Merge branch 'feature/optionally_disable_https_from_ota_component' into 'master'
esp_https_ota: few feature enhancements See merge request idf/esp-idf!4057
This commit is contained in:
Angus Gratton
commit
4b2feb316a
4 changed files with 29 additions and 10 deletions
12
components/esp_https_ota/Kconfig
Normal file
12
components/esp_https_ota/Kconfig
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
menu "ESP HTTPS OTA"
|
||||||
|
|
||||||
|
config OTA_ALLOW_HTTP
|
||||||
|
bool "Allow HTTP for OTA (WARNING: ONLY FOR TESTING PURPOSE, READ HELP)"
|
||||||
|
default n
|
||||||
|
help
|
||||||
|
It is highly recommended to keep HTTPS (along with server certificate validation) enabled.
|
||||||
|
Enabling this option comes with potential risk of:
|
||||||
|
- Non-encrypted communication channel with server
|
||||||
|
- Accepting firmware upgrade image from server with fake identity
|
||||||
|
|
||||||
|
endmenu
|
||||||
|
|
@ -33,6 +33,7 @@ extern "C" {
|
||||||
* @return
|
* @return
|
||||||
* - ESP_OK: OTA data updated, next reboot will use specified partition.
|
* - ESP_OK: OTA data updated, next reboot will use specified partition.
|
||||||
* - ESP_FAIL: For generic failure.
|
* - ESP_FAIL: For generic failure.
|
||||||
|
* - ESP_ERR_INVALID_ARG: Invalid argument
|
||||||
* - ESP_ERR_OTA_VALIDATE_FAILED: Invalid app image
|
* - ESP_ERR_OTA_VALIDATE_FAILED: Invalid app image
|
||||||
* - ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation.
|
* - ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation.
|
||||||
* - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed.
|
* - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed.
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@
|
||||||
#include <esp_ota_ops.h>
|
#include <esp_ota_ops.h>
|
||||||
#include <esp_log.h>
|
#include <esp_log.h>
|
||||||
|
|
||||||
#define OTA_BUF_SIZE 256
|
#define DEFAULT_OTA_BUF_SIZE 256
|
||||||
static const char *TAG = "esp_https_ota";
|
static const char *TAG = "esp_https_ota";
|
||||||
|
|
||||||
static void http_cleanup(esp_http_client_handle_t client)
|
static void http_cleanup(esp_http_client_handle_t client)
|
||||||
|
|
@ -35,10 +35,12 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
|
||||||
return ESP_ERR_INVALID_ARG;
|
return ESP_ERR_INVALID_ARG;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if !CONFIG_OTA_ALLOW_HTTP
|
||||||
if (!config->cert_pem) {
|
if (!config->cert_pem) {
|
||||||
ESP_LOGE(TAG, "Server certificate not found in esp_http_client config");
|
ESP_LOGE(TAG, "Server certificate not found in esp_http_client config");
|
||||||
return ESP_FAIL;
|
return ESP_ERR_INVALID_ARG;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
esp_http_client_handle_t client = esp_http_client_init(config);
|
esp_http_client_handle_t client = esp_http_client_init(config);
|
||||||
if (client == NULL) {
|
if (client == NULL) {
|
||||||
|
|
@ -46,10 +48,12 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
|
||||||
return ESP_FAIL;
|
return ESP_FAIL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if !CONFIG_OTA_ALLOW_HTTP
|
||||||
if (esp_http_client_get_transport_type(client) != HTTP_TRANSPORT_OVER_SSL) {
|
if (esp_http_client_get_transport_type(client) != HTTP_TRANSPORT_OVER_SSL) {
|
||||||
ESP_LOGE(TAG, "Transport is not over HTTPS");
|
ESP_LOGE(TAG, "Transport is not over HTTPS");
|
||||||
return ESP_FAIL;
|
return ESP_FAIL;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
esp_err_t err = esp_http_client_open(client, 0);
|
esp_err_t err = esp_http_client_open(client, 0);
|
||||||
if (err != ESP_OK) {
|
if (err != ESP_OK) {
|
||||||
|
|
@ -81,14 +85,16 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
|
||||||
ESP_LOGI(TAG, "Please Wait. This may take time");
|
ESP_LOGI(TAG, "Please Wait. This may take time");
|
||||||
|
|
||||||
esp_err_t ota_write_err = ESP_OK;
|
esp_err_t ota_write_err = ESP_OK;
|
||||||
char *upgrade_data_buf = (char *)malloc(OTA_BUF_SIZE);
|
const int alloc_size = (config->buffer_size > 0) ? config->buffer_size : DEFAULT_OTA_BUF_SIZE;
|
||||||
|
char *upgrade_data_buf = (char *)malloc(alloc_size);
|
||||||
if (!upgrade_data_buf) {
|
if (!upgrade_data_buf) {
|
||||||
ESP_LOGE(TAG, "Couldn't allocate memory to upgrade data buffer");
|
ESP_LOGE(TAG, "Couldn't allocate memory to upgrade data buffer");
|
||||||
return ESP_ERR_NO_MEM;
|
return ESP_ERR_NO_MEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
int binary_file_len = 0;
|
int binary_file_len = 0;
|
||||||
while (1) {
|
while (1) {
|
||||||
int data_read = esp_http_client_read(client, upgrade_data_buf, OTA_BUF_SIZE);
|
int data_read = esp_http_client_read(client, upgrade_data_buf, alloc_size);
|
||||||
if (data_read == 0) {
|
if (data_read == 0) {
|
||||||
ESP_LOGI(TAG, "Connection closed, all data received");
|
ESP_LOGI(TAG, "Connection closed, all data received");
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
|
|
@ -96,7 +96,7 @@ static void initialise_wifi(void)
|
||||||
.password = CONFIG_WIFI_PASSWORD,
|
.password = CONFIG_WIFI_PASSWORD,
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
|
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s", wifi_config.sta.ssid);
|
||||||
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
|
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
|
||||||
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
|
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
|
||||||
ESP_ERROR_CHECK( esp_wifi_start() );
|
ESP_ERROR_CHECK( esp_wifi_start() );
|
||||||
|
|
@ -104,14 +104,14 @@ static void initialise_wifi(void)
|
||||||
|
|
||||||
void simple_ota_example_task(void * pvParameter)
|
void simple_ota_example_task(void * pvParameter)
|
||||||
{
|
{
|
||||||
ESP_LOGI(TAG, "Starting OTA example...");
|
ESP_LOGI(TAG, "Starting OTA example");
|
||||||
|
|
||||||
/* Wait for the callback to set the CONNECTED_BIT in the
|
/* Wait for the callback to set the CONNECTED_BIT in the
|
||||||
event group.
|
event group.
|
||||||
*/
|
*/
|
||||||
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
|
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
|
||||||
false, true, portMAX_DELAY);
|
false, true, portMAX_DELAY);
|
||||||
ESP_LOGI(TAG, "Connect to Wifi ! Start to Connect to Server....");
|
ESP_LOGI(TAG, "Connected to WiFi network! Attempting to connect to server...");
|
||||||
|
|
||||||
esp_http_client_config_t config = {
|
esp_http_client_config_t config = {
|
||||||
.url = CONFIG_FIRMWARE_UPGRADE_URL,
|
.url = CONFIG_FIRMWARE_UPGRADE_URL,
|
||||||
|
|
@ -122,7 +122,7 @@ void simple_ota_example_task(void * pvParameter)
|
||||||
if (ret == ESP_OK) {
|
if (ret == ESP_OK) {
|
||||||
esp_restart();
|
esp_restart();
|
||||||
} else {
|
} else {
|
||||||
ESP_LOGE(TAG, "Firmware Upgrades Failed");
|
ESP_LOGE(TAG, "Firmware upgrade failed");
|
||||||
}
|
}
|
||||||
while (1) {
|
while (1) {
|
||||||
vTaskDelay(1000 / portTICK_PERIOD_MS);
|
vTaskDelay(1000 / portTICK_PERIOD_MS);
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue