MQTT WiFi Relay KRACK Fix

I think the thermostat firmware must be updated in order to patch the WPA2 vulnerability recently discovered: http://espressif.com/en/media_overview/news/espressif-releases-patches-wifi-vulnerabilities-cert-vu228519#.WeVJZsHgtN0.twitter

Thanks, we’re aware of this and working on an update for both WiFi relay, EmonESP, Heat Pump monitor and OpenEVSE ESP8266.

Glyn, do you happen to have instructions about how to build the esp8266 toolchain in order to have the latest fix?

Thanks!

Sorry, we’re waiting on @Martin_Harizanov to build the code for us. We’re working on updates for our other ESP8266 hardware that use the ESP8266 Arduino framework. The fix has now been released for this:

Hi,
It should be a fairly easy fix, just a re-compile under the latest NONOS SDK. There is a few things to consider while switching from 2.0 to 2.1 to make the code compile, but I expect no serious issues. I’ll post here update instructions and the compiled .bin
Cheers

2 Likes

Hello,

attaching a recompiled binary with latest SDK, upgrade process takes 30 seconds, see below:

OEM_KRACK_FIX.bin (396.5 KB)
fw_update

Cheers!

1 Like

Fantastic! Thanks @Martin_Harizanov :tada: :+1:

I’ve added the release to the github repo:

Note: current config will not be lost during the update :slight_smile:

It’s also possible to update via serial programmer:

esptool.py --port /dev/ttyUSB0 --baud 460800 write_flash --flash_freq 80m --flash_mode qio --flash_size 16m-c1 0x1000 oem.v2088.bin


WiFi relay units sold via the shop will be updated to latest version:

Onwards and upwards! :tada:

@Martin_Harizanov - What about the 3 channel relay which was stocked in the shop before the current version.
I assume that’s not so easy to patch, as there doesn’t appear to be a OTA update option.
Firmware version: 0.8.81 / Apr 22 2015 00:22:25.

Paul

1 Like

@Paul - That would take some fiddling, keep an eye here: KRACK Vulnerability · Issue #15 · mharizanov/ESP8266_Relay_Board · GitHub

1 Like