 | ||
| 80 | size_t len = strlen(token_str); | 80 | size_t len = strlen(token_str); |
| 81 | char *nl = strchr(token_str, '\n'); | ||
| 82 | if (nl) len = nl - token_str; | ||
| 83 | char *cr = strchr(token_str, '\r'); | ||
| 84 | if (cr && (cr - token_str) < (int)len) len = cr - token_str; | ||
| 81 | if (len <= V3_PREFIX_LEN) { | 85 | if (len <= V3_PREFIX_LEN) { |
| 82 | ESP_LOGE(TAG, "Token too short"); | 86 | ESP_LOGE(TAG, "Token too short"); |
| 83 | return ESP_FAIL; | 87 | return ESP_FAIL; |
| @@ -87,11 +91,13 @@ esp_err_t cashu_decode_token(const char *token_str, cashu_token_t *out) | |||
| 87 | return ESP_FAIL; | 91 | return ESP_FAIL; |
| 88 | } | 92 | } |
| 89 | 93 | ||
| 90 | char *json_buf = malloc(2048); | 94 | size_t b64_len = len - V3_PREFIX_LEN; |
| 95 | size_t decoded_size = (b64_len * 3) / 4 + 4; | ||
| 96 | char *json_buf = malloc(decoded_size); | ||
| 91 | if (!json_buf) return ESP_FAIL; | 97 | if (!json_buf) return ESP_FAIL; |
| 92 | size_t json_len = 0; | 98 | size_t json_len = 0; |
| 93 | if (b64url_decode(token_str + V3_PREFIX_LEN, len - V3_PREFIX_LEN, | 99 | if (b64url_decode(token_str + V3_PREFIX_LEN, b64_len, |
| 94 | json_buf, 2047, &json_len) != 0) { | 100 | json_buf, decoded_size - 1, &json_len) != 0) { |
| 95 | ESP_LOGE(TAG, "Base64url decode failed"); | 101 | ESP_LOGE(TAG, "Base64url decode failed"); |
| 96 | free(json_buf); | 102 | free(json_buf); |
| 97 | return ESP_FAIL; | 103 | return ESP_FAIL; |
| @@ -181,12 +187,12 @@ esp_err_t cashu_check_proof_states(const char *mint_url, const cashu_token_t *to | |||
| 181 | 187 | ||
| 182 | char *resp_buf = malloc(8192); | 188 | char *resp_buf = malloc(8192); |
| 183 | if (!resp_buf) { free(post_body); return ESP_FAIL; } | 189 | if (!resp_buf) { free(post_body); return ESP_FAIL; } |
| 184 | int resp_len = 0; | ||
| 185 | 190 | ||
| 186 | esp_http_client_config_t config = { | 191 | esp_http_client_config_t config = { |
| 187 | .url = url, | 192 | .url = url, |
| 188 | .method = HTTP_METHOD_POST, | 193 | .method = HTTP_METHOD_POST, |
| 189 | .timeout_ms = 10000, | 194 | .timeout_ms = 15000, |
| 195 | .crt_bundle_attach = esp_crt_bundle_attach, | ||
| 190 | }; | 196 | }; |
| 191 | esp_http_client_handle_t client = esp_http_client_init(&config); | 197 | esp_http_client_handle_t client = esp_http_client_init(&config); |
| 192 | if (!client) { free(post_body); free(resp_buf); return ESP_FAIL; } | 198 | if (!client) { free(post_body); free(resp_buf); return ESP_FAIL; } |
| @@ -194,20 +200,26 @@ esp_err_t cashu_check_proof_states(const char *mint_url, const cashu_token_t *to | |||
| 194 | esp_http_client_set_header(client, "Content-Type", "application/json"); | 200 | esp_http_client_set_header(client, "Content-Type", "application/json"); |
| 195 | esp_err_t err = esp_http_client_open(client, strlen(post_body)); | 201 | esp_err_t err = esp_http_client_open(client, strlen(post_body)); |
| 196 | if (err != ESP_OK) { | 202 | if (err != ESP_OK) { |
| 203 | ESP_LOGE(TAG, "checkstate open failed: %s", esp_err_to_name(err)); | ||
| 197 | esp_http_client_cleanup(client); | 204 | esp_http_client_cleanup(client); |
| 198 | free(post_body); | 205 | free(post_body); |
| 199 | free(resp_buf); | 206 | free(resp_buf); |
| 200 | return err; | 207 | return ESP_FAIL; |
| 201 | } | 208 | } |
| 202 | esp_http_client_write(client, post_body, strlen(post_body)); | 209 | int written = esp_http_client_write(client, post_body, strlen(post_body)); |
| 203 | free(post_body); | 210 | free(post_body); |
| 211 | ESP_LOGI(TAG, "checkstate written %d bytes", written); | ||
| 204 | 212 | ||
| 205 | resp_len = esp_http_client_read(client, resp_buf, 8191); | 213 | int content_length = esp_http_client_fetch_headers(client); |
| 206 | int status = esp_http_client_get_status_code(client); | 214 | int status = esp_http_client_get_status_code(client); |
| 215 | ESP_LOGI(TAG, "checkstate headers: status=%d, content_length=%d", status, content_length); | ||
| 216 | |||
| 217 | int resp_len = esp_http_client_read(client, resp_buf, 8191); | ||
| 218 | ESP_LOGI(TAG, "checkstate read: resp_len=%d", resp_len); | ||
| 207 | esp_http_client_cleanup(client); | 219 | esp_http_client_cleanup(client); |
| 208 | 220 | ||
| 209 | if (status != 200 || resp_len <= 0) { | 221 | if (status != 200 || resp_len <= 0) { |
| 210 | ESP_LOGE(TAG, "checkstate returned %d", status); | 222 | ESP_LOGE(TAG, "checkstate failed: status=%d, resp_len=%d", status, resp_len); |
| 211 | free(resp_buf); | 223 | free(resp_buf); |
| 212 | return ESP_FAIL; | 224 | return ESP_FAIL; |
| 213 | } | 225 | } |
diff --git a/main/config.c b/main/config.c index f78bc8b..b44c3c5 100644 --- a/main/config.c +++ b/main/config.c | |||
| @@ -38,7 +38,7 @@ esp_err_t tollgate_config_init(void) | |||
| 38 | "\"ap_ssid\":\"TollGate\"," | 38 | "\"ap_ssid\":\"TollGate\"," |
| 39 | "\"ap_password\":\"\"," | 39 | "\"ap_password\":\"\"," |
| 40 | "\"ap_channel\":1," | 40 | "\"ap_channel\":1," |
| 41 | "\"mint_url\":\"https://nofee.testnut.cashu.space\"," | 41 | "\"mint_url\":\"https://testnut.cashu.space\"," |
| 42 | "\"lnurl_url\":\"https://redeem.cashu.me/.well-known/lnurlp/tollgate\"," | 42 | "\"lnurl_url\":\"https://redeem.cashu.me/.well-known/lnurlp/tollgate\"," |
| 43 | "\"price_per_step\":21," | 43 | "\"price_per_step\":21," |
| 44 | "\"step_size_ms\":60000" | 44 | "\"step_size_ms\":60000" |
diff --git a/main/tollgate_api.c b/main/tollgate_api.c index b2ad647..2af04bc 100644 --- a/main/tollgate_api.c +++ b/main/tollgate_api.c | |||
| @@ -162,17 +162,22 @@ static esp_err_t api_post_payment(httpd_req_t *req) | |||
| 162 | cJSON_Delete(notice); | 162 | cJSON_Delete(notice); |
| 163 | return ESP_OK; | 163 | return ESP_OK; |
| 164 | } | 164 | } |
| 165 | int received = httpd_req_recv(req, body, content_len); | 165 | int received = 0; |
| 166 | if (received <= 0) { | 166 | int total = 0; |
| 167 | free(body); | 167 | while (total < content_len) { |
| 168 | httpd_resp_set_status(req, "400 Bad Request"); | 168 | received = httpd_req_recv(req, body + total, content_len - total); |
| 169 | httpd_resp_set_type(req, "text/plain"); | 169 | if (received <= 0) { |
| 170 | httpd_resp_send(req, "bad request", 11); | 170 | free(body); |
| 171 | return ESP_OK; | 171 | httpd_resp_set_status(req, "400 Bad Request"); |
| 172 | httpd_resp_set_type(req, "text/plain"); | ||
| 173 | httpd_resp_send(req, "bad request", 11); | ||
| 174 | return ESP_OK; | ||
| 175 | } | ||
| 176 | total += received; | ||
| 172 | } | 177 | } |
| 173 | body[received] = '\0'; | 178 | body[total] = '\0'; |
| 174 | 179 | ||
| 175 | ESP_LOGI(TAG, "Payment received: %d bytes", received); | 180 | ESP_LOGI(TAG, "Payment received: %d bytes", total); |
| 176 | 181 | ||
| 177 | cashu_token_t token; | 182 | cashu_token_t token; |
| 178 | esp_err_t err = cashu_decode_token(body, &token); | 183 | esp_err_t err = cashu_decode_token(body, &token); |
| @@ -330,7 +335,7 @@ esp_err_t tollgate_api_start(void) | |||
| 330 | config.server_port = 2121; | 335 | config.server_port = 2121; |
| 331 | config.ctrl_port = 32769; | 336 | config.ctrl_port = 32769; |
| 332 | config.max_uri_handlers = 10; | 337 | config.max_uri_handlers = 10; |
| 333 | config.stack_size = 16384; | 338 | config.stack_size = 32768; |
| 334 | 339 | ||
| 335 | esp_err_t ret = httpd_start(&s_api_server, &config); | 340 | esp_err_t ret = httpd_start(&s_api_server, &config); |
| 336 | if (ret != ESP_OK) { | 341 | if (ret != ESP_OK) { |