mh
/
mhsw-espurna
1
0
Fork 0
Code Releases 0 Activity
Fork of the espurna firmware for `mhsw` switches
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2774 Commits
18 Branches
212 MiB
Tree: 93c1dd6bf9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '93c1dd6bf9'
${ noResults }
mhsw-espurna/code/espurna/ota_httpupdate.ino

252 lines
6.9 KiB
Raw Normal View History

Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
 
  1. /*

  2. 

  3. HTTP(s) OTA MODULE
  4. 

  5. Copyright (C) 2019 by Maxim Prokhorov <prokhorov dot max at outlook dot com>
  6. 

  7. */
  8. 

  9. // -----------------------------------------------------------------------------

  10. // OTA by using Core's HTTP(s) updater

  11. // -----------------------------------------------------------------------------

  12. 

  13. #if OTA_CLIENT == OTA_CLIENT_HTTPUPDATE

  14. 

  15. #include <memory>

  16. 

  17. #include <ESP8266HTTPClient.h>

  18. #include <ESP8266httpUpdate.h>

  19. 

  20. #include "libs/URL.h"

  21. 

  22. void _otaClientRunUpdater(WiFiClient* client, const String& url, const String& fp = "") {
  23. 

  24.     UNUSED(client);
  25.     UNUSED(fp);
  26. 

  27.     // Disabling EEPROM rotation to prevent writing to EEPROM after the upgrade

  28.     eepromRotate(false);
  29. 

  30.     DEBUG_MSG_P(PSTR("[OTA] Downloading %s ...\n"), url.c_str());
  31. 

  32.     // TODO: support currentVersion (string arg after 'url')

  33.     // NOTE: ESPhttpUpdate.update(..., fp) will **always** fail with empty fingerprint

  34.     // NOTE: It is possible to support BearSSL with 2.4.2 by using uint8_t[20] instead of String for fingerprint argument

  35. 

  36.     ESPhttpUpdate.rebootOnUpdate(false);
  37.     t_httpUpdate_return result = HTTP_UPDATE_NO_UPDATES;
  38. 

  39.     // We expect both .update(url, "", String_fp) and .update(url) to survice until axTLS is removed from the Core

  40.     #if (SECURE_CLIENT == SECURE_CLIENT_AXTLS)

  41.         if (url.startsWith("https://")) {
  42.             result = ESPhttpUpdate.update(url, "", fp);
  43.         } else {
  44.             result = ESPhttpUpdate.update(url);
  45.         }
  46.     #elif OTA_CLIENT_HTTPUPDATE_2_3_0_COMPATIBLE

  47.         result = ESPhttpUpdate.update(url);
  48.     #else

  49.         result = ESPhttpUpdate.update(*client, url);
  50.     #endif

  51. 

  52.     switch (result) {
  53.         case HTTP_UPDATE_FAILED:
  54.             DEBUG_MSG_P(PSTR("[OTA] Update failed (error %d): %s\n"), ESPhttpUpdate.getLastError(), ESPhttpUpdate.getLastErrorString().c_str());
  55.             eepromRotate(true);
  56.             break;
  57.         case HTTP_UPDATE_NO_UPDATES:
  58.             DEBUG_MSG_P(PSTR("[OTA] No updates"));
  59.             eepromRotate(true);
  60.             break;
  61.         case HTTP_UPDATE_OK:
  62.             DEBUG_MSG_P(PSTR("[OTA] Done, restarting..."));
  63.             deferredReset(500, CUSTOM_RESET_OTA); // wait a bit more than usual

  64.             break;
  65.     }
  66. 

  67. }
  68. 

  69. #if OTA_CLIENT_HTTPUPDATE_2_3_0_COMPATIBLE

  70. void _otaClientFromHttp(const String& url) {
  71.     _otaClientRunUpdater(nullptr, url, "");
  72. }
  73. #else

  74. void _otaClientFromHttp(const String& url) {
  75.     auto client = std::make_unique<WiFiClient>();
  76.     _otaClientRunUpdater(client.get(), url, "");
  77. }
  78. #endif

  79. 

  80. #if SECURE_CLIENT == SECURE_CLIENT_BEARSSL

  81. 

  82. void _otaClientFromHttps(const String& url) {
  83. 

  84.     int check = getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  85.     bool settime = (check == SECURE_CLIENT_CHECK_CA);
  86. 

  87.     if (!ntpSynced() && settime) {
  88.         DEBUG_MSG_P(PSTR("[OTA] Time not synced!\n"));
  89.         return;
  90.     }
  91. 

  92.     // unique_ptr self-destructs after exiting function scope

  93.     // create WiFiClient on heap to use less stack space

  94.     auto client = std::make_unique<BearSSL::WiFiClientSecure>();
  95. 

  96.     if (check == SECURE_CLIENT_CHECK_NONE) {
  97.         DEBUG_MSG_P(PSTR("[OTA] !!! Connection will not be validated !!!\n"));
  98.         client->setInsecure();
  99.     }
  100. 

  101.     if (check == SECURE_CLIENT_CHECK_FINGERPRINT) {
  102.         String fp_string = getSetting("otafp", OTA_FINGERPRINT);
  103.         if (!fp_string.length()) {
  104.             DEBUG_MSG_P(PSTR("[OTA] Requested fingerprint auth, but 'otafp' is not set\n"));
  105.             return;
  106.         }
  107. 

  108.         uint8_t fp_bytes[20] = {0};
  109.         sslFingerPrintArray(fp_string.c_str(), fp_bytes);
  110. 

  111.         client->setFingerprint(fp_bytes);
  112.     }
  113. 

  114.     BearSSL::X509List *ca = nullptr;
  115.     if (check == SECURE_CLIENT_CHECK_CA) {
  116.         ca = new BearSSL::X509List(_ota_client_http_update_ca);
  117.         // because we do not support libc methods of getting time, force client to use ntpclientlib's current time

  118.         // XXX: local2utc method use is detrimental when DST happening. now() should be utc

  119.         client->setX509Time(ntpLocal2UTC(now()));
  120.         client->setTrustAnchors(ca);
  121.     }
  122. 

  123.     // TODO: RX and TX buffer sizes must be equal?

  124.     const uint16_t requested_mfln = getSetting("otaScMFLN", OTA_SECURE_CLIENT_MFLN).toInt();
  125.     switch (requested_mfln) {
  126.         // default, do nothing

  127.         case 0:
  128.             break;
  129.         // match valid sizes only

  130.         case 512:
  131.         case 1024:
  132.         case 2048:
  133.         case 4096:
  134.         {
  135.             client->setBufferSizes(requested_mfln, requested_mfln);
  136.             break;
  137.         }
  138.         default:
  139.             DEBUG_MSG_P(PSTR("[OTA] Warning: MFLN buffer size must be one of 512, 1024, 2048 or 4096\n"));
  140.     }
  141. 

  142.     _otaClientRunUpdater(client.get(), url);
  143. 

  144. }
  145. 

  146. #endif // SECURE_CLIENT_BEARSSL

  147. 

  148. 

  149. #if SECURE_CLIENT == SECURE_CLIENT_AXTLS

  150. 

  151. void _otaClientFromHttps(const String& url) {
  152. 

  153.     const int check = getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  154. 

  155.     String fp_string;
  156.     if (check == SECURE_CLIENT_CHECK_FINGERPRINT) {
  157.         fp_string = getSetting("otafp", OTA_FINGERPRINT);
  158.         if (!fp_string.length() || !sslCheckFingerPrint(fp_string.c_str())) {
  159.             DEBUG_MSG_P(PSTR("[OTA] Wrong fingerprint\n"));
  160.             return;
  161.         }
  162.     }
  163. 

  164.     _otaClientRunUpdater(nullptr, url, fp_string);
  165. 

  166. }
  167. 

  168. #endif // SECURE_CLIENT_AXTLS

  169. 

  170. void _otaClientFrom(const String& url) {
  171. 

  172.     if (url.startsWith("http://")) {
  173.         _otaClientFromHttp(url);
  174.         return;
  175.     }
  176. 

  177.     #if SECURE_CLIENT_SUPPORT

  178.         if (url.startsWith("https://")) {
  179.             _otaClientFromHttps(url);
  180.             return;
  181.         }
  182.     #endif

  183. 

  184.     DEBUG_MSG_P(PSTR("[OTA] Incorrect URL specified\n"));
  185. 

  186. }
  187. 

  188. #if TERMINAL_SUPPORT

  189. 

  190. void _otaClientInitCommands() {
  191. 

  192.     terminalRegisterCommand(F("OTA"), [](Embedis* e) {
  193.         if (e->argc < 2) {
  194.             terminalError(F("OTA <url>"));
  195.         } else {
  196.             _otaClientFrom(String(e->argv[1]));
  197.             terminalOK();
  198.         }
  199.     });
  200. 

  201. }
  202. 

  203. #endif // TERMINAL_SUPPORT

  204. 

  205. #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  206. 

  207. bool _ota_do_update = false;
  208. String _ota_url;
  209. 

  210. void _otaClientLoop() {
  211.     if (_ota_do_update) {
  212.         _otaClientFrom(_ota_url);
  213.         _ota_do_update = false;
  214.         _ota_url = "";
  215.     }
  216. }
  217. 

  218. void _otaClientMqttCallback(unsigned int type, const char * topic, const char * payload) {
  219. 

  220.     if (type == MQTT_CONNECT_EVENT) {
  221.         mqttSubscribe(MQTT_TOPIC_OTA);
  222.     }
  223. 

  224.     if (type == MQTT_MESSAGE_EVENT) {
  225.         String t = mqttMagnitude((char *) topic);
  226.         if (t.equals(MQTT_TOPIC_OTA)) {
  227.             DEBUG_MSG_P(PSTR("[OTA] Queuing from URL: %s\n"), payload);
  228.             _ota_do_update = true;
  229.             _ota_url = payload;
  230.         }
  231.     }
  232. 

  233. }
  234. 

  235. #endif // MQTT_SUPPORT

  236. 

  237. // -----------------------------------------------------------------------------

  238. 

  239. void otaClientSetup() {
  240. 

  241.     #if TERMINAL_SUPPORT

  242.         _otaClientInitCommands();
  243.     #endif

  244. 

  245.     #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  246.         mqttRegister(_otaClientMqttCallback);
  247.         espurnaRegisterLoop(_otaClientLoop);
  248.     #endif

  249. 

  250. }
  251. 

  252. #endif // OTA_CLIENT == OTA_CLIENT_HTTPUPDATE