Coder Social home page Coder Social logo

Comments (2)

leres avatar leres commented on July 20, 2024

I think the lack of ota https support is due to the age of our mbedtls. Switching your sdkconfig to wolfssl used to allow ota https work with the downside that connecting to the V2 server over ssl would break.

Given the renewed effort by to bring the project up to ESP-IDF v5 I think it's just a matter of time before we'll be able to use ssl for everything, including ota https.

I also do ota updates to my own server. But I run my ovms modules in wifi client-only mode and only do updates when my cars are at home, connected to my home network.

from open-vehicle-monitoring-system-3.

dexterbg avatar dexterbg commented on July 20, 2024

Actually, the reason isn't the TLS library, but the OTA download using our own, very basic, synchronous HTTP client (class OvmsHttpClient, module ovms_http), which doesn't support HTTPS.

HTTPS support is no issue with mbedTLS when using mongoose, as I did for the Javascript API HTTP.Request(). But that induces the necessity for an asynchronous download handling. Mark tried to implement exactly this in the for-v3.3 branch, last state can be found by checking out that branch, or browsed online here:

This lead to a deadlock issue with the mongoose context, discussed on the developer list in this thread…

We then tried using the synchronous client for the firmware download, which lead to this issue…

…with final state being:

The code now uses the old ovms_http library, based on normal sockets (not mongoose). This should also workaround the ‘ota flash http’ issue we had with ssh client connections. I would prefer to use mongoose (apart from uniformity, this also gave us support for HTTPS), but it is quite tricky to do this in a blocking way with the ssh client also over mongoose. Would need to re-work to be non-blocking for these commands.

TL;DR: the OTA dowload needs to be reworked towards an asynchronous non-blocking mongoose scheme. Possibly some of the duktape HTTP.Request code can be reused.

Another option could be to skip mongoose here completely and use the esp-idf esp_https_ota API, as shown in the "advanced_https_ota" example.

from open-vehicle-monitoring-system-3.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.