Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WebUI firmware upload - improve error handling and add MD5 check #637

Closed
proddy opened this issue Sep 24, 2022 · 10 comments
Closed

WebUI firmware upload - improve error handling and add MD5 check #637

proddy opened this issue Sep 24, 2022 · 10 comments
Labels
enhancement New feature or request
Milestone

Comments

@proddy
Copy link
Contributor

proddy commented Sep 24, 2022

From #629 (comment)_

  • Report the OTA upload errors to the EMS-ESP log
  • Create an MD5 check to validate if the firmware upload was successful
@proddy proddy added the enhancement New feature or request label Sep 24, 2022
@proddy
Copy link
Contributor Author

proddy commented Sep 24, 2022

For the MD5 check I was talking to Rick last year about this. See rjwats/esp8266-react#260 (comment). The steps would be:

  1. generate a sha512 signature for the artefact and sent as an optional header on the file upload, and verified if supplied.
  2. in the upload loop call md_update() for each segment of the payload, and at the end verifying before calling the final Update.end(true)

something you'd like to look at Michael?

@MichaelDvP
Copy link
Contributor

When playing around with different chipsets i dont want to break it by flashing the wrong software, so i checked the espressif file format for chip ID and take a look to the arduino OTA if there are any checks.
To keep it simple i don't like to change the bin file and keep the option to downgrade to any older software. The Arduino OTA have a MD5 check integrated, why not use this. MD5 is not a safe hash, but for file validation it is good enough.
My approach so far:

  • in rename_fw.py generate a <filename>.md5, plain text with 32 bytes MD5. With the extra md5-file people can also validate the downloaded bin before trying to upload.
  • add hint in upload page:
    grafik
  • after upload the md5-file it shows:
    grafik
  • if uploading a json next, the md5 is ignore and cleared, if uploading a different md5-file the md5 is updated, if upload a bin, the OTA checks the md5.
  • if no md5 is uploaded, the md5 is not checked. So people can use it like before.
  • bin header is checked for espressif-magic and chip-ID, also filename should have C3 or S2 or none of them.
  • snackbar error shows (507) Insufficient Storage if partion is to small, (503) Service Unavailable for wrong chip and (500) internal server error for MD5 or transfer issues.

@proddy @bbqkees Other suggestions?

@MichaelDvP
Copy link
Contributor

I've made a md5-branch to test, also firmwares and md5-files for all boards. Please check.

@proddy
Copy link
Contributor Author

proddy commented Oct 15, 2022

I'll check today

@MichaelDvP
Copy link
Contributor

I'll change the way of md5 sending to web, in first appoach i added a hppt_get, but it's better to use direct respond of the post.

@proddy
Copy link
Contributor Author

proddy commented Oct 15, 2022

ok. it would good to validate the md5 on the server side too (at least the # chars). Another thing I noticed is the dropzone drag&drop box shows read when dragging in an md5 file, so the .md5 needs to be added to the list of accepted extensions.

Can I help anywhere?

@MichaelDvP
Copy link
Contributor

Yes it's already done, md5-file is accepted, post to ems-esp, checked for 32 char (only length), stored as 32 char, send back to web and shown on web. On bin-upload the stored md5 is checked.
I've updated the md5 branch and merged the latest dev. Now building the bin/md5 files.

@proddy
Copy link
Contributor Author

proddy commented Oct 16, 2022

do we also need to change the WebUI 'version check' to pick up the right platform and board?

@MichaelDvP
Copy link
Contributor

Yes, simple way to direct to the html_url, so the right bin and md5 can be downloaded, or enhance to right chip version and add an extra link to the md5?

@proddy
Copy link
Contributor Author

proddy commented Oct 22, 2022

yes!

@proddy proddy added this to the v3.5.0 milestone Oct 22, 2022
MichaelDvP added a commit to MichaelDvP/EMS-ESP32 that referenced this issue Oct 31, 2022
MichaelDvP added a commit to MichaelDvP/EMS-ESP32 that referenced this issue Oct 31, 2022
@proddy proddy closed this as completed Nov 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants