Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 11:21
    stef-ladefense edited #6901
  • 11:18
    stef-ladefense opened #6901
  • 07:48
    altelch synchronize #6865
  • 03:15
    earlephilhower milestoned #6299
  • 02:01
    earlephilhower synchronize #6294
  • 01:40
    devyte labeled #6900
  • 01:40
    devyte labeled #6900
  • 01:40
    devyte edited #6900
  • 01:39
    devyte milestoned #6900
  • 01:39
    devyte opened #6900
  • 01:20
    devyte closed #6885
  • 00:02
  • Dec 11 23:18
  • Dec 11 23:18
    earlephilhower synchronize #6294
  • Dec 11 23:15
    earlephilhower synchronize #6294
  • Dec 11 23:12
    earlephilhower synchronize #6294
  • Dec 11 23:03
    earlephilhower synchronize #6294
  • Dec 11 22:55

    earlephilhower on master

    POST http client example (#2704… (compare)

  • Dec 11 22:55
    earlephilhower closed #2704
Clemens Kirchgatterer
@everslick
i will need TLS though, (even though i don't have it now)
is TLS planned?
click
Me No Dev
@me-no-dev
yes, as soon as I find implementable
axtls does not work with async
Clemens Kirchgatterer
@everslick
IC
Clemens Kirchgatterer
@everslick
@me-no-dev : anyway, thank you very much. can you pls announce here, if the asyncUpdater gets merged?
Me No Dev
@me-no-dev
sure thing, I'll post PR in a bit
Clemens Kirchgatterer
@everslick
i will pospone my push until it is at least in master
after more testing i have to say async works so much better, it really should be the default!
Me No Dev
@me-no-dev
it is better, but it's not as easy as the regular one :) there are many things that you can not do inside async callbacks that users can do in the callbacks of the included server
Me No Dev
@me-no-dev
esp8266/Arduino#2096 is the PR, it adds Updater.runAsync(true/false); to switch the modes
Me No Dev
@me-no-dev
@everslick merged into master ;)
@igrr thanks :)
Ivan Grokhotkov
@igrr
Yeah, making async the default approach is the plan, but it requires some work... we need to make shooting oneself in a foot more complicated. After all, Arduino is about ease of use.
Right now i have a working port of asio, which is the candidate for networking API to be incorporated into C++ STL. It almost fits the bill, but unfortunately its dependence on STL brings some problems.
For example, it would be nice if it took Arduino strings, but of course it takes STL strings instead...
Me No Dev
@me-no-dev
seems pretty easy to use
are you planning to ditch lwip all together?
Clemens Kirchgatterer
@everslick
so i have to call Update.runAsync() after Update.begin(). COOL!
thx guys!
works as advertised! :)
Clemens Kirchgatterer
@everslick
i can now push the hardware really hard, i.e. pressing reload on a page that immediately opens a websocket back from the browser as fast as i can. i can trigger an out of memory condition after ~20 reloads and even then it seldomly crashes. before that, it would reboot after 3 reloads at max.
Martin Ayotte
@martinayotte
About my NYTimes tests, I'm still pulling my hairs with WTDs, I think will wait the dusts coming down, especially that @vicnevicne got it working on his side.
Ivan Grokhotkov
@igrr
@me-no-dev it's not a replacement for LwIP (which is a TCP/IP stack), it's an API wrapper around sockets, readv, writev, and select.
so no, not ditching LwIP
Me No Dev
@me-no-dev
@igrr maybe I missread something :) it looked like full-on stack
Ivan Grokhotkov
@igrr
Created esp8266/Arduino#2099 to add information on core version (release and git version) into the compiled binary. Would be awesome if someone with Windows skills can come up with a version which works on Windows
FWeinb
@FWeinb
Is there a why to sign updates with a private key and verify it before updating the firmware using HTTPUpdateServer?
Me No Dev
@me-no-dev
you can add authentication to the upload routine
HTTPUpdateServer was just an example that was turned into lib, the code is not much, so you can take it out and use it in your sketch
FWeinb
@FWeinb
Thanks. I think that it would help improve general security using automated firmware updates if such a verification was present in the core library.
Me No Dev
@me-no-dev
the _server->sendHeader lines are not needed anymore also
Ivan Grokhotkov
@igrr
@FWeinb there was a feature request issue for update signature/verification, but i can't find it in the tracker...
We can do it based on x509 certificates, would be good to export that part of SSL library into something reusable.
FWeinb
@FWeinb
That sounds great.
@igrr I found this thread in the issue tracker: https://github.com/esp8266/Arduino/pull/883#issuecomment-149470141
Ivan Grokhotkov
@igrr
Maybe it's a good idea to open a new issue for that.
I'll check if we (Espressif) can post a bounty for implementing that.
Ivan Grokhotkov
@igrr
@FWeinb created #2103
FWeinb
@FWeinb
Great thanks for creating the issue. I don't have much time in the next weeks (written exams). If there is no hurry I will have a look next month.
sticilface
@sticilface
This would be really great. I've got an updater working via downloading a json manifest which can then update/download required files for Spiffs and then update the sketch, obviously this is totally useless security wise. I'm not so keen to have it use https as that swallows a huge amount of ram on the esp. But some signing would be great (and even a way to sign files for spiffs too?) would be even better.
@igrr I'm trying to
Me No Dev
@me-no-dev
in a mean time esp8266/Arduino#2104
one thing that we can do is mask the firmware after compile and unmask it on the device. WebSocket uses such thing, though there the mask is known
on the ESP it can be given by the user (like OTA auth)
that will permit on-the-fly decoding and checking the integrity of the result
not really SSL secure, but if the mask key is 32 bytes long, it should be pretty secure
FWeinb
@FWeinb
implementing signing will get us authenticity + integrity. But for the mean time adding a username / password should work.