Because the old API was inactive, we were setting
MBEDTLS_SSL_VERIFY_NONE even after we'd parsed the certificate.
tls tests now include a deliberate certificate mismatch; this was
discovered by moving the mqtt tests over to the new API.
Removes yet another unchecked allocation point in our C libraries.
While here, fix potential reference leaks on error paths
Also while here, remove some stale documentation. There can be as many
DNS requests in flight as LwIP has room for in its table
(DNS_TABLE_SIZE, which defaults to 4).
* espconn: remove unused espconn code, take 1
This is the easiest part of https://github.com/nodemcu/nodemcu-firmware/issues/3004 .
It removes a bunch of functions that were never called in our tree.
* espconn: De-orbit espconn_gethostbyname
Further work on https://github.com/nodemcu/nodemcu-firmware/issues/3004
While here, remove `mqtt`'s charming DNS-retry logic (which is neither
shared with nor duplicated in other modules) and update its :connect()
return value behavior and documentation.
* espconn: remove scary global pktinfo
A write-only global! How about that.
* net: remove deprecated methods
All the TLS stuff moved over there a long time ago, and
net_createUDPSocket should just do what it says on the tin.
* espconn_secure: remove ESPCONN_SERVER support
We can barely function as a TLS client; being a TLS server seems like a
real stretch. This code was never called from Lua anyway.
* espconn_secure: more code removal
* espconn_secure: simplify ssl options structure
There is nothing "ssl_packet" about this structure. Get rid of the
terrifying "pbuffer" pointer.
Squash two structure types together and eliminate an unused field.
* espconn_secure: refactor mbedtls_msg_info_load
Split out espconn_mbedtls_parse, which we can use as part of our effort
towards addressing https://github.com/nodemcu/nodemcu-firmware/issues/3032
* espconn_secure: introduce TLS cert/key callbacks
The new feature part of https://github.com/nodemcu/nodemcu-firmware/issues/3032
Subsequent work will remove the old mechanism.
* tls: add deprecation warnings
* luacheck: net.ifinfo is a thing now
* tls: remove use of espconn->reverse
* mqtt: stop using espconn->reverse
Instead, just place the espconn structure itself at the top of the user
data. This enlarges the structure somewhat but removes one more layer
of dynamic heap usage and NULL checks.
While here, simplify the code a bit.
* mqtt: remove redundant pointer to connect_info
Everywhere we have the mqtt_state_t we also have the lmqtt_userdata.
* mqtt: doc fixes
* mqtt: note bug
* tls: allow :on(...,nil) to unregister a callback
* mqtt: expose "connfail" callback via :on()
This makes it just like all the other callbacks in the module and is a
revision of behavior called out in
https://github.com/nodemcu/nodemcu-firmware/pull/2967
* mqtt: clarify when puback callback fires
* mqtt: Don't reference stack buffers from the heap
The confusingly-named "mqtt_connection_t" object is just a triple of
- a serialized mqtt message pointer and length
- a buffer pointer (to which the above can be written)
- a message identifier
The last of these must be passed around the mqtt state machine, but the
first two are very local and the buffer is always sourced from the C
stack. Unfortunately, because the entire structure is persisted in the
heap, some callers assume that they can always use the structure without
reinitialization (see mqtt_socket_close), which will trash the C stack.
Sever the pairing between message id and local state, punt the local
state entirely out of the heap, and rename things to be less confusing.
* Remove stale putative MD2 support
This hasn't worked in a while, presumably since one of our upstream
merges. Don't bother making it work, since MD2 is generally considered
insecure.
* Land mbedtls 2.16.3-77-gf02988e57
* TLS: remove some dead code from espconn_mbedtls
There was some... frankly kind of scary buffer and data shuffling if
ESP8266_PLATFORM was defined. Since we don't, in fact, define that
preprocessor symbol, just drop the code lest anyone (possibly future-me)
be scared.
* TLS: espconn_mbedtls: run through astyle
No functional changes
* TLS: espconn_mbedtls: put the file_params on the stack
There's no need to malloc a structure that's used only locally.
* TLS: Further minor tidying of mbedtls glue
What an absolute shitshow this is. mbedtls should absolutely not
be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not
so much glue as it as a complete copy of a random subset of lwIP; it
should go, but we aren't there yet.
Get rid of the mysterious "mbedlts_record" struct, which housed merely a
length of bytes sent solely for gating the "record sent" callback.
Remove spurious __attribute__((weak)) from symbols not otherwise
defined and rename them to emphasize that they are not actually part of
mbedtls proper.
* TLS: Rampage esp mbedtls glue and delete unused code
This at least makes the shitshow smaller
* TLS: lwip: fix some memp definitions
I presume these also need the new arguments
* TLS: Remove more non-NodeMCU code from our mbedtls
* TLS: drop support for 1.1
Depending on who you ask it's either EOL already or EOL soon, so
we may as well get rid of it now.
* Remove app/include/netif/wlan_lwip_if.h
This file appears to be unused in our tree.
* New `net.if.info` call to show LwIP information
This is a generalization of `wifi.sta`'s and `wifi.ap`'s `getip` and
`getmac` calls. I don't propose to deprecate those, but perhaps we
should, in the documentation, point users at this function instead.
The direct motivation is to permit continued use of DHCP-provided NTP
servers in a future where
https://github.com/nodemcu/nodemcu-firmware/pull/2819 has landed, now
that https://github.com/nodemcu/nodemcu-firmware/pull/2709 is in the
tree. But rather than exposing just that information, a more general
interface seems useful.
The internal implementation already preferentially forwards to the
encoder module, so we should just remove these functions as they confuse
people into thinking that we don't have their inverses (see the feature
request https://github.com/nodemcu/nodemcu-firmware/issues/2907).
Update the docs to refer to the encoder version and add deprecation
warnings to the runtime implementations.
* list_ref can become LUA_REFNIL, because that's what rawgeti returns
for LUA_NOREF. Defensively guard for this, rather than falling into
the sntp_dolookups loop with nil on the stack.
* set_repeat_mode should not call itself, but should rather always do
what it's going to do and then optionally do the rest if directed.
* sntp_sync should not try to special case the single string argument:
we should be queueing that name for DNS resolution, too. Towards that
end, if we are given a single string, build a table and make that the
list_ref and call off to sntp_dolookups, just like we otherwise do.
FIXES: #2699
The PR removed the bulk of non-newlib headers from the NodeMCU source base.
app/libc has now been cut down to the bare minimum overrides to shadow the
corresponding functions in the SDK's libc. The old c_xyz.h headerfiles have been
nuked in favour of the standard <xyz.h> headers, with a few exceptions over in
sdk-overrides. Again, shipping a libc.a without headers is a terrible thing to do. We're
still living on a prayer that libc was configured the same was as a default-configured
xtensa gcc toolchain assumes it is. That part I cannot do anything about, unfortunately,
but it's no worse than it has been before.
This enables our source files to compile successfully using the standard header files,
and use the typical malloc()/calloc()/realloc()/free(), the strwhatever()s and
memwhatever()s. These end up, through macro and linker magic, mapped to the
appropriate SDK or ROM functions.
* mqtt:connect() secure parameter should be boolean
Continue to honor the old 0/1 values, but make them undocumented and add
a deprecation warning to the code and docs. Eventually, this should go
away.
* mqtt: rip out deprecated autoreconnect
* mqtt: expose all the callbacks via :on
* Use cross-browser JS for query params in EUS
* Update EUS doc to explain how to use parameters
* Remove ; in Lua code
* Rewrite the endpoint table
* Do not use properties as global Lua variables
* remove enduser_setup.html.gz
* rename folder 'eus' to 'enduser_setup'
* Change input type for password to "password"
* Replace outdated captive portal screen shot
* Upgrade u8g2 and add updateDisplayArea bindings
* u8g2 2.25.10
* add displays for 2.24.3 and 2.25.10
* remove workaround for hal pointer and make use of u8x8's user_ptr
* fix doc
* add binding for `updateDisplay()`
* Lua string optimisation in file.c + get/put contents methods
* Doc fix: move putcontents() into correct alphabetic order slot in list of static methods
* Rebaseline firmware to non-OS SDK version 3.0
* Note that SDK version 3.0 introduces the concept of a Flash Partition Table(PT). This is located at Flash offset 0x10000 in our firmware build.
* The firmware is now PT aware with both LFS and SPIFFS taking their partition size and location from the PT
* A new tool `tools/nodemcu-partition.py` is now used to initialise these data and can also download LFS and SPIFFS images to these partitions.
* I2C driver speed-up, i2c.SLOW, i2c.FAST and user-defined speed selection
* - Multiple buses (up to 10) with different speeds on each bus
- Standard(Slow, 100kHz), Fast(400kHz) and FastPlus(1MHz) modes or an
arbitrary clock speed
- Sharing SDA line over multiple I²C buses to save available pins
- GPIO16 pin can be used as SCL pin, but it does not support clock
stretching and selected bus will be limited to FAST speed.
* Dynamic memory allocation, error checks, simplification, timing tweaks.
* Separated the code of old driver for better compatibility and simplicity
* Change of driver interface
* Add bus status check in setup(); simplify getDC(); remove unnesessary lines in ACK read/write
* Fix for moved doc file and trailing whitespaces
* DHT11 read sometimes failed with checksum error.
The code assumed DHT11 devices only ever return zero in the temperature and humidity decimal fraction bytes. The datasheet doesn't guarantee this is the case, and by observation I have noticed that indeed the DHT11 may sometimes return another number, usually close to zero. This means that the code would fail with a checksum error, as the fraction bytes were not included when the checksum was calculated. These bytes are now taken into account and also returned as part of the measurement.
This also means that the related dht.read() function is non-functional. If you have a DHT11 device that returns a non-zero decimal part, dht.read() will interpret it as a DHT22 result and return the wrong measurement. For this reason dht.read() should be retired. This patch does not address this issue.
A block of memory is accessed after having been freed. This was obscured by the fact that 'oBuf' is a pointer into the middle of the block 'dynamicTables', so when dynamicTables is freed, oBuf is pointing to freed memory. Occasionally, luac.cross would crash because of this.
Files changed only by the author of FatFS (only updated to new version):
- 00history.txt
- 00readme.txt
- ff.c
- ff.h
- ffunicode.c
- diskio.h
- integer.h
- files in `option` folder except `syscall.c`
Changes:
- removed option folder (now everything is in ffunicode.c)
- modified Makefile to support new version of FatFS
- removed syscall.c and modified ffsystem.c from FatFS author instead
- modified files: diskio.c, ffconf.h to mimic changes from new version
- modified files: fatfs_config.h, myfatfs.c
because of changes of configuration keywords in 0.13 version
- removed empty lines from beginning of files:
fatfs_prefix_lib.h, myfatfs.c, sdcard.c
- changed version number in documentation
* Update TLS protocol support
TLS1.0 is past PCI's EOL; BEAST is no more
Enable elliptic curve key exchanges
Do not enable the smallest ECs for security
Do not enable the largest ECs for computational time
Do not enable 25519 (sad) because it doesn't go across the wire
Drop non-PFS key exchanges
Drop ARC4, Blowfish, DES, genprime, XTEA code
Drop renegotiation support completely
It takes so much heap that it's not likely to work out well
Tidy handling of SSL_BUFFER_SIZE
Update docs
Drop mention of startcom, since they are no more, for letsencrypt
* Update mbedtls to 2.7.7
Preserve our vsnprintf and platform hacks
* Introduce TLS maximum fragment size knob
Reduce buffer size to 4Ki by default and advertize that. That's the
largest we can advertize with the TLS MFL extension, so there's no
point in making them larger. The truly adventurous can re-raise
SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get
back to the earlier behavior.
* Default to mbedTLS debug with DEVELOP_VERSION
* Add spi.set_clock_div
This will allow the SPI clock divider to be changed relatively simply,
to better support multiple devices with varying SPI clock rate support
* Add documentation