Hello,
i set up the docker container for teddycloud.
I was able to read the ESP32 and extract the toniebox certificates.
The next step, patching the image fails. In the docker log i can find:
INFO |handler_api.c:1110:handleApiPatchFirmware| Patch firmware
INFO |handler_api.c:1129:handleApiPatchFirmware| Patch hostnames '192.168.178.138'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==8==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000002f (pc 0x56214126b626 bp 0x7ff442fd5f10 sp 0x7ff442fd5658 T47)
==8==The signal is caused by a READ memory access.
==8==Hint: address points to the zero page.
#0 0x56214126b626 in __sanitizer::internal_strlen(char const*) (/usr/local/bin/teddycloud+0x637626)
#1 0x5621411fc8ad in printf_common(void*, char const*, __va_list_tag*) (/usr/local/bin/teddycloud+0x5c88ad)
#2 0x5621411fe665 in __interceptor___vsnprintf_chk (/usr/local/bin/teddycloud+0x5ca665)
#3 0x56214132e4e4 in vsnprintf /usr/include/x86_64-linux-gnu/bits/stdio2.h:85
#4 0x56214132e4e4 in custom_asprintf src/server_helpers.c:30
#5 0x5621412dd4e2 in handleApiPatchFirmware src/handler_api.c:1142
#6 0x5621413270cb in httpServerRequestCallback src/server.c:281
#7 0x562141497181 in httpConnectionTask src/cyclone/cyclone_tcp/http/http_server.c:546
#8 0x7ff45d8caac2 (/lib/x86_64-linux-gnu/libc.so.6+0x94ac2)
#9 0x7ff45d95ba03 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x125a03)
AddressSanitizer can not provide additional info.
Also, when stating the docker there seems to be an issue with certificate creation:
INFO |cert.c:0413:cert_generate_default| Generating CA certificate...
INFO |cert.c:0042:cert_generate_rsa| Generating RSA Key... (slow!)
cyclone/cyclone_crypto/cipher/aes.c:260:47: runtime error: left shift of 132 by 24 places cannot be represented in type 'int'
...
ERROR|tls_adapter.c:0193:read_certificate| Failed to open '/teddycloud/certs/server/teddy-cert.pem' for cert type detection
ERROR|tls_adapter.c:0380:load_cert| Loading cert '/teddycloud/certs/server/teddy-cert.pem' failed
Has anyone encountered this before and knows a fix?
I used the docker compose posted here (with minor adjustments) on Ubuntu Server.
The container was started on the 28th of March - i am not sure how to get the proper version from ghcr.
The image was created 24th of March (?).
But i guess that means, i was not using the latest version released 2 days ago.
Ubuntu Server (64bit) is running on an intel g4400 with 16 GB memory.
Thank you, I just deployed the version 0.4.4.
Unfortunately i cant test it as i can only connect to the docker container using HTTP and not HTTPS.
The container logs
when trying to connect with HTTPS and the browser shows “Error 404”.
Maybe this is related to the certificate creation i mentioned earlier as well?:
cyclone/cyclone_crypto/cipher/aes.c:260:47: runtime error: left shift of 200 by 24 places cannot be represented in type 'int'
cyclone/cyclone_crypto/cipher/aes.c:268:55: runtime error: left shift of 207 by 24 places cannot be represented in type 'int'
cyclone/cyclone_crypto/cipher/aes.c:390:34: runtime error: left shift of 227 by 24 places cannot be represented in type 'int'
cyclone/cyclone_crypto/cipher/aes.c:395:34: runtime error: left shift of 163 by 24 places cannot be represented in type 'int'
cyclone/cyclone_crypto/cipher/aes.c:400:34: runtime error: left shift of 250 by 24 places cannot be represented in type 'int'
cyclone/cyclone_crypto/cipher/aes.c:385:34: runtime error: left shift of 229 by 24 places cannot be represented in type 'int'
src/cyclone/cyclone_crypto/mpi.c:792:48: runtime error: left shift of 134 by 24 places cannot be represented in type 'int'
INFO |tls_adapter.c:0208:read_certificate| File '/teddycloud/certs/server/ca-root.pem' assumed PEM style
INFO |tls_adapter.c:0205:read_certificate| File '/teddycloud/certs/server/ca-key.pem' detected as DER style RSA PRIVATE KEY
ERROR|tls_adapter.c:0193:read_certificate| Failed to open '/teddycloud/certs/server/teddy-cert.pem' for cert type detection
ERROR|tls_adapter.c:0380:load_cert| Loading cert '/teddycloud/certs/server/teddy-cert.pem' failed
How do you set the core.httponly variable to false?
My webserial is disabled on the Web interface.
The uart via screen on my pi4 works fine.
And via https I do not reach the Web ui.
Hi, you have to got to the settings and disable “Webinterface HTTP only”. if you have not that option, change settings level to expert. Then it should be available.
after disabling this option you have to open the page with https.
Thanks for the fast reply
I am runnig the teddycloud via docker and do not find the settings option.
I am definetly looking in the wrong place apperently
Would this setting be a parameter in the docker compose yaml?
I do not find it in any gui.
I only get a gui on port 80
no gui on port 443
