Deprecate axTLS, update examples (#5366)

* update examples

* fix serial<->tcp example, use STASSID instead of SSID (name collision)

* fix HTTPSRequest.ino

* update AxTLS HTTPS examples, update AxTLS API to deprecated

* fixes

* fixes + fix astyle (no preproc directives) + restyling script

* fix HTTPClient library

* fixes

* common.sh: do not reload arduino when already present (for locally CI testing)

* common.sh: do not reload ArduinoJson when already present (for locally CI testing)

* fix

* fix

* fix deprecated example

* fix WiFiHTTPSServer.ino

* reduce footprint

* wipfix

* fix led builtin

* fix example

* finished updating APSSID on all examples

* style

* restyle examples

* helper to run CI test locally

* local CI runner more verbose

* +const

* deprecation deprecation

* deprecation

* Update NTPClient.ino

const char[] => const char *

* Update interactive.ino

const char[] => const char *

libraries/ArduinoOTA/examples/BasicOTA/BasicOTA.ino

@@ -3,8 +3,13 @@
 #include <WiFiUdp.h>
 #include <ArduinoOTA.h>
 
-const char* ssid = "..........";
-const char* password = "..........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 void setup() {
   Serial.begin(115200);

libraries/ArduinoOTA/examples/OTALeds/OTALeds.ino

@@ -3,8 +3,13 @@
 #include <WiFiUdp.h>
 #include <ArduinoOTA.h>
 
-const char* ssid = "...";
-const char* password = "...";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 const char* host = "OTA-LEDS";
 
 int led_pin = 13;

libraries/DNSServer/examples/CaptivePortalAdvanced/CaptivePortalAdvanced.ino

@@ -18,8 +18,13 @@
 */
 
 /* Set these to your desired softAP credentials. They are not configurable at runtime */
-const char *softAP_ssid = "ESP_ap";
-const char *softAP_password = "12345678";
+#ifndef APSSID
+#define APSSID "ESP_ap"
+#define APPSK  "12345678"
+#endif
+
+const char *softAP_ssid = APSSID;
+const char *softAP_password = APPSK;
 
 /* hostname for mDNS. Should work at least on windows. Try http://esp8266.local */
 const char *myHostname = "esp8266";

libraries/ESP8266AVRISP/examples/Arduino_Wifi_AVRISP/Arduino_Wifi_AVRISP.ino

@@ -3,9 +3,14 @@
 #include <ESP8266mDNS.h>
 #include <ESP8266AVRISP.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-avrisp";
-const char* ssid = "**********";
-const char* pass = "**********";
+const char* ssid = STASSID;
+const char* pass = STAPSK;
 const uint16_t port = 328;
 const uint8_t reset_pin = 5;
 

libraries/ESP8266HTTPClient/examples/DigestAuthorization/DigestAuthorization.ino

@@ -11,8 +11,13 @@
 
 #include <ESP8266HTTPClient.h>
 
-const char* ssid = "SSID";
-const char* ssidPassword = "PASSWORD";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* ssidPassword = STAPSK;
 
 const char *username = "admin";
 const char *password = "admin";

libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.cpp

@@ -27,7 +27,7 @@
 
 #if HTTPCLIENT_1_1_COMPATIBLE
 #include <ESP8266WiFi.h>
-#include <WiFiClientSecure.h>
+#include <WiFiClientSecureAxTLS.h>
 #endif
 
 #include <StreamString.h>
@@ -64,7 +64,10 @@ public:
 
     std::unique_ptr<WiFiClient> create() override
     {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
         return std::unique_ptr<WiFiClient>(new axTLS::WiFiClientSecure());
+#pragma GCC diagnostic pop
     }
 
     bool verify(WiFiClient& client, const char* host) override

libraries/ESP8266HTTPUpdateServer/examples/SecureBearSSLUpdater/SecureBearSSLUpdater.ino

@@ -19,12 +19,17 @@
 #include <ESP8266mDNS.h>
 #include <ESP8266HTTPUpdateServer.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-webupdate";
 const char* update_path = "/firmware";
 const char* update_username = "admin";
 const char* update_password = "admin";
-const char* ssid = "........";
-const char* password = "........";
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 BearSSL::ESP8266WebServerSecure httpServer(443);
 ESP8266HTTPUpdateServer httpUpdater;

libraries/ESP8266HTTPUpdateServer/examples/SecureHTTPSUpdater/SecureHTTPSUpdater.ino

@@ -48,12 +48,17 @@
 #include <ESP8266mDNS.h>
 #include <ESP8266HTTPUpdateServer.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-webupdate";
 const char* update_path = "/firmware";
 const char* update_username = "admin";
 const char* update_password = "admin";
-const char* ssid = "........";
-const char* password = "........";
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServerSecure httpServer(443);
 ESP8266HTTPUpdateServer httpUpdater;

libraries/ESP8266HTTPUpdateServer/examples/SecureWebUpdater/SecureWebUpdater.ino

@@ -8,12 +8,17 @@
 #include <ESP8266mDNS.h>
 #include <ESP8266HTTPUpdateServer.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-webupdate";
 const char* update_path = "/firmware";
 const char* update_username = "admin";
 const char* update_password = "admin";
-const char* ssid = "........";
-const char* password = "........";
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer httpServer(80);
 ESP8266HTTPUpdateServer httpUpdater;

libraries/ESP8266HTTPUpdateServer/examples/WebUpdater/WebUpdater.ino

@@ -8,9 +8,14 @@
 #include <ESP8266mDNS.h>
 #include <ESP8266HTTPUpdateServer.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-webupdate";
-const char* ssid = "........";
-const char* password = "........";
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer httpServer(80);
 ESP8266HTTPUpdateServer httpUpdater;

libraries/ESP8266LLMNR/examples/LLMNR_Web_Server/LLMNR_Web_Server.ino

@@ -60,8 +60,13 @@
 #include <ESP8266WebServer.h>
 #include <WiFiClient.h>
 
-const char* ssid = "replace_me";
-const char* password = "replace_me";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer web_server(80);
 

libraries/ESP8266NetBIOS/examples/ESP_NBNST/ESP_NBNST.ino

@@ -2,8 +2,13 @@
 #include <ESP8266WebServer.h>
 #include <ESP8266NetBIOS.h>
 
-const char* ssid = "............";
-const char* password = "..............";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer wwwserver(80);
 String content;

libraries/ESP8266SSDP/examples/SSDP/SSDP.ino

@@ -2,8 +2,13 @@
 #include <ESP8266WebServer.h>
 #include <ESP8266SSDP.h>
 
-const char* ssid = "************";
-const char* password = "***********";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer HTTP(80);
 

libraries/ESP8266WebServer/examples/AdvancedWebServer/AdvancedWebServer.ino

@@ -33,8 +33,13 @@
 #include <ESP8266WebServer.h>
 #include <ESP8266mDNS.h>
 
-const char *ssid = "YourSSIDHere";
-const char *password = "YourPSKHere";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *password = STAPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WebServer/examples/FSBrowser/FSBrowser.ino

@@ -30,8 +30,13 @@
 
 #define DBG_OUTPUT_PORT Serial
 
-const char* ssid = "wifi-ssid";
-const char* password = "wifi-password";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 const char* host = "esp8266fs";
 
 ESP8266WebServer server(80);

libraries/ESP8266WebServer/examples/HelloServer/HelloServer.ino

@@ -3,8 +3,13 @@
 #include <ESP8266WebServer.h>
 #include <ESP8266mDNS.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WebServer/examples/HelloServerBearSSL/HelloServerBearSSL.ino

@@ -14,8 +14,13 @@
 #include <ESP8266WebServerSecure.h>
 #include <ESP8266mDNS.h>
 
-const char* ssid = "....";
-const char* password = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 BearSSL::ESP8266WebServerSecure server(443);
 

libraries/ESP8266WebServer/examples/HelloServerSecure/HelloServerSecure.ino

@@ -46,8 +46,13 @@
 #include <ESP8266WebServerSecure.h>
 #include <ESP8266mDNS.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServerSecure server(443);
 

libraries/ESP8266WebServer/examples/HttpAdvancedAuth/HttpAdvancedAuth.ino

@@ -9,8 +9,13 @@
 #include <ArduinoOTA.h>
 #include <ESP8266WebServer.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WebServer/examples/HttpBasicAuth/HttpBasicAuth.ino

@@ -3,8 +3,13 @@
 #include <ArduinoOTA.h>
 #include <ESP8266WebServer.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WebServer/examples/SDWebServer/SDWebServer.ino

@@ -36,8 +36,13 @@
 
 #define DBG_OUTPUT_PORT Serial
 
-const char* ssid = "**********";
-const char* password = "**********";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 const char* host = "esp8266sd";
 
 ESP8266WebServer server(80);

libraries/ESP8266WebServer/examples/SimpleAuthentication/SimpleAuthentication.ino

@@ -2,8 +2,13 @@
 #include <WiFiClient.h>
 #include <ESP8266WebServer.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WebServer/examples/WebUpdate/WebUpdate.ino

@@ -7,9 +7,14 @@
 #include <ESP8266WebServer.h>
 #include <ESP8266mDNS.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 const char* host = "esp8266-webupdate";
-const char* ssid = "........";
-const char* password = "........";
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 const char* serverIndex = "<form method='POST' action='/update' enctype='multipart/form-data'><input type='file' name='update'><input type='submit' value='Update'></form>";

libraries/ESP8266WebServer/src/ESP8266WebServerSecure.h

@@ -19,5 +19,7 @@
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-#include "ESP8266WebServerSecureAxTLS.h"
+#include <WiFiClientSecure.h>
+
+//#include "ESP8266WebServerSecureAxTLS.h"
 #include "ESP8266WebServerSecureBearSSL.h"

libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.cpp

@@ -25,7 +25,7 @@
 #include <libb64/cencode.h>
 #include "WiFiServer.h"
 #include "WiFiClient.h"
-#include "ESP8266WebServerSecure.h"
+#include "ESP8266WebServerSecureAxTLS.h"
 
 //#define DEBUG_ESP_HTTP_SERVER
 #ifdef DEBUG_ESP_PORT
@@ -36,6 +36,9 @@
 
 namespace axTLS {
 
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
+
 ESP8266WebServerSecure::ESP8266WebServerSecure(IPAddress addr, int port) 
 : _serverSecure(addr, port)
 {
@@ -46,6 +49,8 @@ ESP8266WebServerSecure::ESP8266WebServerSecure(int port)
 {
 }
 
+#pragma GCC diagnostic pop
+
 void ESP8266WebServerSecure::setServerKeyAndCert_P(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen)
 {
     _serverSecure.setServerKeyAndCert_P(key, keyLen, cert, certLen);
@@ -131,7 +136,10 @@ void ESP8266WebServerSecure::handleClient() {
   }
 
   if (!keepCurrentClient) {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     _currentClientSecure = WiFiClientSecure();
+#pragma GCC diagnostic pop
     _currentStatus = HC_NONE;
     _currentUpload.reset();
   }

libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.h

@@ -24,7 +24,8 @@
 #define ESP8266WEBSERVERSECURE_H
 
 #include <ESP8266WebServer.h>
-#include <WiFiServerSecure.h>
+#include <WiFiServerSecureAxTLS.h>
+#include <WiFiClientSecureAxTLS.h>
 
 namespace axTLS {
 

libraries/ESP8266WiFi/examples/BearSSL_CertStore/BearSSL_CertStore.ino

@@ -37,8 +37,13 @@
 #include <CertStoreBearSSL.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 // A single, global CertStore which can be used by all
 // connections.  Needs to stay live the entire time any of
@@ -192,11 +197,11 @@ void setup() {
   Serial.println();
   Serial.println();
 
-  #ifdef USE_SDCARD
+#ifdef USE_SDCARD
   SD.begin();
-  #else
+#else
   SPIFFS.begin();
-  #endif
+#endif
 
   // We start by connecting to a WiFi network
   Serial.print("Connecting to ");

libraries/ESP8266WiFi/examples/BearSSL_MaxFragmentLength/BearSSL_MaxFragmentLength.ino

@@ -6,8 +6,13 @@
 
 #include <ESP8266WiFi.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 void fetch(BearSSL::WiFiClientSecure *client) {
   client->write("GET / HTTP/1.0\r\nHost: tls.mbed.org\r\nUser-Agent: ESP8266\r\n\r\n");

libraries/ESP8266WiFi/examples/BearSSL_Server/BearSSL_Server.ino

@@ -37,8 +37,13 @@
 #include <ESP8266WiFi.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 // The HTTPS server
 BearSSL::WiFiServerSecure server(443);

libraries/ESP8266WiFi/examples/BearSSL_ServerClientCert/BearSSL_ServerClientCert.ino

@@ -65,8 +65,13 @@
 #include <ESP8266WiFi.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 // The server which will require a client cert signed by the trusted CA
 BearSSL::WiFiServerSecure server(443);

libraries/ESP8266WiFi/examples/BearSSL_Sessions/BearSSL_Sessions.ino

@@ -6,8 +6,13 @@
 #include <ESP8266WiFi.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 const char *   host = "api.github.com";
 const uint16_t port = 443;

libraries/ESP8266WiFi/examples/BearSSL_Validation/BearSSL_Validation.ino

@@ -5,10 +5,16 @@
 // Released to the public domain
 
 #include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = STAPSK;
 
 const char *   host = "api.github.com";
 const uint16_t port = 443;

libraries/ESP8266WiFi/examples/HTTPSRequest/HTTPSRequest.ino

@@ -19,15 +19,20 @@
 #include <ESP8266WiFi.h>
 #include <WiFiClientSecure.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 const char* host = "api.github.com";
 const int httpsPort = 443;
 
 // Use web browser to view and copy
 // SHA1 fingerprint of the certificate
-const char* fingerprint = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
+const char fingerprint[] PROGMEM = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
 
 void setup() {
   Serial.begin(115200);
@@ -49,17 +54,15 @@ void setup() {
   WiFiClientSecure client;
   Serial.print("connecting to ");
   Serial.println(host);
+
+  Serial.printf("Using fingerprint '%s'\n", fingerprint);
+  client.setFingerprint(fingerprint);
+
   if (!client.connect(host, httpsPort)) {
     Serial.println("connection failed");
     return;
   }
 
-  if (client.verify(fingerprint, host)) {
-    Serial.println("certificate matches");
-  } else {
-    Serial.println("certificate doesn't match");
-  }
-
   String url = "/repos/esp8266/Arduino/commits/master/status";
   Serial.print("requesting URL: ");
   Serial.println(url);

libraries/ESP8266WiFi/examples/HTTPSRequestAxTLS/HTTPSRequestAxTLS.ino

@@ -0,0 +1,106 @@
+/*
+    HTTP over TLS (HTTPS) example sketch
+
+    This example demonstrates how to use
+    WiFiClientSecure class to access HTTPS API.
+    We fetch and display the status of
+    esp8266/Arduino project continuous integration
+    build.
+
+    Limitations:
+      only RSA certificates
+      no support of Perfect Forward Secrecy (PFS)
+      TLSv1.2 is supported since version 2.4.0-rc1
+
+    Created by Ivan Grokhotkov, 2015.
+    This example is in public domain.
+*/
+
+#define USING_AXTLS
+#include <ESP8266WiFi.h>
+
+// force use of AxTLS (BearSSL is now default)
+#include <WiFiClientSecureAxTLS.h>
+using namespace axTLS;
+
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
+
+const char* host = "api.github.com";
+const int httpsPort = 443;
+
+// Use web browser to view and copy
+// SHA1 fingerprint of the certificate
+const char* fingerprint = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
+
+void setup() {
+  Serial.begin(115200);
+  Serial.println();
+  Serial.print("connecting to ");
+  Serial.println(ssid);
+  WiFi.mode(WIFI_STA);
+  WiFi.begin(ssid, password);
+  while (WiFi.status() != WL_CONNECTED) {
+    delay(500);
+    Serial.print(".");
+  }
+  Serial.println("");
+  Serial.println("WiFi connected");
+  Serial.println("IP address: ");
+  Serial.println(WiFi.localIP());
+
+  // Use WiFiClientSecure class to create TLS connection
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
+  WiFiClientSecure client;
+#pragma GCC diagnostic pop
+  Serial.print("connecting to ");
+  Serial.println(host);
+  if (!client.connect(host, httpsPort)) {
+    Serial.println("connection failed");
+    return;
+  }
+
+  if (client.verify(fingerprint, host)) {
+    Serial.println("certificate matches");
+  } else {
+    Serial.println("certificate doesn't match");
+  }
+
+  String url = "/repos/esp8266/Arduino/commits/master/status";
+  Serial.print("requesting URL: ");
+  Serial.println(url);
+
+  client.print(String("GET ") + url + " HTTP/1.1\r\n" +
+               "Host: " + host + "\r\n" +
+               "User-Agent: BuildFailureDetectorESP8266\r\n" +
+               "Connection: close\r\n\r\n");
+
+  Serial.println("request sent");
+  while (client.connected()) {
+    String line = client.readStringUntil('\n');
+    if (line == "\r") {
+      Serial.println("headers received");
+      break;
+    }
+  }
+  String line = client.readStringUntil('\n');
+  if (line.startsWith("{\"state\":\"success\"")) {
+    Serial.println("esp8266/Arduino CI successfull!");
+  } else {
+    Serial.println("esp8266/Arduino CI has failed");
+  }
+  Serial.println("reply was:");
+  Serial.println("==========");
+  Serial.println(line);
+  Serial.println("==========");
+  Serial.println("closing connection");
+}
+
+void loop() {
+}

libraries/ESP8266WiFi/examples/HTTPSRequestCACertAxTLS/HTTPSRequestCACertAxTLS.ino

@@ -15,12 +15,21 @@
     This example is in public domain.
 */
 
+#define USING_AXTLS
 #include <time.h>
 #include <ESP8266WiFi.h>
-#include <WiFiClientSecure.h>
 
-const char* ssid = "........";
-const char* password = "........";
+// force use of AxTLS (BearSSL is now default)
+#include <WiFiClientSecureAxTLS.h>
+using namespace axTLS;
+
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 const char* host = "api.github.com";
 const int httpsPort = 443;
@@ -30,7 +39,10 @@ const int httpsPort = 443;
 extern const unsigned char caCert[] PROGMEM;
 extern const unsigned int caCertLen;
 
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
 WiFiClientSecure client;
+#pragma GCC diagnostic pop
 
 void setup() {
   Serial.begin(115200);

libraries/ESP8266WiFi/examples/NTPClient/NTPClient.ino

@@ -21,8 +21,13 @@
 #include <ESP8266WiFi.h>
 #include <WiFiUdp.h>
 
-char ssid[] = "*************";  //  your network SSID (name)
-char pass[] = "********";       // your network password
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char * ssid = STASSID; // your network SSID (name)
+const char * pass = STAPSK;  // your network password
 
 
 unsigned int localPort = 2390;      // local port to listen for UDP packets

libraries/ESP8266WiFi/examples/WiFiAccessPoint/WiFiAccessPoint.ino

@@ -34,9 +34,14 @@
 #include <WiFiClient.h>
 #include <ESP8266WebServer.h>
 
+#ifndef APSSID
+#define APSSID "ESPap"
+#define APPSK  "thereisnospoon"
+#endif
+
 /* Set these to your desired credentials. */
-const char *ssid = "ESPap";
-const char *password = "thereisnospoon";
+const char *ssid = APSSID;
+const char *password = APPSK;
 
 ESP8266WebServer server(80);
 

libraries/ESP8266WiFi/examples/WiFiClient/WiFiClient.ino

@@ -5,8 +5,13 @@
 
 #include <ESP8266WiFi.h>
 
-const char* ssid     = "your-ssid";
-const char* password = "your-password";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid     = STASSID;
+const char* password = STAPSK;
 
 const char* host = "djxmmx.net";
 const uint16_t port = 17;
@@ -54,7 +59,11 @@ void loop() {
 
   // This will send a string to the server
   Serial.println("sending data to server");
-  client.println("hello from ESP8266");
+  if (client.connected()) {
+    client.println("hello from ESP8266");
+  }
+
+  // wait for data to be available
   unsigned long timeout = millis();
   while (client.available() == 0) {
     if (millis() - timeout > 5000) {
@@ -67,6 +76,7 @@ void loop() {
 
   // Read all the lines of the reply from server and print them to Serial
   Serial.println("receiving from remote server");
+  // not testing 'client.connected()' since we do not need to send data here
   while (client.available()) {
     char ch = static_cast<char>(client.read());
     Serial.print(ch);

libraries/ESP8266WiFi/examples/WiFiClientBasic/WiFiClientBasic.ino

@@ -7,8 +7,13 @@
 #include <ESP8266WiFi.h>
 #include <ESP8266WiFiMulti.h>
 
-const char* ssid     = "your-ssid";
-const char* password = "your-password";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid     = STASSID;
+const char* password = STAPSK;
 
 const char* host = "192.168.1.1";
 const uint16_t port = 3000;

libraries/ESP8266WiFi/examples/WiFiEvents/WiFiEvents.ino

@@ -16,8 +16,13 @@
 #include <ESP8266WiFi.h>
 #include <stdio.h>
 
-const char* ssid     = "ap-ssid";
-const char* password = "ap-password";
+#ifndef APSSID
+#define APSSID "esp8266"
+#define APPSK  "esp8266"
+#endif
+
+const char* ssid     = APSSID;
+const char* password = APPSK;
 
 WiFiEventHandler stationConnectedHandler;
 WiFiEventHandler stationDisconnectedHandler;

libraries/ESP8266WiFi/examples/WiFiHTTPSServer/WiFiHTTPSServer.ino

@@ -43,8 +43,13 @@
 
 #include <ESP8266WiFi.h>
 
-const char* ssid = "your-ssid";
-const char* password = "your-password";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 // The certificate is stored in PMEM
 static const uint8_t x509[] PROGMEM = {

libraries/ESP8266WiFi/examples/WiFiManualWebServer/WiFiManualWebServer.ino

@@ -0,0 +1,106 @@
+/*
+    This sketch demonstrates how to set up a simple HTTP-like server.
+    The server will set a GPIO pin depending on the request
+      http://server_ip/gpio/0 will set the GPIO2 low,
+      http://server_ip/gpio/1 will set the GPIO2 high
+    server_ip is the IP address of the ESP8266 module, will be
+    printed to Serial when the module is connected.
+*/
+
+#include <ESP8266WiFi.h>
+
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
+
+// Create an instance of the server
+// specify the port to listen on as an argument
+WiFiServer server(80);
+
+void setup() {
+  Serial.begin(115200);
+
+  // prepare LED
+  pinMode(LED_BUILTIN, OUTPUT);
+  digitalWrite(LED_BUILTIN, 0);
+
+  // Connect to WiFi network
+  Serial.println();
+  Serial.println();
+  Serial.print(F("Connecting to "));
+  Serial.println(ssid);
+
+  WiFi.mode(WIFI_STA);
+  WiFi.begin(ssid, password);
+
+  while (WiFi.status() != WL_CONNECTED) {
+    delay(500);
+    Serial.print(F("."));
+  }
+  Serial.println();
+  Serial.println(F("WiFi connected"));
+
+  // Start the server
+  server.begin();
+  Serial.println(F("Server started"));
+
+  // Print the IP address
+  Serial.println(WiFi.localIP());
+}
+
+void loop() {
+  // Check if a client has connected
+  WiFiClient client = server.available();
+  if (!client) {
+    return;
+  }
+  Serial.println(F("new client"));
+
+  client.setTimeout(5000); // default is 1000
+
+  // Read the first line of the request
+  String req = client.readStringUntil('\r');
+  Serial.println(F("request: "));
+  Serial.println(req);
+
+  // Match the request
+  int val;
+  if (req.indexOf(F("/gpio/0")) != -1) {
+    val = 0;
+  } else if (req.indexOf(F("/gpio/1")) != -1) {
+    val = 1;
+  } else {
+    Serial.println(F("invalid request"));
+    val = digitalRead(LED_BUILTIN);
+  }
+
+  // Set LED according to the request
+  digitalWrite(LED_BUILTIN, val);
+
+  // read/ignore the rest of the request
+  // do not client.flush(): it is for output only, see below
+  while (client.available()) {
+    // byte by byte is not very efficient
+    client.read();
+  }
+
+  // Send the response to the client
+  // it is OK for multiple small client.print/write,
+  // because nagle algorithm will group them into one single packet
+  client.print(F("HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n<!DOCTYPE HTML>\r\n<html>\r\nGPIO is now "));
+  client.print((val) ? F("high") : F("low"));
+  client.print(F("<br><br>Click <a href='http://"));
+  client.print(WiFi.localIP());
+  client.print(F("/gpio/1'>here</a> to switch LED GPIO on, or <a href='http://"));
+  client.print(WiFi.localIP());
+  client.print(F("/gpio/0'>here</a> to switch LED GPIO off.</html>"));
+
+  // The client will actually be *flushed* then disconnected
+  // when the function returns and 'client' object is destroyed (out-of-scope)
+  // flush = ensure written data are received by the other side
+  Serial.println(F("Disconnecting from client"));
+}

libraries/ESP8266WiFi/examples/WiFiTelnetToSerial/WiFiTelnetToSerial.ino

@@ -20,83 +20,190 @@
 */
 #include <ESP8266WiFi.h>
 
-//how many clients should be able to telnet to this ESP8266
-#define MAX_SRV_CLIENTS 1
-const char* ssid = "**********";
-const char* password = "**********";
+#include <algorithm> // std::min
 
-WiFiServer server(23);
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+/*
+    SWAP_PINS:
+   0: use Serial1 for logging (legacy example)
+   1: configure Hardware Serial port on RX:GPIO13 TX:GPIO15
+      and use SoftwareSerial for logging on
+      standard Serial pins RX:GPIO3 and TX:GPIO1
+*/
+
+#define SWAP_PINS 0
+
+/*
+    SERIAL_LOOPBACK
+    0: normal serial operations
+    1: RX-TX are internally connected (loopback)
+*/
+
+#define SERIAL_LOOPBACK 0
+
+#define BAUD_SERIAL 115200
+#define BAUD_LOGGER 115200
+#define RXBUFFERSIZE 1024
+
+////////////////////////////////////////////////////////////
+
+#if SERIAL_LOOPBACK
+#undef BAUD_SERIAL
+#define BAUD_SERIAL 3000000
+#include <esp8266_peri.h>
+#endif
+
+#if SWAP_PINS
+#include <SoftwareSerial.h>
+SoftwareSerial* logger = nullptr;
+#else
+#define logger (&Serial1)
+#endif
+
+#define STACK_PROTECTOR  512 // bytes
+
+//how many clients should be able to telnet to this ESP8266
+#define MAX_SRV_CLIENTS 2
+const char* ssid = STASSID;
+const char* password = STAPSK;
+
+const int port = 23;
+
+WiFiServer server(port);
 WiFiClient serverClients[MAX_SRV_CLIENTS];
 
 void setup() {
-  Serial1.begin(115200);
+
+  Serial.begin(BAUD_SERIAL);
+  Serial.setRxBufferSize(RXBUFFERSIZE);
+
+#if SWAP_PINS
+  Serial.swap();
+  // Hardware serial is now on RX:GPIO13 TX:GPIO15
+  // use SoftwareSerial on regular RX(3)/TX(1) for logging
+  logger = new SoftwareSerial(3, 1);
+  logger->begin(BAUD_LOGGER);
+  logger->println("\n\nUsing SoftwareSerial for logging");
+#else
+  logger->begin(BAUD_LOGGER);
+  logger->println("\n\nUsing Serial1 for logging");
+#endif
+  logger->println(ESP.getFullVersion());
+  logger->printf("Serial baud: %d (8n1: %d KB/s)\n", BAUD_SERIAL, BAUD_SERIAL * 8 / 10 / 1024);
+  logger->printf("Serial receive buffer size: %d bytes\n", RXBUFFERSIZE);
+
+#if SERIAL_LOOPBACK
+  USC0(0) |= (1 << UCLBE); // incomplete HardwareSerial API
+  logger->println("Serial Internal Loopback enabled");
+#endif
+
   WiFi.mode(WIFI_STA);
   WiFi.begin(ssid, password);
-  Serial1.print("\nConnecting to "); Serial1.println(ssid);
-  uint8_t i = 0;
-  while (WiFi.status() != WL_CONNECTED && i++ < 20) {
+  logger->print("\nConnecting to ");
+  logger->println(ssid);
+  while (WiFi.status() != WL_CONNECTED) {
+    logger->print('.');
     delay(500);
   }
-  if (i == 21) {
-    Serial1.print("Could not connect to"); Serial1.println(ssid);
-    while (1) {
-      delay(500);
-    }
-  }
-  //start UART and the server
-  Serial.begin(115200);
+  logger->println();
+  logger->print("connected, address=");
+  logger->println(WiFi.localIP());
+
+  //start server
   server.begin();
   server.setNoDelay(true);
 
-  Serial1.print("Ready! Use 'telnet ");
-  Serial1.print(WiFi.localIP());
-  Serial1.println(" 23' to connect");
+  logger->print("Ready! Use 'telnet ");
+  logger->print(WiFi.localIP());
+  logger->printf(" %d' to connect\n", port);
 }
 
 void loop() {
-  uint8_t i;
   //check if there are any new clients
   if (server.hasClient()) {
-    for (i = 0; i < MAX_SRV_CLIENTS; i++) {
-      //find free/disconnected spot
-      if (!serverClients[i] || !serverClients[i].connected()) {
-        if (serverClients[i]) {
-          serverClients[i].stop();
-        }
+    //find free/disconnected spot
+    int i;
+    for (i = 0; i < MAX_SRV_CLIENTS; i++)
+      if (!serverClients[i]) { // equivalent to !serverClients[i].connected()
         serverClients[i] = server.available();
-        Serial1.print("New client: "); Serial1.print(i);
+        logger->print("New client: index ");
+        logger->print(i);
         break;
       }
-    }
+
     //no free/disconnected spot so reject
     if (i == MAX_SRV_CLIENTS) {
-      WiFiClient serverClient = server.available();
-      serverClient.stop();
-      Serial1.println("Connection rejected ");
+      server.available().println("busy");
+      // hints: server.available() is a WiFiClient with short-term scope
+      // when out of scope, a WiFiClient will
+      // - flush() - all data will be sent
+      // - stop() - automatically too
+      logger->printf("server is busy with %d active connections\n", MAX_SRV_CLIENTS);
     }
   }
-  //check clients for data
-  for (i = 0; i < MAX_SRV_CLIENTS; i++) {
-    if (serverClients[i] && serverClients[i].connected()) {
-      if (serverClients[i].available()) {
-        //get data from the telnet client and push it to the UART
-        while (serverClients[i].available()) {
-          Serial.write(serverClients[i].read());
+
+  //check TCP clients for data
+#if 1
+  // Incredibly, this code is faster than the bufferred one below - #4620 is needed
+  // loopback/3000000baud average 348KB/s
+  for (int i = 0; i < MAX_SRV_CLIENTS; i++)
+    while (serverClients[i].available() && Serial.availableForWrite() > 0) {
+      // working char by char is not very efficient
+      Serial.write(serverClients[i].read());
+    }
+#else
+  // loopback/3000000baud average: 312KB/s
+  for (int i = 0; i < MAX_SRV_CLIENTS; i++)
+    while (serverClients[i].available() && Serial.availableForWrite() > 0) {
+      size_t maxToSerial = std::min(serverClients[i].available(), Serial.availableForWrite());
+      maxToSerial = std::min(maxToSerial, (size_t)STACK_PROTECTOR);
+      uint8_t buf[maxToSerial];
+      size_t tcp_got = serverClients[i].read(buf, maxToSerial);
+      size_t serial_sent = Serial.write(buf, tcp_got);
+      if (serial_sent != maxToSerial) {
+        logger->printf("len mismatch: available:%zd tcp-read:%zd serial-write:%zd\n", maxToSerial, tcp_got, serial_sent);
+      }
+    }
+#endif
+
+  // determine maximum output size "fair TCP use"
+  // client.availableForWrite() returns 0 when !client.connected()
+  size_t maxToTcp = 0;
+  for (int i = 0; i < MAX_SRV_CLIENTS; i++)
+    if (serverClients[i]) {
+      size_t afw = serverClients[i].availableForWrite();
+      if (afw) {
+        if (!maxToTcp) {
+          maxToTcp = afw;
+        } else {
+          maxToTcp = std::min(maxToTcp, afw);
+        }
+      } else {
+        // warn but ignore congested clients
+        logger->println("one client is congested");
+      }
+    }
+
+  //check UART for data
+  size_t len = std::min((size_t)Serial.available(), maxToTcp);
+  len = std::min(len, (size_t)STACK_PROTECTOR);
+  if (len) {
+    uint8_t sbuf[len];
+    size_t serial_got = Serial.readBytes(sbuf, len);
+    // push UART data to all connected telnet clients
+    for (int i = 0; i < MAX_SRV_CLIENTS; i++)
+      // if client.availableForWrite() was 0 (congested)
+      // and increased since then,
+      // ensure write space is sufficient:
+      if (serverClients[i].availableForWrite() >= serial_got) {
+        size_t tcp_sent = serverClients[i].write(sbuf, serial_got);
+        if (tcp_sent != len) {
+          logger->printf("len mismatch: available:%zd serial-read:%zd tcp-write:%zd\n", len, serial_got, tcp_sent);
         }
       }
-    }
-  }
-  //check UART for data
-  if (Serial.available()) {
-    size_t len = Serial.available();
-    uint8_t sbuf[len];
-    Serial.readBytes(sbuf, len);
-    //push UART data to all connected telnet clients
-    for (i = 0; i < MAX_SRV_CLIENTS; i++) {
-      if (serverClients[i] && serverClients[i].connected()) {
-        serverClients[i].write(sbuf, len);
-        delay(1);
-      }
-    }
   }
 }

libraries/ESP8266WiFi/examples/WiFiWebServer/WiFiWebServer.ino

@@ -1,98 +0,0 @@
-/*
-    This sketch demonstrates how to set up a simple HTTP-like server.
-    The server will set a GPIO pin depending on the request
-      http://server_ip/gpio/0 will set the GPIO2 low,
-      http://server_ip/gpio/1 will set the GPIO2 high
-    server_ip is the IP address of the ESP8266 module, will be
-    printed to Serial when the module is connected.
-*/
-
-#include <ESP8266WiFi.h>
-
-const char* ssid = "your-ssid";
-const char* password = "your-password";
-
-// Create an instance of the server
-// specify the port to listen on as an argument
-WiFiServer server(80);
-
-void setup() {
-  Serial.begin(115200);
-
-  // prepare GPIO2
-  pinMode(2, OUTPUT);
-  digitalWrite(2, 0);
-
-  // Connect to WiFi network
-  Serial.println();
-  Serial.println();
-  Serial.print("Connecting to ");
-  Serial.println(ssid);
-
-  WiFi.mode(WIFI_STA);
-  WiFi.begin(ssid, password);
-
-  while (WiFi.status() != WL_CONNECTED) {
-    delay(500);
-    Serial.print(".");
-  }
-  Serial.println("");
-  Serial.println("WiFi connected");
-
-  // Start the server
-  server.begin();
-  Serial.println("Server started");
-
-  // Print the IP address
-  Serial.println(WiFi.localIP());
-}
-
-void loop() {
-  // Check if a client has connected
-  WiFiClient client = server.available();
-  if (!client) {
-    return;
-  }
-
-  // Wait until the client sends some data
-  Serial.println("new client");
-  while (!client.available()) {
-    delay(1);
-  }
-
-  // Read the first line of the request
-  String req = client.readStringUntil('\r');
-  Serial.println(req);
-  client.flush();
-
-  // Match the request
-  int val;
-  if (req.indexOf("/gpio/0") != -1) {
-    val = 0;
-  } else if (req.indexOf("/gpio/1") != -1) {
-    val = 1;
-  } else {
-    Serial.println("invalid request");
-    client.stop();
-    return;
-  }
-
-  // Set GPIO2 according to the request
-  digitalWrite(2, val);
-
-  client.flush();
-
-  // Prepare the response
-  String s = "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n<!DOCTYPE HTML>\r\n<html>\r\nGPIO is now ";
-  s += (val) ? "high" : "low";
-  s += "</html>\n";
-
-  // Send the response to the client
-  client.print(s);
-  delay(1);
-  Serial.println("Client disonnected");
-
-  // The client will actually be disconnected
-  // when the function returns and 'client' object is detroyed
-}
-

libraries/ESP8266WiFi/examples/udp/udp.ino

@@ -18,8 +18,10 @@
 #include <ESP8266WiFi.h>
 #include <WiFiUdp.h>
 
-#define SSID "ssid"
-#define PSK  "psk"
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
 
 unsigned int localPort = 8888;      // local port to listen on
 
@@ -32,7 +34,7 @@ WiFiUDP Udp;
 void setup() {
   Serial.begin(115200);
   WiFi.mode(WIFI_STA);
-  WiFi.begin(SSID, PSK);
+  WiFi.begin(STASSID, STAPSK);
   while (WiFi.status() != WL_CONNECTED) {
     Serial.print('.');
     delay(500);
@@ -75,6 +77,6 @@ void loop() {
 
 /*
   test (shell/netcat):
-  ---------------
+  --------------------
 	  nc -u 192.168.esp.address 8888
 */

libraries/ESP8266WiFi/src/WiFiClientSecure.h

@@ -20,8 +20,27 @@
 
 */
 
+//#include "WiFiClientSecureAxTLS.h"
+//using namespace axTLS;
+
+/**********************************
+ * !! Now BearSSL is the default !!
+ *
+ * While not advised,
+ * Use legacy API without updating with:
+ *
+#define USING_AXTLS
+#include <ESP8266WiFi.h>
+//#include <WiFiClientSecure.h>
 #include "WiFiClientSecureAxTLS.h"
+using namespace axTLS;
+ *
+ *
+ **********************************/
+
 #include "WiFiClientSecureBearSSL.h"
 
-using namespace axTLS;
-// using namespace BearSSL;
+#ifndef USING_AXTLS
+// do not default to BearSSL API ("using" has no "unusing" counterpart)
+using namespace BearSSL;
+#endif

libraries/ESP8266WiFi/src/WiFiClientSecureAxTLS.h

@@ -32,7 +32,7 @@ class SSLContext;
 
 class WiFiClientSecure : public WiFiClient {
 public:
-  WiFiClientSecure();
+  WiFiClientSecure() __attribute__((deprecated("Upgrade to BearSSL is advised, check https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/src/WiFiClientSecure.h#L25-L99")));
   ~WiFiClientSecure() override;
 
   int connect(CONST IPAddress& ip, uint16_t port) override;

libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.cpp

@@ -1346,7 +1346,10 @@ bool WiFiClientSecure::loadCACert(Stream& stream, size_t size) {
   uint8_t *dest = _streamLoad(stream, size);
   bool ret = false;
   if (dest) {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     ret = setCACert(dest, size);
+#pragma GCC diagnostic pop
   }
   free(dest);
   return ret;
@@ -1356,7 +1359,10 @@ bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size) {
   uint8_t *dest = _streamLoad(stream, size);
   bool ret = false;
   if (dest) {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     ret = setCertificate(dest, size);
+#pragma GCC diagnostic pop
   }
   free(dest);
   return ret;
@@ -1366,7 +1372,10 @@ bool WiFiClientSecure::loadPrivateKey(Stream& stream, size_t size) {
   uint8_t *dest = _streamLoad(stream, size);
   bool ret = false;
   if (dest) {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     ret = setPrivateKey(dest, size);
+#pragma GCC diagnostic pop
   }
   free(dest);
   return ret;

libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h

@@ -121,21 +121,38 @@ class WiFiClientSecure : public WiFiClient {
     static bool probeMaxFragmentLength(const char *hostname, uint16_t port, uint16_t len);
     static bool probeMaxFragmentLength(const String& host, uint16_t port, uint16_t len);
 
-    // AXTLS compatible wrappers
-    // Cannot implement this mode, we need FP before we can connect: bool verify(const char* fingerprint, const char* domain_name)
-    bool verifyCertChain(const char* domain_name) { (void)domain_name; return connected(); } // If we're connected, the cert passed validation during handshake
+    ////////////////////////////////////////////////////
+    // AxTLS API deprecated warnings to help upgrading
 
-    bool setCACert(const uint8_t* pk, size_t size);
-    bool setCertificate(const uint8_t* pk, size_t size);
-    bool setPrivateKey(const uint8_t* pk, size_t size);
+    #define AXTLS_DEPRECATED \
+      __attribute__((deprecated( \
+        "This is deprecated AxTLS API, " \
+        "check https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/src/WiFiClientSecure.h#L25-L99")))
 
-    bool setCACert_P(PGM_VOID_P pk, size_t size) { return setCACert((const uint8_t *)pk, size); }
-    bool setCertificate_P(PGM_VOID_P pk, size_t size) { return setCertificate((const uint8_t *)pk, size); }
-    bool setPrivateKey_P(PGM_VOID_P pk, size_t size) { return setPrivateKey((const uint8_t *)pk, size); }
+    bool setCACert(const uint8_t* pk, size_t size)      AXTLS_DEPRECATED;
+    bool setCertificate(const uint8_t* pk, size_t size) AXTLS_DEPRECATED;
+    bool setPrivateKey(const uint8_t* pk, size_t size)  AXTLS_DEPRECATED;
 
-    bool loadCACert(Stream& stream, size_t size);
-    bool loadCertificate(Stream& stream, size_t size);
-    bool loadPrivateKey(Stream& stream, size_t size);
+    bool loadCACert(Stream& stream, size_t size)        AXTLS_DEPRECATED;
+    bool loadCertificate(Stream& stream, size_t size)   AXTLS_DEPRECATED;
+    bool loadPrivateKey(Stream& stream, size_t size)    AXTLS_DEPRECATED;
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
+
+    bool setCACert_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
+      return setCACert((const uint8_t *)pk, size);
+    }
+
+    bool setCertificate_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
+      return setCertificate((const uint8_t *)pk, size);
+    }
+
+    bool setPrivateKey_P(PGM_VOID_P pk, size_t size) AXTLS_DEPRECATED {
+      return setPrivateKey((const uint8_t *)pk, size);
+    }
+
+#pragma GCC diagnostic pop
 
     template<typename TFile>
     bool loadCertificate(TFile& file) {
@@ -152,6 +169,20 @@ class WiFiClientSecure : public WiFiClient {
       return loadCACert(file, file.size());
     }
 
+    bool verify(const char* fingerprint, const char* domain_name) AXTLS_DEPRECATED {
+      (void)fingerprint;
+      (void)domain_name;
+      return connected();
+    }
+
+    bool verifyCertChain(const char* domain_name) AXTLS_DEPRECATED {
+      (void)domain_name;
+      return connected();
+    }
+
+    // AxTLS API deprecated section end
+    /////////////////////////////////////
+
   private:
     void _clear();
     void _clearAuthenticationSettings();

libraries/ESP8266WiFi/src/WiFiServerSecure.h

@@ -17,5 +17,7 @@
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-#include "WiFiServerSecureAxTLS.h"
+#include <WiFiClientSecure.h>
+
+//#include "WiFiServerSecureAxTLS.h"
 #include "WiFiServerSecureBearSSL.h"

libraries/ESP8266WiFi/src/WiFiServerSecureAxTLS.cpp

@@ -34,7 +34,8 @@ extern "C" {
 #include "lwip/tcp.h"
 #include "lwip/inet.h"
 #include "include/ClientContext.h"
-#include "WiFiServerSecure.h"
+#include "WiFiClientSecureAxTLS.h"
+#include "WiFiServerSecureAxTLS.h"
 
 
 namespace axTLS {
@@ -77,7 +78,10 @@ WiFiClientSecure WiFiServerSecure::available(uint8_t* status)
     }
 
     optimistic_yield(1000);
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     return WiFiClientSecure();
+#pragma GCC diagnostic pop
 }
 
 };

libraries/ESP8266WiFi/src/include/SSLContext.h

@@ -38,6 +38,7 @@ extern "C"
 #include "lwip/inet.h"
 #include "lwip/netif.h"
 #include <include/ClientContext.h>
+#include <WiFiClientSecureAxTLS.h>
 #include "c_types.h"
 
 namespace axTLS {

libraries/ESP8266httpUpdate/examples/httpUpdate/httpUpdate.ino

@@ -15,6 +15,11 @@
 
 #define USE_SERIAL Serial
 
+#ifndef APSSID
+#define APSSID "APSSID"
+#define APPSK  "APPSK"
+#endif
+
 ESP8266WiFiMulti WiFiMulti;
 
 void setup() {
@@ -33,7 +38,7 @@ void setup() {
   }
 
   WiFi.mode(WIFI_STA);
-  WiFiMulti.addAP("SSID", "PASSWORD");
+  WiFiMulti.addAP(APSSID, APPSK);
 
 
 }

libraries/ESP8266httpUpdate/examples/httpUpdateSPIFFS/httpUpdateSPIFFS.ino

@@ -17,6 +17,11 @@
 
 ESP8266WiFiMulti WiFiMulti;
 
+#ifndef APSSID
+#define APSSID "APSSID"
+#define APPSK  "APPSK"
+#endif
+
 void setup() {
 
   USE_SERIAL.begin(115200);
@@ -33,7 +38,7 @@ void setup() {
   }
 
   WiFi.mode(WIFI_STA);
-  WiFiMulti.addAP("SSID", "PASSWORD");
+  WiFiMulti.addAP(APSSID, APPSK);
 
 }
 

libraries/ESP8266httpUpdate/examples/httpUpdateSecure/httpUpdateSecure.ino

@@ -15,6 +15,11 @@
 
 #define USE_SERIAL Serial
 
+#ifndef APSSID
+#define APSSID "APSSID"
+#define APPSK  "APPSK"
+#endif
+
 ESP8266WiFiMulti WiFiMulti;
 
 // A single, global CertStore which can be used by all
@@ -93,7 +98,7 @@ void setup() {
   }
 
   WiFi.mode(WIFI_STA);
-  WiFiMulti.addAP("SSID", "PASSWORD");
+  WiFiMulti.addAP(APSSID, APPSK);
 
   SPIFFS.begin();
 

libraries/ESP8266mDNS/examples/OTA-mDNS-SPIFFS/OTA-mDNS-SPIFFS.ino

@@ -12,6 +12,11 @@
 
 */
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 // includes
 #include <ESP8266WiFi.h>
 #include <ESP8266mDNS.h>
@@ -31,8 +36,8 @@
    @brief Default WiFi connection information.
    @{
 */
-const char* ap_default_ssid = "esp8266"; ///< Default SSID.
-const char* ap_default_psk = "esp8266esp8266"; ///< Default PSK.
+const char* ap_default_ssid = STASSID; ///< Default SSID.
+const char* ap_default_psk = STAPSK; ///< Default PSK.
 /// @}
 
 /// Uncomment the next line for verbose output over UART.
@@ -90,13 +95,13 @@ bool loadConfig(String *ssid, String *pass) {
   ssid->trim();
   pass->trim();
 
-  #ifdef SERIAL_VERBOSE
+#ifdef SERIAL_VERBOSE
   Serial.println("----- file content -----");
   Serial.println(content);
   Serial.println("----- file content -----");
   Serial.println("ssid: " + *ssid);
   Serial.println("psk:  " + *pass);
-  #endif
+#endif
 
   return true;
 } // loadConfig

libraries/ESP8266mDNS/examples/mDNS-SD_Extended/mDNS-SD_Extended.ino

@@ -12,8 +12,13 @@
 #include <ESP8266WiFi.h>
 #include <ESP8266mDNS.h>
 
-const char* ssid     = "...";
-const char* password = "...";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid     = STASSID;
+const char* password = STAPSK;
 char hostString[16] = {0};
 
 void setup() {

libraries/ESP8266mDNS/examples/mDNS_Web_Server/mDNS_Web_Server.ino

@@ -20,8 +20,13 @@
 #include <ESP8266mDNS.h>
 #include <WiFiClient.h>
 
-const char* ssid = "............";
-const char* password = "..............";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = STAPSK;
 
 // TCP server at port 80 will respond to HTTP requests
 WiFiServer server(80);

libraries/Ethernet/examples/udpntpclient_pedantic/UdpNtpClient_Pedantic.ino

@@ -69,7 +69,7 @@ void loop() {
   if (Udp.parsePacket()) {
     // We've received a packet, read the data from it
     Udp.read((byte *)&packetBuffer, NTP_PACKET_SIZE); // read the packet into the buffer
-    #if 0 // just for debugging
+#if 0 // just for debugging
     Serial.println(ENDIAN_SWAP_16(packetBuffer.rootdelay_main), HEX);
     Serial.println(ENDIAN_SWAP_16(packetBuffer.rootdelay_fraction), HEX);
     Serial.println(ENDIAN_SWAP_16(packetBuffer.rootdispersion_main), HEX);
@@ -82,7 +82,7 @@ void loop() {
     Serial.println(ENDIAN_SWAP_32(packetBuffer.receivetimestamp_fraction), HEX);
     Serial.println(ENDIAN_SWAP_32(packetBuffer.transmittimestamp_main), HEX);
     Serial.println(ENDIAN_SWAP_32(packetBuffer.transmittimestamp_fraction), HEX);
-    #endif
+#endif
     Serial.print("Delay ");
     Serial.print(ENDIAN_SWAP_16(packetBuffer.rootdelay_main)); Serial.print("."); Serial.println(ENDIAN_SWAP_16(packetBuffer.rootdelay_fraction));
     Serial.print("Seconds since Jan 1 1900 = ");

libraries/esp8266/examples/CallSDKFunctions/CallSDKFunctions.ino

@@ -25,9 +25,9 @@ void setup() {
 void loop() {
   // Call Espressif SDK functionality - wrapped in ifdef so that it still
   // compiles on other platforms
-  #ifdef ESP8266
+#ifdef ESP8266
   Serial.print("wifi_station_get_hostname: ");
   Serial.println(wifi_station_get_hostname());
-  #endif
+#endif
   delay(1000);
 }

libraries/esp8266/examples/I2STransmit/I2STransmit.ino

@@ -12,9 +12,14 @@
 #include <WiFiUdp.h>
 #include <i2s.h>
 
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
 // Set your network here
-const char *SSID = "....";
-const char *PASS = "....";
+const char *SSID = STASSID;
+const char *PASS = STAPSK;
 
 WiFiUDP udp;
 // Set your listener PC's IP here:

libraries/esp8266/examples/IPv6/IPv6.ino

@@ -22,8 +22,8 @@
 #include <lwip/dns.h>
 
 #ifndef STASSID
-  #define STASSID "your-ssid"
-  #define STAPSK  "your-password"
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
 #endif
 
 #define FQDN  F("www.google.com") // with both IPv4 & IPv6 addresses
@@ -101,7 +101,7 @@ void setup() {
 
   status(Serial);
 
-  #if 0
+#if 0
 
   // legacy loop (still valid with IPv4 only)
 
@@ -110,7 +110,7 @@ void setup() {
     delay(500);
   }
 
-  #else
+#else
 
   // Use this loop instead to wait for an IPv6 routable address
 
@@ -131,7 +131,7 @@ void setup() {
     delay(500);
   }
 
-  #endif
+#endif
 
   Serial.println(F("connected: "));
 

libraries/esp8266/examples/NTP-TZ-DST/NTP-TZ-DST.ino

@@ -19,8 +19,13 @@
 
 ////////////////////////////////////////////////////////
 
-#define SSID            "open"
-#define SSIDPWD         ""
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+#define SSID            STASSID
+#define SSIDPWD         STAPSK
 #define TZ              1       // (utc+) TZ in hours
 #define DST_MN          60      // use 60mn for summer time in some countries
 
@@ -46,7 +51,7 @@ void setup() {
   Serial.begin(115200);
   settimeofday_cb(time_is_set);
 
-  #if NTP0_OR_LOCAL1
+#if NTP0_OR_LOCAL1
   // local
 
   ESP.eraseConfig();
@@ -55,14 +60,14 @@ void setup() {
   timezone tz = { TZ_MN + DST_MN, 0 };
   settimeofday(&tv, &tz);
 
-  #else // ntp
+#else // ntp
 
   configTime(TZ_SEC, DST_SEC, "pool.ntp.org");
   WiFi.mode(WIFI_STA);
   WiFi.begin(SSID, SSIDPWD);
   // don't wait, observe time changing when ntp timestamp is received
 
-  #endif // ntp
+#endif // ntp
 }
 
 // for testing purpose:

libraries/esp8266/examples/interactive/interactive.ino

@@ -10,8 +10,13 @@
 #include "ESP8266WiFi.h"
 #include "user_interface.h"
 
-const char SSID[] = "open";
-const char PSK[] = "";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define STAPSK  "your-password"
+#endif
+
+const char * SSID = STASSID;
+const char * PSK = STAPSK;
 
 IPAddress staticip(192, 168, 1, 123);
 IPAddress gateway(192, 168, 1, 254);

tests/common.sh

@@ -94,7 +94,7 @@ function install_libraries()
     pushd $HOME/Arduino/libraries
 
     # install ArduinoJson library
-    wget https://github.com/bblanchon/ArduinoJson/releases/download/v4.6.1/ArduinoJson-v4.6.1.zip && unzip ArduinoJson-v4.6.1.zip
+    { test -r ArduinoJson-v4.6.1.zip || wget https://github.com/bblanchon/ArduinoJson/releases/download/v4.6.1/ArduinoJson-v4.6.1.zip; } && unzip ArduinoJson-v4.6.1.zip
 
     popd
 }
@@ -104,7 +104,7 @@ function install_ide()
     local ide_path=$1
     local core_path=$2
     local debug=$3
-    wget -O arduino.tar.xz https://www.arduino.cc/download.php?f=/arduino-nightly-linux64.tar.xz
+    test -r arduino.tar.xz || wget -O arduino.tar.xz https://www.arduino.cc/download.php?f=/arduino-nightly-linux64.tar.xz
     tar xf arduino.tar.xz
     mv arduino-nightly $ide_path
     cd $ide_path/hardware

tests/examples_restyle.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+cd $(cd ${0%/*}; pwd)
+astyle --options=examples_style.conf ../libraries/*/examples/*{,/*}/*.ino

tests/examples_style.conf

@@ -10,7 +10,7 @@ lineend=linux
 indent=spaces=2
 
 # also indent macros
-indent-preprocessor
+#indent-preprocessor
 
 # indent classes, switches (and cases), comments starting at column 1
 indent-classes
@@ -36,9 +36,9 @@ attach-extern-c
 indent-modifiers
 indent-namespaces
 indent-labels
-indent-preproc-block
-indent-preproc-define
-indent-preproc-cond
+#indent-preproc-block
+#indent-preproc-define
+#indent-preproc-cond
 unpad-paren
 add-braces
 remove-comment-prefix

tests/run_CI_locally.sh

@@ -0,0 +1,50 @@
+#!/bin/sh
+
+# temporary directory
+
+[ -z "${TMPCI}" ] && TMPCI=/tmp/ci
+
+##################
+
+set -e
+
+TMPDIR=${TMPCI%/*}
+CIDIR=${TMPCI##*/}
+
+mkdir -p ${TMPDIR}
+
+# set root directory into $ESP
+ESP="$(cd ${0%/*}/..; pwd)"
+branch=$(git rev-parse --abbrev-ref HEAD)
+
+echo ""
+echo " -- CI directory: ${TMPCI} --"
+echo ""
+echo "Ensure your changes are committed in current branch ${branch}"
+echo ""
+echo "press return to run 'git diff'"
+read junk
+git diff
+echo "press return to run CI, or ^C"
+read junk
+
+# clone or update this repository into ${TMPDIR}/${CIDIR}
+if [ -d ${TMPCI} ]; then
+	echo ""
+	echo " -- updating CI directory in ${TMPCI} --"
+	echo ""
+	(cd ${TMPCI}; git checkout ${branch}; git pull)
+else
+	echo ""
+	echo " -- installing CI directory in ${TMPCI} --"
+	echo ""
+	(cd ${TMPDIR}; git clone ${ESP} ${CIDIR})
+fi
+
+cd ${TMPCI}
+if [ "$branch" != "$branch" ]; then
+	echo "branch ${cibranch} in ${TMPCI} not matching branch ${branch} in ${ESP}"
+	exit 1
+fi
+rm -rf arduino_ide arduino-nightly Arduino/libraries/ArduinoJson
+HOME=${TMPCI} TRAVIS_BUILD_DIR=${TMPCI} BUILD_TYPE=build tests/common.sh

variants/generic/common.h

@@ -76,7 +76,7 @@ static const uint8_t A0 = PIN_A0;
 #ifdef __cplusplus
 extern "C"
 #endif
-const int BUILTIN_LED __attribute__((deprecated, weak)) = LED_BUILTIN;
+const int BUILTIN_LED __attribute__((deprecated("use LED_BUILTIN"), weak)) = LED_BUILTIN;
 #endif
 
 #endif /* GENERIC_COMMON_H */