* Fix/enable UDP packet reassembly
UdpContext didn't care about pbuf chaining when receiving datagrams, leading
to fragments delivered to the application as individual packets.
* Provide pbuf_get_contiguous for backwards compatibility with LwIP 1.4
Implementation copied verbatim from LwIP 2.1.2
* Cosmetic changes to meet coding style
Co-authored-by: david gauchard <gauchard@laas.fr>
Co-authored-by: Develo <deveyes@gmail.com>
* upstream lwIP is now downloaded by a makefile, not subsubmoduled
* lwip2: upstream lwIP not sub-sub-modules anymore
lwip2: Allow IPv4 and IPv6 DNS and SNTP server configured via DHCP to co-exist (patch against upstream)
* lwip2: enable tcp-listen-with-backlog feature
* lwip2 submodule update:
- enable more efficient chksum algorithm thanks to Richard Allen
- enable tcp listener with backlog
* more comments, fix backlog management, fix API
* move default value definition in .cpp
because one must not believe it can be redefined before including WiFiServer.h
* improved backlog handling, it is no more a breaking change
In some cases, `initCertStore` may need to be called multiple times
(i.e. to update certs w/oa reboot). In that case, the saved file names
leaked when the new ones were `malloc()`'d.
Fix by freeing the old strings, if present.
This commit avoids OOMs on an udp corner case where a delay() in the main
loop would allow memory filling.
A memory leak has been observed with such semantically forbidden delay,
unsolved yet, and preventing to use a simple counter instead of walking
through a linked list. The count limit is however small.
Fixes#6811 which found an issue where connecting to scripts.google.com
would *occasionally* cause a crash. On inspection, it was found that up
to 5828 bytes of stack were used once in a while, so expand the stack to
5900 bytes to cover this case plus a little extra.
* Put longer string literals into PROGMEM
* Use Flash Strings for Debug output
This is hopefully very infrequently used, so it shouldn't
be in main memory.
* Fix WiFiClientSecure::available blocking
Added a check of WiFiClient::availableForWrite to prevent blocking writes when the _run_until blocking flag is false
* change availForWrite from int to size_t
* add timeout to _run_until loop
fixes#6464
* use polledTimeout with _timeout millis
* Move all scripts and documentation to Python3
Python 2 EOL is Jan 1, 2020. Migrate scripts to run under Python 3.
Under Windows, we're already running Python 3.7, by dumb luck. The
oddness is that the Windows standalone executable for Python 3 is called
"python" whereas under UNIX-like OSes it's called "python3" with
"python" always referring to the Python 2 executable. The ZIP needs to
be updated to include a Python3.exe (copy of Python.exe) so that we can
use the same command lines under Linux and Windows, and to preserve my
sanity.
Fixes#6376
* Add new Windows ZIP with python3.exe file
* Sort options in boards.txt generation for repeatability
The order of the board opts dict changes depending on the Python version
and machine, so sort the options before printing them to get a stable
ordering.
* Re-add Python2 compatibility tweaks
Most scripts can run as Python 2 or Python 3 with minimal changes, so
re-add (and fix, as necessary) compatibility tweaks to the scripts.
* Per @earlephilhower suggestion
* Hints from @earlephilhower
* Namespace BearSSL in core "feels" wrong - using catch-all esp8266 instead.
* After review remarks by @earlephilhower
This PR stops the 1ms-delay loop also when a tcp error occurs (previously this was done only when tcp had just connected or a write/send had succeeded).
The tcp error can be any, in this case with pubsubclient it is "connection refused" after the mqtt server disappeared and pubsubclient tries to reconnect.
A typo was present in several ifdefs which would allow a server to negotiate
an EC connection even when in basic SSL mode. When this happened, a crash
would occur (since there were no EC or advanced AES modes installed).
Fix the typo, fixes#6397
Cleans up all warnings seen w/GCC 9.1 to allow it to track the main
branch more easily until 3.x.
Does not include Ticker.h "fix" of pragmas around a function cast we're
doing that GCC9 doesn't like, that will be addressed separately and
maybe only in the 3.0 branch.
Does not include GDB hook fix, either, because the pragmas required
to disable the GCC9.1 warnings don't exist in 4.8 at all.
* Add a dump of received FP and CERT when in debug mode
To simplify BearSSL debugging, print the received FP (when it doesn't
match the expected) and the binary certificate (always), when in debug
mode.
* Add documentation section on FP mismatch in rare instances.
Apply most compatible changes needed to get the core compiling under GCC
7.2 to the main gcc 4.8 tree to ease porting for 3.0.0.
Update pgmspace.h with corrected and optimized unaligned pgm_read
macros. Now pgm_read_dword in the unaligned case gives proper results
even if optimization is enabled and is also written in assembly and only
1 instruction longer than the pgm_read_byte macro (which also has been
optimized to reduce 1 instruction). These changes should marginally
shrink code and speed up flash reads accordingly.
The toolchain should/will be rebuilt at a later time with this
optimization to ensure it's used in the libc.a/etc. files.
* TCP connect and send delay fix
Implement early exit as connection established or data already sent.
(Previous implementation was exiting only on timeout expired)
* Convert ESP8266WebServer* into templatized model
Supercedes #4912
Refactor the three versions of ESP8266WebServer and *WebServerSecure to a
single templated class. Use "using" to enable old, non-templated names to b
used (so no user changes required to compile or run).
Fixes#4908 and clean up the code base a lot.
Basic tests run (the ones in the example code).
No code changes are required in userland except for setting the SSL
certificates which now use a cleaner "getServer()" accessor and lets the
app use the native BearSSL calls on the WiFiClientSecure object.
@devyte should be proud, it removes virtuals and even has template specialization...
* Fix HTTPUpdate templates and examples
* Fix HTTPUpdateServer library build
Need to remove dot-a linkage since there are no .cpp files in the
directory anymore due to templates.
* Provide backward-compat names for updt template
Allow existing code to use the same well known names for
HTTPUpdateSecure.
* Remove ClientType from all templates, auto-infer
Remove the ClientType template parameter from all objects. Simplifies
the code and makes it more foolproof.
Add a "using" in each server to define the type of connection returned
by all servers, which is then used in the above templates automatically.
* Can safely include FS.h now that SD/SPIFFS unified
* Move the templates/objects to their own namespaces
* Fix merge issues with untemplated methods
* Address review comments
* Fix mock test, remove warnings inside test dir
Make the simple mock test CI job pass and clean up
any spurious warnings in the test directory.
There still are warnings in the libraries and core, but they
should be addressed in a separate PR.
When in basic SSL mode, don't include ciphers for EC for the server by
replacinf the BearSSL "support everything" init call with our own
version which obeys the requested BASIC_SSL.
Saves ~46KB on TLS servers, about the same as basic SSL saves for
clients.
__This is a breaking change, but the header and example did warn
everyone that this API was in flux due to the incompatible SD and SPIFFS
File implementations.__
BearSSL CertStores now simply need a filesystem and the names of the
data (generated on-chip) and archive (uploaded by user) files on it.
No more need to roll your own virtual CertStoreFile class.
Update the library, examples, and device test.
* Use bounded waiting instead of infinite one to avoid deadlock
* Reduce timeout to fail much sooner if server is not acking our data
* Return timeout to 15 seconds on every disconnect
* Add comment to introduced delay to make it super clear
* Drop X509 context after successful server verification to save heap space
After completing handshake in BSSL, server is already verified and X509 context is no longer needed. Depending on verification method it save more or less heap space.
* Bugfix: Report not connected if there is no ready data and TLS connection is broken
Added the change for reporting not connected if TLS session is broken and there is no more buffered decrypted data. TLS can be broken if message authentication (MAC) cannot be verified. BearSSL enters BR_SSL_CLOSED state when processing invalid encrypted application data fragment. In such situation the current implementation get stuck forever unless user has own timeout mechanism build on top of WiFiClientSecureBearSSL. This change introduce fail fast via connected() returning false. Further it imply return -1 from read methods indicating broken channel upon which user should perform reconnect if needed.
Fixes#6005
fix switching to static address with lwip2
For some reason, ip address is not propagated in a visible way for lwip2
when switching to static address (wifi.config()) *after* wifi.begin().
This patch calls lwip-v1.4's netif_set_addr() with the new ip address to set
all things up, just like it is done and right when wifi.begin() is called
after wifi.config().
Also tested when IPv6 is enabled.
fix documentation: It is more natural to set an IP address before starting WiFi
(.. and not after dhcp has started)
fixes#5839fixes#6024
do interleave informations on addresses within reception pbuf chain:
before: (data-pbuf) -> (data-pbuf) -> (data-pbuf) -> ... in the receiving order
now: (address+port-info-pbuf -> data-pbuf) -> (address_port-info-pbuf -> data-pbuf) -> ...
address/port informations are updated along with data exposed to user
