SYNC ESP8266 BOARD DATETIME WITH NTP (DAY 2)

To follow yesterday progress, I will use the board to fetch the index page of example.org in two scenarios,

  • Get an URL served on HTTP
  • Get an URL served on HTTPS

There are multiple ways to finish the job, for example, there are different libraries can be used, or, even in the same library, there are still multiple options to implement the same function. So, please notice here, what I mentioned below just a functional way. It’s not the only solution nor the best solution.

Get an URL served on HTTP

The ESP8266 library has really good examples related to HTTPClient, HTTPSClient etc. I copied the source code from the example and made a little change to get an easy output.

#include <WiFiClient.h>

WiFiClient client;

void getURL(String url) {  
  HTTPClient http;  
  if (http.begin(client, url)) {
    Serial.print("[HTTP] GET ... ");
    // start connection and send HTTP header
    int httpCode = http.GET();
    // httpCode will be negative on error
    if (httpCode > 0) {
      // HTTP header has been send and Server response header has been handled
      Serial.printf("code: %d\n", httpCode);
      // file found at server
      if (httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY) {
        String payload = http.getString();
        Serial.printf("Payload: %d byte\n", payload.length());
        blink(2);
      }
    } else {
      Serial.printf("failed, error: %d %s\n", httpCode, http.errorToString(httpCode).c_str());
      blink(5);
    }
    http.end();
  } else {
    Serial.printf("[HTTP} Unable to connect\n");
    blink(5);
  }
}

For a successful case, it will return the length of the payload.

Return the length of the payload

Or if anything unusual happened, it returns the error code and message. Such as,

Return error code and error message

Establish an HTTPS request

To establish an HTTPS request, replace <WiFiClient.h> to <WiFiClientSecure.h> and find a way to validate with the server. In the example “BearSSL_Validation.ino“, most possible ways have been discussed and compared. It’s worth to read. In fetchCertAuthority() , it shows what will happen with and without NTP synced. I will put the screenshot of the result of the example here.

Output of ‘fetchCertAuthority()’ in ‘BearSSL_Validation.ino

Therefore, the major change would be replacing <WiFiClient.h> to <WiFiClientSecure.h> and using WiFiClientSecure instance instead of WiFiClient. An extra setup is needed.

#include <WiFiClientSecure.h>

WiFiClientSecure client;
static const char digicert[] PROGMEM = R"EOF(
// Something here
)EOF";
X509List* cert;

void setupSecure() {  
  cert = new X509List(digicert);
  client.setTrustAnchors(cert);  
}

To get the content of digicert, I used the following command and copy and paste the content to replace `Something here` above.

echo -n | openssl s_client -connect example.org:443     | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

Assembling

Then we can have simple setup()and loop() by assembling all these functions together.

void setup() {  
  Serial.begin(115200);
  pinMode(LED_BUILTIN, OUTPUT);
  connectWiFi("your-ssid", "your-pass");
  setDateTime();  
  setupSecure();
}

void loop() {    
  getDateTime();
  getURL("https://example.org");
  delay(1000);
}

The whole source code has been put on gist. I strongly suggest you give a try to disable and enable line 56 to see how HTTPS affects by NTP.

Sync ESP8266 board DateTime with NTP (Day 1)

Most of the times, I want my ESP8266 board to communicate with the server through a securer channel such as MQTT over TLS or HTTPS. However, to verify the certification, system’s date/time has to be in a proper configuration.

Since ESP8266 is designed to have the network, I believe NTP is definitely the first choice and is the easiest one to use. In this post, I will show you how to get date/time and set it by using NTP.

Dummy project

A dummy project is set up for this post. And of course, it can be a part of a real project since the WWW is very important to my most of side projects. The board will do,

  • Connect to the WiFi network;
  • Use the GET method communicate with www.example.com every 5 seconds;
  • Flash build-in LED twice if 200 was returned by the server;
  • Or flash build-in LED 5 times if an error occurred.

Flash LED is the easiest part. But remember to put pinMode(LED_BUILTIN, OUTPUT); in the very beginning to initialise the output pin.

void blink(int t) {
  for(int i = 0; i < t; i ++) {
    digitalWrite(LED_BUILTIN, LOW);
    delay(500);
    digitalWrite(LED_BUILTIN, HIGH);
    delay(200);
  }
}
Continue reading Sync ESP8266 board DateTime with NTP (Day 1)

Don’t be fooled by scams

Recently, I found some funny “news” on Facebook.
For example, a surprising mom with a new house.
Or, surprised father and the dreamed motorhome.
I won’t notice if they are fake or not, before the two stories displayed in my timeline at the same time only 2 or 3 contents away.
If you look them closer. You will find the story actually stupid enough. Or, the school is the best, richest, top one in New Zealand, is that possible?
Both of them starts the same way “Have you heard about …”. And ending with the same words “Show me your money”.
(Click the images to read the text.)
Here is a link of the page: https://nzdailymail.com/young-kiwi-investor-buys-motorhouse-dad/
It’s hiding good enough to none-high-tech people. Did you notice the green lock?
But if you click any link on the page, this URL won’t change which means the page is framed. All link is heading to another website heraldlocal.com. It’s not the real NZ Herald Local Focus but copied a lot from it.
The people who use WordPress a lot much familiar to this login page https://heraldlocal.com/wp-admin/.
The people behind this website bought a huge amount of domains, paid a lot to Facebook advertising, and make plenty of similar websites to advertise the poor quality article to convince people to invest money. Ehm, funny, I haven’t seen any direct benefit for them from it.
Who can tell me why they are doing so?

How to upload firmware to EleksMill in Linux

My wife sent me an EleksMill as my birthday gift (Thank you! my love). It’s simple but proper designed desktop CNC. However, the document of the CNC machine is as simple as the design. It cost me around 4 hours to assemble the machine from a piece by piece.  

After completed the assembling, I found the board was not initialised. So, I downloaded the firmware from EleksMill website. Unfortunately, the official package only supplied the windows application to upload the firmware. For Linux, such as my OS Ubuntu, I have to find out another way to upload the program.

Since EleksMill is based on Grbl, so it can use Arduino tool-chain to upload firmware.

$ arduino/hardware/tools/avr/bin/./avrdude -C arduino/hardware/tools/avr/etc/avrdude.conf -v -patmega328p -Uflash:w:/home/mikespook/Downloads/EleksROM\ V3.8/firmware/mana.hex:i -carduino -b 57600 -P /dev/ttyUSB0

`avrdude` command can be found in Arduino IDE folder `arduino/hardware/tools/avr/bin/` and the `avrdude.conf` file is in the sub-folder `arduino/hardware/tools/avr/etc/avrdude.conf`. 

Make ZTE MF831 works with TP-Link TL-MR3020

Since November last year, after 2degrees upgraded their network and was starting to abandon 2G cross the region, the 3G connection disconnected every 15 minutes. I know it because we have over 50 movie kiosks which originally were using 2degrees 3G network to sync the data.

Flixbox in Countdown Supermarket
ZTE MF190

We had to move on. Lucky, Spark gave us a good deal to switch the network to them. However, they don’t have the devices we need to connect to the 3G network. After several testing, ZTE MF190 is recognised as the best 3G dongle to be used.

Continue reading Make ZTE MF831 works with TP-Link TL-MR3020

Temporary solution for Ubuntu’s “not have a Release file”


It’s wired that when I tried to update the Ubuntu zesty and install some new packages today, I got such errors below.

Err:8 http://security.ubuntu.com/ubuntu zesty-security Release      
  404  Not Found [IP: 91.189.88.161 80]
Err:10 http://archive.ubuntu.com/ubuntu zesty Release
  404  Not Found [IP: 91.189.88.152 80]
Err:12 http://archive.ubuntu.com/ubuntu zesty-updates Release
  404  Not Found [IP: 91.189.88.152 80]
Reading package lists... Done
E: The repository 'http://security.ubuntu.com/ubuntu zesty-security Release' does no longer have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://archive.ubuntu.com/ubuntu zesty Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://archive.ubuntu.com/ubuntu zesty-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

And none of the other mirrors works to me. All of them has the same issue “no longer have a Release file”. I did some research and found the error message actually has another form “not have a Release file”.

The solution is easy but tricky — Disable all sources of `security.ubuntu.com` and replace `archive.ubuntu.com` to `old-releases.ubuntu.com`.

Continue reading Temporary solution for Ubuntu’s “not have a Release file”

How to persist goRBAC instance

Introduction

goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang. Normally, the privilege information (roles, parents, and permissions) are saved in the persistent storage, e.g. Database, Files, or Cloud Storage. This post will briefly discuss the technical details of how to load the goRBAC instance from persistent storage and how to save the instance back. In order to make things simple, I will use the JSON file as the persistent storage.
Continue reading How to persist goRBAC instance

Open book collections

All the websites below have a plenty of books and papers for free reading & downloading.

The National Academies Press, free reading and downloading in PDF, account needed for downloading.

Australian National University Open Research Library, all materials come from ANU, fill a form to request the PDF copy.

The University of Adelaide > Library > eBooks, free reading and downloading in HTML, epub, and Kindle.

Curtin University Library, free reading and downloading in PDF.

University of Queensland, part free.

Project Gutenberg, the greatest one, no more explianation.

The New Zealand Digital Library, free reading online.

Cornell University Library, free downloading in PDF.

Bartleby

bibliomania

Elfwood

Thoughs on goRBAC

Code refactoring is not an easy job, but it has to be done in most of the times. I just completed the lightweight role based access control library: goRBAC’s refactoring. There are some feedbacks and questions about the design and usage. I think it would be better writing something to share some design ideas and practice principles which will make things easier.

rbac

The master branch of current goRBAC’s source code is intended to be Version 2. While the previous version has been tagged as Version 1 with the v1.dev branch on Github. And this article will only discuss Version 2 (the master branch).

Continue reading Thoughs on goRBAC

As Golang beyond PHP