Use platform.local.txt to add -Werror to GCC for the build of all
code. Any warnings on a submitted patch will cause an error.
Several examples and libraries had warnings/errors (missing returns
on functions, types, etc.). Clean those up with this commit as well.
In issue #4350, @mongozmaki found that the web server was accessing a
deleted variable in the destructor. Implement his suggested change
and move the close() before any freeing. Could also have simply
NULL'd out the _currentHeaders member after freeing as well.
Fixes issue #4350
* add begin(port) to esp8266webserver, move some strings to flash, some refactoring
* Moved more strings to flash, unified some strings
* move mimetable strings into a standalone file
* more string moves to flash, remove duplicates, refactor of template method, minor styling
* Reverted moving small string to flash (no heap advantage, reduces bin size)
The server needs to load an X509 and RSA key, but instead of using
the existing loadObject() calls implemented its own. Remove them and
use the standard ones instead.
The DEBUG_OUTPUT macro was undefined in the SSL Web server. Add it
in do that when you compile with DEBUG=HTTP_SERVER it actually compiles.
Adds SSL server mode for WiFiServerSecure, for plain SSL connections,
ESP8266WebServerSecure, for HTTPS web serving, and SecureHTTPSUpdater for
encrypted OTA updates.
Example code is provided for all new options, as well as a BASH script for
generating their own, self-signed certificates.
Both ESP8266WebServerSecure and SecureHTTPSUpdater are important for secure
password-based authentication. HTTP Basic Authentication, the only supported
model presently, sends the username and password in *cleartext* and therefore
should *never* be used in any un-SSL encrypted channel unless you don't mind
sharing your login and password with anyone else on the internet. Even if the
ESP8266 is not safety critical, this cleartext broadcast could expose you should
you reuse this password elsewhere on your network or the internet.
* Make HTTP server test data easier to examine
* Add HTTP server parameter tests containing & and =
* Fix URL parameter decoding in web server
The parameters string needs to be first split on & and =, and URL
decoding on parts done after that. Otherwise URL encoded & and = within
parameter names and values cause incorrect splitting.
* Added constant time strings comparison to avoid possible time-based attacks
* Fixed data types
* Fixed indentation
* Moved string comnparison in constant time to String class; modified function body to assure constant time comparison despite compiler optimizations
* Removed wrong code
* Fixed error and prevented compiler optimization to delete u1 local variable
* Avoid timing attacks on string comparison
* Minor
* changed counter names, removed else
* Add Digest Auth
* Check for Opaque and Nonce
* Remove Serial Debug and fix Indentation
* Added example sketch with documentation,Fixed indentation and Defaults
* Digest Authentication minor changes + new padded 32 digit random function
* update license to public domain
* renaming functions
The extension -> MIME type routine uses lots of constant strings which end
up in the RODATA segment of RAM. Refactor the comparison to use a table of
strings stored in PMMEM instead, freeing ~370 bytes for the heap.
* Suppressed -Wunused-parameter and -Wunused-function by casting to void unused identifiers.
* Explicit initialization of all fields to suppress -Wmissing-field-initializers.
* Fixed signed/unsigned integer comparison.
* memset initialization of structs.
* More -Wunused-parameter fixes.
* WiFiClient: use DataSource for writes
* ESP8266WebServer: delegate writing to WiFiClient
* ESP8266WebServer: set write timeout before sending content
Fix handling of case when Content-Length is 0.
Change do {} while() loop into while(){} so that we don't wait 1000ms for data in case Content-Length is 0.
Also fix handling of cases when malloc or realloc return null.
