No live status updates with ECOVACS Home app

[puddly]

Describe the bug I'm unable to see any live status updates reflected in the Android app. To see the current position or state of the robot, I have to go back to the online/offline screen and manually pull down to refresh. It will correctly update the position and state of the robot but only once.

To Reproduce Steps to reproduce the behavior:

1. Open the Android app
2. Start an AUTO cleaning cycle
3. Notice that the robot does not move on your phone screen but its position will update if you refresh the status
4. Pause the cleaning cycle. The app does not change the play/pause icon.
5. Go back to the previous screen, refresh, and tap on the robot. It will now show the correct icon and position.

Expected behavior The realtime status of the robot should be relayed to the app.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS: Linux, Python 3.8

Smartphone (please complete the following information):

• Device: Nexus 6P
• OS: LineageOS 15.1 (Android 8.1)

Vacuum (please complete the following information):

• Model: Deebot 901, firmware 2.1.3

I'm looking at my phone's traffic with mitmproxy when using the app and vacuum normally and it appears that app connects to an MQTT server running on port 443 (mq-ww.ecouser.net:443), while the bot connects to the same MQTT server running on port 8883.

Remapping bumper's ports to a higher range (443 -> 30443, 8883 -> 38883) and then putting nginx with SNI prereading in front of it allows for the right port to be chosen:

stream {
        map_hash_bucket_size 64;

        map $ssl_preread_server_name $internalport {
                mq-ww.ecouser.net                     38883;
                portal.ecouser.net                    30443;
                portal-ww.ecouser.net                 30443;
                bumper.ecovacs.com                    30443;
                gl-us-api.ecovacs.com                 30443;
                gl-us-openapi.ecovacs.com             30443;
                bigdata-northamerica.ecovacs.com      30443;
                recommender-northamerica.ecovacs.com  30443;
                default                               12345;
        }

        server {
                listen 8883;
                proxy_pass my.local.ip:38883;
        }

        server {
                listen 443;
                ssl_preread  on;
                proxy_pass my.local.ip:$internalport;
        }
}

I assume local updates worked some time in the past so it seems like either an app update or a configuration change has altered this behavior.

Maybe it would be better to offload all of the TLS stuff to nginx and run the Python code as a non-root user on higher ports by default?

[kushagharahi]

I'm trying to diagnose why my app only connects sometimes to my bumper server. How do you use mitmproxy to map all ports instead of just 80 and 443?

I run bumper in a k8s server and I tried to map 30443 -> 443 and 38883 -> 8883 with no dice.

@puddly

[kushagharahi]

Update, I installed a proper ingress (nginx) and used SNI to map the above ports and addresses and the app works perfectly now! I'm so happy.

Still curious how you see these ports in use with Mitmproxy. I couldn't figure it out myself.

EDIT: My map doesn't auto update still but the app in general works. Small issue but really glad the rest of the app works now.

[puddly]

I seem to have missed your original comment, sorry!

If you're using an Android phone, have disabled certificate validation with an Xposed module, and then forwarded all traffic via a SOCKS5 proxy app to mitmproxy running on another computer, you can start analyzing the traffic with mitmproxy --mode socks5 --showhost --rawtcp --ssl-insecure.