Merge branch 'feature/optionally_disable_https_from_ota_component' into 'master'

esp_https_ota: few feature enhancements

See merge request idf/esp-idf!4057
This commit is contained in:
Angus Gratton 2019-01-31 09:11:35 +08:00
commit 4b2feb316a
4 changed files with 29 additions and 10 deletions

View file

@ -0,0 +1,12 @@
menu "ESP HTTPS OTA"
config OTA_ALLOW_HTTP
bool "Allow HTTP for OTA (WARNING: ONLY FOR TESTING PURPOSE, READ HELP)"
default n
help
It is highly recommended to keep HTTPS (along with server certificate validation) enabled.
Enabling this option comes with potential risk of:
- Non-encrypted communication channel with server
- Accepting firmware upgrade image from server with fake identity
endmenu

View file

@ -33,6 +33,7 @@ extern "C" {
* @return * @return
* - ESP_OK: OTA data updated, next reboot will use specified partition. * - ESP_OK: OTA data updated, next reboot will use specified partition.
* - ESP_FAIL: For generic failure. * - ESP_FAIL: For generic failure.
* - ESP_ERR_INVALID_ARG: Invalid argument
* - ESP_ERR_OTA_VALIDATE_FAILED: Invalid app image * - ESP_ERR_OTA_VALIDATE_FAILED: Invalid app image
* - ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation. * - ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation.
* - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed. * - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed.

View file

@ -19,7 +19,7 @@
#include <esp_ota_ops.h> #include <esp_ota_ops.h>
#include <esp_log.h> #include <esp_log.h>
#define OTA_BUF_SIZE 256 #define DEFAULT_OTA_BUF_SIZE 256
static const char *TAG = "esp_https_ota"; static const char *TAG = "esp_https_ota";
static void http_cleanup(esp_http_client_handle_t client) static void http_cleanup(esp_http_client_handle_t client)
@ -35,10 +35,12 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
return ESP_ERR_INVALID_ARG; return ESP_ERR_INVALID_ARG;
} }
#if !CONFIG_OTA_ALLOW_HTTP
if (!config->cert_pem) { if (!config->cert_pem) {
ESP_LOGE(TAG, "Server certificate not found in esp_http_client config"); ESP_LOGE(TAG, "Server certificate not found in esp_http_client config");
return ESP_FAIL; return ESP_ERR_INVALID_ARG;
} }
#endif
esp_http_client_handle_t client = esp_http_client_init(config); esp_http_client_handle_t client = esp_http_client_init(config);
if (client == NULL) { if (client == NULL) {
@ -46,10 +48,12 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
return ESP_FAIL; return ESP_FAIL;
} }
#if !CONFIG_OTA_ALLOW_HTTP
if (esp_http_client_get_transport_type(client) != HTTP_TRANSPORT_OVER_SSL) { if (esp_http_client_get_transport_type(client) != HTTP_TRANSPORT_OVER_SSL) {
ESP_LOGE(TAG, "Transport is not over HTTPS"); ESP_LOGE(TAG, "Transport is not over HTTPS");
return ESP_FAIL; return ESP_FAIL;
} }
#endif
esp_err_t err = esp_http_client_open(client, 0); esp_err_t err = esp_http_client_open(client, 0);
if (err != ESP_OK) { if (err != ESP_OK) {
@ -81,16 +85,18 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
ESP_LOGI(TAG, "Please Wait. This may take time"); ESP_LOGI(TAG, "Please Wait. This may take time");
esp_err_t ota_write_err = ESP_OK; esp_err_t ota_write_err = ESP_OK;
char *upgrade_data_buf = (char *)malloc(OTA_BUF_SIZE); const int alloc_size = (config->buffer_size > 0) ? config->buffer_size : DEFAULT_OTA_BUF_SIZE;
char *upgrade_data_buf = (char *)malloc(alloc_size);
if (!upgrade_data_buf) { if (!upgrade_data_buf) {
ESP_LOGE(TAG, "Couldn't allocate memory to upgrade data buffer"); ESP_LOGE(TAG, "Couldn't allocate memory to upgrade data buffer");
return ESP_ERR_NO_MEM; return ESP_ERR_NO_MEM;
} }
int binary_file_len = 0; int binary_file_len = 0;
while (1) { while (1) {
int data_read = esp_http_client_read(client, upgrade_data_buf, OTA_BUF_SIZE); int data_read = esp_http_client_read(client, upgrade_data_buf, alloc_size);
if (data_read == 0) { if (data_read == 0) {
ESP_LOGI(TAG, "Connection closed,all data received"); ESP_LOGI(TAG, "Connection closed, all data received");
break; break;
} }
if (data_read < 0) { if (data_read < 0) {
@ -98,7 +104,7 @@ esp_err_t esp_https_ota(const esp_http_client_config_t *config)
break; break;
} }
if (data_read > 0) { if (data_read > 0) {
ota_write_err = esp_ota_write( update_handle, (const void *)upgrade_data_buf, data_read); ota_write_err = esp_ota_write(update_handle, (const void *) upgrade_data_buf, data_read);
if (ota_write_err != ESP_OK) { if (ota_write_err != ESP_OK) {
break; break;
} }

View file

@ -96,7 +96,7 @@ static void initialise_wifi(void)
.password = CONFIG_WIFI_PASSWORD, .password = CONFIG_WIFI_PASSWORD,
}, },
}; };
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid); ESP_LOGI(TAG, "Setting WiFi configuration SSID %s", wifi_config.sta.ssid);
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) ); ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) ); ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
ESP_ERROR_CHECK( esp_wifi_start() ); ESP_ERROR_CHECK( esp_wifi_start() );
@ -104,14 +104,14 @@ static void initialise_wifi(void)
void simple_ota_example_task(void * pvParameter) void simple_ota_example_task(void * pvParameter)
{ {
ESP_LOGI(TAG, "Starting OTA example..."); ESP_LOGI(TAG, "Starting OTA example");
/* Wait for the callback to set the CONNECTED_BIT in the /* Wait for the callback to set the CONNECTED_BIT in the
event group. event group.
*/ */
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT, xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY); false, true, portMAX_DELAY);
ESP_LOGI(TAG, "Connect to Wifi ! Start to Connect to Server...."); ESP_LOGI(TAG, "Connected to WiFi network! Attempting to connect to server...");
esp_http_client_config_t config = { esp_http_client_config_t config = {
.url = CONFIG_FIRMWARE_UPGRADE_URL, .url = CONFIG_FIRMWARE_UPGRADE_URL,
@ -122,7 +122,7 @@ void simple_ota_example_task(void * pvParameter)
if (ret == ESP_OK) { if (ret == ESP_OK) {
esp_restart(); esp_restart();
} else { } else {
ESP_LOGE(TAG, "Firmware Upgrades Failed"); ESP_LOGE(TAG, "Firmware upgrade failed");
} }
while (1) { while (1) {
vTaskDelay(1000 / portTICK_PERIOD_MS); vTaskDelay(1000 / portTICK_PERIOD_MS);