Sonoff dropping connection after receiving SSL certificate

[ratedz]

• Operating System: OSX, Linux
• Python Version: 3.5.3
• Sonoff model: 1 Channel relay firmware 1.7.0

I have two of these devices, one worked just fine and the other fails all the time. It gets to the point where it connects back to my local network after connecting to the ITEAD network. Then it never downloads the new firmware. It just sits and repeats ( see below) The unit that did work, I never used with ewlink and never upgraded the firmware. The unit that fails I did set up with ewlink first and upgraded the firmware to 1.7.0. When the failed unit is in the phase of starting the webserver on 8080 and 8443, you can browse to 8080 and it just gives a 404. I have tried everything and cant get this thing to work. Ideas ? I have tried both on OSX and linux.. The successful unit was done on linux.

Using the following configuration: Server IP Address: 192.168.0.185 WiFi SSID: TP-Link WiFi Password: **** Platform: linux Now connect via WiFi to your Sonoff device. Please change into the ITEAD WiFi network (ITEAD-100001XXXX). The default password is 12345678. To reset the Sonoff to defaults, press the button for 7 seconds and the light will start flashing rapidly. ** This application should be kept running and will wait until connected to the Sonoff... ...................................................Current IPs: [] ..Current IPs: ['10.10.7.2'] ~~ Connection attempt

HTTP GET /10.10.7.1/device << { "deviceid": "1000114fee", "accept": "post", "apikey": "0a2c5628-a925-4dce-81d9-033715d15f3b" } HTTP POST /10.10.7.1/ap { "ssid": "TP-Link_1920", "version": 4, "password": "****", "serverName": "192.168.0.185", "port": 8443 } << { "error": 0 } ~~ Provisioning completed Starting stage2... The IP address of (192.168.0.185) is not assigned to any interface on this machine. Please change WiFi network to TP-Link_1920 and make sure 192.168.0.185 is being assigned to your WiFi interface. ** This application should be kept running and will wait until connected to the WiFi... .........Current IPs: [] ..............................Current IPs: ['192.168.0.185'] ~~ Starting web server (HTTP port: 8080, HTTPS port 8443) ~~ Waiting for device to connect

IMPORTANT! AFTER the first download is COMPLETE, with in a minute or so you should connect to the new SSID "FinalStage" to finish the process. ONLY disconnect when the new "FinalStage" SSID is visible as an available WiFi network. This server should automatically be allocated the IP address: 192.168.4.2. If you have successfully connected to "FinalStage" and this is not the IP Address you were allocated, please ensure no other device has connected, and reboot your Sonoff. ......^@........................ IMPORTANT! AFTER the first download is COMPLETE, with in a minute or so you should connect to the new SSID "FinalStage" to finish the process. ONLY disconnect when the new "FinalStage" SSID is visible as an available WiFi network. This server should automatically be allocated the IP address: 192.168.4.2. If you have successfully connected to "FinalStage" and this is not the IP Address you were allocated, please ensure no other device........... and goes on and one like this forever

[robertklep]

Hopefully, the LAN mode might become a reasonable alternative to the original method of working with the factory-installed firmware. I haven't looked at how, or if, it's possible to do firmware upgrades in LAN mode, though.

[difelice]

If anyone's interested (@difelice?), I posted some Node.js code to control the Dual in this gist.

Only thing to change is the IP-address, the API key is just a random UUID that I generated. I blocked access to the coolkit.cc domain in my router to make the Dual drop into LAN mode.

Thanks a lot!

[h0ru5]

I forked your gist, tweaked a little and got it working with my own Sonoff Basic (came with firmware 2.6.0), made this brief video with explanation steps to help anyone else trying to achieve the same thing.

Great work, I can confirm it working with my stock Sonoff (which has never seen the internet and was stuck downloading SonOTA based on this issue) - it definitely helped me!

so a nice script/app could now be:

• bring a stock sonoff into the home wifi, prohibiting a firmware update by supplying oneself as "the cloud server" just as sonOTA does it.
• then manually prohibiting internet access (not sure if really needed as it might try to still connect to the supplied server)
• from then on control the sonoff via LANmode

[robertklep]

@h0ru5 I hadn't considered that route (using the original "cloud server bypass" first), but that's certainly worth checking out.

I'm especially interested to see if changing the cloud server (perhaps pointing to a non-routable IP-address) is enough to put the device in LAN mode.

Not near a Sonoff device at the moment so can't check myself, but will try after the weekend.

[h0ru5]

@robertklep I do have a Sonoff where I triedSonOTA but got stuck on failing cert validation (which therefore has the "cloud endpoint" redirected).

since it could not reach the backend, It is in LAN mode, and I control it with a little CLI tool I wrote here: https://github.com/h0ru5/sonoff-lanmode-switch

needs some more checking (if it keeps the redirected backend URI after reboot) etc., but looks promising.

[badtenant]

@h0ru5 I blocked internet access to that MAC address on my router and it stays in LAN mode. By the way...Your little GO program works great. Thanks

[HomeACcessoryKid]

To get back to the point of this thread: does this LAN mode allow to replace the firmware with one of choice without soldering? So far it doesn't look like anyone reported it or even hinted that it might be possible, right?

[razem-io]

@HomeACcessoryKid correct. Firmware replacement needs soldering. LAN mode is however similar, as it allows direct control via scripts and without talking to the cloud. Currently it seems to be the only solution to the problem without the need of soldering.

[HomeACcessoryKid]

My team makes HomeKit on sonoff and other vendors. HK is lanmode from day 1. See RavenSystem for Sonoff stuff

BR, HacK

On 11 Mar 2019, at 10:23, Julian Pieles notifications@github.com wrote:

@HomeACcessoryKid correct. Firmware replacement needs soldering. LAN mode is however similar, as it allows direct control via scripts and without talking to the cloud. Currently it seems to be the only solution to the problem without the need of soldering.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[eloo]

@h0ru5 i tried you script with the latest 3.0 firmware on my S26 and it seems that this is not working anymore :/ I can still control the the socket with the app but not with you go tool.

i've tried also the js script from @beveradb and this is also not working with 3.0 :/ can anybody confirm this?

also interesting is that my app says "0 devices connected over LAN mode" but i can still control it over lan only. (if i disable wifi it is not working anymore)

[pamansari]

it is not working with firmware 3.0. it it possible to downgrade to old firmware

[nstrelow]

So still no salvation for users starting 1.6.0? Damn it, I was lucky with my first Sonoff, but now I have two 1.6.0. I do not want to solder, but well... Where is my soldering iron? ...

[dbrand666]

I had a small batch of the model with the solder holes blocked. Didn't want to deal with that and of course they were on recent firmware so I did some searching and found this: https://www.thingiverse.com/thing:2980893. Got the whole batch flashed in no time.

[BeatLink]

Are there any updates on this? I really want to flash the firmware but i dont have any serial connectors or soldering irons :(

[mishop]

Hi, Thank you for your email. eWeLink offers API token for users to access data and control devices through their own platform or methods. Currently, the annual charge for an appID is 299USD/year. Let us know if you are interested.

eWelink response.

[BeatLink]

So we basically have to pay 300USD to get control of the device we bought and supposedly own? Now i guess we know why they went through so many steps to make it hard for users to hack this thing. Its for money. But hey, when hasn't it ever been for money?

[andyjenkinson]

When has the ability to run your own firmware without touching it ever been an advertised feature of the device? Such entitlement to think they owe you help to make it easier for you to hack their hardware, not least by compromising security.

Sounds like the eWeLink platform has a programme for developers to integrate their 3rd party applications with it, and frankly $300 per year is extremely cheap. It’s not like the infrastructure costs them nothing. All they are doing is offering an alternative route. If you don’t like it nobody is forcing you, and is far more than you’d get with most manufacturers.

It isn’t even hard to flash the device.

[BeatLink]

If you cannot have full access to your device, you do not own it, merely lease it. Sonoff forces you to install their application to use the device which is not only painfully slow, and frequently broken (look at the google play ratings), but a privacy nightmare. For starters, you cant even use the device unless you create an account with an email address. Not to mention, ewelink requires permissions for camera, location, microphone and storage. In addition, unless you're in lan mode (which almost never works), the sonoff device requires a constant connection to a server in china, a country notorious for its mass surveillance and blatant lack of privacy.

It is not entitlement to want the device i purchased with my money to be compatible with other software. It is entitlement on the part of to demand that i install a proprietary application that needs my email, password, camera, location, microphone and storage, all to use a lightbulb holder and it is entitlement that i demand $300 per year on going to use said lightbulb holder with my own application.

Furthermore, dont even mention security on a device that hasn't had a firmware update in almost a year. It would be far more secure to be able to install an open source firmware that have been seen, reviewed and contributed to by hundreds if not thousands of developers, rather than a thrown together app made by a sweatshop coder in china, all for a for profit company. When it comes to the crappy security of IoT devices its almost always the cheap devices with proprietary software out of china that always have security flaws.

Furthermore, i only mentioned a few of the permissions that the app requires, here's the full list straight from google play:

This app has access to: Device & app history

read sensitive log data
retrieve running apps

Photos/Media/Files

read the contents of your USB storage
modify or delete the contents of your USB storage
access USB storage filesystem

Camera

take pictures and videos

Wi-Fi connection information

view Wi-Fi connections

Location

access extra location provider commands
precise location (GPS and network-based)
approximate location (network-based)

Microphone

record audio

Storage

read the contents of your USB storage
modify or delete the contents of your USB storage

Other

close other apps
pair with Bluetooth devices
change network connectivity
view network connections
change your audio settings
full network access
change system display settings
Google Play license check
run at startup
allow Wi-Fi Multicast reception
access Bluetooth settings
control flashlight
draw over other apps
prevent device from sleeping
control vibration
connect and disconnect from Wi-Fi
modify system settings

[andyjenkinson]

And yet you bought it. If you want to flash your own firmware, do it, you absolutely do have the ability to do that, don’t wait for the manufacturer to make it even easier for you. Allowing over the air updates from an untrusted source absolutely would compromise security, and they have never claimed to provide this functionality. And if you think Tasmota is more secure, good luck to you.

[andyjenkinson]

Thanks for your contribution, we need more personal attacks on the internet, very enlightened of you. Come on, take a deep breath and think about what you’re so upset about and whether it is important. I understand you are not getting what you want but all I am doing is injecting a dose of realism. Quite the opposite of “out of touch”. The project worked whilst the security hole existed and it was very useful for us tinkerers, but now it doesn’t, and that’s it, time to move on. It’s not the end of the world, it is still possible to work around it, and theres not need to get angry at either them or each other about it.

[andyjenkinson]

Oh I just realised you are the same angry troll from back in 2018, sorry to everyone else for feeding you :/

[HomeACcessoryKid]

I’m with Andy

BR, HacK

On 22 Feb 2020, at 19:59, RK1975 notifications@github.com wrote:

Not interested in your knee-jerk responses. I don't do facebook I leave it to muppets like you. Don't need advisories on how to behave by muppets. Take your advice to someone who cares what you have to say which isn't me.

On 22/02/2020, Balu notifications@github.com wrote:

What a complete moron devoid of reason and so deeply up his own backside spewing sentiments completely at odds with the ongoing discussion. Nobody wants your self-righteous know-it-all-ism school of smug here boy.

Nobody wants your personal attacks or insults in here either. This is not facebook, but a place to discuss issues with open source software that requires some work to get it to operate.

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/mirko/SonOTA/issues/58#issuecomment-589987222 — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.