Verify that the url is https

updater/src/lib.rs

@@ -11,7 +11,7 @@ use embedded_io_async::{Read, Write};
 use embedded_storage::nor_flash::NorFlash;
 use embedded_tls::{Aes128GcmSha256, NoVerify, TlsConfig, TlsConnection, TlsContext};
 use heapless::Vec;
-use nourl::Url;
+use nourl::{Url, UrlScheme};
 use rand_core::{CryptoRng, RngCore};
 use reqwless::{
     request::{Method, Request, RequestBuilder},
@@ -150,6 +150,13 @@ where
             .send_message(self.topic_status, &status, QualityOfService::QoS1, false)
             .await?;
 
+        debug!("Making sure url is HTTPS");
+        if url.scheme() != UrlScheme::HTTPS {
+            return Err(Error::InvalidScheme);
+        }
+
+        // TODO: Clear out retained update message, currently gives implementation specific error
+
         let ip = stack.dns_query(url.host(), DnsQueryType::A).await?[0];
 
         let mut rx_buffer = [0; 1024];
@@ -227,9 +234,6 @@ where
         self.updater
             .verify_and_mark_updated(self.public_key, &signature, size)?;
 
-        // Update mqtt message should be send using retain
-        // TODO: Clear the message
-
         let status = Status::UpdateComplete.json();
         client
             .send_message(self.topic_status, &status, QualityOfService::QoS1, false)