mh
/
mhsw-espurna
1
0
Fork 0
Code Releases 0 Activity
Fork of the espurna firmware for `mhsw` switches
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2913 Commits
18 Branches
212 MiB
Tree: 52fff439f1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '52fff439f1'
${ noResults }
mhsw-espurna/code/espurna/ota_httpupdate.ino

300 lines
8.6 KiB
Raw Normal View History

Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
mqtt: generic secureclient configuration (#1873) * Rework MQTT sync client configuration * MQTT_LIBRARY_... * comments * fix not doing any checks for bearssl, remove afterconnected template for mqttclient * comments * comments * secure bool stub * typos, always include sc helpers * fix on_fingerprint return type * typo * typo * indent * tag is already in config obj * generate mqtt featureset string at compile time * reword again * trusted_root_ca
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
5 years ago
mqtt: generic secureclient configuration (#1873) * Rework MQTT sync client configuration * MQTT_LIBRARY_... * comments * fix not doing any checks for bearssl, remove afterconnected template for mqttclient * comments * comments * secure bool stub * typos, always include sc helpers * fix on_fingerprint return type * typo * typo * indent * tag is already in config obj * generate mqtt featureset string at compile time * reword again * trusted_root_ca
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Fix HTTPS support with OTA_CLIENT_HTTPUPDATE (#1894)
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
MQTT & OTA Fingerprint setting capitalization fix (#1952) * MQTT Fingerprint setting capitalization fix * otafp -> otaFP
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
 
  1. /*

  2. 

  3. HTTP(s) OTA MODULE
  4. 

  5. Copyright (C) 2019 by Maxim Prokhorov <prokhorov dot max at outlook dot com>
  6. 

  7. */
  8. 

  9. // -----------------------------------------------------------------------------

  10. // OTA by using Core's HTTP(s) updater

  11. // -----------------------------------------------------------------------------

  12. 

  13. #if OTA_CLIENT == OTA_CLIENT_HTTPUPDATE

  14. 

  15. #include <memory>

  16. 

  17. #include <ESP8266HTTPClient.h>

  18. #include <ESP8266httpUpdate.h>

  19. #include <Schedule.h>

  20. 

  21. #include "libs/URL.h"

  22. #include "libs/TypeChecks.h"

  23. #include "libs/SecureClientHelpers.h"

  24. 

  25. #if SECURE_CLIENT != SECURE_CLIENT_NONE

  26. 

  27.     #if OTA_SECURE_CLIENT_INCLUDE_CA

  28.     #include "static/ota_client_trusted_root_ca.h"

  29.     #else

  30.     #include "static/digicert_evroot_pem.h"

  31.     #define _ota_client_trusted_root_ca _ssl_digicert_ev_root_ca

  32.     #endif

  33. 

  34. #endif // SECURE_CLIENT != SECURE_CLIENT_NONE

  35. 

  36. // -----------------------------------------------------------------------------

  37. // Configuration templates

  38. // -----------------------------------------------------------------------------

  39. 

  40. template <typename T>
  41. void _otaFollowRedirects(const std::true_type&, T& instance) {
  42.     instance.followRedirects(true);
  43. }
  44. 

  45. template <typename T>
  46. void _otaFollowRedirects(const std::false_type&, T& instance) {
  47. }
  48. 

  49. template <typename T>
  50. t_httpUpdate_return _otaClientUpdate(const std::true_type&, T& instance, WiFiClient* client, const String& url) {
  51.     return instance.update(*client, url);
  52. }
  53. 

  54. template <typename T>
  55. t_httpUpdate_return _otaClientUpdate(const std::false_type&, T& instance, WiFiClient*, const String& url) {
  56.     return instance.update(url);
  57. }
  58. 

  59. namespace ota {
  60.     template <typename T>
  61.     using has_followRedirects_t = decltype(std::declval<T>().followRedirects(std::declval<bool>()));
  62. 

  63.     template <typename T>
  64.     using has_followRedirects = is_detected<has_followRedirects_t, T>;
  65. 

  66.     template <typename T>
  67.     using has_WiFiClient_argument_t = decltype(std::declval<T>().update(std::declval<WiFiClient&>(), std::declval<const String&>()));
  68. 

  69.     template <typename T>
  70.     using has_WiFiClient_argument = is_detected<has_WiFiClient_argument_t, T>;
  71. }
  72. 

  73. // -----------------------------------------------------------------------------

  74. // Settings helper

  75. // -----------------------------------------------------------------------------

  76. 

  77. #if SECURE_CLIENT == SECURE_CLIENT_AXTLS

  78. SecureClientConfig _ota_sc_config {
  79.     "OTA",
  80.     []() -> String {
  81.         return String(); // NOTE: unused

  82.     },
  83.     []() -> int {
  84.         return getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  85.     },
  86.     []() -> String {
  87.         return getSetting("otaFP", OTA_FINGERPRINT);
  88.     },
  89.     true
  90. };
  91. #endif

  92. 

  93. #if SECURE_CLIENT == SECURE_CLIENT_BEARSSL

  94. SecureClientConfig _ota_sc_config {
  95.     "OTA",
  96.     []() -> int {
  97.         return getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  98.     },
  99.     []() -> PGM_P {
  100.         return _ota_client_trusted_root_ca;
  101.     },
  102.     []() -> String {
  103.         return getSetting("otaFP", OTA_FINGERPRINT);
  104.     },
  105.     []() -> uint16_t {
  106.         return getSetting("otaScMFLN", OTA_SECURE_CLIENT_MFLN).toInt();
  107.     },
  108.     true
  109. };
  110. #endif

  111. 

  112. // -----------------------------------------------------------------------------

  113. // Generic update methods

  114. // -----------------------------------------------------------------------------

  115. 

  116. void _otaClientRunUpdater(WiFiClient* client, const String& url, const String& fp = "") {
  117. 

  118.     UNUSED(client);
  119.     UNUSED(fp);
  120. 

  121.     // Disabling EEPROM rotation to prevent writing to EEPROM after the upgrade

  122.     eepromRotate(false);
  123. 

  124.     DEBUG_MSG_P(PSTR("[OTA] Downloading %s ...\n"), url.c_str());
  125. 

  126.     // TODO: support currentVersion (string arg after 'url')

  127.     // NOTE: ESPhttpUpdate.update(..., fp) will **always** fail with empty fingerprint

  128.     _otaFollowRedirects(ota::has_followRedirects<decltype(ESPhttpUpdate)>{}, ESPhttpUpdate);
  129. 

  130.     ESPhttpUpdate.rebootOnUpdate(false);
  131.     t_httpUpdate_return result = HTTP_UPDATE_NO_UPDATES;
  132. 

  133.     // We expect both .update(url, "", String_fp) and .update(url) to survice until axTLS is removed from the Core

  134.     #if (SECURE_CLIENT == SECURE_CLIENT_AXTLS)

  135.         if (url.startsWith("https://")) {
  136.             result = ESPhttpUpdate.update(url, "", fp);
  137.         } else {
  138.             result = ESPhttpUpdate.update(url);
  139.         }
  140.     #else

  141.     // TODO: implement through callbacks?

  142.     //       see https://github.com/esp8266/Arduino/pull/6796

  143.         result = _otaClientUpdate(ota::has_WiFiClient_argument<decltype(ESPhttpUpdate)>{}, ESPhttpUpdate, client, url);
  144.     #endif

  145. 

  146.     switch (result) {
  147.         case HTTP_UPDATE_FAILED:
  148.             DEBUG_MSG_P(PSTR("[OTA] Update failed (error %d): %s\n"), ESPhttpUpdate.getLastError(), ESPhttpUpdate.getLastErrorString().c_str());
  149.             eepromRotate(true);
  150.             break;
  151.         case HTTP_UPDATE_NO_UPDATES:
  152.             DEBUG_MSG_P(PSTR("[OTA] No updates"));
  153.             eepromRotate(true);
  154.             break;
  155.         case HTTP_UPDATE_OK:
  156.             DEBUG_MSG_P(PSTR("[OTA] Done, restarting..."));
  157.             deferredReset(500, CUSTOM_RESET_OTA); // wait a bit more than usual

  158.             break;
  159.     }
  160. 

  161. }
  162. 

  163. void _otaClientFromHttp(const String& url) {
  164.     std::unique_ptr<WiFiClient> client(nullptr);
  165.     if (ota::has_WiFiClient_argument<decltype(ESPhttpUpdate)>{}) {
  166.         client = std::make_unique<WiFiClient>();
  167.     }
  168.     _otaClientRunUpdater(client.get(), url, "");
  169. }
  170. 

  171. #if SECURE_CLIENT == SECURE_CLIENT_BEARSSL

  172. 

  173. void _otaClientFromHttps(const String& url) {
  174. 

  175.     // Check for NTP early to avoid constructing SecureClient prematurely

  176.     const int check = _ota_sc_config.on_check();
  177.     if (!ntpSynced() && (check == SECURE_CLIENT_CHECK_CA)) {
  178.         DEBUG_MSG_P(PSTR("[OTA] Time not synced! Cannot use CA validation\n"));
  179.         return;
  180.     }
  181. 

  182.     // unique_ptr self-destructs after exiting function scope

  183.     // create the client on heap to use less stack space

  184.     auto client = std::make_unique<SecureClient>(_ota_sc_config);
  185.     if (!client->beforeConnected()) {
  186.         return;
  187.     }
  188. 

  189.     _otaClientRunUpdater(&client->get(), url);
  190. 

  191. }
  192. 

  193. #endif // SECURE_CLIENT_BEARSSL

  194. 

  195. 

  196. #if SECURE_CLIENT == SECURE_CLIENT_AXTLS

  197. 

  198. void _otaClientFromHttps(const String& url) {
  199. 

  200.     // Note: this being the legacy option, only supporting legacy methods on ESPHttpUpdate itself

  201.     //       no way to know when it is connected, so no afterConnected

  202.     const int check = _ota_sc_config.on_check();
  203.     const String fp_string = _ota_sc_config.on_fingerprint();
  204. 

  205.     if (check == SECURE_CLIENT_CHECK_FINGERPRINT) {
  206.         if (!fp_string.length() || !sslCheckFingerPrint(fp_string.c_str())) {
  207.             DEBUG_MSG_P(PSTR("[OTA] Wrong fingerprint\n"));
  208.             return;
  209.         }
  210.     }
  211. 

  212.     _otaClientRunUpdater(nullptr, url, fp_string);
  213. 

  214. }
  215. 

  216. #endif // SECURE_CLIENT_AXTLS

  217. 

  218. void _otaClientFrom(const String& url) {
  219. 

  220.     if (url.startsWith("http://")) {
  221.         _otaClientFromHttp(url);
  222.         return;
  223.     }
  224. 

  225.     #if SECURE_CLIENT != SECURE_CLIENT_NONE

  226.         if (url.startsWith("https://")) {
  227.             _otaClientFromHttps(url);
  228.             return;
  229.         }
  230.     #endif

  231. 

  232.     DEBUG_MSG_P(PSTR("[OTA] Incorrect URL specified\n"));
  233. 

  234. }
  235. 

  236. #if TERMINAL_SUPPORT

  237. 

  238. void _otaClientInitCommands() {
  239. 

  240.     terminalRegisterCommand(F("OTA"), [](Embedis* e) {
  241.         if (e->argc < 2) {
  242.             terminalError(F("OTA <url>"));
  243.         } else {
  244.             _otaClientFrom(String(e->argv[1]));
  245.             terminalOK();
  246.         }
  247.     });
  248. 

  249. }
  250. 

  251. #endif // TERMINAL_SUPPORT

  252. 

  253. #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  254. 

  255. bool _ota_do_update = false;
  256. 

  257. void _otaClientMqttCallback(unsigned int type, const char * topic, const char * payload) {
  258. 

  259.     if (type == MQTT_CONNECT_EVENT) {
  260.         mqttSubscribe(MQTT_TOPIC_OTA);
  261.     }
  262. 

  263.     if (type == MQTT_MESSAGE_EVENT) {
  264.         const String t = mqttMagnitude((char *) topic);
  265.         if (!_ota_do_update && t.equals(MQTT_TOPIC_OTA)) {
  266.             DEBUG_MSG_P(PSTR("[OTA] Queuing from URL: %s\n"), payload);
  267.             // TODO: c++14 support is required for `[_payload = String(payload)]() { ... }`

  268.             //       c++11 also supports basic `std::bind(func, arg)`, but we need to reset the lock

  269.             _ota_do_update = true;
  270. 

  271.             const String _payload(payload);
  272.             schedule_function([_payload]() {
  273.                 _otaClientFrom(_payload);
  274.                 _ota_do_update = false;
  275.             });
  276.         }
  277.     }
  278. 

  279. }
  280. 

  281. #endif // MQTT_SUPPORT

  282. 

  283. // -----------------------------------------------------------------------------

  284. 

  285. void otaClientSetup() {
  286. 

  287.     // Backwards compatibility

  288.     moveSetting("otafp", "otaFP");
  289. 

  290.     #if TERMINAL_SUPPORT

  291.         _otaClientInitCommands();
  292.     #endif

  293. 

  294.     #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  295.         mqttRegister(_otaClientMqttCallback);
  296.     #endif

  297. 

  298. }
  299. 

  300. #endif // OTA_CLIENT == OTA_CLIENT_HTTPUPDATE