* Update TLS protocol support
TLS1.0 is past PCI's EOL; BEAST is no more
Enable elliptic curve key exchanges
Do not enable the smallest ECs for security
Do not enable the largest ECs for computational time
Do not enable 25519 (sad) because it doesn't go across the wire
Drop non-PFS key exchanges
Drop ARC4, Blowfish, DES, genprime, XTEA code
Drop renegotiation support completely
It takes so much heap that it's not likely to work out well
Tidy handling of SSL_BUFFER_SIZE
Update docs
Drop mention of startcom, since they are no more, for letsencrypt
* Update mbedtls to 2.7.7
Preserve our vsnprintf and platform hacks
* Introduce TLS maximum fragment size knob
Reduce buffer size to 4Ki by default and advertize that. That's the
largest we can advertize with the TLS MFL extension, so there's no
point in making them larger. The truly adventurous can re-raise
SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get
back to the earlier behavior.
* Default to mbedTLS debug with DEVELOP_VERSION
Initial commit for
https://github.com/nodemcu/nodemcu-firmware/issues/2225 .
Replay patches from Espressif's repository at
https://github.com/espressif/ESP8266_NONOS_SDK between tags v2.1.0 and
v2.2.0:
0001-sync-from-ccca00f2.patch
Superseded by existing changes, but lines reordered in app/driver/key.c
to minimize divergences.
0002-sync-from-3f38ad5a.patch
Upstream files only
0003-Update-links.patch
Not meaningful to NodeMCU
0004-sync-from-01990ad0.patch
0005-sync-from-cdf6877d.patch
Upstream files only
0006-sync-from-f29e744c.patch
Upstream files only, user_interface.h override non-conflicting
0009-feat-lwip-Move-lwip-source-code-to-third_party-folde.patch
Merged change to lwip/app/espconn_udp.c; rest is just moves or
appears to not apply.
0010-feat-mbedtls-Add-mbedtls-source-code-in-third_party-.patch
Does not apply; we use our own mbedtls
0011-added-C-support.patch
Merged to Makefile
0012-feat-mbedtls-Rebuild-libmbedtls.patch
Already applied
0013-fix-at-Fix-some-bugs-of-AT.patch
Upstream files only
0014-feat-err_t-Redefine-err_t-to-s32_t.patch
Merged to app/include/arch/cc.h and ./app/include/lwip/app/espconn.h;
the rest is upstream files.
0015-fix-wpa-Fix-wpa-wpa2-ptk-gtk-reinstallation-vulnerab.patch
0016-fix-wifi-Remove-group-key-entry-before-connecting-to.patch
0017-feat-lib-Remove-time-function-in-libmain.patch
Upstream files only
0018-feat-espconn-Modification-for-espconn.patch
Merged to app/include/lwip/app/espconn.h,
app/include/lwip/app/espconn_tcp.h, app/lwip/app/espconn.c,
app/lwip/app/espconn_tcp.c
0019-feat-at-Use-new-espconn_recv-to-fix-tcp-server-issue.patch
0020-feat-examples-Update-mqtt-demo-and-auto-bin-generate.patch
Upstream files only
0021-wifi-Add-scan-threshold-and-dwell-time.patch
0022-feat-wifi-Add-country-code-API.patch
0023-feat-wifi-Record-more-information-of-scanned-ap.patch
Upstream files only, user_interface.h override non-conflicting
0024-fix-example-Fix-IoT_Demo-user-sector-error.patch
Upstream files only
0025-fix-lwip-Fix-sequence-number-error-of-RST-ACK.patch
Merged app/lwip/core/tcp_in.c
0026-fix-mbedtls-Fix-memory-leak.patch
Merged app/mbedtls/app/lwIPSocket.c
0027-fix-mbedtls-Fix-call-send-callback-function-failed.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0028-feat-Add-USE_OPTIMIZE_PRINTF-in-third_party-Makefile.patch
Merged app/Makefile
0029-fix-api-Fix-ets_delay_us-declaration.patch
Upstream files only, osapi.h override non-conflicting
0030-fix-wifi-Remove-max_tx_power-in-wifi_country_t-in-li.patch
0031-fix-wifi-Fix-softAP-wrong-behavior-after-call-system.patch
0032-fix-wifi-bugfix-of-scan-fail-after-connected-if-max-.patch
0033-feat-at-Enable-scan-time-scan-type-and-add-scan-resu.patch
0034-feat-at-Add-command-AT-CWCOUNTRY.patch
0035-fix-at-Fix-that-AT-CIPSTART-causes-busy-if-the-serve.patch
Upstream files only
0036-feat-mbedtls-Speed-up-mbedtls-handshake-process.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0037-fix-api-Fix-os_calloc-declaration.patch
Merged app/include/lwip/mem.h; sdk-overrides/include/mem.h
non-conflicting.
0038-fix-mbedtls-Fix-disconnect-callback-function-never-b.patch
Merged app/mbedtls/app/espconn_mbedtls.c; minor revision to logic in
6576af959b. Whitespace fixes.
0039-feat-at-Add-country-code-start-channel-in-AT-CWCOUNT.patch
0040-fix-net80211-Fix-Null-pointer-in-ieee80211_rfid_locp.patch
Upstream files only
0041-feat-wifi-Add-new-esp_init_data_default-v08-bin.patch
Upstream files only, but impacts Makefile
0042-fix-mbedtls-Fix-load-cert-fail-when-the-private-key-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0043-fix-wifi-The-start-channel-can-be-any-valid-channel.patch
0044-fix-wifi-Fix-scan-do-not-start-after-connect.patch
0045-feat-wifi-Add-keep-connection-for-station-to-keep-co.patch
0046-feat-at-Update-AT-version-to-1.6.0.0.patch
0047-fix-at-Fix-GSLP-too-long-time.patch
0048-fix-at-Fix-the-message-is-incorrect-when-creating-UD.patch
0049-feat-at-Add-AT-CIPSERVERMAXCONN.patch
Upstream files only
0050-feat-system-Add-softap-distributes-station-ip-event.patch
Upstream files only, user_interface.h override non-conflicting
0051-feat-example-Use-libmbedtls.a-instead-of-libssl.a-in.patch
Upstream files only
0052-feat-mesh-Remove-mesh-support.patch
Upstream files only, but go ahead and remove comment from
ld/nodemcu.ld.
0053-fix-example-Fix-forget-to-add-integer-parameter-when.patch
Upstream files only
0054-fix-mbedtls-Fix-reconnect_callback-is-not-triggered-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0055-feat-at-Add-AT-SYSMSG-to-enable-some-report-informat.patch
0056-fix-at-Fix-the-incorrect-link-id-when-client-connect.patch
0057-fix-at-Fix-the-bug-that-it-should-be-error-when-the-.patch
0058-fix-smartconfig-Fix-the-smartconfig-scan-time-issue.patch
0059-fix-lwip-Fix-the-bug-of-lwip-output.patch
Upstream files only
0060-fix-lwip-Fix-the-length-of-TCP-data-in-one-packet-is.patch
0061-fix-lwip-Fix-send-TCP-data-with-two-or-more-pbuf.patch
Merged app/lwip/core/tcp_out.c
0062-fix-wifi-Fix-assert-happen-when-smartconfig-start-th.patch
Upstream files only
0063-fix-mbedtls-Fix-memory-leak-when-ESP8266-as-SSL-TLS-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0064-fix-mbedtls-Fix-already-freed-and-exception-bug-when.patch
Merged app/mbedtls/app/lwIPSocket.c
0065-fix-at-Fix-bug-that-there-is-no-result-when-sending-.patch
0066-feat-example-Add-AT-bin-version.patch
0067-feat-version-Update-version-to-2.2.0-and-add-version.patch
0068-feat-bin-Update-AT-bin-for-SDK-2.2.0.patch
Upstream files only
Apply local changes to build:
app/include/lwip/app/espconn.h pulls changes (and license decl) from
upstream SDK. Makefile is altered to use this file ahead of the
SDK's.
Remove lwip's sntp support, since it was never really wired in anyway.
See https://github.com/nodemcu/nodemcu-firmware/issues/2042 for more
information. Patch Makefile to strip time.o, the consumer of lwip's
sntp functionality, from libmain.a, resulting in much
easier-to-understand error messages.
This has consequences for mbedtls. The simplest thing to do, which is,
impressively, not a change in behavior, is to completely disable TLS
certificate time validation; a later patch can optionally couple this to
RTCTIME support.
Similarly, it happens that the sqlite3 import was calling time(), but
this was not going to work out well for it. Just stub it out to always
return unix timestamp 0, as would have happened anyway.
Changes unprocessed:
0007-sync-from-080c37e1.patch
0008-feat-lib-Compile-some-libraries-with-ffunction-secti.patch
These two make changes to the linker script; perhaps
they are worth porting over, but I have not done so
here.
This is build-tested (ADC, BIT, COLOR_UTILS, CRON, CRYPTO, DHT, ENCODER,
FILE, GPIO, HTTP, I2C, MQTT, NET, NODE, OW, PCM, PERF, PWM, RTCFIFO,
RTCMEM, RTCTIME, SNTP, SPI, SQLITE3, STRUCT, TLS, TMR, UART, WIFI,
WS2812, WS2812_EFFECTS) and boots, but only limited run-time testing has
been performed. Testing done does, however, include having made a few
TLS connections through the HTTP module, so things are not hopelessly
broken, at the very least.
The esp_init_data_default.bin is now extracted from the SDK (and its
patch file, if present), and the contents are automatically embedded
into user_main.o.
To work around the pesky "rf_cal[0] !=0x05" hang when booting on a chip
which doesn't have esp_init_data written to it.
It is no longer possible to do the writing of the esp_init_data_default
from within nodemcu_init(), as the SDK now hangs long before it gets
there. As such, I've had to reimplement this in our user_start_trampoline
and get it all done before the SDK has a chance to look for the init data.
It's unfortunate that we have to spend IRAM on this, but I see no better
alternative at this point.
Input during startup (especially while doing initial filesystem format)
ran the risk of filling up the task queue, preventing the start_lua task
from being queued, and hence NodeMCU would not start up that time.
* Add FatFs
* enable BUILD_FATFS for all-module build
* push vfs into rest of firmware
* align maximum filename length
* increase timeout for acmd41 during card initialization
* switch from DOS to Unix path semantics chdrive() is substituted by chdir()
* update to fatfs R.012a incl. patches 1-6
* add callback for rtc provisioning in file
* update docs
Fixes#1164 and thus also #1150, #1149, #1147 and #898.
* Move to latest version of SPIFFS
* Add SPIFFS porting layer for NodeMCU
* Add option to delete output if it doesn't fit
* Change FLASHSIZE to be in bits by default: default 4mb 32mb
* Add SPIFFS_MAX_FILESYSTEM_SIZE override
* Add notes on SPIFFS_FIXED_LOCATION
* Add 1M boundary
* Include the current version of the LICENSE
- Stop fighting against the SDK in terms of owning/writing the init_data block.
NodeMCU included a default init_data block because originally the SDK did
not, but by now it's not needed.
- Expose a way to reconfigure the ADC mode from Lua land. With most people
using the cloud builder and not able to change the #define for byte 107
this has been a pain point.
- Less confusion about which init_data has been used. Lua code can now simply
state what mode it wants the ADC to be in, and not worry about the rest of
the init_data complexities such as the init_data changing location due to
flashing with wrong flash_size setting, or doing/not doing a chip-erase
before loading new NodeMCU firmware.
AFAIK no one uses the wifi.startsmart() and wifi.stopsmart(). Removing
them frees up an extra 20-25K of Flash to use as filesystem. So I have
added a new config define WIFI_SMART_ENABLE which is enabled by default
so the default functionality is the same, but if this is commented out
then this code is omitted.
I have also removed wofs and upgrade from this build as we no longer
support these.
As with the last commit this rolls up the follwowing, but include the various
review comments on the PR.
- **Documentation changes**. I've added the taks FAQ as a stub new Extension
developer FAQ, and split the old FAQ into a Lua Developer FAQ and a Hardware
FAQ.
- **Tasking I/F**. New `app/task/Makefile`, `app/task/task.c`,
`app/include/task/task.h` and `app/Makefile` as per previous commit. Cascade
changes to `app/driver/uart.c`, `app/include/driver/uart.h`,
`app/user/user_main.c` and `app/modules/node.c`
- **GPIO Rework** to `app/modules/gpio.c` and `pin_map.[hc]`, `platform.[hc]`
in `app/platform`
- **Other Optimisations** Move the `platform_*_exists()` from
`app/platform/common.c` to static inline declarations in `platform.h` as
this generates faster, smaller code. Move lgc.a routines out of iram0.
This addresses the issue where a server would otherwise reject a valid
connection attempt from a rebooted node, due to the server thinking that
packet belonged to a recently closed session. By starting off the local
TCP port numbers at random* points each boot the risk of port reuse
across a reboot is significantly reduced.
*) As random as can be had via the lower 12 bits of the ccounter.
Added Lua module rtctime to interface with it.
This keeps as accurate time as is possible on the ESP8266, including across
deep sleeps (provided rtctime.dsleep() is used rather than node.dsleep()).
Intended to be used together with NTP for high accuracy time keeping. The
API is via rtctime.{get,set}timeofday(), working from Unix epoch.
Note that 160MHz CPU clock is not currently supported by the rtctime code,
as it is only aware of the 52MHz boot clock and the regular 80Mhz default
clock.
See rtctime.h for detailed info on how this all works.
Accessing 8bit and 16bit constants from ROM rather than RAM comes with a
performance cost, as these loads go through the load/store exception
vector. Any performance critical constants can be forced back into RAM
as RAM_CONST_ATTR.
The entry point has changed from call_user_start() to user_start_trampoline()
in order for the exception handler to be installed early enough.