search

tve / esp32-secure-base

Base project for the esp32 focused on security using MQTTS
BSD 2-Clause "Simplified" License
7 stars 5 forks source link

Compile errors #2

Open justoke opened 4 years ago

justoke commented 4 years ago

Hi

This project looks interesting. I have been trying to run some of the examples but as yet can't compile them. Possibly breaking changes in the referenced libraries.

I'll try work through them but this is what I am encountering at the moment. Using Windows 10 and PlatformIO.

In file included from .pio/libdeps/esp32dev/ESPAsyncWiFiManager/ESPAsyncWiFiManager.h:24:0,
                 from .pio/libdeps/esp32dev/ESPSecureBase/src/ESPSecureBase.h:4,
                 from src\main.cpp:3:
.pio/libdeps/esp32dev/ESP Async WebServer/src/ESPAsyncWebServer.h:412:27: error: 'AcSSlFileHandler' has not been declared
     void onSslFileRequest(AcSSlFileHandler cb, void* arg);
                           ^
src\main.cpp: In function 'void reconfig()':
src\main.cpp:70:29: error: 'class ESBWifiConfig' has no member named 'reconfig'
     bool saved = wifiConfig.reconfig(CONF_CONN_TIMEOUT, CONF_PORTAL_TIMEOUT);
                             ^
*** [.pio\build\esp32dev\src\main.cpp.o] Error 1
justoke commented 4 years ago

Seems AcSSlFileHandler not supported on ESP32 as per this issue

in mqtt.cpp had to comment out setSecure and setPsk

// config server and security
    uint16_t port = (uint16_t)atoi(config->mqtt_port);
    mqttClient.setServer(config->mqtt_server, port);
    //mqttClient.setSecure(true);

    char psk[5]; strncpy(psk, config->mqtt_psk, 4); psk[4] = 0;
    printf("MQTT connecting to %s:%d (%s,%s...)\n",
            config->mqtt_server, port, config->mqtt_ident, psk);
    //mqttClient.setPsk(config->mqtt_ident, config->mqtt_psk);

reconfig

See this is commented out with reference to some issue with it

With so many library dependencies this might present some challenges to creating a simple and secure OTA base. Still it is worthwhile to try.

tve commented 4 years ago

I just pushed my latest version, which has a number of improvements. The errors you encountered are because I use TLS and the PSK ciphersuites with some libraries that don't officially support them yet. I have PRs pending but it's taking eons to get them in, e.g. AsyncTCP. The platformio.ini files have the dependencies I use. All this being said, it looks like I will be switching to micropython on the esp32 and leaving this repo behind. Sorry...

justoke commented 4 years ago

I just pushed my latest version, which has a number of improvements. The errors you encountered are because I use TLS and the PSK ciphersuites with some libraries that don't officially support them yet. I have PRs pending but it's taking eons to get them in, e.g. AsyncTCP. The platformio.ini files have the dependencies I use. All this being said, it looks like I will be switching to micropython on the esp32 and leaving this repo behind. Sorry...

Thank you for the update. And no problem if you are moving to micropython - I've been seeing more and more people talk about it. I did come across a simple approach which works for me over http/https in EOTAUpdate . I like your idea with using MQTT. The option I wanted was to be able to initiate the update via MQTT and not necessarily deliver it over MQTT.

tve commented 4 years ago

Cool. You may have noticed that my code sends the OTA URL and MD5 over MQTTS to the esp32 and then the esp32 fetches the data over HTTP and verifies the MD5. The one downside to watch out for is that this means the firmware is unencrypted over the air so it should not have any credentials in it, e.g., don't put your Wifi password or MQTT creds in...