Remove Solo1 support + validate HTTPS certs on HTTPS requests (#443)

* Use esp_crt_bundle for HTTPS requests * Remove Solo1 support
2024-08-08 12:29:48 +02:00
parent 1a7baca5da
commit 1f4e85a09e
30 changed files with 1532 additions and 1755 deletions
--- a/src/NukiNetwork.cpp
+++ b/src/NukiNetwork.cpp
@@ -5,6 +5,8 @@
 #include "Logger.h"
 #include "Config.h"
 #include "RestartReason.h"
+#include <HTTPClient.h>
+#include <NetworkClientSecure.h>
 #if defined(CONFIG_IDF_TARGET_ESP32)
 #include "networkDevices/EthLan8720Device.h"
 #endif
@@ -484,30 +486,38 @@ bool NukiNetwork::update()
        {
            _lastUpdateCheckTs = ts;

-            https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
-            https.useHTTP10(true);
-            https.begin(GITHUB_OTA_MANIFEST_URL);
-
-            int httpResponseCode = https.GET();
-
-            if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
-            {
-                JsonDocument doc;
-                DeserializationError jsonError = deserializeJson(doc, https.getStream());
-
-                if (!jsonError)
+            NetworkClientSecure *client = new NetworkClientSecure;
+            if (client) {
+                client->setDefaultCACertBundle();
                {
-                    _latestVersion = doc["release"]["version"];
-                    publishString(_maintenancePathPrefix, mqtt_topic_info_nuki_hub_latest, _latestVersion, true);
+                    HTTPClient https;
+                    https.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
+                    https.useHTTP10(true);

-                    if (_latestVersion != _preferences->getString(preference_latest_version).c_str())
-                    {
-                        _preferences->putString(preference_latest_version, _latestVersion);
-                    }
+                    if (https.begin(*client, GITHUB_OTA_MANIFEST_URL)) {
+                        int httpResponseCode = https.GET();
+
+                        if (httpResponseCode == HTTP_CODE_OK || httpResponseCode == HTTP_CODE_MOVED_PERMANENTLY)
+                        {
+                            JsonDocument doc;
+                            DeserializationError jsonError = deserializeJson(doc, https.getStream());
+
+                            if (!jsonError)
+                            {
+                                _latestVersion = doc["release"]["version"];
+                                publishString(_maintenancePathPrefix, mqtt_topic_info_nuki_hub_latest, _latestVersion, true);
+
+                                if (_latestVersion != _preferences->getString(preference_latest_version).c_str())
+                                {
+                                    _preferences->putString(preference_latest_version, _latestVersion);
+                                }
+                            }
+                        }
+                    }                    
+                    https.end();
                }
+                delete client;
            }
-
-            https.end();
        }
    }