firmware update protection?

[thncode]

I tried to use this lib for updating a number of ESP8266 & ESP32 devices. Even after a short time period I managed to mix up images and devices - did not harm the ESP32 as this device did not try to load & activate an ESP8266 image, but vice versa I bricked a 8266 device with flashing the wrong image. Is there any chance to at least do a dummy test / weak protection by comparing e.g. a setup / device name with the filename of the image? My devices do have DNS names by which the according flash image name could be tested. But for this I would need to check the image name against the selected to-be-uploaded file name...

Rgrds, Thomas

[mathieucarbou]

That's a good idea and it could be quickly implemented by adding a other callback similar to onStart, could be called validate, which will take the request parameters as input (like filename, md5, etc) and return a Boolean.

The application would then implement the logic to return true or false and depending on the returned value the update would be vetoed.

Maybe also the library could give access to the Update class.

I am also interested in such feature because I am working on a project where devices will be remotely accessible through LTE-M because they are physically at remote locations and a wrong update will make the device inaccessible.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions[bot]]

This issue was closed because it has been stalled for 5 days with no activity.