├── misc └── swampup-platformio.png ├── .gitignore ├── .vscode └── extensions.json ├── lib ├── BintrayClient │ ├── library.json │ └── src │ │ ├── BintrayClient.h │ │ ├── BintrayClient.cpp │ │ └── BintrayCertificates.h └── readme.txt ├── README.md ├── src ├── SecureOTA.h ├── main.cpp └── SecureOTA.cpp ├── .travis.yml ├── test └── test_bintray_client.cpp ├── platformio.ini ├── publish_firmware.py └── LICENSE /misc/swampup-platformio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/platformio/bintray-secure-ota/HEAD/misc/swampup-platformio.png -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .pioenvs 2 | .piolibdeps 3 | .vscode/.browse.c_cpp.db* 4 | .vscode/c_cpp_properties.json 5 | .vscode/launch.json 6 | .pioenvs 7 | .piolibdeps 8 | -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | // See http://go.microsoft.com/fwlink/?LinkId=827846 3 | // for the documentation about the extensions.json format 4 | "recommendations": [ 5 | "platformio.platformio-ide" 6 | ] 7 | } -------------------------------------------------------------------------------- /lib/BintrayClient/library.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "BintrayClient", 3 | "keywords": "bintray, ota, cdn, storage", 4 | "description": "A BintrayClient to connect to a JFrog Bintray.", 5 | "authors": [ 6 | { 7 | "name": "PlatformIO", 8 | "url": "https://platformio.org/" 9 | } 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/platformio/platformio-examples" 14 | }, 15 | "export": { 16 | "include": "bintray-secure-ota/lib/BintrayClient" 17 | }, 18 | "dependencies": { 19 | "ArduinoJson": "^6" 20 | }, 21 | "version": "1.0.0", 22 | "frameworks": "arduino", 23 | "platforms": "espressif32" 24 | } 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Over-The-Air firmware upgrades for Internet of Things devices with JFrog Bintray 2 | [![Build Status](https://travis-ci.org/platformio/bintray-secure-ota.svg?branch=master)](https://travis-ci.org/platformio/bintray-secure-ota) 3 | 4 | * [Example of Bintray OTA Repository](https://bintray.com/ivankravets/platformio-ota/bintray-secure-ota) 5 | * [swampUp 2018: Presentation](https://www.slideshare.net/ivankravets/swampup-overtheair-ota-firmware-upgrades-for-internet-of-things-devices-with-platformio-and-jfrog-bintray) 6 | 7 | [![swampUp 2018](misc/swampup-platformio.png)](https://www.slideshare.net/ivankravets/swampup-overtheair-ota-firmware-upgrades-for-internet-of-things-devices-with-platformio-and-jfrog-bintray) 8 | -------------------------------------------------------------------------------- /src/SecureOTA.h: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2014-present PlatformIO 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | **/ 16 | 17 | #ifndef SECURE_OTA_H 18 | #define SECURE_OTA_H 19 | 20 | #include 21 | 22 | void checkFirmwareUpdates(); 23 | void processOTAUpdate(const String &version); 24 | 25 | #endif // SECURE_OTA_H -------------------------------------------------------------------------------- /lib/readme.txt: -------------------------------------------------------------------------------- 1 | 2 | This directory is intended for the project specific (private) libraries. 3 | PlatformIO will compile them to static libraries and link to executable file. 4 | 5 | The source code of each library should be placed in separate directory, like 6 | "lib/private_lib/[here are source files]". 7 | 8 | For example, see how can be organized `Foo` and `Bar` libraries: 9 | 10 | |--lib 11 | | | 12 | | |--Bar 13 | | | |--docs 14 | | | |--examples 15 | | | |--src 16 | | | |- Bar.c 17 | | | |- Bar.h 18 | | | |- library.json (optional, custom build options, etc) http://docs.platformio.org/page/librarymanager/config.html 19 | | | 20 | | |--Foo 21 | | | |- Foo.c 22 | | | |- Foo.h 23 | | | 24 | | |- readme.txt --> THIS FILE 25 | | 26 | |- platformio.ini 27 | |--src 28 | |- main.c 29 | 30 | Then in `src/main.c` you should use: 31 | 32 | #include 33 | #include 34 | 35 | // rest H/C/CPP code 36 | 37 | PlatformIO will find your libraries automatically, configure preprocessor's 38 | include paths and build them. 39 | 40 | More information about PlatformIO Library Dependency Finder 41 | - http://docs.platformio.org/page/librarymanager/ldf.html 42 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | # Continuous Integration (CI) is the practice, in software 2 | # engineering, of merging all developer working copies with a shared mainline 3 | # several times a day < http://docs.platformio.org/page/ci/index.html > 4 | # 5 | # Documentation: 6 | # 7 | # * Travis CI Embedded Builds with PlatformIO 8 | # < https://docs.travis-ci.com/user/integration/platformio/ > 9 | # 10 | # * PlatformIO integration with Travis CI 11 | # < http://docs.platformio.org/page/ci/travis.html > 12 | # 13 | # * User Guide for `platformio ci` command 14 | # < http://docs.platformio.org/page/userguide/cmd_ci.html > 15 | # 16 | 17 | language: python 18 | python: 19 | - "2.7" 20 | 21 | sudo: false 22 | cache: 23 | directories: 24 | - "~/.platformio" 25 | 26 | install: 27 | - pip install -U platformio 28 | - platformio update 29 | 30 | script: 31 | - echo "Check compiler errors" 32 | - platformio run 33 | 34 | - echo "List remote devices" 35 | - platformio remote device list 36 | 37 | - echo "Run embedded test on a remote device" 38 | - platformio remote test -r 39 | 40 | deploy: 41 | provider: script 42 | script: platformio run -e release -t upload 43 | # on: 44 | # branch: master 45 | -------------------------------------------------------------------------------- /src/main.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2014-present PlatformIO 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | **/ 16 | 17 | #include 18 | #include 19 | #include "SecureOTA.h" 20 | 21 | const uint16_t OTA_CHECK_INTERVAL = 3000; // ms 22 | uint32_t _lastOTACheck = 0; 23 | 24 | void setup() 25 | { 26 | Serial.begin(115200); 27 | delay(10); 28 | 29 | Serial.print("Device version: v."); 30 | Serial.println(VERSION); 31 | Serial.print("Connecting to " + String(WIFI_SSID)); 32 | 33 | WiFi.begin(WIFI_SSID, WIFI_PASS); 34 | while (WiFi.status() != WL_CONNECTED) 35 | { 36 | Serial.print("."); 37 | delay(500); 38 | } 39 | 40 | Serial.println(" connected!"); 41 | _lastOTACheck = millis(); 42 | 43 | // your setup code goes here 44 | } 45 | 46 | void loop() 47 | { 48 | if ((millis() - OTA_CHECK_INTERVAL) > _lastOTACheck) { 49 | _lastOTACheck = millis(); 50 | checkFirmwareUpdates(); 51 | } 52 | 53 | // your loop code goes here 54 | } 55 | -------------------------------------------------------------------------------- /lib/BintrayClient/src/BintrayClient.h: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2014-present PlatformIO 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | **/ 16 | 17 | #ifndef BINTRAY_CLIENT_H 18 | #define BINTRAY_CLIENT_H 19 | 20 | #include 21 | #include 22 | #include 23 | 24 | class BintrayClient { 25 | 26 | public: 27 | BintrayClient(const String& user, const String& repository, const String& package); 28 | String getUser() const; 29 | String getRepository() const; 30 | String getPackage() const; 31 | String getStorageHost() const; 32 | String getApiHost() const; 33 | const char* getCertificate(const String& url) const; 34 | String getLatestVersion() const; 35 | String getBinaryPath(const String& version) const; 36 | 37 | private: 38 | String requestHTTPContent(const String& url) const; 39 | String getLatestVersionRequestUrl() const; 40 | String getBinaryRequestUrl(const String& version) const; 41 | String m_user; 42 | String m_repo; 43 | String m_package; 44 | const String m_storage_host; 45 | const String m_api_host; 46 | std::vector> m_certificates; 47 | }; 48 | 49 | #endif // BINTRAY_CLIENT_H 50 | -------------------------------------------------------------------------------- /test/test_bintray_client.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | #include 5 | #include 6 | 7 | const BintrayClient bintray(BINTRAY_USER, BINTRAY_REPO, BINTRAY_PACKAGE); 8 | 9 | // void setUp(void) { 10 | 11 | // } 12 | 13 | // void tearDown(void) { 14 | // // clean stuff up here 15 | // } 16 | 17 | void test_wifi_connection(void) { 18 | const int RESPONSE_TIMEOUT_MS = 5000; 19 | unsigned long timeout = millis(); 20 | 21 | WiFi.begin(WIFI_SSID, WIFI_PASS); 22 | while (WiFi.status() != WL_CONNECTED) { 23 | if (millis() - timeout > RESPONSE_TIMEOUT_MS) { 24 | TEST_FAIL_MESSAGE("WiFi connection timeout. Please check your settings!"); 25 | } 26 | 27 | delay(500); 28 | } 29 | 30 | TEST_ASSERT_TRUE(WiFi.isConnected()); 31 | } 32 | 33 | void test_bintray_client_credentials(void) { 34 | TEST_ASSERT_EQUAL_STRING(BINTRAY_USER, bintray.getUser().c_str()); 35 | TEST_ASSERT_EQUAL_STRING(BINTRAY_REPO, bintray.getRepository().c_str()); 36 | TEST_ASSERT_EQUAL_STRING(BINTRAY_PACKAGE, bintray.getPackage().c_str()); 37 | } 38 | 39 | void test_bintray_latest_version_is_not_empty(void) { 40 | const String version = bintray.getLatestVersion(); 41 | TEST_ASSERT_TRUE(version.length() > 0); 42 | TEST_ASSERT_TRUE(atoi(version.c_str()) != 0); 43 | } 44 | 45 | void test_bintray_binary_path_is_valid(void) { 46 | const String binaryPath = bintray.getBinaryPath(bintray.getLatestVersion()); 47 | TEST_ASSERT_TRUE(binaryPath.length() > 0); 48 | TEST_ASSERT_TRUE(binaryPath.endsWith(".bin")); 49 | TEST_ASSERT_TRUE(binaryPath.indexOf(BINTRAY_USER) > 0); 50 | } 51 | 52 | 53 | void setup() { 54 | delay(2000); 55 | UNITY_BEGIN(); 56 | RUN_TEST(test_bintray_client_credentials); 57 | RUN_TEST(test_wifi_connection); 58 | RUN_TEST(test_bintray_latest_version_is_not_empty); 59 | RUN_TEST(test_bintray_binary_path_is_valid); 60 | UNITY_END(); 61 | } 62 | 63 | void loop() {} 64 | -------------------------------------------------------------------------------- /platformio.ini: -------------------------------------------------------------------------------- 1 | ; PlatformIO Project Configuration File 2 | ; 3 | ; Build options: build flags, source filter, extra scripting 4 | ; Upload options: custom port, speed and extra flags 5 | ; Library options: dependencies, extra library storages 6 | ; 7 | ; Please visit documentation for the other options and examples 8 | ; http://docs.platformio.org/page/projectconf.html 9 | 10 | [platformio] 11 | env_default = debug 12 | 13 | ; 14 | ; Configuration 15 | ; PLEASE REPLACE ALL (bintray/wifi) *** WITH REAL VALUES 16 | ; or use environemnt variables 17 | ; http://docs.platformio.org/page/projectconf/dynamic_variables.html 18 | ; 19 | 20 | ; Please navigate to https://bintray.com/, create an account, 21 | ; repository, and add a package where PlatformIO will deploy firmwares 22 | ; api_token = Bintray.com > Edit Profile > API Key 23 | ; Example for rhttps://bintray.com/ivankravets/platformio-ota/bintray-secure-ota 24 | [bintray] 25 | user = ivankravets 26 | repository = platformio-ota 27 | package = bintray-secure-ota 28 | ; api_token = *** 29 | api_token = ${sysenv.BINTRAY_API_TOKEN} 30 | 31 | ; Wi-Fi network settings 32 | [wifi] 33 | ; ssid = *** 34 | ; password = *** 35 | ssid = ${sysenv.PIO_WIFI_SSID} 36 | password = ${sysenv.PIO_WIFI_PASSWORD} 37 | 38 | [common] 39 | platform = https://github.com/platformio/platform-espressif32.git 40 | 41 | ; firmware version, please modify it between releases 42 | ; positive integer value 43 | release_version = 1 44 | 45 | ; build configuration based on Bintray and Wi-Fi settings 46 | build_flags = 47 | '-DWIFI_SSID="${wifi.ssid}"' 48 | '-DWIFI_PASS="${wifi.password}"' 49 | '-DBINTRAY_USER="${bintray.user}"' 50 | '-DBINTRAY_REPO="${bintray.repository}"' 51 | '-DBINTRAY_PACKAGE="${bintray.package}"' 52 | 53 | ; extra dependencies 54 | lib_deps = bblanchon/ArduinoJson @ ^6 55 | 56 | ; 57 | ; Build environments 58 | ; 59 | 60 | [env:debug] 61 | platform = ${common.platform} 62 | framework = arduino 63 | board = esp32dev 64 | build_flags = 65 | ${common.build_flags} 66 | -DVERSION=0 67 | lib_deps = ${common.lib_deps} 68 | monitor_speed = 115200 69 | upload_speed = 921600 70 | ; upload_protocol = olimex-arm-usb-tiny-h 71 | ; debug_tool = olimex-arm-usb-tiny-h 72 | 73 | [env:release] 74 | platform = ${common.platform} 75 | framework = arduino 76 | board = esp32dev 77 | build_flags = 78 | ${common.build_flags} 79 | -DVERSION=${common.release_version} 80 | lib_deps = ${common.lib_deps} 81 | upload_protocol = custom 82 | extra_scripts = pre:publish_firmware.py 83 | -------------------------------------------------------------------------------- /publish_firmware.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) 2014-present PlatformIO 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import requests 16 | import sys 17 | from os.path import basename 18 | 19 | Import('env') 20 | 21 | # from platformio import util 22 | # project_config = util.load_project_config() 23 | # bintray_config = {k: v for k, v in project_config.items("bintray")} 24 | # version = project_config.get("common", "release_version") 25 | 26 | try: 27 | import configparser 28 | except ImportError: 29 | import ConfigParser as configparser 30 | project_config = configparser.ConfigParser() 31 | project_config.read("platformio.ini") 32 | version = project_config.get("common", "release_version") 33 | bintray_config = {k: v for k, v in project_config.items("bintray")} 34 | 35 | # 36 | # Push new firmware to the Bintray storage using API 37 | # 38 | 39 | 40 | def publish_firmware(source, target, env): 41 | firmware_path = str(source[0]) 42 | firmware_name = basename(firmware_path) 43 | 44 | print("Uploading {0} to Bintray. Version: {1}".format( 45 | firmware_name, version)) 46 | 47 | url = "/".join([ 48 | "https://api.bintray.com", "content", 49 | bintray_config.get("user"), 50 | bintray_config.get("repository"), 51 | bintray_config.get("package"), version, firmware_name 52 | ]) 53 | 54 | headers = { 55 | "Content-type": "application/octet-stream", 56 | "X-Bintray-Publish": "1", 57 | "X-Bintray-Override": "1" 58 | } 59 | 60 | r = None 61 | try: 62 | r = requests.put(url, 63 | data=open(firmware_path, "rb"), 64 | headers=headers, 65 | auth=(bintray_config.get("user"), 66 | bintray_config['api_token'])) 67 | r.raise_for_status() 68 | except requests.exceptions.RequestException as e: 69 | sys.stderr.write("Failed to submit package: %s\n" % 70 | ("%s\n%s" % (r.status_code, r.text) if r else str(e))) 71 | env.Exit(1) 72 | 73 | print("The firmware has been successfuly published at Bintray.com!") 74 | 75 | 76 | # Custom upload command and program name 77 | env.Replace(PROGNAME="firmware_v_%s" % version, UPLOADCMD=publish_firmware) 78 | -------------------------------------------------------------------------------- /lib/BintrayClient/src/BintrayClient.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2014-present PlatformIO 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | **/ 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | #include "BintrayClient.h" 22 | #include "BintrayCertificates.h" 23 | 24 | BintrayClient::BintrayClient(const String &user, const String &repository, const String &package) 25 | : m_user(user), m_repo(repository), m_package(package), 26 | m_storage_host("dl.bintray.com"), 27 | m_api_host("api.bintray.com") 28 | { 29 | m_certificates.emplace_back("cloudfront.net", CLOUDFRONT_API_ROOT_CA); 30 | m_certificates.emplace_back("akamai.bintray.com", BINTRAY_AKAMAI_ROOT_CA); 31 | m_certificates.emplace_back("bintray.com", BINTRAY_API_ROOT_CA); 32 | } 33 | 34 | String BintrayClient::getUser() const 35 | { 36 | return m_user; 37 | } 38 | 39 | String BintrayClient::getRepository() const 40 | { 41 | return m_repo; 42 | } 43 | 44 | String BintrayClient::getPackage() const 45 | { 46 | return m_package; 47 | } 48 | 49 | String BintrayClient::getStorageHost() const 50 | { 51 | return m_storage_host; 52 | } 53 | 54 | String BintrayClient::getApiHost() const 55 | { 56 | return m_api_host; 57 | } 58 | 59 | String BintrayClient::getLatestVersionRequestUrl() const 60 | { 61 | return String("https://") + getApiHost() + "/packages/" + getUser() + "/" + getRepository() + "/" + getPackage() + "/versions/_latest"; 62 | } 63 | 64 | String BintrayClient::getBinaryRequestUrl(const String &version) const 65 | { 66 | return String("https://") + getApiHost() + "/packages/" + getUser() + "/" + getRepository() + "/" + getPackage() + "/versions/" + version + "/files"; 67 | } 68 | 69 | const char *BintrayClient::getCertificate(const String &url) const 70 | { 71 | for(auto& cert: m_certificates) { 72 | if(url.indexOf(cert.first) >= 0) { 73 | return cert.second; 74 | } 75 | } 76 | 77 | // Return the certificate for *.bintray.com by default 78 | return m_certificates.rbegin()->second; 79 | } 80 | 81 | String BintrayClient::requestHTTPContent(const String &url) const 82 | { 83 | String payload; 84 | HTTPClient http; 85 | http.begin(url, getCertificate(url)); 86 | int httpCode = http.GET(); 87 | 88 | if (httpCode > 0) 89 | { 90 | if (httpCode == HTTP_CODE_OK) 91 | { 92 | payload = http.getString(); 93 | } 94 | } 95 | else 96 | { 97 | Serial.printf("GET request failed, error: %s\n", http.errorToString(httpCode).c_str()); 98 | } 99 | 100 | http.end(); 101 | return payload; 102 | } 103 | 104 | String BintrayClient::getLatestVersion() const 105 | { 106 | String version; 107 | const String url = getLatestVersionRequestUrl(); 108 | String jsonResult = requestHTTPContent(url); 109 | const size_t bufferSize = 1024; 110 | if (jsonResult.length() > bufferSize) 111 | { 112 | Serial.println("Error: Could parse JSON. Input data is too big!"); 113 | return version; 114 | } 115 | StaticJsonDocument doc; 116 | 117 | DeserializationError err = deserializeJson(doc, jsonResult.c_str()); 118 | // Check for errors in parsing 119 | if (err) 120 | { 121 | Serial.println("Error: Could not parse JSON!"); 122 | return version; 123 | } 124 | return doc["name"].as(); 125 | } 126 | 127 | String BintrayClient::getBinaryPath(const String &version) const 128 | { 129 | String path; 130 | const String url = getBinaryRequestUrl(version); 131 | String jsonResult = requestHTTPContent(url); 132 | 133 | const size_t bufferSize = 1024; 134 | if (jsonResult.length() > bufferSize) 135 | { 136 | Serial.println("Error: Could parse JSON. Input data is too big!"); 137 | return path; 138 | } 139 | StaticJsonDocument doc; 140 | 141 | DeserializationError err = deserializeJson(doc, jsonResult.c_str()); 142 | JsonObject firstItem = doc[0]; 143 | if (err) 144 | { //Check for errors in parsing 145 | Serial.println("Error: Could not parse JSON!"); 146 | return path; 147 | } 148 | return "/" + getUser() + "/" + getRepository() + "/" + firstItem["path"].as(); 149 | } 150 | -------------------------------------------------------------------------------- /src/SecureOTA.cpp: -------------------------------------------------------------------------------- 1 | 2 | /* 3 | Copyright (c) 2014-present PlatformIO 4 | 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | **/ 17 | 18 | #include 19 | #include 20 | #include 21 | #include "SecureOTA.h" 22 | 23 | const BintrayClient bintray(BINTRAY_USER, BINTRAY_REPO, BINTRAY_PACKAGE); 24 | 25 | // Connection port (HTTPS) 26 | const int port = 443; 27 | 28 | // Connection timeout 29 | const uint32_t RESPONSE_TIMEOUT_MS = 5000; 30 | 31 | // Variables to validate firmware content 32 | volatile int contentLength = 0; 33 | volatile bool isValidContentType = false; 34 | 35 | void checkFirmwareUpdates() 36 | { 37 | // Fetch the latest firmware version 38 | const String latest = bintray.getLatestVersion(); 39 | if (latest.length() == 0) 40 | { 41 | Serial.println("Could not load info about the latest firmware, so nothing to update. Continue ..."); 42 | return; 43 | } 44 | else if (atoi(latest.c_str()) <= VERSION) 45 | { 46 | //Serial.println("The current firmware is up to date. Continue ..."); 47 | return; 48 | } 49 | 50 | Serial.println("There is a new version of firmware available: v." + latest); 51 | processOTAUpdate(latest); 52 | } 53 | 54 | // A helper function to extract header value from header 55 | inline String getHeaderValue(String header, String headerName) 56 | { 57 | return header.substring(strlen(headerName.c_str())); 58 | } 59 | 60 | /** 61 | * OTA update processing 62 | */ 63 | void processOTAUpdate(const String &version) 64 | { 65 | String firmwarePath = bintray.getBinaryPath(version); 66 | if (!firmwarePath.endsWith(".bin")) 67 | { 68 | Serial.println("Unsupported binary format. OTA update cannot be performed!"); 69 | return; 70 | } 71 | 72 | String currentHost = bintray.getStorageHost(); 73 | String prevHost = currentHost; 74 | 75 | WiFiClientSecure client; 76 | client.setCACert(bintray.getCertificate(currentHost)); 77 | 78 | if (!client.connect(currentHost.c_str(), port)) 79 | { 80 | Serial.println("Cannot connect to " + currentHost); 81 | return; 82 | } 83 | 84 | bool redirect = true; 85 | while (redirect) 86 | { 87 | if (currentHost != prevHost) 88 | { 89 | client.stop(); 90 | client.setCACert(bintray.getCertificate(currentHost)); 91 | if (!client.connect(currentHost.c_str(), port)) 92 | { 93 | Serial.println("Redirect detected! Cannot connect to " + currentHost + " for some reason!"); 94 | return; 95 | } 96 | } 97 | 98 | //Serial.println("Requesting: " + firmwarePath); 99 | 100 | client.print(String("GET ") + firmwarePath + " HTTP/1.1\r\n"); 101 | client.print(String("Host: ") + currentHost + "\r\n"); 102 | client.print("Cache-Control: no-cache\r\n"); 103 | client.print("Connection: close\r\n\r\n"); 104 | 105 | unsigned long timeout = millis(); 106 | while (client.available() == 0) 107 | { 108 | if (millis() - timeout > RESPONSE_TIMEOUT_MS) 109 | { 110 | Serial.println("Client Timeout !"); 111 | client.stop(); 112 | return; 113 | } 114 | } 115 | 116 | while (client.available()) 117 | { 118 | String line = client.readStringUntil('\n'); 119 | // Check if the line is end of headers by removing space symbol 120 | line.trim(); 121 | // if the the line is empty, this is the end of the headers 122 | if (!line.length()) 123 | { 124 | break; // proceed to OTA update 125 | } 126 | 127 | // Check allowed HTTP responses 128 | if (line.startsWith("HTTP/1.1")) 129 | { 130 | if (line.indexOf("200") > 0) 131 | { 132 | //Serial.println("Got 200 status code from server. Proceeding to firmware flashing"); 133 | redirect = false; 134 | } 135 | else if (line.indexOf("302") > 0) 136 | { 137 | //Serial.println("Got 302 status code from server. Redirecting to the new address"); 138 | redirect = true; 139 | } 140 | else 141 | { 142 | //Serial.println("Could not get a valid firmware url"); 143 | //Unexptected HTTP response. Retry or skip update? 144 | redirect = false; 145 | } 146 | } 147 | 148 | // Extracting new redirect location 149 | if (line.startsWith("Location: ")) 150 | { 151 | String newUrl = getHeaderValue(line, "Location: "); 152 | //Serial.println("Got new url: " + newUrl); 153 | newUrl.remove(0, newUrl.indexOf("//") + 2); 154 | currentHost = newUrl.substring(0, newUrl.indexOf('/')); 155 | newUrl.remove(newUrl.indexOf(currentHost), currentHost.length()); 156 | firmwarePath = newUrl; 157 | //Serial.println("firmwarePath: " + firmwarePath); 158 | continue; 159 | } 160 | 161 | // Checking headers 162 | if (line.startsWith("Content-Length: ")) 163 | { 164 | contentLength = atoi((getHeaderValue(line, "Content-Length: ")).c_str()); 165 | Serial.println("Got " + String(contentLength) + " bytes from server"); 166 | } 167 | 168 | if (line.startsWith("Content-Type: ")) 169 | { 170 | String contentType = getHeaderValue(line, "Content-Type: "); 171 | //Serial.println("Got " + contentType + " payload."); 172 | if (contentType == "application/octet-stream") 173 | { 174 | isValidContentType = true; 175 | } 176 | } 177 | } 178 | } 179 | 180 | // check whether we have everything for OTA update 181 | if (contentLength && isValidContentType) 182 | { 183 | if (Update.begin(contentLength)) 184 | { 185 | Serial.println("Starting Over-The-Air update. This may take some time to complete ..."); 186 | size_t written = Update.writeStream(client); 187 | 188 | if (written == contentLength) 189 | { 190 | Serial.println("Written : " + String(written) + " successfully"); 191 | } 192 | else 193 | { 194 | Serial.println("Written only : " + String(written) + "/" + String(contentLength) + ". Retry?"); 195 | // Retry?? 196 | } 197 | 198 | if (Update.end()) 199 | { 200 | if (Update.isFinished()) 201 | { 202 | Serial.println("OTA update has successfully completed. Rebooting ..."); 203 | ESP.restart(); 204 | } 205 | else 206 | { 207 | Serial.println("Something went wrong! OTA update hasn't been finished properly."); 208 | } 209 | } 210 | else 211 | { 212 | Serial.println("An error Occurred. Error #: " + String(Update.getError())); 213 | } 214 | } 215 | else 216 | { 217 | Serial.println("There isn't enough space to start OTA update"); 218 | client.flush(); 219 | } 220 | } 221 | else 222 | { 223 | Serial.println("There was no valid content in the response from the OTA server!"); 224 | client.flush(); 225 | } 226 | } 227 | -------------------------------------------------------------------------------- /lib/BintrayClient/src/BintrayCertificates.h: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2014-present PlatformIO 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | **/ 16 | 17 | #ifndef BINTRAY_CERTIFICATES_H 18 | #define BINTRAY_CERTIFICATES_H 19 | 20 | /* 21 | const char* BINTRAY_API_ROOT_CA = \ 22 | "-----BEGIN CERTIFICATE-----\n" \ 23 | "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n" \ 24 | "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" \ 25 | "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n" \ 26 | "QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n" \ 27 | "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n" \ 28 | "b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n" \ 29 | "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n" \ 30 | "CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n" \ 31 | "nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n" \ 32 | "43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n" \ 33 | "T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n" \ 34 | "gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n" \ 35 | "BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n" \ 36 | "TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n" \ 37 | "DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n" \ 38 | "hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n" \ 39 | "06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n" \ 40 | "PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n" \ 41 | "YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n" \ 42 | "CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n" \ 43 | "-----END CERTIFICATE-----\n"; 44 | */ 45 | 46 | const char* BINTRAY_API_ROOT_CA = \ 47 | "-----BEGIN CERTIFICATE-----\n" 48 | "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n" 49 | "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" 50 | "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n" 51 | "QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n" 52 | "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n" 53 | "b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n" 54 | "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n" 55 | "CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n" 56 | "nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n" 57 | "43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n" 58 | "T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n" 59 | "gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n" 60 | "BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n" 61 | "TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n" 62 | "DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n" 63 | "hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n" 64 | "06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n" 65 | "PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n" 66 | "YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n" 67 | "CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n" 68 | "-----END CERTIFICATE-----\n"; 69 | 70 | const char* BINTRAY_AKAMAI_ROOT_CA = \ 71 | "-----BEGIN CERTIFICATE-----\n"\ 72 | "MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\n" \ 73 | "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" \ 74 | "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n" \ 75 | "QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\n" \ 76 | "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\n" \ 77 | "U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" \ 78 | "ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\n" \ 79 | "nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\n" \ 80 | "KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n" \ 81 | "/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\n" \ 82 | "kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n" \ 83 | "/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\n" \ 84 | "AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\n" \ 85 | "aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\n" \ 86 | "Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\n" \ 87 | "oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\n" \ 88 | "QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\n" \ 89 | "d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\n" \ 90 | "xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\n" \ 91 | "CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n" \ 92 | "5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n" \ 93 | "8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n" \ 94 | "2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\n" \ 95 | "c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\n" \ 96 | "j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n" \ 97 | "-----END CERTIFICATE-----\n"; 98 | 99 | const char* CLOUDFRONT_API_ROOT_CA = \ 100 | "-----BEGIN CERTIFICATE-----\n"\ 101 | "MIIE3zCCA8egAwIBAgIQYxgNOPuAl3ip0DWjFhj4QDANBgkqhkiG9w0BAQsFADCB\n"\ 102 | "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"\ 103 | "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"\ 104 | "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"\ 105 | "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"\ 106 | "aG9yaXR5IC0gRzUwHhcNMTcxMTA2MDAwMDAwWhcNMjIxMTA1MjM1OTU5WjBhMQsw\n"\ 107 | "CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu\n"\ 108 | "ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjCC\n"\ 109 | "ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs3zTTce2vJsmiQrUp1/0a6\n"\ 110 | "IQoIjfUZVMn7iNvzrvI6iZE8euarBhprz6wt6F4JJES6Ypp+1qOofuBUdSAFrFC3\n"\ 111 | "nGMabDDc2h8Zsdce3v3X4MuUgzeu7B9DTt17LNK9LqUv5Km4rTrUmaS2JembawBg\n"\ 112 | "kmD/TyFJGPdnkKthBpyP8rrptOmSMmu181foXRvNjB2rlQSVSfM1LZbjSW3dd+P7\n"\ 113 | "SUu0rFUHqY+Vs7Qju0xtRfD2qbKVMLT9TFWMJ0pXFHyCnc1zktMWSgYMjFDRjx4J\n"\ 114 | "vheh5iHK/YPlELyDpQrEZyj2cxQUPUZ2w4cUiSE0Ta8PRQymSaG6u5zFsTODKYUC\n"\ 115 | "AwEAAaOCAScwggEjMB0GA1UdDgQWBBROIlQgGJXm427mD/r6uRLtBhePOTAPBgNV\n"\ 116 | "HRMBAf8EBTADAQH/MF8GA1UdIARYMFYwVAYEVR0gADBMMCMGCCsGAQUFBwIBFhdo\n"\ 117 | "dHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Qu\n"\ 118 | "c3ltY2IuY29tL3JwYTAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcy5zeW1jYi5j\n"\ 119 | "b20vcGNhMy1nNS5jcmwwDgYDVR0PAQH/BAQDAgGGMC4GCCsGAQUFBwEBBCIwIDAe\n"\ 120 | "BggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMB8GA1UdIwQYMBaAFH/TZafC\n"\ 121 | "3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQBQ3dNWKSUBip6n5X1N\n"\ 122 | "ua8bjKLSJzXlnescavPECMpFBlIIKH2mc6mL2Xr/wkSIBDrsqAO3sBcmoJN+n8V3\n"\ 123 | "0O5JelrtEAFYSyRDXfu78ZlHn6kvV5/jPUFECEM/hdN0x8WdLpGjJMqfs0EG5qHj\n"\ 124 | "+UaxpucWD445wea4zlK7hUR+MA8fq0Yd1HEKj4c8TcgaQIHMa4KHr448cQ69e3CP\n"\ 125 | "ECRhRNg+RAKT2I7SlaVzLvaB/8yym2oMCEsoqiRT8dbXg35aKEYmmzn3O/mnB7bG\n"\ 126 | "Ud/EUrkIf7FVamgYZd1fSzQeg1cHqf0ja6eHpvq2bTl+cWFHaq/84KlHe5Rh0Csm\n"\ 127 | "pZzn\n"\ 128 | "-----END CERTIFICATE-----\n"; 129 | 130 | #endif // BINTRAY_CERTIFICATES_H 131 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------