Dreaded_X/iot_tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Verify that the url is https

Browse Source
This commit is contained in:
Dreaded_X 2023-09-16 01:49:51 +02:00
parent 01860e2e7a
commit ad2ecdfa52
Signed by: Dreaded_X
GPG Key ID: FA5F485356B0D2D4
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
updater/src/error.rs
View File

@ -1,17 +1,18 @@
use core::fmt::{Display, Write}; use core::fmt::{Display, Write};
use heapless::String;
use defmt::{Format, Formatter}; use defmt::{Format, Formatter};
use embassy_boot::FirmwareUpdaterError; use embassy_boot::FirmwareUpdaterError;
use embassy_net::{dns, tcp::ConnectError}; use embassy_net::{dns, tcp::ConnectError};
use embedded_io_async::ReadExactError; use embedded_io_async::ReadExactError;
use embedded_storage::nor_flash::NorFlashError; use embedded_storage::nor_flash::NorFlashError;
use embedded_tls::TlsError; use embedded_tls::TlsError;
use heapless::String;
use rust_mqtt::packet::v5::reason_codes::ReasonCode; use rust_mqtt::packet::v5::reason_codes::ReasonCode;
impl_tools::impl_scope! { impl_tools::impl_scope! {
#[derive(Debug)] #[derive(Debug)]
pub enum Error<FE: NorFlashError + defmt::Format> { pub enum Error<FE: NorFlashError + defmt::Format> {
InvalidScheme,
Mqtt(ReasonCode), Mqtt(ReasonCode),
Dns(dns::Error), Dns(dns::Error),
Connect(ConnectError), Connect(ConnectError),
@ -78,6 +79,7 @@ impl_tools::impl_scope! {
impl Format for Self { impl Format for Self {
fn format(&self, f: Formatter) { fn format(&self, f: Formatter) {
match self { match self {
Error::InvalidScheme => defmt::write!(f, "Invalid URL scheme"),
Error::Mqtt(error) => defmt::write!(f, "Mqtt: {}", error), Error::Mqtt(error) => defmt::write!(f, "Mqtt: {}", error),
Error::Dns(error) => defmt::write!(f, "Dns: {}", error), Error::Dns(error) => defmt::write!(f, "Dns: {}", error),
Error::Connect(error) => defmt::write!(f, "Connect: {}", error), Error::Connect(error) => defmt::write!(f, "Connect: {}", error),
@ -93,6 +95,7 @@ impl_tools::impl_scope! {
impl Display for Self { impl Display for Self {
fn fmt(&self, f: &mut core::fmt::Formatter) -> Result<(), core::fmt::Error> { fn fmt(&self, f: &mut core::fmt::Formatter) -> Result<(), core::fmt::Error> {
match self { match self {
Error::InvalidScheme => core::write!(f, "Invalid URL scheme"),
Error::Mqtt(error) => core::write!(f, "Mqtt: {}", error), Error::Mqtt(error) => core::write!(f, "Mqtt: {}", error),
Error::Dns(error) => core::write!(f, "Dns: {:?}", error), Error::Dns(error) => core::write!(f, "Dns: {:?}", error),
Error::Connect(error) => core::write!(f, "Connect: {:?}", error), Error::Connect(error) => core::write!(f, "Connect: {:?}", error),

12
updater/src/lib.rs
View File

@ -11,7 +11,7 @@ use embedded_io_async::{Read, Write};
use embedded_storage::nor_flash::NorFlash; use embedded_storage::nor_flash::NorFlash;
use embedded_tls::{Aes128GcmSha256, NoVerify, TlsConfig, TlsConnection, TlsContext}; use embedded_tls::{Aes128GcmSha256, NoVerify, TlsConfig, TlsConnection, TlsContext};
use heapless::Vec; use heapless::Vec;
use nourl::Url; use nourl::{Url, UrlScheme};
use rand_core::{CryptoRng, RngCore}; use rand_core::{CryptoRng, RngCore};
use reqwless::{ use reqwless::{
request::{Method, Request, RequestBuilder}, request::{Method, Request, RequestBuilder},
@ -150,6 +150,13 @@ where
.send_message(self.topic_status, &status, QualityOfService::QoS1, false) .send_message(self.topic_status, &status, QualityOfService::QoS1, false)
.await?; .await?;
debug!("Making sure url is HTTPS");
if url.scheme() != UrlScheme::HTTPS {
return Err(Error::InvalidScheme);
}
// TODO: Clear out retained update message, currently gives implementation specific error
let ip = stack.dns_query(url.host(), DnsQueryType::A).await?[0]; let ip = stack.dns_query(url.host(), DnsQueryType::A).await?[0];
let mut rx_buffer = [0; 1024]; let mut rx_buffer = [0; 1024];
@ -227,9 +234,6 @@ where
self.updater self.updater
.verify_and_mark_updated(self.public_key, &signature, size)?; .verify_and_mark_updated(self.public_key, &signature, size)?;
// Update mqtt message should be send using retain
// TODO: Clear the message
let status = Status::UpdateComplete.json(); let status = Status::UpdateComplete.json();
client client
.send_message(self.topic_status, &status, QualityOfService::QoS1, false) .send_message(self.topic_status, &status, QualityOfService::QoS1, false)