When the ESP cycle counter rolls over, the "now" can be smaller than the
next-edge time of a waveform generator. This would cause the edge to be
missed on that specific pin, and make it look like PWM was hung.
Use proper comparison between current time and edge time.
Fixes#4944
Also remove the "sigma-delta.c.unused" file which was replaced by a
working one some time ago.
memcpy() is undefined when source and destination overlap. String::trim
uses it when shifting the string left to remove left padding.
Replace with memmove() which is always safe, even when overlapped.
MD5Builder tests have been randomly, non-repeatably failing due to a problem
with the returned value of MD5Builder.
Valgrind detected a strncpy with an overlapping memory range, which is
an undefined operation. Fix it with a memmove instead, and get rid
of a couple #define redefinitions which were causing compile warnings
on the host side as well.
Fixes#4882 and updates GitHub certificate fingerprint to the current one
in BearSSL_Validation example.
When setting a authentication mode or stopping, clear all others out in case
the object is being re-used.
Add in a yield during the SSL handshake to allow a graceful timeout and not
a WDT error when the remote server hiccups. Thanks to @Jeroen88 for
finding and testing this.
Thanks to ideas from @shimarin for offering ideas to speed up the stopWaveform
calls which may help things like SoftwareSerial run better.
Optimize the stopWaveform routine to abort fast and early whenever possible.
Remove the stopWaveform call from digitalRead(). If you're running a waveform
on a pin and try to read it, that is a logic error and you'll end up reading the
waveform and not the outside world's view of the pin.
Several users have been worried that they need to generate the IDX file,
but don't know how. The CertStore code actually writes this file on object
creation, and the user never needs to explicitly generate or upload it.
Add a comment to the example explicitly noting this.
Setting a pin direction would cause a waveform generator attached to it to stop.
This could cause PWM to stop if pinMode() is called while running (as it was
called in __analogWrite()).
Remove the stopWaveform call from pinMode, the Tone, analogWrite, or Servo
that initiated the waveform has responsibility for stopping it (and it does)
when complete, irrespective of the pinMode.
Fixes#4905
* Compatibility and IRQ fixed for waveform/tone/pwm
Fix a compiler ambiguity introduced with a floating point frequency option
for tone(). Thanks to @Rob58329 for discovering this and proposing the
fix.
Match original analogWrite behavior by going from 0...1023 (PWMRANGE) and
not 0...1024, and also explicitly set the analogWrite pin to an OUTPUT.
Thanks to @jandrassy for finding this.
Fixes#4380 discovered by @cranphin where interrupts were disabled on a
stopWaveform(). Remove that completely and bracket the update of non-atomic
fields in the structure with disable/enable IRQs for safety.
* Fix tone(int,int,int) infinite loop
Explicitly cast the frequency, when passed in as an int, to an
unsigned int. Verified with snippet:
tone(D1, (int)1000, 500);
tone(D1, (unsigned int)1000, 500);
tone(D1, 1000.0, 500);
tone(D1, (int)1000);
tone(D1, (unsigned int)1000);
tone(D1, 1000.0);
* Scheduled Interrupt
* use capital letter for Schedule.h
* Prevent memory leak when attach is called multiple times without detach
* Add improved schedule_function
* WIP : Integrate FunctionalInterrupt & ScheduledInterrupt
* Fix travis error
Due to popular demand, remove the hardcoded dependency on SPIFFS
or SD from the CertStore by factoring out the file interface into
a new class (CertStoreFile) that the user will need to implement
as a thin wrapper around either a SPIFFS.file or a SD.file
Combine the downloaded certificates into a UNIX "ar" archive
and parse that on-the-fly to allow easy inspection and creation
of the Cert Store database.
Examples updated with a new certificate downloader that creates
the certs.ar archive and with a single sample that can be built
for either SPIFFS or SD with a #define. Users can copy the
implementation of the CertStoreFile they need to their own code
as it is self-contained.
Also move the CertStore to the BearSSL namespace and remove the
suffix and separate SPIFFS/SD sources.
Remove the "deep+" change from the CI build as well (no special
options needed on any PIO or makefile build).
We'll revisit the filesystem wrapper for 2.5.0, hopefully having a
unified template for both filesystem usage at a global level. For
current users, be aware the interface may change (simplify!) in
release 2.5.0.
Fixes#4740
When a message is sent by the app that is larger than the SSL buffer,
it will take multiple TLS fragments to transfer. Writes will loop
through and not return until either all data is transferred or there
is an error.
Remove and rewrite all the parts of the core/libraries using TIMER1
and consolidate into a single, shared waveform generation interrupt
structure. Tone, analogWrite(), Servo all now just call into this
shared resource to perform their tasks so are all compatible
and can be used simultaneously.
This setup enables multiple tones, analogWrites, servos, and stepper
motors to be controlled with reasonable accuracy. It uses both TIMER1
and the internal ESP cycle counter to handle timing of waveform edges.
TIMER1 is used in non-reload mode and only edges cause interrupts. The
interrupt is started and stopped as required, minimizing overhead when
these features are not being used.
A generic "startWaveform(pin, high-US, low-US, runtime-US)" and
"stopWaveform(pin)" allow for further types of interfaces. Minimum
high or low period is ~1 us.
Add a tone(float) method, useful when working with lower frequencies.
Fixes#4321. Fixes 4349.
* interactive example: update with option for using DHCP again after using static IP
* lwip2: avoid crash when IP address is set to 0(any) by dhcp not getting its lease renewal in due time
* lwip2: automatically remove oldest PCBs in time-wait state, limit their number
thanks to @me-no-dev 07f4d4c241 (diff-f8258e71e25fb9985ca3799e3d8b88ecR399)
* faq: update about tcpCleanup()
* lwip2: add a macro HAS_PHY_CAPTURE=1 indicating capture facility is available
When the TCP socket is closed there may be some data left in the
BearSSL internal buffers which can be read by the application.
The BearSSL pump, however, would always return no data available
in the case the socket was disconnected before checking if the
SSL was in a state where the app could possibly read.
Fix by returning if the state is available, even if the connection
is gone. Eventually no more data will become available to read
and the original -1 will be returned.
This should match the existing axTLS ::connected() behavior.
The SSL pipeline is multi-stage, and the TCP connection can go down
even though there is still data waiting to be decrypted or in the
decryption buffer.
Explicitly check that there if there can be any data made available
to the app, and if so report that we are still connected(). When
there is no data and there is no TCP connection, report disconnected.
Arduino builds are now taking 49 minutes or more, and failing due to
Travis timeouts.
Split the Arduino build task into even and odd half, where each job
will build every other test. This will reduce any test's runtime
by 50% and speed up checks to avoid the timeout.
BearSSL (https://www.bearssl.org) is a TLS(SSL) library written by
Thomas Pornin that is optimized for lower-memory embedded systems
like the ESP8266. It supports a wide variety of modern ciphers and
is unique in that it doesn't perform any memory allocations during
operation (which is the unfortunate bane of the current axTLS).
BearSSL is also absolutely focused on security and by default performs
all its security checks on x.509 certificates during the connection
phase (but if you want to be insecure and dangerous, that's possible
too).
While it does support unidirectional SSL buffers, like axTLS,
as implemented the ESP8266 wrappers only support bidirectional
buffers. These bidirectional buffers avoid deadlocks in protocols
which don't have well separated receive and transmit periods.
This patch adds several classes which allow connecting to TLS servers
using this library in almost the same way as axTLS:
BearSSL::WiFiClientSecure - WiFiClient that supports TLS
BearSSL::WiFiServerSecure - WiFiServer supporting TLS and client certs
It also introduces objects for PEM/DER encoded keys and certificates:
BearSSLX509List - x.509 Certificate (list) for general use
BearSSLPrivateKey - RSA or EC private key
BearSSLPublicKey - RSA or EC public key (i.e. from a public website)
Finally, it adds a Certificate Authority store object which lets
BearSSL access a set of trusted CA certificates on SPIFFS to allow it
to verify the identity of any remote site on the Internet, without
requiring RAM except for the single matching certificate.
CertStoreSPIFFSBearSSL - Certificate store utility
Client certificates are supported for the BearSSL::WiFiClientSecure, and
what's more the BearSSL::WiFiServerSecure can also *require* remote clients
to have a trusted certificate signed by a specific CA (or yourself with
self-signing CAs).
Maximum Fragment Length Negotiation probing and usage are supported, but
be aware that most sites on the Internet don't support it yet. When
available, you can reduce the memory footprint of the SSL client or server
dramatically (i.e. down to 2-8KB vs. the ~22KB required for a full 16K
receive fragment and 512b send fragment). You can also manually set a
smaller fragment size and guarantee at your protocol level all data will
fit within it.
Examples are included to show the usage of these new features.
axTLS has been moved to its own namespace, "axtls". A default "using"
clause allows existing apps to run using axTLS without any changes.
The BearSSL::WiFi{client,server}Secure implements the axTLS
client/server API which lets many end user applications take advantage
of BearSSL with few or no changes.
The BearSSL static library used presently is stored at
https://github.com/earlephilhower/bearssl-esp8266 and can be built
using the standard ESP8266 toolchain.
