6 changed files with 237 additions and 2 deletions
@ -0,0 +1,13 @@ |
|||
Import("env") |
|||
|
|||
import time |
|||
|
|||
ver = time.time() |
|||
|
|||
f = open("version.txt", "w") |
|||
f.write(str(ver)) |
|||
f.close() |
|||
|
|||
env.Append(CPPDEFINES=[ |
|||
("FW_VERSION", ver) |
|||
]) |
|||
@ -0,0 +1,132 @@ |
|||
#include "XD0OTA.h" |
|||
|
|||
#include <WiFi.h> |
|||
#include <WiFiClient.h> |
|||
|
|||
#include <HTTPClient.h> |
|||
#include <HTTPUpdate.h> |
|||
|
|||
#include <time.h> |
|||
|
|||
static const char* TAG = "OTA"; |
|||
|
|||
XD0OTA::XD0OTA(String deviceName) : deviceName{deviceName} {} |
|||
|
|||
// Set time via NTP, as required for x.509 validation
|
|||
void XD0OTA::setClock() { |
|||
configTime(0, 0, "pool.ntp.org", "time.nist.gov"); // UTC
|
|||
|
|||
Serial.print(F("Waiting for NTP time sync: ")); |
|||
time_t now = time(nullptr); |
|||
while (now < 8 * 3600 * 2) { |
|||
yield(); |
|||
delay(500); |
|||
Serial.print(F(".")); |
|||
now = time(nullptr); |
|||
} |
|||
|
|||
Serial.println(F("")); |
|||
struct tm timeinfo; |
|||
gmtime_r(&now, &timeinfo); |
|||
Serial.print(F("Current time: ")); |
|||
Serial.print(asctime(&timeinfo)); |
|||
} |
|||
|
|||
String XD0OTA::getMAC() { |
|||
uint8_t mac[6]; |
|||
char result[14]; |
|||
|
|||
WiFi.macAddress( mac ); |
|||
snprintf( result, sizeof( result ), "%02x%02x%02x%02x%02x%02x", mac[ 0 ], mac[ 1 ], mac[ 2 ], mac[ 3 ], mac[ 4 ], mac[ 5 ] ); |
|||
|
|||
return String( result ); |
|||
} |
|||
|
|||
String XD0OTA::getUpdateURL(String file, String extension) { |
|||
String updateURL = String(fwUrlBase); |
|||
updateURL.concat(file); |
|||
updateURL.concat(extension); |
|||
return updateURL; |
|||
} |
|||
|
|||
void XD0OTA::update(void) { |
|||
setClock(); |
|||
|
|||
// try device specific image first
|
|||
String fwURL = getUpdateURL(getMAC(), ".bin"); |
|||
int newVersion = checkForUpdates(fwURL + ".version"); |
|||
|
|||
if (newVersion < 1) { |
|||
ESP_LOGW(TAG, "[update] no device specific update found..\n"); |
|||
fwURL = getUpdateURL(deviceName, ".bin"); |
|||
newVersion = checkForUpdates(fwURL + ".version"); |
|||
// try project specific image
|
|||
if (newVersion < 1) { |
|||
ESP_LOGW(TAG, "[update] Error while looking for updates..\n"); |
|||
return; |
|||
} |
|||
} |
|||
|
|||
if( newVersion > FW_VERSION ) { |
|||
ESP_LOGW(TAG, "Preparing to update.\n" ); |
|||
|
|||
ESP_LOGW(TAG, "Firmware image URL: " ); |
|||
ESP_LOGW(TAG, "%s\n", fwURL.c_str() ); |
|||
|
|||
WiFiClientSecure client; |
|||
client.setCACert(rootCACertificate); |
|||
|
|||
client.setTimeout(12); // seconds
|
|||
|
|||
httpUpdate.setLedPin(LED_BUILTIN, HIGH); |
|||
|
|||
t_httpUpdate_return ret = httpUpdate.update( client, fwURL ); |
|||
|
|||
switch(ret) { |
|||
case HTTP_UPDATE_FAILED: |
|||
ESP_LOGW(TAG, "HTTP_UPDATE_FAILED Error (%d): %s\n", httpUpdate.getLastError(), httpUpdate.getLastErrorString().c_str()); |
|||
break; |
|||
case HTTP_UPDATE_NO_UPDATES: |
|||
ESP_LOGW(TAG, "HTTP_UPDATE_NO_UPDATES\n"); |
|||
break; |
|||
case HTTP_UPDATE_OK: |
|||
ESP_LOGW(TAG, "[update] Update ok.\n"); // may not called we reboot the ESP
|
|||
break; |
|||
} |
|||
} else { |
|||
ESP_LOGW(TAG, "[update] Already on latest version\n" ); |
|||
} |
|||
} |
|||
|
|||
int XD0OTA::checkForUpdates(String url) { |
|||
int newVersion = -1; |
|||
|
|||
ESP_LOGW(TAG, "Checking for firmware updates.\n" ); |
|||
ESP_LOGW(TAG, "Firmware version URL: " ); |
|||
ESP_LOGW(TAG, "%s\n", url.c_str() ); |
|||
|
|||
WiFiClientSecure client; |
|||
client.setCACert(rootCACertificate); |
|||
client.setTimeout(5); // seconds
|
|||
|
|||
HTTPClient httpClient; |
|||
|
|||
httpClient.begin( client, url ); |
|||
int httpCode = httpClient.GET(); |
|||
if( httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY ) { |
|||
String newFWVersion = httpClient.getString(); |
|||
|
|||
ESP_LOGW(TAG, "Current firmware version: " ); |
|||
ESP_LOGW(TAG, "%s\n", String(FW_VERSION).c_str() ); |
|||
ESP_LOGW(TAG, "Available firmware version: " ); |
|||
ESP_LOGW(TAG, "%s\n", newFWVersion.c_str() ); |
|||
|
|||
newVersion = newFWVersion.toInt(); |
|||
} else { |
|||
ESP_LOGW(TAG, "Firmware version check failed, got HTTP response code " ); |
|||
ESP_LOGW(TAG, "%d\n", httpCode ); |
|||
newVersion = -1; |
|||
} |
|||
httpClient.end(); |
|||
return newVersion; |
|||
} |
|||
@ -0,0 +1,84 @@ |
|||
#ifndef _XD0OTA_H |
|||
#define _XD0OTA_H |
|||
|
|||
#include <Arduino.h> |
|||
|
|||
class XD0OTA { |
|||
public: |
|||
XD0OTA(String deviceName); |
|||
void update(void); |
|||
int checkForUpdates(String url); |
|||
private: |
|||
String deviceName; |
|||
const char* fwUrlBase = "https://fwupdate.xd0.de:444/fota/"; |
|||
const char* httpsFingerprint = "37 42 61 B9 E6 EE 22 36 D1 59 67 7D 55 53 6E A4 C7 AA 60 26"; |
|||
const char* rootCACertificate = \ |
|||
"-----BEGIN CERTIFICATE-----\n" \ |
|||
"MIID8DCCAtigAwIBAgIJAPSONy8RRejRMA0GCSqGSIb3DQEBCwUAMIGLMQswCQYD\n" \ |
|||
"VQQGEwJERTEeMBwGA1UECAwVTm9ydGhyaGluZS1XZXN0cGhhbGlhMQ4wDAYDVQQH\n" \ |
|||
"DAVFc3NlbjEPMA0GA1UECgwGeGQwLmRlMRgwFgYDVQQDDA9md3VwZGF0ZS54ZDAu\n" \ |
|||
"ZGUxITAfBgkqhkiG9w0BCQEWEmhlbmRyaWsrZGV2QHhkMC5kZTAgFw0xODA2MTYx\n" \ |
|||
"MTAzMTVaGA8yMDY4MDYxNjExMDMxNVowgYsxCzAJBgNVBAYTAkRFMR4wHAYDVQQI\n" \ |
|||
"DBVOb3J0aHJoaW5lLVdlc3RwaGFsaWExDjAMBgNVBAcMBUVzc2VuMQ8wDQYDVQQK\n" \ |
|||
"DAZ4ZDAuZGUxGDAWBgNVBAMMD2Z3dXBkYXRlLnhkMC5kZTEhMB8GCSqGSIb3DQEJ\n" \ |
|||
"ARYSaGVuZHJpaytkZXZAeGQwLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" \ |
|||
"CgKCAQEAx37S1YgaG74IhTysaaZQMFI50TDeGkxxdpNoIBX0UBeVtKI/3u3MAqBz\n" \ |
|||
"kKTDHFu4IQDj0PvBdlqPFGdSinFgrIvr49uAr+alNKUtkuSTT7nXI0fzqAxv1taj\n" \ |
|||
"0mNhigVvYikX2BUU/rNLnQclyBdPNVsOf9cv0t5+UcOHRt6oEwk5nFtG7s7k4+wu\n" \ |
|||
"wRdGlLy2LwLihYFon4LHAs05JW3qs0IQI4etc8E2JWjF2YwBg3+ooyzUFFIGjPSl\n" \ |
|||
"Lpi7WvAAR19HITbt5FJXQkFZnFxnfbQv/5f7n8vWfFmzYsEgvldwMZv+Eg6wPb2h\n" \ |
|||
"rgH7T6RSb55JrZE/JUY5C6pKvTJ3AwIDAQABo1MwUTAdBgNVHQ4EFgQUCnZywNj+\n" \ |
|||
"djz6n0sIARPx8dp+7bQwHwYDVR0jBBgwFoAUCnZywNj+djz6n0sIARPx8dp+7bQw\n" \ |
|||
"DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAto7IGXpNYTiPUgnA\n" \ |
|||
"DE6osdgSV1yVYJj75v+Y8aUGgQ93Ipl/0+PQL99wbGgjDhfxGADLtljwoEAz/fep\n" \ |
|||
"RqCh8swjL34XV9XjMzfhEMDCybSO6mK7ZmCKwhz9yBaK/Qjdj0YUoLhJ9Huzb70m\n" \ |
|||
"lGzbOhY4JJKFVaA5AcZhYHqjCmzHCVJ/H0zeuPGyKutbvSx23a24LmebfY4q2D62\n" \ |
|||
"U85ox3Ojek6Mc8J4V+RjORygDGAO4gZClEhAza4koAg7lCO/kSSk5PrXdlz2dqtA\n" \ |
|||
"D5Npv9M5363apnO1VlVR+OuO1NEJusRK1aWk9RLZsTPxzwOWwdkifXxUEJ+f8mGn\n" \ |
|||
"o+6SCw==\n" \ |
|||
"-----END CERTIFICATE-----\n"; |
|||
String getMAC(void); |
|||
String getUpdateURL(String file, String extension); |
|||
void setClock(void); |
|||
}; |
|||
|
|||
#endif /* _XD0OTA_H */ |
|||
|
|||
|
|||
/*
|
|||
|
|||
MAKE SURE TO RESET THE ESP8266 ONCE AFTER NORMAL FLASHING! OTHERWISE OTA WON'T WORK! |
|||
|
|||
|
|||
openssl req -x509 -nodes -days 18263 -newkey rsa:2048 -keyout /etc/ssl/private/xd0-fwupdate-selfsigned.key -out /etc/ssl/certs/xd0-fwupdate-selfsigned.crt |
|||
|
|||
openssl x509 -noout -fingerprint -sha1 -inform pem -in /etc/ssl/certs/xd0-fwupdate-selfsigned.crt |
|||
|
|||
|
|||
scp .pioenvs/nodemcuv2/firmware.bin user@webserver:/var/www/fwupdate/fota/macaddress.bin |
|||
and change macaddress.version |
|||
|
|||
|
|||
server { |
|||
listen 444 ssl; |
|||
listen [::]:444 ssl; |
|||
server_name fwupdate.xd0.de; |
|||
|
|||
# SSL configuration |
|||
ssl_certificate /etc/ssl/certs/xd0-fwupdate-selfsigned.crt; |
|||
ssl_certificate_key /etc/ssl/private/xd0-fwupdate-selfsigned.key; |
|||
ssl_buffer_size 4k; |
|||
|
|||
root /var/www/fwupdate; |
|||
|
|||
location / { |
|||
# First attempt to serve request as file, then |
|||
# as directory, then fall back to displaying a 404. |
|||
try_files $uri $uri/ =404; |
|||
} |
|||
|
|||
access_log /var/log/nginx/fwupdate_access.log; |
|||
error_log /var/log/nginx/fwupdate_error.log; |
|||
} |
|||
|
|||
*/ |
|||
Loading…
Reference in new issue