mh
/
mhsw-espurna
1
0
Fork 0
Code Releases 0 Activity
Fork of the espurna firmware for `mhsw` switches
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2900 Commits
18 Branches
212 MiB
Tree: a6c5c7e7c7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a6c5c7e7c7'
${ noResults }
mhsw-espurna/code/espurna/ota_httpupdate.ino

297 lines
8.4 KiB
Raw Normal View History

Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
mqtt: generic secureclient configuration (#1873) * Rework MQTT sync client configuration * MQTT_LIBRARY_... * comments * fix not doing any checks for bearssl, remove afterconnected template for mqttclient * comments * comments * secure bool stub * typos, always include sc helpers * fix on_fingerprint return type * typo * typo * indent * tag is already in config obj * generate mqtt featureset string at compile time * reword again * trusted_root_ca
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
4 years ago
mqtt: generic secureclient configuration (#1873) * Rework MQTT sync client configuration * MQTT_LIBRARY_... * comments * fix not doing any checks for bearssl, remove afterconnected template for mqttclient * comments * comments * secure bool stub * typos, always include sc helpers * fix on_fingerprint return type * typo * typo * indent * tag is already in config obj * generate mqtt featureset string at compile time * reword again * trusted_root_ca
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Use generic typechecks, OTA add followRedirects (#1974) * Use generic typechecks, OTA add followRedirects * revamp using is_detected * relative include * mention ts draft instead, fix c++17 includes (still not buildable) * typo * Always create WiFiClient pointer * Remove old CREATE_CHECK macro * do not create wificlient obj when running old Core
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
MQTT & OTA Fingerprint setting capitalization fix (#1952) * MQTT Fingerprint setting capitalization fix * otafp -> otaFP
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
MQTT & OTA Fingerprint setting capitalization fix (#1952) * MQTT Fingerprint setting capitalization fix * otafp -> otaFP
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
mqtt: generic secureclient configuration (#1873) * Rework MQTT sync client configuration * MQTT_LIBRARY_... * comments * fix not doing any checks for bearssl, remove afterconnected template for mqttclient * comments * comments * secure bool stub * typos, always include sc helpers * fix on_fingerprint return type * typo * typo * indent * tag is already in config obj * generate mqtt featureset string at compile time * reword again * trusted_root_ca
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
MQTT & OTA Fingerprint setting capitalization fix (#1952) * MQTT Fingerprint setting capitalization fix * otafp -> otaFP
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
Fix HTTPS support with OTA_CLIENT_HTTPUPDATE (#1894)
5 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
MQTT & OTA Fingerprint setting capitalization fix (#1952) * MQTT Fingerprint setting capitalization fix * otafp -> otaFP
4 years ago
Experimental support of HTTPUpdate for OTA (#1751) - add httpupdate ota impelementation - move async ota into a separate module - support bearssl & axtls through wificlientsecure - allow to disable arduino ide ota module
5 years ago
 
  1. /*

  2. 

  3. HTTP(s) OTA MODULE
  4. 

  5. Copyright (C) 2019 by Maxim Prokhorov <prokhorov dot max at outlook dot com>
  6. 

  7. */
  8. 

  9. // -----------------------------------------------------------------------------

  10. // OTA by using Core's HTTP(s) updater

  11. // -----------------------------------------------------------------------------

  12. 

  13. #if OTA_CLIENT == OTA_CLIENT_HTTPUPDATE

  14. 

  15. #include <memory>

  16. 

  17. #include <ESP8266HTTPClient.h>

  18. #include <ESP8266httpUpdate.h>

  19. 

  20. #include "libs/URL.h"

  21. #include "libs/TypeChecks.h"

  22. 

  23. #if SECURE_CLIENT != SECURE_CLIENT_NONE

  24. 

  25.     #if OTA_SECURE_CLIENT_INCLUDE_CA

  26.     #include "static/ota_client_trusted_root_ca.h"

  27.     #else

  28.     #include "static/digicert_evroot_pem.h"

  29.     #define _ota_client_trusted_root_ca _ssl_digicert_ev_root_ca

  30.     #endif

  31. 

  32. #endif // SECURE_CLIENT != SECURE_CLIENT_NONE

  33. 

  34. template <typename T>
  35. void _otaFollowRedirects(const std::true_type&, T& instance) {
  36.     instance.followRedirects(true);
  37. }
  38. 

  39. template <typename T>
  40. void _otaFollowRedirects(const std::false_type&, T& instance) {
  41. }
  42. 

  43. template <typename T>
  44. t_httpUpdate_return _otaClientUpdate(const std::true_type&, T& instance, WiFiClient* client, const String& url) {
  45.     return instance.update(*client, url);
  46. }
  47. 

  48. template <typename T>
  49. t_httpUpdate_return _otaClientUpdate(const std::false_type&, T& instance, WiFiClient*, const String& url) {
  50.     return instance.update(url);
  51. }
  52. 

  53. namespace ota {
  54.     template <typename T>
  55.     using has_followRedirects_t = decltype(std::declval<T>().followRedirects(std::declval<bool>()));
  56. 

  57.     template <typename T>
  58.     using has_followRedirects = is_detected<has_followRedirects_t, T>;
  59. 

  60.     template <typename T>
  61.     using has_WiFiClient_argument_t = decltype(std::declval<T>().update(std::declval<WiFiClient&>(), std::declval<const String&>()));
  62. 

  63.     template <typename T>
  64.     using has_WiFiClient_argument = is_detected<has_WiFiClient_argument_t, T>;
  65. }
  66. 

  67. void _otaClientRunUpdater(WiFiClient* client, const String& url, const String& fp = "") {
  68. 

  69.     UNUSED(client);
  70.     UNUSED(fp);
  71. 

  72.     // Disabling EEPROM rotation to prevent writing to EEPROM after the upgrade

  73.     eepromRotate(false);
  74. 

  75.     DEBUG_MSG_P(PSTR("[OTA] Downloading %s ...\n"), url.c_str());
  76. 

  77.     // TODO: support currentVersion (string arg after 'url')

  78.     // NOTE: ESPhttpUpdate.update(..., fp) will **always** fail with empty fingerprint

  79.     // NOTE: It is possible to support BearSSL with 2.4.2 by using uint8_t[20] instead of String for fingerprint argument

  80. 

  81.     _otaFollowRedirects(ota::has_followRedirects<decltype(ESPhttpUpdate)>{}, ESPhttpUpdate);
  82. 

  83.     ESPhttpUpdate.rebootOnUpdate(false);
  84.     t_httpUpdate_return result = HTTP_UPDATE_NO_UPDATES;
  85. 

  86.     // We expect both .update(url, "", String_fp) and .update(url) to survice until axTLS is removed from the Core

  87.     #if (SECURE_CLIENT == SECURE_CLIENT_AXTLS)

  88.         if (url.startsWith("https://")) {
  89.             result = ESPhttpUpdate.update(url, "", fp);
  90.         } else {
  91.             result = ESPhttpUpdate.update(url);
  92.         }
  93.     #else

  94.         result = _otaClientUpdate(ota::has_WiFiClient_argument<decltype(ESPhttpUpdate)>{}, ESPhttpUpdate, client, url);
  95.     #endif

  96. 

  97.     switch (result) {
  98.         case HTTP_UPDATE_FAILED:
  99.             DEBUG_MSG_P(PSTR("[OTA] Update failed (error %d): %s\n"), ESPhttpUpdate.getLastError(), ESPhttpUpdate.getLastErrorString().c_str());
  100.             eepromRotate(true);
  101.             break;
  102.         case HTTP_UPDATE_NO_UPDATES:
  103.             DEBUG_MSG_P(PSTR("[OTA] No updates"));
  104.             eepromRotate(true);
  105.             break;
  106.         case HTTP_UPDATE_OK:
  107.             DEBUG_MSG_P(PSTR("[OTA] Done, restarting..."));
  108.             deferredReset(500, CUSTOM_RESET_OTA); // wait a bit more than usual

  109.             break;
  110.     }
  111. 

  112. }
  113. 

  114. void _otaClientFromHttp(const String& url) {
  115.     std::unique_ptr<WiFiClient> client(nullptr);
  116.     if (ota::has_WiFiClient_argument<decltype(ESPhttpUpdate)>{}) {
  117.         client = std::make_unique<WiFiClient>();
  118.     }
  119.     _otaClientRunUpdater(client.get(), url, "");
  120. }
  121. 

  122. #if SECURE_CLIENT == SECURE_CLIENT_BEARSSL

  123. 

  124. void _otaClientFromHttps(const String& url) {
  125. 

  126.     int check = getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  127.     bool settime = (check == SECURE_CLIENT_CHECK_CA);
  128. 

  129.     if (!ntpSynced() && settime) {
  130.         DEBUG_MSG_P(PSTR("[OTA] Time not synced!\n"));
  131.         return;
  132.     }
  133. 

  134.     // unique_ptr self-destructs after exiting function scope

  135.     // create WiFiClient on heap to use less stack space

  136.     auto client = std::make_unique<BearSSL::WiFiClientSecure>();
  137. 

  138.     if (check == SECURE_CLIENT_CHECK_NONE) {
  139.         DEBUG_MSG_P(PSTR("[OTA] !!! Connection will not be validated !!!\n"));
  140.         client->setInsecure();
  141.     }
  142. 

  143.     if (check == SECURE_CLIENT_CHECK_FINGERPRINT) {
  144.         String fp_string = getSetting("otaFP", OTA_FINGERPRINT);
  145.         if (!fp_string.length()) {
  146.             DEBUG_MSG_P(PSTR("[OTA] Requested fingerprint auth, but 'otaFP' is not set\n"));
  147.             return;
  148.         }
  149. 

  150.         uint8_t fp_bytes[20] = {0};
  151.         sslFingerPrintArray(fp_string.c_str(), fp_bytes);
  152. 

  153.         client->setFingerprint(fp_bytes);
  154.     }
  155. 

  156.     BearSSL::X509List *ca = nullptr;
  157.     if (check == SECURE_CLIENT_CHECK_CA) {
  158.         ca = new BearSSL::X509List(_ota_client_trusted_root_ca);
  159.         // because we do not support libc methods of getting time, force client to use ntpclientlib's current time

  160.         // XXX: local2utc method use is detrimental when DST happening. now() should be utc

  161.         client->setX509Time(ntpLocal2UTC(now()));
  162.         client->setTrustAnchors(ca);
  163.     }
  164. 

  165.     // TODO: RX and TX buffer sizes must be equal?

  166.     const uint16_t requested_mfln = getSetting("otaScMFLN", OTA_SECURE_CLIENT_MFLN).toInt();
  167.     switch (requested_mfln) {
  168.         // default, do nothing

  169.         case 0:
  170.             break;
  171.         // match valid sizes only

  172.         case 512:
  173.         case 1024:
  174.         case 2048:
  175.         case 4096:
  176.         {
  177.             client->setBufferSizes(requested_mfln, requested_mfln);
  178.             break;
  179.         }
  180.         default:
  181.             DEBUG_MSG_P(PSTR("[OTA] Warning: MFLN buffer size must be one of 512, 1024, 2048 or 4096\n"));
  182.     }
  183. 

  184.     _otaClientRunUpdater(client.get(), url);
  185. 

  186. }
  187. 

  188. #endif // SECURE_CLIENT_BEARSSL

  189. 

  190. 

  191. #if SECURE_CLIENT == SECURE_CLIENT_AXTLS

  192. 

  193. void _otaClientFromHttps(const String& url) {
  194. 

  195.     const int check = getSetting("otaScCheck", OTA_SECURE_CLIENT_CHECK).toInt();
  196. 

  197.     String fp_string;
  198.     if (check == SECURE_CLIENT_CHECK_FINGERPRINT) {
  199.         fp_string = getSetting("otaFP", OTA_FINGERPRINT);
  200.         if (!fp_string.length() || !sslCheckFingerPrint(fp_string.c_str())) {
  201.             DEBUG_MSG_P(PSTR("[OTA] Wrong fingerprint\n"));
  202.             return;
  203.         }
  204.     }
  205. 

  206.     _otaClientRunUpdater(nullptr, url, fp_string);
  207. 

  208. }
  209. 

  210. #endif // SECURE_CLIENT_AXTLS

  211. 

  212. void _otaClientFrom(const String& url) {
  213. 

  214.     if (url.startsWith("http://")) {
  215.         _otaClientFromHttp(url);
  216.         return;
  217.     }
  218. 

  219.     #if SECURE_CLIENT != SECURE_CLIENT_NONE

  220.         if (url.startsWith("https://")) {
  221.             _otaClientFromHttps(url);
  222.             return;
  223.         }
  224.     #endif

  225. 

  226.     DEBUG_MSG_P(PSTR("[OTA] Incorrect URL specified\n"));
  227. 

  228. }
  229. 

  230. #if TERMINAL_SUPPORT

  231. 

  232. void _otaClientInitCommands() {
  233. 

  234.     terminalRegisterCommand(F("OTA"), [](Embedis* e) {
  235.         if (e->argc < 2) {
  236.             terminalError(F("OTA <url>"));
  237.         } else {
  238.             _otaClientFrom(String(e->argv[1]));
  239.             terminalOK();
  240.         }
  241.     });
  242. 

  243. }
  244. 

  245. #endif // TERMINAL_SUPPORT

  246. 

  247. #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  248. 

  249. bool _ota_do_update = false;
  250. String _ota_url;
  251. 

  252. void _otaClientLoop() {
  253.     if (_ota_do_update) {
  254.         _otaClientFrom(_ota_url);
  255.         _ota_do_update = false;
  256.         _ota_url = "";
  257.     }
  258. }
  259. 

  260. void _otaClientMqttCallback(unsigned int type, const char * topic, const char * payload) {
  261. 

  262.     if (type == MQTT_CONNECT_EVENT) {
  263.         mqttSubscribe(MQTT_TOPIC_OTA);
  264.     }
  265. 

  266.     if (type == MQTT_MESSAGE_EVENT) {
  267.         String t = mqttMagnitude((char *) topic);
  268.         if (t.equals(MQTT_TOPIC_OTA)) {
  269.             DEBUG_MSG_P(PSTR("[OTA] Queuing from URL: %s\n"), payload);
  270.             _ota_do_update = true;
  271.             _ota_url = payload;
  272.         }
  273.     }
  274. 

  275. }
  276. 

  277. #endif // MQTT_SUPPORT

  278. 

  279. // -----------------------------------------------------------------------------

  280. 

  281. void otaClientSetup() {
  282. 

  283.     // Backwards compatibility

  284.     moveSetting("otafp", "otaFP");
  285. 

  286.     #if TERMINAL_SUPPORT

  287.         _otaClientInitCommands();
  288.     #endif

  289. 

  290.     #if (MQTT_SUPPORT && OTA_MQTT_SUPPORT)

  291.         mqttRegister(_otaClientMqttCallback);
  292.         espurnaRegisterLoop(_otaClientLoop);
  293.     #endif

  294. 

  295. }
  296. 

  297. #endif // OTA_CLIENT == OTA_CLIENT_HTTPUPDATE