Remove Solo1 support + validate HTTPS certs on HTTPS requests (#443)
* Use esp_crt_bundle for HTTPS requests * Remove Solo1 support
This commit is contained in:
iranl
10
src/Config.h
10
src/Config.h
@@ -7,7 +7,6 @@
|
||||
#define NUKI_HUB_DATE "unknownbuilddate"
|
||||
|
||||
#define GITHUB_LATEST_RELEASE_URL (char*)"https://github.com/technyon/nuki_hub/releases/latest"
|
||||
#define GITHUB_LATEST_RELEASE_API_URL (char*)"https://api.github.com/repos/technyon/nuki_hub/releases/latest"
|
||||
#define GITHUB_OTA_MANIFEST_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/manifest.json"
|
||||
|
||||
#if defined(CONFIG_IDF_TARGET_ESP32C3)
|
||||
@@ -32,14 +31,6 @@
|
||||
#define GITHUB_MASTER_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_esp32c6.bin"
|
||||
#define GITHUB_MASTER_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_updater_esp32c6.bin"
|
||||
#else
|
||||
#if defined(FRAMEWORK_ARDUINO_SOLO1)
|
||||
#define GITHUB_LATEST_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/nuki_hub_esp32solo1.bin"
|
||||
#define GITHUB_LATEST_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/nuki_hub_updater_esp32solo1.bin"
|
||||
#define GITHUB_BETA_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/beta/nuki_hub_esp32solo1.bin"
|
||||
#define GITHUB_BETA_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/beta/nuki_hub_updater_esp32solo1.bin"
|
||||
#define GITHUB_MASTER_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_esp32solo1.bin"
|
||||
#define GITHUB_MASTER_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_updater_esp32solo1.bin"
|
||||
#else
|
||||
#define GITHUB_LATEST_RELEASE_BINARY_URL "https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/nuki_hub_esp32.bin"
|
||||
#define GITHUB_LATEST_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/nuki_hub_updater_esp32.bin"
|
||||
#define GITHUB_BETA_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/beta/nuki_hub_esp32.bin"
|
||||
@@ -47,7 +38,6 @@
|
||||
#define GITHUB_MASTER_RELEASE_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_esp32.bin"
|
||||
#define GITHUB_MASTER_UPDATER_BINARY_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/master/nuki_hub_updater_esp32.bin"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
#define MQTT_QOS_LEVEL 1
|
||||
|
||||
@@ -5,6 +5,8 @@
|
||||
#include "Logger.h"
|
||||
#include "Config.h"
|
||||
#include "RestartReason.h"
|
||||
#include <HTTPClient.h>
|
||||
#include <NetworkClientSecure.h>
|
||||
#if defined(CONFIG_IDF_TARGET_ESP32)
|
||||
#include "networkDevices/EthLan8720Device.h"
|
||||
#endif
|
||||
@@ -484,30 +486,38 @@ bool NukiNetwork::update()
|
||||
{
|
||||
_lastUpdateCheckTs = ts;
|
||||
|
||||
https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
|
||||
https.useHTTP10(true);
|
||||
https.begin(GITHUB_OTA_MANIFEST_URL);
|
||||
|
||||
int httpResponseCode = https.GET();
|
||||
|
||||
if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
|
||||
{
|
||||
JsonDocument doc;
|
||||
DeserializationError jsonError = deserializeJson(doc, https.getStream());
|
||||
|
||||
if (!jsonError)
|
||||
NetworkClientSecure *client = new NetworkClientSecure;
|
||||
if (client) {
|
||||
client->setDefaultCACertBundle();
|
||||
{
|
||||
_latestVersion = doc["release"]["version"];
|
||||
publishString(_maintenancePathPrefix, mqtt_topic_info_nuki_hub_latest, _latestVersion, true);
|
||||
HTTPClient https;
|
||||
https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
|
||||
https.useHTTP10(true);
|
||||
|
||||
if (_latestVersion != _preferences->getString(preference_latest_version).c_str())
|
||||
{
|
||||
_preferences->putString(preference_latest_version, _latestVersion);
|
||||
}
|
||||
if (https.begin(*client, GITHUB_OTA_MANIFEST_URL)) {
|
||||
int httpResponseCode = https.GET();
|
||||
|
||||
if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
|
||||
{
|
||||
JsonDocument doc;
|
||||
DeserializationError jsonError = deserializeJson(doc, https.getStream());
|
||||
|
||||
if (!jsonError)
|
||||
{
|
||||
_latestVersion = doc["release"]["version"];
|
||||
publishString(_maintenancePathPrefix, mqtt_topic_info_nuki_hub_latest, _latestVersion, true);
|
||||
|
||||
if (_latestVersion != _preferences->getString(preference_latest_version).c_str())
|
||||
{
|
||||
_preferences->putString(preference_latest_version, _latestVersion);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
https.end();
|
||||
}
|
||||
delete client;
|
||||
}
|
||||
|
||||
https.end();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
#include <map>
|
||||
#include "networkDevices/NetworkDevice.h"
|
||||
#include "networkDevices/IPConfiguration.h"
|
||||
#include <HTTPClient.h>
|
||||
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
#include "MqttReceiver.h"
|
||||
@@ -112,7 +111,6 @@ private:
|
||||
static NukiNetwork* _inst;
|
||||
|
||||
const char* _latestVersion;
|
||||
HTTPClient https;
|
||||
|
||||
Preferences* _preferences;
|
||||
IPConfiguration* _ipConfiguration = nullptr;
|
||||
|
||||
@@ -71,10 +71,8 @@ void NukiNetworkLock::initialize()
|
||||
|
||||
if(_preferences->getBool(preference_update_from_mqtt, false))
|
||||
{
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
_network->subscribe(_mqttPath, mqtt_topic_update);
|
||||
_network->initTopic(_mqttPath, mqtt_topic_update, "0");
|
||||
#endif
|
||||
}
|
||||
|
||||
_network->subscribe(_mqttPath, mqtt_topic_webserver_action);
|
||||
@@ -195,7 +193,6 @@ void NukiNetworkLock::onMqttDataReceived(const char* topic, byte* payload, const
|
||||
delay(200);
|
||||
restartEsp(RestartReason::RequestedViaMqtt);
|
||||
}
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
else if(comparePrefixedPath(topic, mqtt_topic_update) && strcmp(value, "1") == 0 && _preferences->getBool(preference_update_from_mqtt, false))
|
||||
{
|
||||
Log->println(F("Update requested via MQTT."));
|
||||
@@ -204,7 +201,6 @@ void NukiNetworkLock::onMqttDataReceived(const char* topic, byte* payload, const
|
||||
delay(200);
|
||||
restartEsp(RestartReason::OTAReboot);
|
||||
}
|
||||
#endif
|
||||
else if(comparePrefixedPath(topic, mqtt_topic_webserver_action))
|
||||
{
|
||||
if(strcmp(value, "") == 0 ||
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
#include <HTTPClient.h>
|
||||
#include <NetworkClientSecure.h>
|
||||
#include "ArduinoJson.h"
|
||||
|
||||
WebCfgServer::WebCfgServer(NukiWrapper* nuki, NukiOpenerWrapper* nukiOpener, NukiNetwork* network, Gpio* gpio, EthServer* ethServer, Preferences* preferences, bool allowRestartToPortal, uint8_t partitionType)
|
||||
@@ -318,7 +319,6 @@ void WebCfgServer::initialize()
|
||||
esp_ota_set_boot_partition(esp_ota_get_next_update_partition(NULL));
|
||||
restartEsp(RestartReason::OTAReboot);
|
||||
});
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
_server.on("/autoupdate", [&]() {
|
||||
if (_hasCredentials && !_server.authenticate(_credUser, _credPassword)) {
|
||||
return _server.requestAuthentication();
|
||||
@@ -347,7 +347,6 @@ void WebCfgServer::initialize()
|
||||
waitAndProcess(true, 1000);
|
||||
restartEsp(RestartReason::OTAReboot);
|
||||
});
|
||||
#endif
|
||||
_server.on("/uploadota", HTTP_POST, [&]() {
|
||||
if (_hasCredentials && !_server.authenticate(_credUser, _credPassword)) {
|
||||
return _server.requestAuthentication();
|
||||
@@ -415,7 +414,6 @@ void WebCfgServer::buildOtaHtml(String &response, bool errored)
|
||||
|
||||
response.concat("<div id=\"msgdiv\" style=\"visibility:hidden\">Initiating Over-the-air update. This will take about two minutes, please be patient.<br>You will be forwarded automatically when the update is complete.</div>");
|
||||
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
response.concat("<div id=\"autoupdform\"><h4>Update Nuki Hub</h4>");
|
||||
response.concat("Click on the button to reboot and automatically update Nuki Hub and the Nuki Hub updater to the latest versions from GitHub");
|
||||
response.concat("<div style=\"clear: both\"></div>");
|
||||
@@ -433,53 +431,58 @@ void WebCfgServer::buildOtaHtml(String &response, bool errored)
|
||||
response.concat("<br>");
|
||||
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
HTTPClient https;
|
||||
https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
|
||||
https.setTimeout(2500);
|
||||
https.useHTTP10(true);
|
||||
https.begin(GITHUB_OTA_MANIFEST_URL);
|
||||
|
||||
int httpResponseCode = https.GET();
|
||||
|
||||
if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
|
||||
{
|
||||
JsonDocument doc;
|
||||
DeserializationError jsonError = deserializeJson(doc, https.getStream());
|
||||
|
||||
if (!jsonError)
|
||||
NetworkClientSecure *client = new NetworkClientSecure;
|
||||
if (client) {
|
||||
client->setDefaultCACertBundle();
|
||||
{
|
||||
response.concat("<b>Latest release version: </b>");
|
||||
response.concat(doc["release"]["fullversion"].as<const char*>());
|
||||
response.concat(" (");
|
||||
response.concat(doc["release"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["release"]["time"].as<const char*>());
|
||||
response.concat("<br>");
|
||||
response.concat("<b>Latest beta version: </b>");
|
||||
response.concat(doc["beta"]["fullversion"].as<const char*>());
|
||||
if(doc["beta"]["fullversion"] != "No beta available")
|
||||
{
|
||||
response.concat(" (");
|
||||
response.concat(doc["beta"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["beta"]["time"].as<const char*>());
|
||||
HTTPClient https;
|
||||
https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
|
||||
https.setTimeout(2500);
|
||||
https.useHTTP10(true);
|
||||
|
||||
if (https.begin(*client, GITHUB_OTA_MANIFEST_URL)) {
|
||||
int httpResponseCode = https.GET();
|
||||
|
||||
if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
|
||||
{
|
||||
JsonDocument doc;
|
||||
DeserializationError jsonError = deserializeJson(doc, https.getStream());
|
||||
|
||||
if (!jsonError)
|
||||
{
|
||||
response.concat("<b>Latest release version: </b>");
|
||||
response.concat(doc["release"]["fullversion"].as<const char*>());
|
||||
response.concat(" (");
|
||||
response.concat(doc["release"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["release"]["time"].as<const char*>());
|
||||
response.concat("<br>");
|
||||
response.concat("<b>Latest beta version: </b>");
|
||||
response.concat(doc["beta"]["fullversion"].as<const char*>());
|
||||
if(doc["beta"]["fullversion"] != "No beta available")
|
||||
{
|
||||
response.concat(" (");
|
||||
response.concat(doc["beta"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["beta"]["time"].as<const char*>());
|
||||
}
|
||||
response.concat("<br>");
|
||||
response.concat("<b>Latest development version: </b>");
|
||||
response.concat(doc["master"]["fullversion"].as<const char*>());
|
||||
response.concat(" (");
|
||||
response.concat(doc["master"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["master"]["time"].as<const char*>());
|
||||
response.concat("<br>");
|
||||
}
|
||||
}
|
||||
https.end();
|
||||
}
|
||||
response.concat("<br>");
|
||||
response.concat("<b>Latest development version: </b>");
|
||||
response.concat(doc["master"]["fullversion"].as<const char*>());
|
||||
response.concat(" (");
|
||||
response.concat(doc["master"]["build"].as<const char*>());
|
||||
response.concat("), ");
|
||||
response.concat(doc["master"]["time"].as<const char*>());
|
||||
response.concat("<br>");
|
||||
}
|
||||
delete client;
|
||||
}
|
||||
|
||||
https.end();
|
||||
#endif
|
||||
|
||||
response.concat("<br></div>");
|
||||
#endif
|
||||
|
||||
if(_partitionType == 1)
|
||||
{
|
||||
@@ -612,16 +615,12 @@ void WebCfgServer::handleOtaUpload()
|
||||
filename = "/" + filename;
|
||||
}
|
||||
_otaStartTs = esp_timer_get_time() / 1000;
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
esp_task_wdt_init(30, false);
|
||||
#else
|
||||
esp_task_wdt_config_t twdt_config = {
|
||||
.timeout_ms = 30000,
|
||||
.idle_core_mask = 0,
|
||||
.trigger_panic = false,
|
||||
};
|
||||
esp_task_wdt_reconfigure(&twdt_config);
|
||||
#endif
|
||||
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
_network->disableAutoRestarts();
|
||||
@@ -2539,7 +2538,7 @@ void WebCfgServer::buildNukiConfigHtml(String &response)
|
||||
#endif
|
||||
printInputField(response, "RSBC", "Restart if bluetooth beacons not received (seconds; -1 to disable)", _preferences->getInt(preference_restart_ble_beacon_lost), 10, "");
|
||||
printInputField(response, "TXPWR", "BLE transmit power in dB (minimum -12, maximum 9)", _preferences->getInt(preference_ble_tx_power, 9), 10, "");
|
||||
|
||||
|
||||
response.concat("</table>");
|
||||
response.concat("<br><input type=\"submit\" name=\"submit\" value=\"Save\">");
|
||||
response.concat("</form>");
|
||||
|
||||
18
src/main.cpp
18
src/main.cpp
@@ -244,16 +244,13 @@ esp_err_t _http_event_handler(esp_http_client_event_t *evt)
|
||||
case HTTP_EVENT_DISCONNECTED:
|
||||
Log->println("HTTP_EVENT_DISCONNECTED");
|
||||
break;
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
case HTTP_EVENT_REDIRECT:
|
||||
Log->println("HTTP_EVENT_REDIRECT");
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
void otaTask(void *pvParameter)
|
||||
{
|
||||
uint8_t partitionType = checkPartition();
|
||||
@@ -297,36 +294,21 @@ void otaTask(void *pvParameter)
|
||||
|
||||
esp_task_wdt_reset();
|
||||
}
|
||||
#endif
|
||||
|
||||
void setupTasks(bool ota)
|
||||
{
|
||||
// configMAX_PRIORITIES is 25
|
||||
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
esp_task_wdt_init(300, true);
|
||||
#else
|
||||
esp_task_wdt_config_t twdt_config = {
|
||||
.timeout_ms = 300000,
|
||||
.idle_core_mask = 0,
|
||||
.trigger_panic = true,
|
||||
};
|
||||
esp_task_wdt_reconfigure(&twdt_config);
|
||||
#endif
|
||||
|
||||
if(ota)
|
||||
{
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
xTaskCreatePinnedToCore(networkTask, "ntw", preferences->getInt(preference_task_size_network, NETWORK_TASK_SIZE), NULL, 3, &networkTaskHandle, 1);
|
||||
esp_task_wdt_add(networkTaskHandle);
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
xTaskCreatePinnedToCore(nukiTask, "nuki", preferences->getInt(preference_task_size_nuki, NUKI_TASK_SIZE), NULL, 2, &nukiTaskHandle, 1);
|
||||
esp_task_wdt_add(nukiTaskHandle);
|
||||
#endif
|
||||
#else
|
||||
xTaskCreatePinnedToCore(otaTask, "ota", 8192, NULL, 2, &otaTaskHandle, 1);
|
||||
esp_task_wdt_add(otaTaskHandle);
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@@ -76,13 +76,11 @@ void EthLan8720Device::initialize()
|
||||
|
||||
WiFi.setHostname(_hostname.c_str());
|
||||
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
_hardwareInitialized = ETH.begin(_phy_addr, _power, _mdc, _mdio, _type, _clock_mode, _use_mac_from_efuse);
|
||||
#elif CONFIG_IDF_TARGET_ESP32
|
||||
#if CONFIG_IDF_TARGET_ESP32
|
||||
_hardwareInitialized = ETH.begin(_type, _phy_addr, _mdc, _mdio, _power, _clock_mode);
|
||||
#else
|
||||
#else
|
||||
_hardwareInitialized = false;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
ETH.setHostname(_hostname.c_str());
|
||||
if(!_ipConfiguration->dhcpEnabled())
|
||||
|
||||
@@ -1,33 +1,26 @@
|
||||
#pragma once
|
||||
|
||||
#if (ESP_IDF_VERSION > ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
#ifndef CONFIG_IDF_TARGET_ESP32
|
||||
typedef enum {
|
||||
ETH_CLOCK_GPIO0_IN = 0,
|
||||
ETH_CLOCK_GPIO16_OUT = 2,
|
||||
ETH_CLOCK_GPIO17_OUT = 3
|
||||
} eth_clock_mode_t;
|
||||
#ifndef CONFIG_IDF_TARGET_ESP32
|
||||
typedef enum {
|
||||
ETH_CLOCK_GPIO0_IN = 0,
|
||||
ETH_CLOCK_GPIO16_OUT = 2,
|
||||
ETH_CLOCK_GPIO17_OUT = 3
|
||||
} eth_clock_mode_t;
|
||||
|
||||
#define ETH_PHY_TYPE ETH_PHY_MAX
|
||||
#else
|
||||
#define ETH_PHY_TYPE ETH_PHY_LAN8720
|
||||
#endif
|
||||
#define ETH_PHY_TYPE ETH_PHY_MAX
|
||||
#else
|
||||
#define ETH_PHY_TYPE ETH_PHY_LAN8720
|
||||
#endif
|
||||
|
||||
#define ETH_CLK_MODE ETH_CLOCK_GPIO0_IN
|
||||
|
||||
#define ETH_PHY_ADDR 0
|
||||
#define ETH_PHY_MDC 23
|
||||
#define ETH_PHY_MDIO 18
|
||||
#define ETH_PHY_POWER -1
|
||||
#define ETH_RESET_PIN 1
|
||||
#endif
|
||||
|
||||
#include <WiFiClient.h>
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
#include <WiFiClientSecure.h>
|
||||
#else
|
||||
#include <NetworkClientSecure.h>
|
||||
#endif
|
||||
#include <Preferences.h>
|
||||
#include "NetworkDevice.h"
|
||||
#ifndef NUKI_HUB_UPDATER
|
||||
|
||||
@@ -1,11 +1,7 @@
|
||||
#pragma once
|
||||
|
||||
#include <WiFiClient.h>
|
||||
#if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0))
|
||||
#include <WiFiClientSecure.h>
|
||||
#else
|
||||
#include <NetworkClientSecure.h>
|
||||
#endif
|
||||
#include <Preferences.h>
|
||||
#include "NetworkDevice.h"
|
||||
#include "WiFiManager.h"
|
||||
|
||||
Reference in New Issue
Block a user