From 10fff01c80355e9e8ae110cdb8ba98f78e0b3504 Mon Sep 17 00:00:00 2001 From: Ryan Castellucci Date: Mon, 4 Mar 2024 07:52:47 +0000 Subject: [PATCH] add failsafe for compiled in tls fingerprints (#20865) --- tasmota/my_user_config.h | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tasmota/my_user_config.h b/tasmota/my_user_config.h index 9d104066d..fd83c41f6 100644 --- a/tasmota/my_user_config.h +++ b/tasmota/my_user_config.h @@ -101,8 +101,23 @@ #define MQTT_WIFI_CLIENT_TIMEOUT 200 // [MqttWifiTimeout] Number of milliseconds before Mqtt Wi-Fi timeout #define MQTT_HOST "" // [MqttHost] + +// XXX temporary - leave for a few releases so people compiling in +// fingerprints have a chance to update their configuration files +#if !defined(USE_MQTT_TLS_DROP_OLD_FINGERPRINT) && defined(MQTT_FINGERPRINT1) || defined(MQTT_FINGERPRINT2) +#error "The old TLS fingerprint format is being removed.\n\ +Please ensure your TLS fingerprint(s) are using the new version, then add\n\ +\n\ +#define USE_MQTT_TLS_DROP_OLD_FINGERPRINT\n\ +\n\ +to your user_config_override.h file.\n\ +\n\ +An online tool to calculate TLS fingerprints is available here at:\n\ +https://rya.nc/tasmota-fingerprint.html" +#endif + #define MQTT_FINGERPRINT1 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 // [MqttFingerprint1] (auto-learn) -#define MQTT_FINGERPRINT2 0xDA,0x39,0xA3,0xEE,0x5E,0x6B,0x4B,0x0D,0x32,0x55,0xBF,0xEF,0x95,0x60,0x18,0x90,0xAF,0xD8,0x07,0x09 // [MqttFingerprint2] (invalid) +#define MQTT_FINGERPRINT2 0xDA,0x39,0xA3,0xEE,0x5E,0x6B,0x4B,0x0D,0x32,0x55,0xBF,0xEF,0x95,0x60,0x18,0x90,0xAF,0xD8,0x07,0x09 // [MqttFingerprint2] (invalid - value from sha1("")) #define MQTT_PORT 1883 // [MqttPort] MQTT port (10123 on CloudMQTT) #define MQTT_USER "DVES_USER" // [MqttUser] MQTT user #define MQTT_PASS "DVES_PASS" // [MqttPassword] MQTT password