Key expires in spite of using it

glenndehaan / ikea-tradfri-coap-docs

How can you communicate to your ikea tradfri gateway/hub through coap-client

MIT License

191 stars 20 forks source link

Key expires in spite of using it #19

Open sonic74 opened 4 years ago

sonic74 commented 4 years ago

Please note: this key will expire if you don't use it in 6 weeks from activation. Every time you use this key the time will be extended accordingly.

Although I use the key twice each day, every 6 weeks I get

Jun 30 11:09:28 ALRT 115 invalidate peer
Jun 30 11:09:28 WARN received alert, peer has been invalidated
Aug 18 12:00:00 ALRT 115 invalidate peer
Aug 18 12:00:00 WARN received alert, peer has been invalidated

and I have to add another user. Am I missing something?

glenndehaan commented 4 years ago

I have not seen this issue before on my side. Now I do know that once in a while an IKEA update just bricks my gateway and destroys all connections. Even connections with home assistent and Google Home. Also the app won't work unless I reboot the gateway and that will reset the identities.

So i'm not sure on this one.

sonic74 commented 4 years ago

I have to reboot it after DHCP server reboots so the symbolic hostname works again. I did this both by powercycling and by coap-client -m post -u "$TF_USERNAME" -k "$TF_PRESHARED_KEY" "coaps://$TF_GATEWAYIP:5684/15011/9030" But for me, the identities stay in place and are not reset.

glenndehaan commented 4 years ago

Huh oke well that could maybe then be a defect in my unit 🤣. Then I would suggest using a uuid as the identity and then create a script that will renew the key after 4 to 6 weeks. I am however curious how many keys it will keep in storage then.

sonic74 commented 4 years ago

I just realized I can do coap-client -m post -u "Client_identity" -k "$TF_GATEWAYCODE" -e "{\"9090\":\"$TF_USERNAME\"}" "coaps://$TF_GATEWAYIP:5684/15011/9063" with the old username after it expired. So I could just do it every time and ignore the 4.00 it returns if it's still valid and only store the PSK if it's returned.

glenndehaan commented 4 years ago

mmm Oke thats new since I know from testing way back that didn't work. But maybe they changed that in an update.

sonic74 commented 4 years ago

Something like

TF_USERNAME=sonic
TF_GATEWAYCODE=0Aa000AaaAaaaAAA
TF_GATEWAYIP=GW-A0A0A0A000A0.
TF_PRESHARED_KEY=$(coap-client -m post -u "Client_identity" -k "$TF_GATEWAYCODE" -e "{\"9090\":\"$TF_USERNAME\"}" "coaps://$TF_GATEWAYIP:5684/15011/9063" | sed -n 2p | jq -r '."9091"')
if [ -z "$TF_PRESHARED_KEY" ]
then
        TF_PRESHARED_KEY=$(cat /tmp/tradfri-PSK.txt)
else
        echo $TF_PRESHARED_KEY >/tmp/tradfri-PSK.txt
fi
echo TF_PRESHARED_KEY=$TF_PRESHARED_KEY

I'll see in 6 weeks whether it works :-)

glenndehaan commented 4 years ago

Cool yeah if it works please create a pull request so it can be documented

sonic74 commented 4 years ago

Oct 13 02:44:31 ALRT 20 invalidate peer
Oct 13 02:44:31 WARN received alert, peer has been invalidated

Damn, still doesn't work with 1.11.0047 ...