* Update TLS protocol support
TLS1.0 is past PCI's EOL; BEAST is no more
Enable elliptic curve key exchanges
Do not enable the smallest ECs for security
Do not enable the largest ECs for computational time
Do not enable 25519 (sad) because it doesn't go across the wire
Drop non-PFS key exchanges
Drop ARC4, Blowfish, DES, genprime, XTEA code
Drop renegotiation support completely
It takes so much heap that it's not likely to work out well
Tidy handling of SSL_BUFFER_SIZE
Update docs
Drop mention of startcom, since they are no more, for letsencrypt
* Update mbedtls to 2.7.7
Preserve our vsnprintf and platform hacks
* Introduce TLS maximum fragment size knob
Reduce buffer size to 4Ki by default and advertize that. That's the
largest we can advertize with the TLS MFL extension, so there's no
point in making them larger. The truly adventurous can re-raise
SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get
back to the earlier behavior.
* Default to mbedTLS debug with DEVELOP_VERSION
* Add spi.set_clock_div
This will allow the SPI clock divider to be changed relatively simply,
to better support multiple devices with varying SPI clock rate support
* Add documentation
* MQTT: handle large/chunked/fragmented messages properly
If a message spans multiple TCP packets it must be buffered before
delivered to LUA. Prior code did not do this at all, so this "patch"
really adds proper handling of fragmented MQTT packets.
This could also occur if multiple small messages was sent in a
single TCP packet, and the last message did not completely fit in that
packet.
Introduces a new option to the mqtt.Client constructor:
max_publish_length which defaults to 1024
Introduces a new 'overflow' callback.
Fixes issue #2308 and proper fix for PR #2544.
* mqtt.md: clarified heap allocation
* mqtt: ensure ack is sent for overflowed publish
If QoS is used we should still acknowledge that we received it, or server might retransmit it later.
The volume returned by file.mount() could not be unmounted, because vol:umount() would fail with a cryptic error about the uncallable nature of the volume userdata object. This was due to the wrong metatable name being used for setting up the volume structure. The correct name, as registered elsewhere in file.c, is now used, and vol:umount() is callable.
Any TCP packet with more than 1024 bytes of payload was silently
dropped. With MTU of 1500 the TCP payload can be up to 1460 bytes
(1500 - 20(IP hdr) - 20(TCP hdr))
- Optimise ROTable accesses and interface
This includes some refinements to the ROTable cache which remove the linker cludges on the CROSS_COMPILE builds. Also keyhole tweaks to some of the Lua VM code to implrove runtimes.
I also noticed some compile time warnings during the build; the change to uz_unzip.c doesn't impact the compiled code, but does remove the compiler warnings.
* updated wifi_eventmon to store events in LUA_REGISTRYINDEX
* updated wifi_eventmon debug comments
* Updated wifi.c to remove c_free()
In wifi_ap_listclient(app/modules/wifi.c), c_free() was replaced with
wifi_softap_free_station_info()
* Removed unnecessary line of code from app/modules/wifi_eventmon.c
* pmsleep refactor
* Shortened swtmr disabled message
* Added swtimer debug module option to user_modules.h.
* Added comments to user_config.h.
* Fixed error in documentation for node.sleep()
* remove blank sntp.c that got added in during rebase onto dev(6218b92)
* Added #ifdefs around SWTIMER_REG_CB to prevent inclusion of disabled
code
Added `node.egc.meminfo()` to expose LVM usage (to make the regular
`node.egc.ON_MEM_LIMIT` option usable).
Extended the `node.egc.ON_MEM_LIMIT` option to also take negative limits,
in which case that's taken as a request to keep a certain amount of heap
available for non-Lua use.
ds18b20 decimals do not take into account the sign bit. Since the original calculation was not so readable, rewritten in readable way that also fixes the bug. Same code as PR against master.
Initial commit for
https://github.com/nodemcu/nodemcu-firmware/issues/2225 .
Replay patches from Espressif's repository at
https://github.com/espressif/ESP8266_NONOS_SDK between tags v2.1.0 and
v2.2.0:
0001-sync-from-ccca00f2.patch
Superseded by existing changes, but lines reordered in app/driver/key.c
to minimize divergences.
0002-sync-from-3f38ad5a.patch
Upstream files only
0003-Update-links.patch
Not meaningful to NodeMCU
0004-sync-from-01990ad0.patch
0005-sync-from-cdf6877d.patch
Upstream files only
0006-sync-from-f29e744c.patch
Upstream files only, user_interface.h override non-conflicting
0009-feat-lwip-Move-lwip-source-code-to-third_party-folde.patch
Merged change to lwip/app/espconn_udp.c; rest is just moves or
appears to not apply.
0010-feat-mbedtls-Add-mbedtls-source-code-in-third_party-.patch
Does not apply; we use our own mbedtls
0011-added-C-support.patch
Merged to Makefile
0012-feat-mbedtls-Rebuild-libmbedtls.patch
Already applied
0013-fix-at-Fix-some-bugs-of-AT.patch
Upstream files only
0014-feat-err_t-Redefine-err_t-to-s32_t.patch
Merged to app/include/arch/cc.h and ./app/include/lwip/app/espconn.h;
the rest is upstream files.
0015-fix-wpa-Fix-wpa-wpa2-ptk-gtk-reinstallation-vulnerab.patch
0016-fix-wifi-Remove-group-key-entry-before-connecting-to.patch
0017-feat-lib-Remove-time-function-in-libmain.patch
Upstream files only
0018-feat-espconn-Modification-for-espconn.patch
Merged to app/include/lwip/app/espconn.h,
app/include/lwip/app/espconn_tcp.h, app/lwip/app/espconn.c,
app/lwip/app/espconn_tcp.c
0019-feat-at-Use-new-espconn_recv-to-fix-tcp-server-issue.patch
0020-feat-examples-Update-mqtt-demo-and-auto-bin-generate.patch
Upstream files only
0021-wifi-Add-scan-threshold-and-dwell-time.patch
0022-feat-wifi-Add-country-code-API.patch
0023-feat-wifi-Record-more-information-of-scanned-ap.patch
Upstream files only, user_interface.h override non-conflicting
0024-fix-example-Fix-IoT_Demo-user-sector-error.patch
Upstream files only
0025-fix-lwip-Fix-sequence-number-error-of-RST-ACK.patch
Merged app/lwip/core/tcp_in.c
0026-fix-mbedtls-Fix-memory-leak.patch
Merged app/mbedtls/app/lwIPSocket.c
0027-fix-mbedtls-Fix-call-send-callback-function-failed.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0028-feat-Add-USE_OPTIMIZE_PRINTF-in-third_party-Makefile.patch
Merged app/Makefile
0029-fix-api-Fix-ets_delay_us-declaration.patch
Upstream files only, osapi.h override non-conflicting
0030-fix-wifi-Remove-max_tx_power-in-wifi_country_t-in-li.patch
0031-fix-wifi-Fix-softAP-wrong-behavior-after-call-system.patch
0032-fix-wifi-bugfix-of-scan-fail-after-connected-if-max-.patch
0033-feat-at-Enable-scan-time-scan-type-and-add-scan-resu.patch
0034-feat-at-Add-command-AT-CWCOUNTRY.patch
0035-fix-at-Fix-that-AT-CIPSTART-causes-busy-if-the-serve.patch
Upstream files only
0036-feat-mbedtls-Speed-up-mbedtls-handshake-process.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0037-fix-api-Fix-os_calloc-declaration.patch
Merged app/include/lwip/mem.h; sdk-overrides/include/mem.h
non-conflicting.
0038-fix-mbedtls-Fix-disconnect-callback-function-never-b.patch
Merged app/mbedtls/app/espconn_mbedtls.c; minor revision to logic in
6576af959b. Whitespace fixes.
0039-feat-at-Add-country-code-start-channel-in-AT-CWCOUNT.patch
0040-fix-net80211-Fix-Null-pointer-in-ieee80211_rfid_locp.patch
Upstream files only
0041-feat-wifi-Add-new-esp_init_data_default-v08-bin.patch
Upstream files only, but impacts Makefile
0042-fix-mbedtls-Fix-load-cert-fail-when-the-private-key-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0043-fix-wifi-The-start-channel-can-be-any-valid-channel.patch
0044-fix-wifi-Fix-scan-do-not-start-after-connect.patch
0045-feat-wifi-Add-keep-connection-for-station-to-keep-co.patch
0046-feat-at-Update-AT-version-to-1.6.0.0.patch
0047-fix-at-Fix-GSLP-too-long-time.patch
0048-fix-at-Fix-the-message-is-incorrect-when-creating-UD.patch
0049-feat-at-Add-AT-CIPSERVERMAXCONN.patch
Upstream files only
0050-feat-system-Add-softap-distributes-station-ip-event.patch
Upstream files only, user_interface.h override non-conflicting
0051-feat-example-Use-libmbedtls.a-instead-of-libssl.a-in.patch
Upstream files only
0052-feat-mesh-Remove-mesh-support.patch
Upstream files only, but go ahead and remove comment from
ld/nodemcu.ld.
0053-fix-example-Fix-forget-to-add-integer-parameter-when.patch
Upstream files only
0054-fix-mbedtls-Fix-reconnect_callback-is-not-triggered-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0055-feat-at-Add-AT-SYSMSG-to-enable-some-report-informat.patch
0056-fix-at-Fix-the-incorrect-link-id-when-client-connect.patch
0057-fix-at-Fix-the-bug-that-it-should-be-error-when-the-.patch
0058-fix-smartconfig-Fix-the-smartconfig-scan-time-issue.patch
0059-fix-lwip-Fix-the-bug-of-lwip-output.patch
Upstream files only
0060-fix-lwip-Fix-the-length-of-TCP-data-in-one-packet-is.patch
0061-fix-lwip-Fix-send-TCP-data-with-two-or-more-pbuf.patch
Merged app/lwip/core/tcp_out.c
0062-fix-wifi-Fix-assert-happen-when-smartconfig-start-th.patch
Upstream files only
0063-fix-mbedtls-Fix-memory-leak-when-ESP8266-as-SSL-TLS-.patch
Merged app/mbedtls/app/espconn_mbedtls.c
0064-fix-mbedtls-Fix-already-freed-and-exception-bug-when.patch
Merged app/mbedtls/app/lwIPSocket.c
0065-fix-at-Fix-bug-that-there-is-no-result-when-sending-.patch
0066-feat-example-Add-AT-bin-version.patch
0067-feat-version-Update-version-to-2.2.0-and-add-version.patch
0068-feat-bin-Update-AT-bin-for-SDK-2.2.0.patch
Upstream files only
Apply local changes to build:
app/include/lwip/app/espconn.h pulls changes (and license decl) from
upstream SDK. Makefile is altered to use this file ahead of the
SDK's.
Remove lwip's sntp support, since it was never really wired in anyway.
See https://github.com/nodemcu/nodemcu-firmware/issues/2042 for more
information. Patch Makefile to strip time.o, the consumer of lwip's
sntp functionality, from libmain.a, resulting in much
easier-to-understand error messages.
This has consequences for mbedtls. The simplest thing to do, which is,
impressively, not a change in behavior, is to completely disable TLS
certificate time validation; a later patch can optionally couple this to
RTCTIME support.
Similarly, it happens that the sqlite3 import was calling time(), but
this was not going to work out well for it. Just stub it out to always
return unix timestamp 0, as would have happened anyway.
Changes unprocessed:
0007-sync-from-080c37e1.patch
0008-feat-lib-Compile-some-libraries-with-ffunction-secti.patch
These two make changes to the linker script; perhaps
they are worth porting over, but I have not done so
here.
This is build-tested (ADC, BIT, COLOR_UTILS, CRON, CRYPTO, DHT, ENCODER,
FILE, GPIO, HTTP, I2C, MQTT, NET, NODE, OW, PCM, PERF, PWM, RTCFIFO,
RTCMEM, RTCTIME, SNTP, SPI, SQLITE3, STRUCT, TLS, TMR, UART, WIFI,
WS2812, WS2812_EFFECTS) and boots, but only limited run-time testing has
been performed. Testing done does, however, include having made a few
TLS connections through the HTTP module, so things are not hopelessly
broken, at the very least.
* mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8)
Wholesale import, with a few changes from earlier preserved through.
Ideally we would soon get to the point of having no divergences from
upstream.
* tls: add function to adjust mbedTLS debug level
* Fix some subtle timing issues with gpio.pulse
* Add the pulse:update method
* Allow getstate to work on stopped pulsers
* Make gpio.mode(, gpio.OUTPUT) actually set the output mode
* Added some more documentation
Arnim Läuger
Nathaniel Wesley Filardo
Javier Peletier
andyleap
Johan Ström
Carsten Elton Sørensen
Terry Ellison
dnc40085
dnc40085
philip
Johny Mattsson
petur
Philip Gladstone
Nathaniel Wesley Filardo