bt-67xx_universal_hw/modules/HTTP_Server/my_ssl_server.c

/*
 * ssl_server.c
 *
 *  Created on: 08.11.2017
 *      Author: balbekova
 */
#ifdef HARDWARE_BT6703

#include "lwip/opt.h"
#include "lwip/arch.h"
#include "lwip/api.h"
#include "lwip/tcp.h"

#include "my_ssl_server.h"
#include "web_params_api.h"
#include "parameters.h"
#include "urlcode.h"
#include "bt6703_fs/fsdata.c"
#include "settings_api.h"
#include "netconf.h"
#include "common_config.h"
#include "testing.h"
#include "rtc.h"
#include "rng.h"
#include "megatec.h"
#include "log.h"
#include "hal.h"
#include "radius_user.h"
#include "sntp_api.h"

#ifdef PRINTF_STDLIB
#include <stdio.h>
#endif
#ifdef PRINTF_CUSTOM
#include "tinystdio.h"
#endif
#include <string.h>
#include <stdlib.h>

#include "FreeRTOS.h"
#include "task.h"
#include "fr_timers.h"



static err_t http_accept(void *arg, struct tcp_pcb *pcb, err_t err);
static err_t http_recv(void *arg, struct tcp_pcb *pcb,  struct pbuf *p, err_t err);
static int fs_open(char *name, struct fs_file *file);

static err_t http_sent(void *arg, struct tcp_pcb *pcb, u16_t len);
static void send_data(struct tcp_pcb *pcb, struct http_state *hs);

#ifdef HTTP_AUTH_ENABLE
static void HTTP_GetUserCookie(uint8_t user_id, char *str, uint8_t *len);
static void HTTP_SetUserCookie(char *str, uint8_t user_id);
static void HTTP_UpdateUserLoginTime(uint8_t user_id);
static void HTTP_ForceUserLogout(uint8_t user_id);
void LogoutTimerCallback(TimerHandle_t pxTimer);
void LoginTimerCallback(TimerHandle_t pxTimer);
static void getAuthenticatedState(void);
#endif

static uint32_t Parse_Content_Length(char *data, uint32_t len);
char *send_file(char *filename, char *pnonmatch,  struct fs_file *file, uint16_t *Len);
static uint32_t Parse_Header(char *data, uint32_t len, const char *field, uint32_t flen, char *value);
bool GetFileName(char *inStr, char *fileName, uint8_t *fileNameLen);

char sendBuf[SEND_BUF_MAX_LEN];
uint16_t sendBufLoadLen = 0;

uint16_t printLen = 0;

char receiveBuf[RECIVE_BUF_MAX_LEN];
uint16_t receivedBufLen = 0;

#ifdef HTTP_AUTH_ENABLE

#define MAX_POST_REQ_LEN 256
char post_req_data[MAX_POST_REQ_LEN];
uint32_t post_data_count = 0;
uint32_t log_post_reqn;

/* Logout timeout, 30 minutes */
#define WEB_LOGOUT_TIME  configTICK_RATE_HZ*60*30

/* Max user active sessions count */
#define WEB_USER_MAX_SESSION_COUNT  5

struct {
    //auth_session_t session[WEB_USER_MAX_SESSION_COUNT];
    char cookie[MAX_WEB_COOKIE_LEN];
    TimerHandle_t LogoutTimer;
} users[MAX_WEB_USERS];

TimerHandle_t RepeatLoginTimer;

/* Repeat Login timeout, 1 minutes */
#define REPEAT_LOGIN_TIME  configTICK_RATE_HZ*60*1

uint8_t cnt_err_psw = 0;

bool Authenticated = false;
uint8_t user_id; // Id of currently logged-in user

/* Level of currently logged-in user */
uint8_t seclevel = 0xFF;

#endif

/* Max HTTP file name length including "/" */
#define MAX_FILENAME_LEN    32
/* Max HTTP Etag field length */
#define MAX_ETAG_LEN        48
static const char If_None_Match[] = "If-None-Match: ";
static const char Etag[] = "ETag: ";

static volatile uint32_t size = 0;
static uint32_t TotalReceived = 0;
static volatile uint32_t TotalData = 0;

static uint32_t ContentLengthOffset = 0;

static const char Content_Length[17] =
    /* Content Length */
{0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x3a, 0x20, };

const char HTTP_304_NOT_MODIFIED[] = "HTTP/1.1 304 Not Modified\r\n\r\n";
const char HTTP_403_NOT_WHITE_LIST[] = "HTTP/1.1 403 Forbidden\r\n\r\n";
const char HTTP_401_NO_AUTH[] = "HTTP/1.1 401 No authorization\r\n\r\n";
const char HTTP_500_SERVER_ERROR[] = "HTTP/1.1 500 Internal Server Error\r\n\r\n";
const char HTTP_200_OK[] = "HTTP/1.1 200 OK\r\n\r\n";
/* utf-8 marker to support MS Excel */
const char UTF8_BOM[] = {0xEF, 0xBB, 0xBF, 0x00};

unsigned long log_ptr = 0;
unsigned long log_size = 0;
bool fLogTransInprog = false;


static bool fl_raddius_net_err = false;

/**
  * @brief  Общая структура настроек
  */
extern SETTINGS_t sSettings;

struct fs_file file = {0, 0};

typedef struct {
    char client_req[30];
    uint8_t len;
    REQ_TYPE_SEND_t req_type_send;
    ACCESS_TYPE_t accsess;
    char *(*handler)(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut);
} web_func_handler_t;

web_func_handler_t process_web_funcs[] = {
#ifdef HTTP_AUTH_ENABLE
    { "POST /login.cgi",            15,   COMMON_ANSWER,        ALL_ACCESS,   HTTP_LoginPage },
    { "GET /logout.cgi",            15,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_LogoutPage },
    { "GET /changepwd.cgi",         18,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_ChangeUserPwd },
#endif
    { "GET /getJson.cgi",           16,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_GetParamsPage },
    { "GET /settings.cgi",          17,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_GetSettingsPage },
    { "POST /settings.cgi",         18,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_SetSettingsPage },
    { "GET /getcert.cgi",           16,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_GetSert},
    { "POST /srv_crt_upload.cgi",   24,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_Upload_Sert},
    { "GET /info.cgi",              13,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_GetInfo },
    { "POST /info.cgi",             14,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_SetInfoPage },
    { "GET /history.cgi",           16,   HISTORY_ANSWER,       TIME_ACCESS,  HTTP_HistoryPage },
    { "GET /ups_history.cgi",       19,   UPS_HISTORY_ANSWER,   TIME_ACCESS,  HTTP_UpsHistoryPage },
    { "GET /reset.cgi",             14,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_Reset },
    { "GET /bat_test.cgi",          17,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_UPSTest },
    { "GET /ups_power.cgi",         18,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_UPSshutdown },
    { "GET /reboot.cgi",            15,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_Reboot },
    { "GET /confirm.cgi",           16,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_Confirm },
    { "GET /fw_update.cgi",         18,   COMMON_ANSWER,        TIME_ACCESS,  HTTP_ConfirmBootPwd },
    { "GET",                        3,    COMMON_ANSWER,        ALL_ACCESS,   HTTP_GetRequest },
    { "",                           0,    COMMON_ANSWER,        ALL_ACCESS,   HTTP_NoFound },
    { "", 0, 0, 0, NULL }
};

/**
  * @brief  closes tcp connection
  * @param  pcb: pointer to a tcp_pcb struct
  * @param  hs: pointer to a http_state struct
  * @retval
  */
static void close_conn(struct tcp_pcb *pcb, struct http_state *hs)
{
    tcp_arg(pcb, NULL);
    tcp_sent(pcb, NULL);
    tcp_recv(pcb, NULL);
    mem_free(hs);
    err_t err = tcp_close(pcb);
    DBG printf("%p close = %d (pcb: %d, pbuf_pool: %d)\r\n", pcb, err,
        lwip_stats.memp[MEMP_TCP_PCB]->used,
        lwip_stats.memp[MEMP_PBUF_POOL]->used);
}

/**
  * @brief callback function for handling TCP HTTP traffic
  * @param arg: pointer to an argument structure to be passed to callback function
  * @param pcb: pointer to a tcp_pcb structure
  * @param p: pointer to a packet buffer
  * @param err: LwIP error code
  * @retval err
  */
static err_t http_recv(void *arg, struct tcp_pcb *pcb,  struct pbuf *p, err_t err)
{
    char *data;
    struct http_state *hs;
    char buf[150];

    hs = arg;

    if (err == ERR_OK && p != NULL) {
        tcp_recved(pcb, p->tot_len);

        if (hs->file == NULL) {
            data = p->payload;
            receivedBufLen = p->tot_len;
            memcpy(receiveBuf, p->payload, receivedBufLen);

            // На производстве
            if (strncmp(data, "GET /setProdate.cgi", 19) == 0 && strncmp(sSettings.sFlags.testState, "T2OK", 4)) {
                HTTP_Prodate(receiveBuf, sendBuf, receivedBufLen, &sendBufLoadLen);

                hs->file = sendBuf;
                hs->left = sendBufLoadLen;
                send_data(pcb, hs);
                tcp_sent(pcb, http_sent);
            } else {
               strcpy(sendBuf, HTTP_200_OK);
                memset(buf, 0, sizeof(buf));
                // strcat(sendBuf,"<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=https://192.168.14.35\"/></head></html>\r\n\r\n");
                if (sSettings.sFlags.netsettingsChanged == true) {
                    sprintf(buf,
                        "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=https://%s\"/></head></html>\r\n\r\n",
                        sSettings.sWebTempParams.ip);
                } else {
                    sprintf(buf,
                        "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=https://%s\"/></head></html>\r\n\r\n",
                        sSettings.sWebParams.ip);
                }
                strcat(sendBuf, buf);
                // strcat(sendBuf,"1");

                sendBufLoadLen = strlen(sendBuf);
                hs->file = sendBuf;
                hs->left = sendBufLoadLen;
                send_data(pcb, hs);
                tcp_sent(pcb, http_sent);
            }
        }
        pbuf_free(p);
        close_conn(pcb, hs);
    }
    if (err == ERR_OK && p == NULL) {
        close_conn(pcb, hs);
    }
    return ERR_OK;
}

/**
  * @brief  callback function for handling connection errors
  * @param  arg: pointer to an argument to be passed to callback function
  * @param  err: LwIP error code
  * @retval none
  */
static void conn_err(void *arg, err_t err)
{
    struct http_state *hs;
    (void)err;

    hs = arg;
    mem_free(hs);
}

/**
  * @brief callback function called after a successfull TCP data packet transmission
  * @param arg: pointer to an argument to be passed to callback function
  * @param pcb: pointer on tcp_pcb structure
  * @param len
  * @retval err : LwIP error code
  */
static err_t http_sent(void *arg, struct tcp_pcb *pcb, u16_t len)
{
    struct http_state *hs;
    (void)len;

    hs = arg;

    if (hs->left > 0) {
        send_data(pcb, hs);
    } else {
        close_conn(pcb, hs);
    }
    return ERR_OK;
}

/**
  * @brief sends data found in  member "file" of a http_state struct
  * @param pcb: pointer to a tcp_pcb struct
  * @param hs: pointer to a http_state struct
  * @retval none
  */
static void send_data(struct tcp_pcb *pcb, struct http_state *hs)
{
    err_t err;
    u16_t len;

    /* We cannot send more data than space available in the send
       buffer */
    if (tcp_sndbuf(pcb) < hs->left) {
        len = tcp_sndbuf(pcb);
    } else {
        len = hs->left;
    }
    err = tcp_write(pcb, hs->file, len, 0);
    if (err == ERR_OK) {
        hs->file += len;
        hs->left -= len;
    }
}

/**
  * @brief tcp poll callback function
  * @param arg: pointer to an argument to be passed to callback function
  * @param pcb: pointer on tcp_pcb structure
  * @retval err_t
  */
static err_t http_poll(void *arg, struct tcp_pcb *pcb)
{
    if (arg == NULL) {
        tcp_close(pcb);
    } else {
        send_data(pcb, (struct http_state *)arg);
    }
    return ERR_OK;
}

/**
  * @brief  callback function on TCP connection setup ( on port 80)
  * @param  arg: pointer to an argument structure to be passed to callback function
  * @param  pcb: pointer to a tcp_pcb structure
  * &param  err: Lwip stack error code
  * @retval err
  */
static err_t http_accept(void *arg, struct tcp_pcb *pcb, err_t err)
{
    struct http_state *hs;

    /* Allocate memory for the structure that holds the state of the connection */
    hs = mem_malloc(sizeof(struct http_state));

    if (hs == NULL) {
        return ERR_MEM;
    }

    /* Initialize the structure. */
    hs->file = NULL;
    hs->left = 0;

    /* Tell TCP that this is the structure we wish to be passed for our
       callbacks. */
    tcp_arg(pcb, hs);

    /* Tell TCP that we wish to be informed of incoming data by a call
       to the http_recv() function. */
    tcp_recv(pcb, http_recv);

    tcp_err(pcb, conn_err);

    tcp_poll(pcb, http_poll, 10);
    return ERR_OK;
}

/**
  * @brief  Opens a file defined in fsdata.c ROM filesystem
  * @param  name : pointer to a file name
  * @param  file : pointer to a fs_file structure
  * @retval  1 if success, 0 if fail
  */
static int fs_open(char *name, struct fs_file *file)
{
    struct fsdata_file_noconst *f;

    for (f = (struct fsdata_file_noconst *)FS_ROOT; f != NULL; f = (struct fsdata_file_noconst *)f->next) {
        if (!strcmp(name, f->name)) {
            file->data = f->data;
            file->len = f->len;
            return 1;
        }
    }
    return 0;
}

/**
  * @brief  Initialize the HTTP server (start its thread)
  * @param  none
  * @retval None
  */
void HTTP_Init()
{
    struct tcp_pcb *pcb;

    pcb = tcp_new();
    tcp_bind(pcb, IP_ADDR_ANY, 80);
    pcb = tcp_listen(pcb);
    tcp_accept(pcb, http_accept);
}

/**
  * @brief  Extract the Content_Length data from HTML data
  * @param  data : pointer on receive packet buffer
  * @param  len  : buffer length
  * @retval size : Content_length in numeric format
  */
static uint32_t Parse_Content_Length(char *data, uint32_t len)
{
    uint32_t i = 0, size = 0, S = 1;
    int32_t j = 0;
    char sizestring[6], *ptr;

    ContentLengthOffset = 0;

    /* find Content-Length data in packet buffer */
    for (i = 0; i < len; i++) {
        if (strncmp ((char *)(data + i), Content_Length, 16) == 0) {
            ContentLengthOffset = i + 16;
            break;
        }
    }
    /* read Content-Length value */
    if (ContentLengthOffset) {
        i = 0;
        ptr = (char *)(data + ContentLengthOffset);
        while (*(ptr + i) != 0x0d) {
            sizestring[i] = *(ptr + i);
            i++;
            ContentLengthOffset++;
        }
        if (i > 0) {
            /* transform string data into numeric format */
            for (j = i - 1; j >= 0; j--) {
                size += (sizestring[j] - 0x30) * S;
                S = S * 10;
            }
        }
    }
    return size;
}

/**
  * @brief
  * @retval None
  */
uint8_t GetCookieValue(char *inStr, char *paramName, char *paramValue, uint8_t *paramLen)
{
    char *beginValue = 0;
    char *endValue = 0;
    char *endValueTemp = 0;
    int  len = 0;
    char *strPtr = 0;

    strPtr = strstr(inStr, paramName);

    if (strPtr != 0) {
        beginValue = strpbrk(strPtr, "=");
        endValue = strpbrk(strPtr, ";");
        endValueTemp = strpbrk(strPtr, "\r");
        if (endValueTemp != 0 && endValueTemp < endValue) {
            endValue = endValueTemp;
        }
        if (endValue == 0) {
            endValue = strpbrk(strPtr, "\n");
        }
        len = endValue - beginValue - 1;
        strncpy(paramValue, beginValue + 1, len);
        *endValue = '0';
        *beginValue = '0';
        *paramLen = len;
        return 1;
    } else {
        *paramLen = 0;
        return 0;
    }
}

char *Parce_Boundary(const char *data, uint32_t len, char *dst, uint8_t dstlen)
{
    char *ptr = NULL;
    char *boundary = NULL;
    uint8_t i = 0;

    for (uint32_t j = 0; j < len; j++) {
        if (strncmp ((char *)(data + j), "boundary=", 9) == 0) {
            boundary = (char *)data + j + 9;
            break;
        }
    }

    if (!boundary) { return NULL; }

    *dst++ = '-';
    *dst++ = '-';

    ptr = boundary;
    while ((*ptr != 0x0d) && (i < dstlen - 4)) {
        *dst++ = *ptr++;
        i++;
    }
    //*dst++ = '-';
    //*dst++ = '-';
    *dst = '\0';

    if (i > 0) {
        return boundary;
    } else {
        return NULL;
    }
}

void ClearParamString(char *inBuf)
{
    uint16_t len;
    char *str;

    str = strstr(inBuf, "HTTP");

    if (str != 0) {
        len = str - inBuf;
        memset(str, 0, RECIVE_BUF_MAX_LEN - len - 1);
    }
}

/**
  * @brief
  * @retval None
  */
uint8_t GetParamValue(char *inStr, char *paramName, char *paramValue, uint8_t *paramLen)
{
    char *beginValue = 0;
    char *endValue = 0;
    int  len = 0;
    char *strPtr = 0;

    strPtr = strstr(inStr, paramName);

    if (strPtr != 0) {
        beginValue = strpbrk(strPtr, "=");
        endValue = strpbrk(strPtr, "&");
        if (endValue == 0) {
            endValue = strpbrk(strPtr, " ");
        }
        len = endValue - beginValue - 1;
        strncpy(paramValue, beginValue + 1, len);
        *endValue = '0';
        *beginValue = '0';
        *paramLen = len;
        return 1;
    } else {
        *paramLen = 0;
        return 0;
    }
}

// -----------------------------------------------------------------------------

#include "mbedtls/platform.h"

#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h"
#include "mbedtls/net_sockets.h"
#include "mbedtls/error.h"
#include "mbedtls/debug.h"
#include "mbedtls/memory_buffer_alloc.h"
#include "mbedtls_time.h"
#include "mbedtls_debug.h"

#include "FreeRTOS.h"
#include "task.h"

#include "cert_req.h"

#include <stdlib.h>
#include <string.h>

extern unsigned char req_cert[];

static mbedtls_net_context listen_fd, client_fd;
static const uint8_t *pers = (uint8_t *)("ssl_server");
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;


//
void ssl_server(void *pvParameters)
{
    SSL_SERVER_STATE ssl_state = SSL_ACCEPT;
    char *sendPtr;
    int ret;

    mbedtls_net_init( &listen_fd );
    mbedtls_net_init( &client_fd );
    mbedtls_ssl_init( &ssl );
    mbedtls_ssl_config_init( &conf );
    mbedtls_x509_crt_init( &srvcert );
    mbedtls_pk_init( &pkey );
    mbedtls_entropy_init( &entropy );
    mbedtls_ctr_drbg_init( &ctr_drbg );
    mbedtls_platform_set_time(&MBEDTLS_GetTime);
#if defined(MBEDTLS_DEBUG_C)
    mbedtls_debug_set_threshold(DEBUG_LEVEL);
    mbedtls_ssl_conf_dbg(&conf, MBEDTLS_Debug, NULL);
#endif

    // 1. Load the certificates and private RSA key
    mbedtls_printf( "\r\n  . Loading the server cert. and key..." );
    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) sSettings.our_srv_crt,
            (strlen(sSettings.our_srv_crt) + 1) );//mbedtls_test_srv_crtmbedtls_test_srv_crt_len
    if ( ret != 0 ) {
        mbedtls_printf( " failed\r\n  !  mbedtls_x509_crt_parse returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }

    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, mbedtls_test_srv_key_len, NULL, 0 );
    if ( ret != 0 ) {
        mbedtls_printf( " failed\r\n  !  mbedtls_pk_parse_key returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }

    mbedtls_printf( " ok\r\n" );

    // 2. Setup the listening TCP socket
    mbedtls_printf( "  . Bind on https://localhost:443/ ..." );

    if ((ret = mbedtls_net_bind(&listen_fd, NULL, "443", MBEDTLS_NET_PROTO_TCP )) != 0) {
        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }

    mbedtls_printf( " ok\r\n" );

    // 3. Seed the RNG
    mbedtls_printf( "  . Seeding the random number generator..." );
    if ((ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers,
                    strlen( (char *)pers))) != 0) {
        mbedtls_printf( " failed\r\n  ! mbedtls_ctr_drbg_seed returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }
    mbedtls_printf( " ok\r\n" );

    // 4. Setup stuff
    mbedtls_printf( "  . Setting up the SSL data...." );
    if ( ( ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM,
                    MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
        mbedtls_printf( " failed\r\n  ! mbedtls_ssl_config_defaults returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }

    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);

    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
    if ( ( ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey ) ) != 0) {
        mbedtls_printf( " failed\r\n  ! mbedtls_ssl_conf_own_cert returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }

    if ( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) {
        mbedtls_printf( " failed\r\n  ! mbedtls_ssl_setup returned %d\r\n", ret );
        ssl_state = SSL_CRITICAL_ERROR;
    }
    mbedtls_printf( " ok\r\n" );


    for (;;) {
        switch (ssl_state) {
            case SSL_ACCEPT :

                mbedtls_ssl_session_reset( &ssl );
                mbedtls_printf( "  . Waiting for a remote connection ...\r\n" );

                if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, NULL, 0, NULL)) != 0) {
                    mbedtls_printf( " failed\r\n  ! mbedtls_net_accept returned %d\r\n", ret );
                    ssl_state = SSL_ERROR;
                } else {
                    mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );//mbedtls_net_recv
                    mbedtls_printf( " ok\r\n" );

                    ssl_state = SSL_HANDSHAKE;
                }

                break;

            case SSL_HANDSHAKE :

                mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
                while ( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) {
                    if ( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) {
                        mbedtls_printf( " failed\r\n  ! mbedtls_ssl_handshake returned %d\r\n", ret );
                        ssl_state = SSL_ERROR;
                        break;
                    }
                }

                if (ret != 0) {
                    ssl_state = SSL_ERROR;
                } else {
                    mbedtls_printf( " ok\r\n" );
                    ssl_state = SSL_READ;
                }

                break;

            case SSL_READ :
                //printf("SSL_READ\r\n");
                if (SSL_ReadRoutine(&ssl, (unsigned char *)receiveBuf) <= 0) {
                    ssl_state = SSL_ERROR;
                } else {
                    ssl_state = SSL_PROCESSING;
                }
                break;

            case SSL_PROCESSING :
                //printf("SSL_PROCESSING\r\n");
                sendPtr = SSL_ProcessingRoutine(&sendBufLoadLen);
                if (sendPtr) {
                    ssl_state = SSL_WRITE;
                } else {
                    ssl_state = SSL_ACCEPT;
                }
                break;

            case SSL_WRITE :
                //printf("SSL_WRITE\r\n");
                SSL_WriteRoutine(&ssl, sendPtr, sendBufLoadLen);
                ssl_state = SSL_CLOSE;
                break;

            case SSL_CLOSE :
                //printf("SSL_CLOSE\r\n");
                mbedtls_ssl_close_notify(&ssl);
                mbedtls_net_free(&client_fd);
                //mbedtls_ssl_free( &ssl );
                ssl_state = SSL_ACCEPT;
                break;

            case SSL_ERROR :
                //printf("SSL_ERROR\r\n");
                //mbedtls_net_free(&client_fd);
                //mbedtls_ssl_free( &ssl );
                mbedtls_ssl_close_notify(&ssl);
                mbedtls_net_free(&client_fd);
                ssl_state = SSL_ACCEPT;
                break;

            case SSL_CRITICAL_ERROR:
                //printf("SSL_CRITICAL_ERROR\r\n");
                mbedtls_x509_crt_free( &srvcert );
                mbedtls_pk_free( &pkey );
                mbedtls_ssl_free( &ssl );
                mbedtls_ssl_config_free( &conf );
                mbedtls_ctr_drbg_free( &ctr_drbg );
                mbedtls_entropy_free( &entropy );
                vTaskDelete(NULL);
                break;
        }
    }
}

/**
  * @brief  Initialize the HTTPS server (start its thread)
  */
void HTTPS_Init()
{
    char buf[MAX_WEB_COOKIE_LEN];
    uint8_t user_id;

    for (user_id = 0; user_id < MAX_WEB_USERS; user_id++) {
        // Flush user cookie by random value
        sprintf(buf, "%X", (unsigned int)GetRandomNumber());
        HTTP_SetUserCookie(buf, user_id);
        // Create user logout timers
        users[user_id].LogoutTimer = xTimerCreate("LogoutTmr", WEB_LOGOUT_TIME, pdFALSE, ( void * ) user_id,
                LogoutTimerCallback);
    }
    RepeatLoginTimer = xTimerCreate("LoginTmr", REPEAT_LOGIN_TIME, pdFALSE, ( void * ) 0, LoginTimerCallback);
}

//
int SSL_ReadRoutine(mbedtls_ssl_context *ssl, unsigned char *recvBuf)
{
    int ret;

    mbedtls_printf( "  < Read from client:" );
    do {
        receivedBufLen = RECIVE_BUF_MAX_LEN - 1;
        memset(recvBuf, 0, RECIVE_BUF_MAX_LEN);
        ret = mbedtls_ssl_read(ssl, receiveBuf, receivedBufLen);

        if ( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) {
            continue;
        }

        if ( ret <= 0 ) {
            switch ( ret ) {
                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
                    mbedtls_printf( " connection was closed gracefully\r\n" );
                    break;

                case MBEDTLS_ERR_NET_CONN_RESET:
                    mbedtls_printf( " connection was reset by peer\r\n" );
                    break;

                default:
                    mbedtls_printf( "mbedtls_ssl_read returned -0x%x\r\n", -ret );
                    break;
            }
            return ret;
        }

        receivedBufLen = ret;
    } while (0);
}

//
SSL_SERVER_STATE SSL_WriteRoutine(mbedtls_ssl_context *ssl, char *data, int datalen)
{
    return SSL_SendFrames(ssl, data, datalen);
}

//
char *SSL_ProcessingRoutine(uint16_t *sendLen)
{
    web_func_handler_t *h;

    getAuthenticatedState();

    if ( Authenticated == false && sSettings.sRADIUS.Auth_enable == false) {
        HTTP_LOGIN(sendBuf, sendLen);
        return sendBuf;
    }

    for (h = &process_web_funcs[0]; h->handler; h++) {
        if (strncmp(receiveBuf, h->client_req, h->len) == 0) {
#ifdef HTTP_AUTH_ENABLE
            if (h->accsess == TIME_ACCESS && !Authenticated) {
                strcpy(sendBuf, HTTP_401_NO_AUTH);
                if((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false))
                     strcat(sendBuf,
                    "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/rslogin.html\"/></head></html>\r\n");
                else
                    strcat(sendBuf,
                    "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/login.html\"/></head></html>\r\n");
                *sendLen = strlen(sendBuf);
                return sendBuf;
            }
#endif
            return h->handler(0, receiveBuf, sendBuf, receivedBufLen, sendLen);
        }
    }
}

#define FRAME_SIZE   (1000)
SSL_SERVER_STATE SSL_SendFrames(mbedtls_ssl_context *ssl, char *data, int datalen)
{
    SSL_SERVER_STATE ret;
    int retClose;
    int index = 0;
    int k = 0;
    int lastframe, nbrframes;

    nbrframes = datalen / FRAME_SIZE;

    while (nbrframes > 0) {
        index = k * FRAME_SIZE;

        if (SSL_Write(ssl, (data + index), FRAME_SIZE ) == SSL_WRITE_ERROR) {
            return SSL_WRITE_ERROR;
        }

        nbrframes--;
        k++;
    }

    index = k * FRAME_SIZE;
    lastframe = datalen % FRAME_SIZE ;
    if (SSL_Write(ssl, (data + index), lastframe ) == SSL_WRITE_ERROR) {
        return SSL_WRITE_ERROR;
    }

    return SSL_WRITE_OK;
}

SSL_SERVER_STATE SSL_Write(mbedtls_ssl_context *ssl, char *data, int datalen)
{
    int ret;

    mbedtls_printf( "  > Write to client:" );

    while ( ( ret = mbedtls_ssl_write(ssl, data, datalen) ) <= 0 ) {
        if ( ret == MBEDTLS_ERR_NET_CONN_RESET ) {
            mbedtls_printf( " failed\r\n  ! peer closed the connection\r\n" );
            return SSL_WRITE_ERROR;
        }

        if ( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) {
            mbedtls_printf( " failed\r\n  ! mbedtls_ssl_write returned %d\r\n", ret );
            return SSL_WRITE_ERROR;
        }
    }

    mbedtls_printf( " %d bytes written\r\n", ret);
    return SSL_WRITE_OK;
}


char *HTTP_HistoryPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    uint8_t valueLen = 0;
    char value[20];
    (void)reqNum;

    (void)lenBufIn;
    (void)reqNum;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);

    ClearParamString(bufIn);

    memset(value, 0, 20);
    GetParamValue(bufIn, "page=", value, &valueLen);

    if (strcmp(value, "all") == 0) {
        if (!LOG_IsInit()) {
            return 0;
        }

        if (fLogTransInprog == false) {

            // Send log as raw data
            log_ptr = 0;

            log_size = History_GetTotalSTRCount() * STRING_SIZE_HISTORY + sizeof(UTF8_BOM) - 1;
            sprintf(bufOut, "HTTP/1.1 200 OK\r\nContent-Length:%lu\r\n\r\n%s", log_size, UTF8_BOM);

            *lenBufOut = strlen(bufOut);

            // Set file transfer in progress flag
            fLogTransInprog = true;

            if (SSL_SendFrames(&ssl, bufOut, *lenBufOut) == SSL_ERROR) {
                return 0;
            }

            HTTP_SendHistory();
            return 0;
        } else {
            // We send nothing if file transfer already in progress
            return 0;
        }
    } else {
        if (!LOG_IsInit()) {
            return 0;
        } else {
            HTTP_GetHistoryPage(bufOut, atoi(value));
            *lenBufOut = strlen(bufOut);

            return bufOut;
        }
    }
}

char *HTTP_UpsHistoryPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    uint8_t valueLen = 0;
    char value[20];

    (void)lenBufIn;
    (void)reqNum;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);

    ClearParamString(bufIn);

    memset(value, 0, 20);
    GetParamValue(bufIn, "page=", value, &valueLen);

    if (strcmp(value, "all") == 0) {
        if (!LOG_IsInit()) {
            return 0;
        }

        if (fLogTransInprog == false) {

            // Send log as raw data
            log_ptr = 0;

            log_size = LOG_GetTotalSTRCount() * STRING_SIZE + sizeof(UTF8_BOM) - 1;
            sprintf(bufOut, "HTTP/1.1 200 OK\r\nContent-Length:%lu\r\n\r\n%s", log_size, UTF8_BOM);

            *lenBufOut = strlen(bufOut);

            // Set file transfer in progress flag
            fLogTransInprog = true;

            if (SSL_SendFrames(&ssl, bufOut, *lenBufOut) == SSL_ERROR) {
                return 0;
            }

            HTTP_SendLog();
            return 0;
        } else {
            // We send nothing if file transfer already in progress
            return 0;
        }
    } else {
        if (!LOG_IsInit()) {
            return 0;
        } else {
            HTTP_GetUpsHistoryPage(bufOut, atoi(value));
            *lenBufOut = strlen(bufOut);

            return bufOut;
        }
    }
}

/**
  * @brief  Установка даты производства
  */
// TODO Убрать заглушку!
void HTTP_Prodate(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    uint8_t valueLen = 0;
    char value[20];

    (void)lenBufIn;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);

    ClearParamString(bufIn);

    memset(value, 0, 20);
    GetParamValue(bufIn, "prodate=", value, &valueLen);
    /*
    printf("Prodate: ");
    printf(value);
    printf("\r\n");
    */

    /* Устанавливаем дату производства */
    SETTINGS_SetProDate(value, valueLen);

    /* Пока отправляем true */
    strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type:text/html\r\n\r\nTrue");
    *lenBufOut = strlen(bufOut);

    TEST_SetServerFlag();
}

/**
  * @brief
  * @retval None
  */
char *HTTP_SetSettingsPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    char *DataOffset;
    (void)reqNum;

    if (seclevel == USER) {
        return 0;
    }

    DataOffset = 0;
    // POST Packet received
    TotalReceived = 0;
    TotalData = 0;
    memset(bufOut, 0, strlen(bufOut));
    // parse packet for Content-length field
    size = Parse_Content_Length(bufIn, lenBufIn);
    DataOffset = strstr(bufIn, "managerIP");

    // case of MSIE8 : we do not receive data in the POST packet
    if (DataOffset == 0) {
        SSL_ReadRoutine(&ssl, bufIn);
        DataOffset = strstr(bufIn, "managerIP");
    }

    TotalReceived = receivedBufLen - (DataOffset - bufIn);
    TotalData += TotalReceived;
    strncat(bufOut, DataOffset, TotalReceived);

    for (int i = TotalData; i < size; i ++) {
        SSL_ReadRoutine(&ssl, bufIn);
        strncat(sendBuf,  bufIn, receivedBufLen);
        TotalData += receivedBufLen;
    }
    // check if last data packet
    if (TotalData == size) {
        DBG printf("State: Received %u bytes\r\n", (unsigned int)TotalData);
        //  printf("receive %s \r\n", sendBuf);
        strncat(bufOut, " ", 1);
        HTTP_SetSettings(bufOut, strlen(sendBuf));
        memset(sendBuf, 0, size);
        strcpy(bufOut, HTTP_200_OK);
        strcat(bufOut,
            "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/settings.html\"/></head></html>\r\n");
        *lenBufOut = strlen(bufOut);
        return bufOut;
    }

    return 0;
}

/**
  * @brief
  * @retval None
  */
void HTTP_SetSettings(char *buf, uint16_t lenBuf)
{
    uint8_t valueLen = 0;
    const uint8_t len = MAX_WEB_PARAM_LEN;
    char value[MAX_WEB_PARAM_LEN];
    char str[MAX_WEB_PARAM_LEN];

    (void)lenBuf;

    //printf(buf);

    //ClearParamString(buf);

    memset(value, 0, len);
    memset(str, 0, MAX_WEB_PARAM_LEN);

    /* SNMP */
    GetParamValue(buf, "read_community=", value, &valueLen);
    SetReadCommunity(value);
    memset(value, 0, len);

    GetParamValue(buf, "write_community=", value, &valueLen);
    SetWriteCommunity(value);
    memset(value, 0, len);

    GetParamValue(buf, "managerIP=", value, &valueLen);
    SetManagerIp(value);
    memset(value, 0, len);

    GetParamValue(buf, "managerIP2=", value, &valueLen);
    SetManagerIp2(value);
    memset(value, 0, len);

    GetParamValue(buf, "managerIP3=", value, &valueLen);
    SetManagerIp3(value);
    memset(value, 0, len);

    GetParamValue(buf, "managerIP4=", value, &valueLen);
    SetManagerIp4(value);
    memset(value, 0, len);

    GetParamValue(buf, "managerIP5=", value, &valueLen);
    SetManagerIp5(value);
    memset(value, 0, len);

    /* Сетевые параметры */
    GetParamValue(buf, "dhcp=", value, &valueLen);
    SetDhcpStateStr(value);

    if (strncmp(value, "on", 2) != 0) { // Если dhcp off устанавливаем параметры
        memset(value, 0, len);

        GetParamValue(buf, "ipaddr=", value, &valueLen);
        SetIPStr(value);
        memset(value, 0, len);

        GetParamValue(buf, "gw=", value, &valueLen);
        SetGatewayStr(value);
        memset(value, 0, len);

        GetParamValue(buf, "mask=", value, &valueLen);
        SetMaskStr(value);
        memset(value, 0, len);
    }
    memset(value, 0, len);

    GetParamValue(buf, "swauth=", value, &valueLen);
    SetAuthEnableStateStr(value);

    if (strncmp(value, "on", 2) == 0) {
        /* параметры RADIUS*/
        memset(value, 0, len);
        GetParamValue(buf, "rs_enabled=", value, &valueLen);
        SetRDSEnableStateStr(value);

        if (strncmp(value, "on", 2) == 0) { // Если raddius off устанавливаем параметры
            memset(value, 0, len);
            GetParamValue(buf, "rs_server=", value, &valueLen);
            SetRDSIpStr(value);
            memset(value, 0, len);

            GetParamValue(buf, "rs_port=", value, &valueLen);
            SetRDSPortStr(value);
            memset(value, 0, len);

            GetParamValue(buf, "rs_pwd=", value, &valueLen);
            SetRDSPasswordkStr(value);
            memset(value, 0, len);

            GetParamValue(buf, "rs_key=", value, &valueLen);
            SetRDSKeyAccesstStr(value);
            memset(value, 0, len);
        }
    }
    memset(value, 0, len);

    // Параметры реле и сухих контактов
    GetParamValue(buf, "di1=", value, &valueLen);
    SetDINTypeActStr(value, 0);
    memset(value, 0, len);

    GetParamValue(buf, "ro1=", value, &valueLen);
    SetROTypeActStr(value, 0);
    memset(value, 0, len);

    GetParamValue(buf, "ro2=", value, &valueLen);
    SetROTypeActStr(value, 1);
    memset(value, 0, len);

    GetParamValue(buf, "utc=", value, &valueLen);
    SetSntpTimeZoneStr(value);
    memset(value, 0, len);

    // Параметры даты и времени
    GetParamValue(buf, "ntp=", value, &valueLen);

    if (strncmp(value, "1", 1) == 0) { // Если ntp on устанавливаем параметры
        bool old_sntp = false;
        bool enable_old_sntp = sSettings.sSNTP.sntpEnable;
        memset(str, 0, len);
        GetParamValue(buf, "ntpservip=", str, &valueLen);
        if (strncmp(str, sSettings.sSNTP.ip, valueLen)) {
            old_sntp = true;
        }
        SetSntpServerIpStr(str);
        SetSntpStateStr(value);
        if (sSettings.sSNTP.sntpEnable != enable_old_sntp) {
            old_sntp = true;
        }
        if (old_sntp) {
            SNTP_Init();
            //vTaskDelay(7000);
            SNTP_Poll();
        }
        memset(value, 0, len);
        memset(str, 0, len);
    } else if (strncmp(value, "0", 1) == 0) {
        SetSntpStateStr(value);
        memset(value, 0, len);
        GetParamValue(buf, "date=", value, &valueLen);
        SetDateStr(value);
        memset(value, 0, len);
        GetParamValue(buf, "time=", value, &valueLen);
        memset(str, 0, len);
        url_decode(str, sizeof(str), value);
        SetTimeStr(str);
        memset(value, 0, len);
        memset(str, 0, len);
    }

    GetParamValue(buf, "ups_cell_min=", value, &valueLen);
    SetUPSVoltCellMinStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "ups_cell_max=", value, &valueLen);
    SetUPSVoltCellMaxStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "temp_high=", value, &valueLen);
    SetTemperatureAlarmHighRangeStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "temp_low=", value, &valueLen);
    SetTemperatureAlarmLowRangeStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "temp_hist=", value, &valueLen);
    SetTemperatureAlarmHisteStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "loadvolt_high=", value, &valueLen);
    SetLoadAlarmHighRangeStr(value);
    memset(value, 0, len);

    GetParamValue(buf, "loadvolt_hist=", value, &valueLen);
    SetLoadAlarmHistStr(value);
    memset(value, 0, len);

    /* Если параметры WEB изменились выставляем флаг, сохраняем настройки и перезагружаемся */
    if (GetStateWebReinit() == true) {
        SetWebReinitFlag(true);
        HTTP_SaveSettings();
        /* Блокируем управление ключем на тау секунд*/
        //IO_KeyBlockOn();
        vTaskDelay(1010);
        Reboot(WEB_ACT);
    }

    HTTP_SaveSettings();
}

/**
  * @brief
  * @retval None
  */
char *HTTP_GetSert(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufIn;
    (void)lenBufIn;
    (void)reqNum;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);
    strcpy(bufOut, HTTP_200_OK);
    SSL_CreateReqCert();
    strncpy(bufOut, req_cert, strlen(req_cert));
    *lenBufOut = strlen(bufOut);
    return bufOut;
}

/**
  * @brief
  * @retval None
  */
char *HTTP_Upload_Sert(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    char *DataOffset;
    static char boundary[70];
    static char *pbound = NULL;
    char *ContentOffset = 0;
    (void)reqNum;

    DataOffset = 0;
    TotalData = 0;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);
    //printf("receive %s \r\n", receiveBuf);
    // parse packet for Content-length field
    size = Parse_Content_Length(bufIn, lenBufIn);
    pbound = Parce_Boundary(bufIn, lenBufIn, boundary, sizeof(boundary));
    if (pbound != NULL) {
        ContentOffset = strstr(bufIn, boundary);
        DataOffset = strstr(ContentOffset, "\r\n\r\n");
        if ( DataOffset != NULL ) {
            DataOffset += 4;
        }
    } else {
        SSL_ReadRoutine(&ssl, (unsigned char *)bufIn);
        bufIn[receivedBufLen] = '\0';
        lenBufIn = receivedBufLen;
        pbound = Parce_Boundary(bufIn, lenBufIn, boundary, sizeof(boundary));
        if (pbound != NULL) {
            ContentOffset = strstr(bufIn, boundary);
            DataOffset = strstr(ContentOffset, "\r\n\r\n");
            if ( DataOffset != NULL ) {
                DataOffset += 4;
            }
        }
    }
    // case of MSIE8 : we do not receive data in the POST packet
    if (DataOffset == NULL) {
        SSL_ReadRoutine(&ssl, (unsigned char *)bufIn);
        bufIn[receivedBufLen] = '\0';
        lenBufIn = receivedBufLen;
        //printf("receive2 %s \r\n", bufIn);
        ContentOffset = strstr(bufIn, boundary);
        DataOffset = strstr(ContentOffset, "\r\n\r\n");
        if ( DataOffset != NULL ) {
            DataOffset += 4;
        }
    }
    TotalReceived = lenBufIn - (uint32_t)(ContentOffset - bufIn);
    TotalData += TotalReceived;
    strncat(bufOut,  DataOffset, TotalReceived);

    while (TotalData < size) {
        SSL_ReadRoutine(&ssl, (unsigned char *)bufIn);
        bufIn[receivedBufLen] = '\0';
        //printf("receive3 %s \r\n", receiveBuf);
        strncat(bufOut,  bufIn, lenBufIn);
        TotalData += lenBufIn;
        //printf("TotalData %d \r\n", TotalData);
        /*printf("receivedBufLen %d \r\n", receivedBufLen);
        printf("TotalData %d \r\n", TotalData);
        printf("size %d \r\n", size);
        printf("receive3 %s \r\n", (receiveBuf+receivedBufLen - 30));*/
    }
    //printf("TotalData %d \r\n", TotalData);
    // check if last data packet
    if (TotalData == size) {
        // printf("receive %s \r\n", sendBuf);
        if (strstr(bufOut, "BEGIN CERTIFICATE") != NULL) {
            DataOffset = strstr(bufOut, "-----END CERTIFICATE");
            uint32_t len_crt = (uint32_t)(DataOffset - bufOut) + 25;
            memset(sSettings.our_srv_crt, 0, sizeof(sSettings.our_srv_crt));
            memcpy(sSettings.our_srv_crt, bufOut, len_crt);
            strcat(bufOut,  "\r\n");
            HTTP_SaveSettings();
            memset(bufOut, 0, SEND_BUF_MAX_LEN);
            strcpy(bufOut, HTTP_200_OK);
            strcat(bufOut, "1");
        } else {
            memset(bufOut, 0, SEND_BUF_MAX_LEN);
            strcpy(bufOut, HTTP_200_OK);
            strcat(bufOut, "Некорректный сертефикат");
        }
        *lenBufOut = strlen(bufOut);
        return bufOut;
    }
    return 0;
}

/**
  * @brief
  * @retval None
  */
char *HTTP_SetInfoPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    char *DataOffset;
    (void)reqNum;

    if (seclevel == USER) {
        return 0;
    }

    DataOffset = 0;
    // POST Packet received{
    TotalReceived = 0;
    TotalData = 0;
    memset(bufOut, 0, SEND_BUF_MAX_LEN);
    // parse packet for Content-length field
    size = Parse_Content_Length(bufIn, lenBufIn);
    DataOffset = strstr(bufIn, "sysname");

    // case of MSIE8 : we do not receive data in the POST packet
    if (DataOffset == 0) {
        SSL_ReadRoutine(&ssl, bufIn);
        DataOffset = strstr(bufIn, "sysname");
    }
    TotalReceived = receivedBufLen - (DataOffset - bufIn);
    TotalData += TotalReceived;
    strncat(bufOut,  DataOffset, TotalReceived);

    // check if last data packet
    if (TotalData == size) {
        strncat(bufOut,  " ", 1);
        HTTP_SetInfo(bufOut, strlen(bufOut));
        memset(bufOut, 0, size);

        strcpy(bufOut, HTTP_200_OK);
        strcat(bufOut,
            "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/info.html\"/></head></html>\r\n\r\n");

        *lenBufOut = strlen(bufOut);
        return bufOut;
    }
    return 0;
}

/**
  * @brief
  * @retval None
  */
void HTTP_SetInfo(char *buf, uint16_t lenBuf)
{
    uint8_t valueLen = 0;
    const uint8_t len = 110;
    char value[330];
    char str[110];

    (void)lenBuf;

    // ClearParamString(buf);

    memset(value, 0, len);

    /* Название устройства */
    GetParamValue(buf, "sysname=", value, &valueLen);
    url_decode(str, sizeof(str), value);
    SetNameDeviceStr(str);
    memset(value, 0, len);

    /* Владелец */
    GetParamValue(buf, "owner=", value, &valueLen);
    url_decode(str, sizeof(str), value);
    SetOwner(str);
    memset(value, 0, len);

    /* Владелец */
    GetParamValue(buf, "sysLocation=", value, &valueLen);
    url_decode(str, sizeof(str), value);
    SetLocation(str);
    memset(value, 0, len);

    /* Комментарий */
    GetParamValue(buf, "comment=", value, &valueLen);
    url_decode(str, sizeof(str), value);
    SetComment(str);
    memset(value, 0, len);

    HTTP_SaveSettings();
}

/**
  * @brief  Запуск/останов теста UPS
  */
char *HTTP_UPSTest(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    uint8_t valueLen = 0;
    char tempValue[20];
    char tempValue2[20];
    int8_t res = 0;
    char log_string[50];

    (void)lenBufIn;
    (void)reqNum;

    memset(tempValue, 0, 20);
    memset(tempValue2, 0, 20);
    memset(log_string, 0, 50);

    strcpy(bufOut, HTTP_200_OK);

    GetParamValue(bufIn, "func=", tempValue, &valueLen);
    if (strcmp(tempValue, "stop") == 0) {
        res = ups_metac_service_pdu(ups_cancel_test);
        if (res == 1 || res == 0) {
            strcat(bufOut, "Команда \"Останов теста\" принята ИБП!");
            strcpy(log_string, name_login);
            strcat(log_string, " (Останов)");
            log_event_data(LOG_TEST_UPS, log_string);
        }
        if (res == -1) {
            strcat(bufOut, "Команда \"Останов теста\" отклонена ИБП!");
        }
    } else if (strcmp(tempValue, "discharge") == 0) {
        res = ups_metac_service_pdu(ups_test_low_bat);
        set_act_source(WEB_ACT);
        if (res == 1 || res == 0) {
            strcat(bufOut, "Команда \"Запуск теста\" принята ИБП!");
        }
        if (res == -1) {
            strcat(bufOut, "Команда \"Запуск теста\" отклонена ИБП!");
        }
    } else if (strncmp(tempValue, "time", 6) == 0) {
        GetParamValue(bufIn, "=", tempValue2, &valueLen);
        TimeParam = atoi(tempValue2);
        res = ups_metac_service_pdu(ups_test_time);
        if (res == 1 || res == 0) {
            strcat(bufOut, "Команда \"Запуск теста\" принята ИБП!");
        }
        if (res == -1) {
            strcat(bufOut, "Команда \"Запуск теста\" отклонена ИБП!");
        }
    }
    *lenBufOut = strlen(bufOut);

    return bufOut;
}

/**
  * @brief  Выклюение UPS
  */
char *HTTP_UPSshutdown(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    uint8_t valueLen = 0;
    char *valueLenEnd = 0;
    char tempValue[50];
    char tempValue2[50];
    int8_t res = 0;
    char log_string[50];

    (void)lenBufIn;
    (void)reqNum;

    memset(tempValue, 0, 50);
    memset(log_string, 0, 50);

    strcpy(bufOut, HTTP_200_OK);

    GetParamValue(bufIn, "func=", tempValue, &valueLen);
    if (strcmp(tempValue, "reboot") == 0) {
        res = ups_metac_service_pdu(ups_cancel_shut_down);
        if (res == 1) {
            strcpy(log_string, name_login);
            strcat(log_string, " (Останов)");
            log_event_data(LOG_SHUTDOWN_UPS, log_string);
            strcat(bufOut, "Команда \"Отмена выключения нагрузки\" принята ИБП!");
        } else {
            strcat(bufOut, "Команда \"Отмена выключения нагрузки\" отклонена ИБП!");
        }
    } else if (strncmp(tempValue, "off", 5) == 0) {
        memset(tempValue2, 0, 50);
        GetParamValue(bufIn, "after=", tempValue2, &valueLen);
        TimeParamFloat = atof(tempValue2);
        res = ups_metac_service_pdu(ups_shutdown);
        if (res == 1) {
            strcat(bufOut, "Команда \"Отключения нагрузки\" принята ИБП!");
            log_event_data(LOG_SHUTDOWN_UPS, name_login);
        } else {
            strcat(bufOut, "Команда \"Отключения нагрузки\" отклонена ИБП!");
        }
    }
    *lenBufOut = strlen(bufOut);

    return bufOut;
}

char *HTTP_Reset(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufIn;
    (void)bufOut;
    (void)lenBufIn;
    (void)reqNum;

    HTTP_ResetSettings();
    HTTP_SaveSettings();

    fs_open("/settings.html", &file);
    *lenBufOut = file.len;
    return file.data;
}

char *HTTP_Confirm(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufIn;
    (void)bufOut;
    (void)lenBufIn;
    (void)reqNum;

    SetWebReinitFlag(false);
    SetConfirmWebParamsFlag();

    fs_open("/index.html", &file);
    *lenBufOut = file.len;
    return file.data;
}

char *HTTP_GetRequest(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufOut;
    (void)reqNum;
#ifdef HTTP_AUTH_ENABLE
    const char *html_page_name[] = {
        "/main.css",
        "/rotek.png",
        "/favicon.ico",
        "/role.js"
    };
#endif
    char filename[MAX_FILENAME_LEN];
    char nonmatch[MAX_ETAG_LEN];
    char *pnonmatch = NULL;
    uint8_t len;

    memset(filename, 0, MAX_FILENAME_LEN);
    if (GetFileName(bufIn, filename, &len)) {
        /* Parce If-Non_Match value */
#ifdef HTTP_AUTH_ENABLE
        if (!Authenticated) {
            for (uint8_t i = 0; i < 4; i ++) {
                if (strcmp(filename, html_page_name[i]) == 0) {
                    break;
                }
                if (i == 3) {
                    if((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
                        strcpy(filename, "/rslogin.html");
                    } else {
                        strcpy(filename, "/login.html");
                    }
                }
            }
        } else {
            HTTP_UpdateUserLoginTime(user_id);
        }
#endif
        uint8_t nonmatch_len = Parse_Header(bufIn, lenBufIn, If_None_Match, 15, nonmatch);
        if (nonmatch_len < MAX_ETAG_LEN && nonmatch_len > 0) {
            //DBG printf("If_None_Match: %s\r\n", nonmatch);
            pnonmatch = nonmatch;
        }
        return send_file(filename, pnonmatch, &file, lenBufOut);
    }
    return 0;
}

char* HTTP_NoFound(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
	(void)bufIn;
	(void)bufOut;
	(void)lenBufIn;
  (void)reqNum;
#ifdef HTTP_AUTH_ENABLE
  HTTP_UpdateUserLoginTime(user_id);
#endif
	fs_open("/index.html", &file); // +
	*lenBufOut = file.len;
	return file.data;
}

/**
  * @brief  Проверка пароля для перехода в режим bootloader
  * @retval None
  */
char  *HTTP_ConfirmBootPwd(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufIn;
    (void)lenBufIn;
    (void)reqNum;

    strcpy(bufOut, HTTP_200_OK);
    *lenBufOut = strlen(bufOut);
    /* Запускаем задачу отложенной перезагрузки. Контроллер должен успеть
       отправить ответ серверу о статусе пароля */
    HTTP_StartResetTask(true);

    return bufOut;
}

#ifdef HTTP_AUTH_ENABLE

void LoginTimerCallback(TimerHandle_t pxTimer)
{
    cnt_err_psw = 0;
    DBG printf("cnt_err_psw %d", cnt_err_psw);
    xTimerStop(RepeatLoginTimer, 0);
}

/**
  * @brief  Проверка пароля для входа в Web
  * @retval None
  */
int HTTP_ConfirmWebPwd(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    char tempStr[50];
    char login[20];
    char password[20];
    uint8_t valueLen, user_id = 0xff;
    char *strPtr = 0;
    char WebPassword[MAX_WEB_PASSWD_LEN];
    char WebLogin[MAX_WEB_LOGIN_LEN];

    memset(login, 0, 20);
    memset(password, 0, 20);
    memset(tempStr, 0, 50);

    memset(name_login, 0, 50);

    /* Get first 50 bytes of string */
    strncpy(tempStr, bufIn, 49);

    /* Add " " to the string in order GetParamValue() can be able to parse the param */
    strcat(tempStr, " ");
    GetParamValue(tempStr, "login=", login, &valueLen);
    GetParamValue(tempStr, "password=", password, &valueLen);

    if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
        switch (RC_Login(login, password)) {
            case RC_ERROR:
                Authenticated = false;
                break;
            case RC_LOGIN_ADMIN_OK:
                Authenticated = true;
                user_id = 0;
                break;
            case RC_LOGIN_USER_OK:
                Authenticated = true;
                user_id = 1;
                break;
            case RC_NET_ERR:
                Authenticated = false;
                fl_raddius_net_err = true;
                strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type: text/html;\r\n\r\n");
                strcat(bufOut,
                    "<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Ошибка соединения с RADIUS сервером</h2></center></html>");
                *lenBufOut = strlen(bufOut);
                return SEND_REQUIRED_NO;
                break;
            case RC_ACC_DENIED:
                Authenticated = false;
                break;
            default:
                break;
        }
    } else {
        for (user_id = 0; user_id < MAX_WEB_USERS; user_id++) {

            GetUserLogin(user_id, WebLogin, &valueLen);
            GetUserPassword(user_id, WebPassword, &valueLen);

            /* Check login and password */
            if ((strncmp(WebLogin, login, MAX_WEB_LOGIN_LEN) == 0) &&
                (strncmp(WebPassword, password, MAX_WEB_PASSWD_LEN) == 0)) {

                /* Login and pass are valid */

                /* TODO replace global flag with user-pass-cookie */
                if (cnt_err_psw < 4) {
                    cnt_err_psw = 0;
                    Authenticated = true;
                } else {
                    Authenticated = false;
                }
                break;
            } else {
                Authenticated = false;
            }
        }
    }

    if (Authenticated) {
        /* Generate cookie */
        sprintf(tempStr, "%X", (unsigned int)GetRandomNumber());

        /* Set users cookie */
        HTTP_SetUserCookie(tempStr, user_id);

        HTTP_UpdateUserLoginTime(user_id);

        /* Send login and cookie back */
        strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type:text/html\r\nSet-Cookie: uname=");
        strcat(bufOut, login);
        strcat(bufOut, "\r\nSet-Cookie: id=");
        strcat(bufOut, tempStr);
        sprintf(tempStr, "%d", (user_id + 1));
        strcat(bufOut, "\r\nSet-Cookie: role=");
        strcat(bufOut, tempStr);
        strcat(bufOut, "\r\nSet-Cookie: auth=1");
        strcat(bufOut, "\r\n\r\n");
        strcat(bufOut,
            "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/index.html\"/></head></html>\r\n\r\n");

        *lenBufOut = strlen(bufOut);
        if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
            snprintf(name_login, (strlen(login) + 1), login);
        } else {
            fl_raddius_net_err = false;
            switch (user_id) {
                case 0:
                    snprintf(name_login, sizeof(name_login), "Администратор");
                    break;
                case 1:
                    snprintf(name_login, sizeof(name_login), "Пользователь");
                    break;
                default:
                    snprintf(name_login, (strlen(login) + 1), login);
                    break;
            }
        }


        log_event_data(LOG_LOGIN, name_login);
        /* Запускаем задачу-таймер логаута. */
        /* TODO отправить ответ серверу о статусе пароля */
        return SEND_REQUIRED_YES;
    } else {
        if (cnt_err_psw <= 4) {
            cnt_err_psw ++;
        }
        DBG printf("cnt_err_psw %d", cnt_err_psw);
        if (cnt_err_psw == 4) {
            xTimerStart(RepeatLoginTimer, 0);
        }
        strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type: text/html;\r\n\r\n");
        if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
            if (cnt_err_psw < 4) {
                strcat(bufOut,
                    "<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/rslogin.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
            } else {
                strcat(bufOut,
                    "<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/rslogin.html\" /></head><center><h2>Вход заблокирован!</h2></center></head><center><h2>Повторите попытку через 1 минуту</h2></center></html>");
            }
        } else {
            if (cnt_err_psw < 4) {
                strcat(bufOut,
                    "<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
            } else {
                strcat(bufOut,
                    "<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Вход заблокирован!</h2></center></head><center><h2>Повторите попытку через 1 минуту</h2></center></html>");
            }
        }
        *lenBufOut = strlen(bufOut);
        return SEND_REQUIRED_NO;
    }
}

void HTTP_LOGIN(char *bufOut, uint16_t *lenBufOut)
{
    char tempStr[50];
    uint8_t valueLen;
    char WebLogin[MAX_WEB_LOGIN_LEN];

    GetUserLogin(ADMIN, WebLogin, &valueLen);

    memset(tempStr, 0, 50);
    memset(name_login, 0, 50);

    /* TODO replace global flag with user-pass-cookie */
    Authenticated = true;

    /* Generate cookie */
    sprintf(tempStr, "%X", (unsigned int)GetRandomNumber());

    /* Set users cookie */
    HTTP_SetUserCookie(tempStr, ADMIN);

    HTTP_UpdateUserLoginTime(ADMIN);

    /* Send login and cookie back */
    strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type:text/html\r\nSet-Cookie: uname=");
    strcat(bufOut, WebLogin);
    strcat(bufOut, "\r\nSet-Cookie: id=");
    strcat(bufOut, tempStr);
    strcat(bufOut, "\r\nSet-Cookie: role=0");
    strcat(bufOut, "\r\nSet-Cookie: auth=0");
    strcat(bufOut, "\r\n\r\n");
    strcat(bufOut,
        "<!DOCTYPE html><html lang=""><head><meta http-equiv=\"refresh\" content=\"0;url=/index.html\"/></head></html>\r\n\r\n");

    *lenBufOut = strlen(bufOut);

    snprintf(name_login, sizeof(name_login), "Администратор");
}

/**
  * @brief Чтение Cookie пользователя
  */
static void HTTP_GetUserCookie(uint8_t user_id, char *str, uint8_t *len)
{
    sprintf(str, "%s", users[user_id].cookie);
    *len = strlen(str);
}

/**
  * @brief Установка Cookie пользователя
  */
static void HTTP_SetUserCookie(char *str, uint8_t user_id)
{
    strcpy(users[user_id].cookie, str);
}

/**
  * @brief Обновление времени последней активности пользователя
  */
static void HTTP_UpdateUserLoginTime(uint8_t user_id)
{
    xTimerStart(users[user_id].LogoutTimer, 0);
}

/**
  * @brief Принудительный логаут пользователя
  */
static void HTTP_ForceUserLogout(uint8_t user_id)
{
    char cookie[MAX_WEB_COOKIE_LEN];

    /* Flush user cookie by random value */
    sprintf(cookie, "%X", (unsigned int)GetRandomNumber());
    HTTP_SetUserCookie(cookie, user_id);
}

/**
  * @brief >Callback таймера логаута пользователя
  */
void LogoutTimerCallback(TimerHandle_t pxTimer)
{
    uint8_t user_id = (uint8_t)pvTimerGetTimerID( pxTimer );
    if ( sSettings.sRADIUS.Auth_enable ) {
        HTTP_ForceUserLogout(user_id);
    }
}

/**
  * @brief  Смена пароля пользователя
  * @retval None
  */
char *HTTP_ChangeUserPwd(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    char tempStr[110];
    char value[20];
    char login[20];
    char password[20];
    char tmp[75];
    uint8_t valueLen, valueLen2, user_id;
    char WebLogin[MAX_WEB_LOGIN_LEN];

    (void)reqNum;
    (void)lenBufIn;

    memset(login, 0, sizeof(login));
    memset(password, 0, sizeof(password));
    memset(tempStr, 0, sizeof(tempStr));
    memset(value, 0, sizeof(value));
    memset(tmp, 0, sizeof(tmp));

    ClearParamString(bufIn);

    strncpy(tempStr, bufIn, 110);

    strcpy(bufOut, HTTP_200_OK);

    if (GetParamValue(tempStr, "username=", login, &valueLen) &&
        GetParamValue(tempStr, "oldpass=", tmp, &valueLen)) {
        url_decode(password, sizeof(password), tmp);
        for (user_id = 0; user_id < MAX_WEB_USERS; user_id++) {
            memset(value, 0, 20);
            memset(WebLogin, 0, MAX_WEB_LOGIN_LEN);
            GetUserLogin(user_id, WebLogin, &valueLen);
            GetUserPassword(user_id, value, &valueLen2);
            /* Check login and password */
            if ((strncmp(WebLogin, login, MAX_WEB_LOGIN_LEN) == 0) &&
                (memcmp(password, value, 11) == 0)) {
                memset(tmp, 0, sizeof(tmp));
                memset(password, 0, 20);
                if (GetParamValue(tempStr, "newpass=", tmp, &valueLen)) {
                    url_decode(password, sizeof(password), tmp);
                    valueLen = strlen(password);
                    memcpy(sSettings.sAuth[user_id].password, password, sizeof(sSettings.sAuth[user_id].password));

                    HTTP_SaveSettings();
                    log_event_data(LOG_PSW_CHANGE, name_login);
                    strcat(bufOut, "Пароль успешно изменён");
                    *lenBufOut = strlen(bufOut);
                    return bufOut;
                } else {
                    strcat(bufOut, "Введены некорректные данные!");
                    *lenBufOut = strlen(bufOut);
                    return bufOut;
                }
            }
        }
        strcat(bufOut, "Введён неверный пароль!");
    } else {
        strcat(bufOut, "Введены некорректные данные!");
    }
    *lenBufOut = strlen(bufOut);
    return bufOut;
}

//
static void getAuthenticatedState(void)
{
    char CookieBuf[51];
    char *CookiePtr = NULL;
    char name[MAX_WEB_COOKIE_LEN];
    char id[MAX_WEB_COOKIE_LEN];
    uint8_t nameLen = 0, idLen = 0;

    receiveBuf[receivedBufLen] = '\0';
    //printf("receive %s \r\n", receiveBuf);
    // Get cookie "uname" value
    memset(CookieBuf, 0, sizeof(CookieBuf));
    CookiePtr = strstr(receiveBuf, "uname=");
    strncpy(CookieBuf, CookiePtr, 50);

    //printf("********CookieBuf1= %s\r\n", CookieBuf);
    memset(name, 0, MAX_WEB_COOKIE_LEN);
    GetCookieValue(CookieBuf, "uname=", name, &nameLen);
    //printf("********CookieBuf2= %s\r\n", CookieBuf);
    //printf("********uname= %s\r\n", name);

    memset(CookieBuf, 0, sizeof(CookieBuf));
    // Get cookie "id" value
    CookiePtr = strstr(receiveBuf, " id=");
    strncpy(CookieBuf, CookiePtr, 50);

    //printf("********CookieBuf1= %s\r\n", CookieBuf);
    memset(id, 0, MAX_WEB_COOKIE_LEN);
    GetCookieValue(CookieBuf, "id=", id, &idLen);
    // printf("********ID= %s\r\n", id);

    seclevel = 0xFF;
    for (user_id = 0; user_id < MAX_WEB_USERS; user_id++) {
        HTTP_GetUserCookie(user_id, CookieBuf, &idLen);
        if (strncmp(id, CookieBuf, idLen) == 0 ) {
            GetUserLevelInt(user_id, &seclevel);
            Authenticated = true;
            break;
        }
        Authenticated = false;
        seclevel = 0xFF;
    }
}

char *HTTP_LoginPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)reqNum;
    uint32_t req_data_received = 0;
    char *offset = 0;

    memset(bufOut, 0, SEND_BUF_MAX_LEN);

    /* parse packet for Content-length field */
    post_data_count = Parse_Content_Length(bufIn, lenBufIn);
    printf("Content-length: %d\r\n", (int)post_data_count);

    if (post_data_count < MAX_POST_REQ_LEN) {
        memset(post_req_data, 0, MAX_POST_REQ_LEN);
        /* parse packet for "\r\n\r\n" */
        offset = (strstr(bufIn, "\r\n\r\n")) + 4;
        req_data_received = lenBufIn - (offset - bufIn);
        printf("req data received: %d\r\n", (int)req_data_received);

        /* Check if "\r\n\r\n" was found */
        if (offset != 0) {
            /* if data was splited in two packets */
            if (req_data_received < post_data_count) {
                /* Copy request data to buffer */
                snprintf(post_req_data, req_data_received, "%s", bufIn);
                post_data_count -= req_data_received;
                SSL_ReadRoutine(&ssl, (unsigned char *)bufIn);
                offset = bufIn;
            }
            /* if data received completely */
            if (strlen(bufIn) != 0) {
                strncat(post_req_data, offset, post_data_count);
                //printf("post_req_data: %s\r\n", post_req_data);
                /* End reqest */
                post_data_count = 0;
                HTTP_ConfirmWebPwd(post_req_data, bufOut, strlen(post_req_data), lenBufOut);
                *lenBufOut = strlen(bufOut);
                return bufOut;
            }
        }
        /* request was fragmented before "\r\n\r\n" */
        else {
            post_data_count = 0;
            /* Redirect to login page */
            if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
                fs_open("/rslogin.html", &file);
            } else {
                fs_open("/login.html", &file);
            }
            *lenBufOut = file.len;
            return file.data;
        }
    } else {
        DBG printf("Too long POST request!\r\n");
        /* Ignore request */
        post_data_count = 0;

        /* Redirect to login page */
        if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
            fs_open("/rslogin.html", &file);
        } else {
            fs_open("/login.html", &file);
        }
        *lenBufOut = file.len;
        return file.data;
    } 
    return 0;
}

char *HTTP_LogoutPage(uint32_t reqNum, char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut)
{
    (void)bufIn;
    (void)bufOut;
    (void)lenBufIn;
    (void)reqNum;

    Authenticated = false;
    seclevel = 0xFF;

    if ((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)) {
        fs_open("/rslogin.html", &file);
    } else {
        fs_open("/login.html", &file);
    }

    *lenBufOut = file.len;
    return file.data;
}

#endif

/**
  * @brief Send callback for log file transfer (messages as is, not ordered)
  */
void HTTP_SendHistory(void)
{
    uint32_t nbytes = 0;
    static bool start = true;

    memset(logFileBuf, 0, FILE_BUF_MAX_LEN);

    if (log_ptr + FILE_BUF_MAX_LEN <= log_size) {
        nbytes = History_GetData(log_ptr, logFileBuf, FILE_BUF_MAX_LEN, start);
    } else if (log_ptr < log_size) {
        nbytes = History_GetData(log_ptr, logFileBuf, (log_size - log_ptr), start);
    } else {
        nbytes = 0;
    }
    log_ptr += nbytes;

    start = false;

    if (nbytes == 0) {
        // File transfer finished.
        start = true;
        // Clear file transfer in progress flag
        fLogTransInprog = false;
        return;
    }

    SSL_SendFrames(&ssl, logFileBuf, nbytes);
    HTTP_SendHistory();
}

/**
  * @brief Sent callback for log file transfer (messages as is, not ordered)
  */
void HTTP_SendLog(void)
{
    uint32_t nbytes = 0;
    static bool start = true;

    memset(logFileBuf, 0, FILE_BUF_MAX_LEN);
    if (log_ptr + FILE_BUF_MAX_LEN_LOG <= log_size) {
        nbytes = LOG_GetData(log_ptr, logFileBuf, FILE_BUF_MAX_LEN_LOG, start);
    } else if (log_ptr < log_size) {
        nbytes = LOG_GetData(log_ptr, logFileBuf, (log_size - log_ptr), start);
    } else {
        nbytes = 0;
    }
    log_ptr += nbytes;

    start = false;
    if (nbytes == 0) {
        // File transfer finished.
        start = true;
        // Clear file transfer in progress flag
        fLogTransInprog = false;
        return;
    }

    SSL_SendFrames(&ssl, logFileBuf, nbytes);
    HTTP_SendLog();

    return;
}

/**
  * @brief  sends file from flash FS
  * @param  filename: pointer to the file name to send
  * @param  pnonmatch: pointer to the If-Non_Match value
  * @param  pcb: pointer to a tcp_pcb struct
  * @param  hs: pointer to a http_state struct
  * @param  file: pointer to a fs_file struct
  * @retval
  */
char *send_file(char *filename, char *pnonmatch,  struct fs_file *file, uint16_t *Len)
{
    int res = 0;
    char etag[MAX_ETAG_LEN];
    char *petag = NULL;

    res = fs_open(filename, file);

    if (res == 0) {
        printf("Not found: %s\r\n", filename);
        sprintf(filename, "/index.html");
        fs_open(filename, file);
    }

    /* Find Etag value */
    uint8_t etag_len = Parse_Header(file->data, file->len, Etag, 6, etag);
    if (etag_len < MAX_ETAG_LEN && etag_len > 0) {
        DBG printf("Etag: %s\r\n", etag);
        petag = etag;
    }

    /* Compare Etag and If-Non-Match fields */
    if (pnonmatch && petag && (strcmp(pnonmatch, petag) == 0)) {
        /* Send 304 code */
        sprintf(sendBuf, HTTP_304_NOT_MODIFIED);
        DBG printf(sendBuf);
        *Len = strlen(sendBuf);
        return sendBuf;
    } else {
        *Len = file->len;
        return file->data;
    }
}

/**
  * @brief  Extract the custom field data from HTML data
  * @param  data : pointer on receive packet buffer
  * @param  len  : buffer length
  * @param  field : field name
  * @param  flen : field name length
  * @retval value : pointer for field data
  */
static uint32_t Parse_Header(char *data, uint32_t len, const char *field, uint32_t flen, char *value)
{
    uint32_t i = 0, size = 0;
    char *ptr;
    uint32_t Offset = 0;

    /* Find field name in data buffer */
    for (i = 0; i < len; i++) {
        if (strncmp ((char *)(data + i), field, flen) == 0) {
            Offset = i + flen;
            break;
        }
    }
    /* Copy Field value */
    if (Offset) {
        i = 0;
        ptr = (char *)(data + Offset);
        while (*(ptr + i) != 0x0d) {
            value[i] = *(ptr + i);
            i++;
        }
        value[i] = '\0';
        size = i;
    }
    return size;
}
/**
  * @brief
  * @retval None
  */
bool GetFileName(char *inStr, char *fileName, uint8_t *fileNameLen)
{
    char *beginValue = NULL;
    char *endValue = NULL;
    int  len = 0;
    char *strPtr = NULL;

    strPtr = strstr(inStr, "GET");
    if (strPtr == NULL) {
        strPtr = strstr(inStr, "POST");
    }

    if (strPtr == NULL) {
        *fileNameLen = 0;
        return false;
    } else {
        beginValue = strpbrk(strPtr, "/");

        endValue = strpbrk(beginValue, " ");
        if (endValue == NULL) {
            *fileNameLen = 0;
            return false;
        }
        len = endValue - beginValue;
        if (len < MAX_FILENAME_LEN) {
            strncpy(fileName, beginValue, len);
            *fileNameLen = len;
            fileName[len] = '\0';
            return true;
        } else {
            return false;
        }
    }
}

#endif