samples: siwx917_ota: http/s OTAF application #111
Conversation
Devika-Raju-Z
force-pushed
the
https_otaf
branch
from
466273e to
6a581ad
Compare
Devika-Raju-Z
force-pushed
the
https_otaf
branch
24 times, most recently
from
569c7b4 to
dd7f3de
Compare
jhedberg
changed the title
|
Please rebase this on the latest |
Devika-Raju-Z
force-pushed
the
https_otaf
branch
from
32f6693 to
053214b
Compare
samples/siwx91x_ota/src/main.c
Outdated
| char *full_url = CONFIG_OTA_UPDATE_URL; | ||
| size_t data_len; | ||
|
|
||
| memset(&parser, 0, sizeof(parser)); |
There was a problem hiding this comment.
Redundant with http_parser_url_init().
samples/siwx91x_ota/src/main.c
Outdated
| int ret = http_parser_parse_url(full_url, strlen(full_url), 0, &parser); | ||
| if (ret) { | ||
| printf("Failed to parse URL: %s\n", full_url); | ||
| return -EINVAL; |
There was a problem hiding this comment.
Considering:
- this is a fatal error you can't recover
- this is sample (pedagogic) code
You can use __ASSERT(). Same comment in case host, path or schema is not specified.
BTW, you need to retrieve the schema to know if TLS is enabled or not.
You also need to set a default value for the port if it is not specified.
samples/siwx91x_ota/src/main.c
Outdated
| return -errno; | ||
| } | ||
|
|
||
| if (IS_ENABLED(CONFIG_OTA_HTTPS_SUPPORT)) { |
There was a problem hiding this comment.
CONFIG_OTA_HTTPS_SUPPORT is not required, you can look at the schema of the URL. You may __ASSERT(IS_ENABLED(CONFIG_NET_SOCKETS_SOCKOPT_TLS), "Application was built without support for TLS");.
samples/siwx91x_ota/src/main.c
Outdated
| addr_ptr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr; | ||
| } | ||
| zsock_inet_ntop(res->ai_family, addr_ptr, addr_str, sizeof(addr_str)); | ||
| printf("Connected to %s:%s\n", addr_str, http_parse_data_st.port); |
There was a problem hiding this comment.
Just print http_parse_data_st.host. So you won't have to do the conversion above.
samples/siwx91x_ota/src/main.c
Outdated
| void *addr_ptr; | ||
| struct zsock_addrinfo hints = { | ||
| .ai_family = (CONFIG_OTA_IP_PROTOCOL_SELECTION == 0) ? AF_INET : AF_INET6, | ||
| .ai_socktype = SOCK_STREAM}; |
There was a problem hiding this comment.
Hints is not really required. Zephyr will already automatically selects the right IP version.
There was a problem hiding this comment.
In one of your earlier comments, you mentioned that we can have dual stack configuration. I would like to clarify whether such an approach would be viable in this particular scenario.
There was a problem hiding this comment.
A very relevant question. TL;DR: the selection IPv4/IPv6 is out of the scope of the sample.
Theoretically, Zephyr should choose IPv4/IPv6 depending of the IP addresses configured on the system [1]. In practice, Zephyr relies on compile time configuration and favorise IPv4. I don't think we should try to workaround this behavior.
In order to get a proper out of the box behavior, I suggest to also prioritize IPv4:
// Prioritize IPv4
if (IS_ENABLED(CONFIG_NET_IPV4)) {
ret = k_event_wait_safe(&ctx->event, OTA_EVENT_GET_IPV4, false, K_SECONDS(60));
} else {
ret = k_event_wait_safe(&ctx->event, OTA_EVENT_GET_IPV6, false, K_SECONDS(60));
}
If user configure IPV4 + IPV6 and try to connect to an IPv6 only network, the application won't work. I believe we can live with this limitation. The proper way to fix it would be to fix getaddrinfo().
[1]: See AI_ADDRCONFIG in https://man7.org/linux/man-pages/man3/getaddrinfo.3.html
samples/siwx91x_ota/src/main.c
Outdated
| printf("Failed to set TLS_HOSTNAME option (%d)\n", -errno); | ||
| zsock_close(*sock_ptr); | ||
| zsock_freeaddrinfo(res); | ||
| return -errno; |
There was a problem hiding this comment.
I suggest to manage the errors of this function using a label and goto.
BTW, "Connection failed is definitely something we want to report. But, the others (Failed to create TLS socket, Failed to set TLS secure option, etc...) should really not happen. Since it is a pedagogic code, I am not sure it make sense to clutter the code with such debug traces.
samples/siwx91x_ota/src/main.c
Outdated
| { | ||
| int ret = 0; | ||
| char range_header[64]; | ||
| const char *headers[2] = {range_header, NULL}; |
There was a problem hiding this comment.
Add space after { and before }.
Devika-Raju-Z
force-pushed
the
https_otaf
branch
8 times, most recently
from
6025ad2 to
8cc35e9
Compare
samples/siwx91x_ota/src/main.c
Outdated
| /* Message for HTTP data */ | ||
| typedef struct { | ||
| uint32_t length; | ||
| uint8_t buffer[RECV_BUFFER_SIZE]; |
There was a problem hiding this comment.
RECV_BUFFER_SIZE is an arbitrary value and used only once. Drop the symbols and replace it the value.
| if (app_ctx_st->http_response_error) { | ||
| printf("Error occurred during HTTP download, skipping processing\n"); | ||
| return -EPROTO; | ||
| } |
There was a problem hiding this comment.
Should probably handled by the caller.
Devika-Raju-Z
force-pushed
the
https_otaf
branch
from
8cc35e9 to
00eb379
Compare
Devika-Raju-Z
force-pushed
the
https_otaf
branch
6 times, most recently
from
9c620ad to
7fe97ff
Compare
Devika-Raju-Z
force-pushed
the
https_otaf
branch
5 times, most recently
from
c3b2473 to
4bf41dc
Compare
samples/siwx91x_ota/Kconfig
Outdated
|
|
||
| config OTA_UPDATE_URL | ||
| string "OTA update URL" | ||
| default "http://example.com:8080/firmware.rps" |
There was a problem hiding this comment.
Documentation talks about HTTPS, but the default value doesn't use it.
samples/siwx91x_ota/README.rst
Outdated
|
|
||
| Application demonstrates how to perform HTTP/HTTPS OTA firmware updates on the | ||
| SiWx917 platform using Zephyr RTOS. It connects to a Wi-Fi network, establishes | ||
| a secure HTTPS connection using a CA certificate, and downloads firmware |
There was a problem hiding this comment.
a secure HTTPS connection using a CA certificate
In simple words: an HTTPS connection.
Devika-Raju-Z
force-pushed
the
https_otaf
branch
from
4bf41dc to
1b8ada9
Compare
This application demonstrates the support for OTA firmware upgrade. Signed-off-by: Devika Raju <Devika.Raju@silabs.com>
Devika-Raju-Z
force-pushed
the
https_otaf
branch
from
1b8ada9 to
a13421c
Compare
4 participants
Updating the SiWx917 device's firmware including NWP, M4, and the combined M4 + TA images using an HTTP or HTTPS server. It supports both secure and non-secure firmware updates for all three types: NWP, M4, and the combined image.