These are chat archives for SmingHub/Sming

24th
Nov 2016
slaff
@slaff
Nov 24 2016 08:35

is can we update the bootloader itself OTA ...

@iqbaltek Short answer - yes.

in axTLS lib some crypto algorithms implementations doesn't double...

@laurentppol It is more or less the same. In our case we are sure what the crypto library is doing because we have the source code. In the cases of the binary blob coming for libcrypto we are not exactly sure that is happening there.

@avr39-ripe Alexander, can you make the requested small changes to #806 and #809 so that I can merge them?
Alexander V. Ribchansky
@avr39-ripe
Nov 24 2016 09:58
@slaff yeh, indeed.. I found some additional problem with my pr #809 so I investigate bit..
slaff
@slaff
Nov 24 2016 10:00
@avr39-ripe Good :) And once you are ready we can add SSL support to Websockets. Isn't that cool :) ?
Alexander V. Ribchansky
@avr39-ripe
Nov 24 2016 10:05
@slaff #806 done
@slaff SSL to websockets.. sounds good.. will look forward on this :)
slaff
@slaff
Nov 24 2016 10:06
In your opinion: Is #806 ready for merging?
Alexander V. Ribchansky
@avr39-ripe
Nov 24 2016 10:08
Yeh! fully.. As you can see it has no regression... if nobody touch nothing - all remain as it was before.. just if one CHANGE default timeout by hand one will see some different behavior
I found this problem while testing websocket client with another esp... if I just turn off my ws client - server still "see" connection.. and keep it forever.. as requested by setTimeOut(USH_MAX); :)
@slaff Thanks!
slaff
@slaff
Nov 24 2016 10:12
@avr39-ripe Since you are online - tell me how to install the "toolchain esp-alt-sdk with gcc 5.3" for FreeBSD-Current? I am building a test VM with FreeBSD-current to check if things compile nicely also there.
Alexander V. Ribchansky
@avr39-ripe
Nov 24 2016 10:16
@slaff I use this https://github.com/kireevco/esp-alt-sdk.git repo, but some prev state of it.. with current state chacked out about 2 month ago I get BAD tool-chain..it can build code but no link resulted binary.. so I have my own old build of toolchain.. try yourself, may be some changes were made after my tests or you found proper solution of link problem...
slaff
@slaff
Nov 24 2016 10:17
Can you zip your working toolchain and upload it online so that I can download it and use it?
laurentppol
@laurentppol
Nov 24 2016 11:43
@slaff maybe "we" could as Esspressif to put (at least crypto routines I mentioned) to OpenSource? This way "world" would get 2 things: Open Source security & smaller code?
ask*
slaff
@slaff
Nov 24 2016 11:47
@laurentppol I am not sure I understood you. Can you explain what you mean?
laurentppol
@laurentppol
Nov 24 2016 12:03
ask Esspressif to put some parts (crypto libs: librypto.a, liblwip.a, libnet80211.a libssl.a, libwpa.a) to OpenSource -> publish code + "makefiles", ship code instead of blobs) of their SDK. This way they have less work with SDK, anyone gets "more secure" as open code can be verified (no backdoor, no "obvious errors")
just looked into esp-open-sdk/lib dir
laurentppol
@laurentppol
Nov 24 2016 12:09
@slaff and for security: my idea: ask someone to construct WireShark filters, to filter out "expected communication" (DHCP, DNS, SNTP etc) and condunct tests, IF there is something "we" don't expect (connections to China?, to "some mysterious hosts"?)
laurentppol
@laurentppol
Nov 24 2016 12:47
@slaff for "asking Esspressif" - support it with Sming download statistics, "look we (this means You too!) have xxx users worldwide..." :)