FIX: Trigger OTA from a TTN Downlink. #18
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Updated MQTT package to use proper TTN downlinks array format instead of single downlink_message
- Modified TTNMessage struct to support multiple downlinks with incrementing f_port numbers
- Added PublishChunks method to handle multiple chunks in a single MQTT message
- Updated tests to validate new chunked message structure
- Ensured chunk size respects 51-byte TTN limit
- Fixed CLI to use new chunked publishing method
The message format now correctly generates:
{
"downlinks": [
{"f_port": 1, "frm_payload": "...", "priority": "NORMAL"},
{"f_port": 2, "frm_payload": "...", "priority": "NORMAL"}
]
}
Instead of the incorrect single downlink_message format.
The previous base64_decode implementation had critical flaws: - Incorrect loop logic causing buffer overruns - Did not properly handle padding characters (=) - Would fail to decode standard base64 strings correctly This fix: - Properly handles base64 padding - Correctly bounds-checks array access - Follows standard base64 decoding algorithm - Should resolve Ed25519 signature verification failures Resolves the signature verification issue where chunked MQTT payloads were successfully received but signatures failed to verify due to incorrect base64 decoding of the signature.
The device was crashing with task watchdog timeout during firmware download because the WiFi task would take too long without resetting the watchdog timer. This fix: - Adds esp_task_wdt_reset() calls every 512 bytes during download - Includes progress reporting every 10KB - Should prevent watchdog timeouts during large firmware downloads The signature verification is now working correctly with the previous base64 decoder fix.
The HTTPClient was not following redirects from URL shorteners like TinyURL, causing it to try to download the redirect HTML page instead of the actual firmware binary. This fix: - Enables HTTPC_STRICT_FOLLOW_REDIRECTS - Sets redirect limit to 10 hops - Adds better logging of HTTP responses and redirects - Should resolve watchdog timeouts caused by downloading wrong content This addresses the issue where signature verification succeeds but firmware download fails due to redirect handling.
The device was crashing without showing any WiFi connection attempts, suggesting potential issues with WiFi setup or settings retrieval. This fix adds: - Detailed logging of WiFi credentials from settings - Proper WiFi state reset before attempting connection - Extended connection timeout (30 attempts vs 20) - WiFi status codes and connection details logging - Regular watchdog resets during WiFi connection attempts - Network information display upon successful connection - Better error reporting for troubleshooting This should help identify whether the issue is: 1. Missing WiFi credentials in settings 2. WiFi connection failure 3. Network connectivity problems 4. Or other issues causing the watchdog timeout
The watchdog crash was happening right after WiFi.mode(WIFI_STA) because LoRaWAN (LMIC) and WiFi were conflicting for radio resources. This fix: - Includes proper LMIC headers and references - Suspends LMIC operations before enabling WiFi - Sets OP_SHUTDOWN flag to temporarily disable LMIC - Clears any pending sendjob callbacks - Allows clean transition from LoRaWAN to WiFi mode This should resolve the immediate crash after 'Enabling WiFi in STA mode' and allow the WiFi connection to proceed normally.
- Replace stack-allocated 4KB buffer with heap-allocated 2KB buffer to prevent stack overflow - Increase watchdog reset frequency from 2s to 1s during OTA downloads - Add proper memory cleanup and error handling for heap-allocated buffer - Update documentation to reflect stack overflow prevention measures - Resolves Guru Meditation Error: Stack canary watchpoint triggered
- Add explicit HTTP timeout configuration (30s total, 15s connection) - Add internet connectivity test before OTA download using httpbin.org - Improve timeout handling for better network reliability - Add diagnostic output for troubleshooting network issues - Maintain graceful failure handling with proper error reporting
- Add JSON string and length debug output - Add extracted URL debug output - Help identify where URL truncation is occurring - Temporary debug code to resolve parsing discrepancy
- Increase OTA_MAX_CHUNKS from 20 to 30 - Increase OTA_CHUNK_SIZE from 70 to 100 bytes - Add debug output to track chunk reception and assembly - This should resolve JSON truncation issues during OTA updates
- Replace custom HTTP download implementation with ESP32's built-in HTTPUpdate library - Add automatic HTTPS support with certificate validation bypass for simplicity - Implement built-in MD5 verification via x-MD5 header - Add comprehensive progress monitoring with watchdog management - Improve error handling and cleanup - Enable strict HTTP redirect following - Remove large buffer allocation - HTTPUpdate handles streaming internally - Update documentation to reflect HTTPUpdate integration improvements This change significantly improves OTA reliability by leveraging the well-tested ESP32 HTTPUpdate library while maintaining our existing MD5-based integrity checking and Ed25519 signature verification for security.
- Add comprehensive memory diagnostics before OTA starts - Check for minimum 32KB heap memory before attempting OTA - Add try-catch error handling around HTTPUpdate.update() call - Force memory cleanup with delay before OTA start - Add detailed memory status logging for debugging - Improve error reporting for OTA partition erase failures This addresses potential flash erase crashes by ensuring sufficient memory is available and providing better error handling during the OTA process.
- Replace huge_app.csv with min_spiffs.csv partition table - Provides dual app partitions (app0/app1) required for OTA updates - Each app partition: 1.875MB (sufficient for ~1.33MB firmware) - Fixes esp_flash_erase_region crashes due to single app partition - Current firmware: 67.8% of available app partition space
- Increase flash size limit from 1.3MB to 1.8MB (90% of 1.875MB app partition) - Accounts for min_spiffs.csv partition table with dual OTA app partitions - Current firmware (~1.34MB) now passes size checks with headroom - Updated all three pipeline stages: branch, main, and release
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
CLI Tool to trigger upgrdade
Node Processing the OTA Upgrade: