sascha/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2025-09-24 06:02:21 +01:00
Code Issues Releases Wiki Activity

preen

Browse Source
This commit is contained in:
J. Nick Koston
2025-09-21 15:36:27 -06:00
parent 0e9a1fc80d
commit 0d67d2de60
2 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
esphome/components/esphome/ota/__init__.py
View File

@@ -140,13 +140,14 @@ async def to_code(config):
var = cg.new_Pvariable(config[CONF_ID]) var = cg.new_Pvariable(config[CONF_ID])
cg.add(var.set_port(config[CONF_PORT])) cg.add(var.set_port(config[CONF_PORT]))
# Only include SHA256 support on platforms that have it
if supports_sha256():
cg.add_define("USE_OTA_SHA256")
if CONF_PASSWORD in config: if CONF_PASSWORD in config:
cg.add(var.set_auth_password(config[CONF_PASSWORD])) cg.add(var.set_auth_password(config[CONF_PASSWORD]))
cg.add_define("USE_OTA_PASSWORD") cg.add_define("USE_OTA_PASSWORD")
# Only include hash algorithms when password is configured
cg.add_define("USE_OTA_MD5")
# Only include SHA256 support on platforms that have it
if supports_sha256():
cg.add_define("USE_OTA_SHA256")
cg.add_define("USE_OTA_VERSION", config[CONF_VERSION]) cg.add_define("USE_OTA_VERSION", config[CONF_VERSION])
await cg.register_component(var, config) await cg.register_component(var, config)

6
esphome/components/esphome/ota/ota_esphome.cpp
View File

@@ -1,6 +1,8 @@
#include "ota_esphome.h" #include "ota_esphome.h"
#ifdef USE_OTA #ifdef USE_OTA
#ifdef USE_OTA_MD5
#include "esphome/components/md5/md5.h" #include "esphome/components/md5/md5.h"
#endif
#ifdef USE_OTA_SHA256 #ifdef USE_OTA_SHA256
#include "esphome/components/sha256/sha256.h" #include "esphome/components/sha256/sha256.h"
#endif #endif
@@ -269,10 +271,12 @@ void ESPHomeOTAComponent::handle_data_() {
auth_success = this->perform_hash_auth_(&sha_hasher, this->password_, 16, ota::OTA_RESPONSE_REQUEST_SHA256_AUTH, auth_success = this->perform_hash_auth_(&sha_hasher, this->password_, 16, ota::OTA_RESPONSE_REQUEST_SHA256_AUTH,
LOG_STR("SHA256"), sbuf); LOG_STR("SHA256"), sbuf);
} else { } else {
#ifdef USE_OTA_MD5
ESP_LOGW(TAG, "Using MD5 auth for compatibility (deprecated)"); ESP_LOGW(TAG, "Using MD5 auth for compatibility (deprecated)");
md5::MD5Digest md5_hasher; md5::MD5Digest md5_hasher;
auth_success = this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH, auth_success = this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH,
LOG_STR("MD5"), sbuf); LOG_STR("MD5"), sbuf);
#endif // USE_OTA_MD5
} }
#else #else
// Strict mode: SHA256 required on capable platforms (future default) // Strict mode: SHA256 required on capable platforms (future default)
@@ -288,9 +292,11 @@ void ESPHomeOTAComponent::handle_data_() {
#else #else
// Platform only supports MD5 - use it as the only available option // Platform only supports MD5 - use it as the only available option
// This is not a security downgrade as the platform cannot support SHA256 // This is not a security downgrade as the platform cannot support SHA256
#ifdef USE_OTA_MD5
md5::MD5Digest md5_hasher; md5::MD5Digest md5_hasher;
auth_success = auth_success =
this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH, LOG_STR("MD5"), sbuf); this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH, LOG_STR("MD5"), sbuf);
#endif // USE_OTA_MD5
#endif // USE_OTA_SHA256 #endif // USE_OTA_SHA256
if (!auth_success) { if (!auth_success) {