Skip to content

feat: Meshtastic lockdown support, region fix, proto upgrade#2

Merged
niccellular merged 2 commits into
mainfrom
feat/lockdown
May 13, 2026
Merged

feat: Meshtastic lockdown support, region fix, proto upgrade#2
niccellular merged 2 commits into
mainfrom
feat/lockdown

Conversation

@niccellular
Copy link
Copy Markdown
Member

@niccellular niccellular commented May 13, 2026

Summary

  • Lockdown support for MESHTASTIC_LOCKDOWN-hardened firmware (firmware PR #10349), driven by the typed proto wire format from meshtastic/protobufs PR #911:

    • LockdownCoordinator drives a per-BLE-connection state machine off FromRadio.lockdown_status.
    • Auto-replays cached passphrase silently on LOCKED; only prompts on NEEDS_PROVISION or auto-replay failure.
    • Passphrase cache keyed by BLE MAC in EncryptedSharedPreferences (AES-256-GCM Keystore master key).
    • Outbound AdminMessage.lockdown_auth packet builder enforces firmware ToRadio gate: to=myNodeNum, from=0, portnum=ADMIN_APP, hop_limit/start=7, priority=RELIABLE, no pki_encrypted.
    • Lock Now races: synthesizes LockNowAcknowledged on the next inbound LOCKED status (or on BLE disconnect if status races the reboot).
    • UI: passphrase dialog with optional boots / hours TTL overrides, Lock Now button, backoff countdown.

  • Region fix: TAK auto-config previously hardcoded EU_868; now sets US.

  • UI refresh fix: Device Information card now re-renders automatically when a fresh Config response is cached (fixes the "region still shows old value until I disconnect/reconnect" UX bug).

  • Proto upgrade: Full sync from meshtastic/protobufs master commit 1c62540 (the merge of PR #911). java_package overridden to com.geeksville.mesh so existing Kotlin/Java references continue to work; firmware-only protos that transitively pull in nanopb.proto were dropped.

  • Version bump: PLUGIN_VERSION 0.2 → 1.0 for TAK TPP signing submission.

Test plan

  • Builds (gradle :app:assembleCivDebug) — clean compile, generated AdminProtos.LockdownAuth + MeshProtos.LockdownStatus.
  • Installed civDebug APK on test ATAK device; auto-configured a Meshtastic node from EU_868 → US (verified with meshtastic --info).
  • Device Information card refreshes region after auto-config reboot without manual disconnect/reconnect.
  • Provision flow on a hardened lockdown device (no hardened test device available locally).
  • Wrong-passphrase + backoff display on a hardened lockdown device.
  • Lock Now ack flow on a hardened lockdown device.

🤖 Generated with Claude Code

niccellular and others added 2 commits May 13, 2026 12:57
@niccellular @claude
chore(protos): sync meshtastic/protobufs master (incl. PR #911)
750a341 
Pull the full upstream proto set from meshtastic/protobufs commit 1c62540
(merge of PR #911 — LockdownAuth + LockdownStatus). Override java_package
back to com.geeksville.mesh so existing Kotlin/Java references continue to
resolve; drop firmware-only protos the plugin doesn't compile against
(apponly, cannedmessages, clientonly, deviceonly, interdevice, mqtt,
paxcount, powermon, remote_hardware, rtttl, serial_hal, storeforward —
deviceonly transitively pulls in nanopb.proto which is firmware-only).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@niccellular @claude
feat: Meshtastic lockdown support + region fix + UI refresh
20ebf4c 
Lockdown (MESHTASTIC_LOCKDOWN-hardened firmware, protobufs PR #911):
  - LockdownCoordinator drives state machine from typed FromRadio.lockdown_status;
    auto-replays cached passphrase on LOCKED, only prompts on NeedsProvision /
    auto-replay failure.
  - LockdownPassphraseStore keys passphrase + boots/hours overrides per BLE MAC /
    USB path in EncryptedSharedPreferences (AES-256-GCM Keystore master key).
  - Outbound AdminMessage.lockdown_auth packet builder enforces the firmware
    ToRadio gate: to=myNodeNum, from=0, portnum=ADMIN_APP, hop_limit/start=7,
    priority=RELIABLE, pki_encrypted unset.
  - Pending-Lock-Now flag synthesizes LockNowAcknowledged on the next inbound
    LOCKED status (or on the BLE disconnect if the status races the reboot).
  - Settings tab gains a Device Lockdown card (status text + Lock Now button);
    passphrase dialog with optional boots / hours overrides; backoff countdown
    derived from LockdownStatus.backoff_seconds.

Region fix: TAK auto-config previously hardcoded EU_868; now sets US.

UI refresh: MeshtasticManager fires a configUpdateCallback whenever a Config
response is cached. AtakMeshtasticBridge bubbles it to MeshtasticDropDownReceiver
.onConfigUpdated(), which re-renders the Device Information card. Fixes the
"region still shows old value until I disconnect/reconnect" UX bug.

Version bump: PLUGIN_VERSION 0.2 -> 1.0 for TAK TPP signing submission.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@CLAassistant
Copy link
Copy Markdown

CLAassistant commented May 13, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@niccellular niccellular merged commit f968819 into main May 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@niccellular @CLAassistant