feat: Serial console AUTH + NVS provisioning tool

- Add serial_task: UART console for AUTH management with physical access AUTH shows full secret, AUTH <secret> sets, AUTH OFF clears - Add esp-provision tool: provision auth secret via serial or NVS flash Supports auto-generate, custom secrets, --serial and --generate-only - Fix esp-ota uptime cache: avoid firmware rate limiter on consecutive udp_cmd calls by caching uptime_s for 3s
2026-02-14 20:48:40 +01:00
parent a4bd2a6315
commit a81e7e3990
3 changed files with 217 additions and 2 deletions
--- a/tools/esp-ota
+++ b/tools/esp-ota
@@ -32,8 +32,20 @@ def resolve(host: str) -> str:
        sys.exit(1)


+_uptime_cache = {"ip": None, "value": 0, "time": 0}
+
+
 def get_uptime(ip: str, timeout: float = TIMEOUT) -> int:
-    """Query device uptime_s for HMAC timestamp (unauthenticated)."""
+    """Query device uptime_s for HMAC timestamp (unauthenticated).
+
+    Caches result for 3s to avoid hitting the firmware rate limiter
+    when multiple udp_cmd calls happen in quick succession.
+    """
+    now = time.monotonic()
+    if _uptime_cache["ip"] == ip and (now - _uptime_cache["time"]) < 3:
+        elapsed = int(now - _uptime_cache["time"])
+        return _uptime_cache["value"] + elapsed
+
    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    sock.settimeout(timeout)
    try:
@@ -41,7 +53,9 @@ def get_uptime(ip: str, timeout: float = TIMEOUT) -> int:
        data, _ = sock.recvfrom(1500)
        for part in data.decode().split():
            if part.startswith("uptime_s="):
-                return int(part.split("=", 1)[1])
+                val = int(part.split("=", 1)[1])
+                _uptime_cache.update(ip=ip, value=val, time=now)
+                return val
    except (socket.timeout, OSError, ValueError):
        pass
    finally: