-Expose HTTP Digest authentication with H1 hash as the argument
-Preserved HTTP authentication with username/password arguments
-Added a public static function for generating the H1 hash
-Created an example of how to use this called HttpHashCredAuth.ino
Changes since 2.5.1 (to 2.5.2)
Core
----
* Add explicit Print::write(char) (#6101)
Build system
----
* Fix typo in elf2bin for QOUT binary generation (#6116)
* Support PIO Wl-T and Arduino -T linking properly (#6095)
* Allow *.cc files to be linked into flash by default (#6100)
* Use custom "ElfToBin" builder for PIO (#6091)
* Fail if generated JSON file cannot be read (#6076)
* Moved 'Dropping' print from stdout to stderr in drop_versions.py (#6071)
* Fix PIO issue when build environment contains spaces (#6119)
Libraries
----
* Remove deadlock when server is not acking our data (#6107)
* Bugfix for stuck in write method of WiFiClient and WiFiClientSecure until the remote peer closed connection (#6104)
* Re-add original SD FAT info access methods (#6092)
* Make FILE_WRITE append in SD.h wrapper (#6106)
* Drop X509 after connection, avoid hang on TLS broken (#6065)
* Use bounded waiting instead of infinite one to avoid deadlock
* Reduce timeout to fail much sooner if server is not acking our data
* Return timeout to 15 seconds on every disconnect
* Add comment to introduced delay to make it super clear
Fixes#6081
The SD rewrite blanked out some of the internal FAT info.. Restore the
function calls and return proper values.
Because size() is used in many printf()s, we can't just change its
return type to uint64. Instead, when size is > size-max warn.
Add SD.size64 which can be used by new apps who care about >4GB cards.
Prints a warning if debugging enabled
W/o this change, file::write('a'); tries to use the template and fails
since char is a basic type.
The reason it is needed is due to pre 2.5.x behavior, File::write(char)
silently was cast to File::write(uint8_t). With the template write,
though, this is not performed.
* Add Print::write tests and add'l overrides
Ensure that print::write does something sane and doesn't cause a compile
time error about templates when used for Files.
Test using SPIFFS file since Print is an abstract type.
The interrupt vectors in IRAM are omitted when there is a PROVIDE
statement in the linker control files when using the PIO method of
-Wl,-T<linkfile>.
Drop the PROVIDES (they're in RAM anyway and not ROM related), and
add the required "-u"s to the PIO build script.
Should have no impact on the Arduino side.
Fixes#6087
* Drop X509 context after successful server verification to save heap space
After completing handshake in BSSL, server is already verified and X509 context is no longer needed. Depending on verification method it save more or less heap space.
* Bugfix: Report not connected if there is no ready data and TLS connection is broken
Added the change for reporting not connected if TLS session is broken and there is no more buffered decrypted data. TLS can be broken if message authentication (MAC) cannot be verified. BearSSL enters BR_SSL_CLOSED state when processing invalid encrypted application data fragment. In such situation the current implementation get stuck forever unless user has own timeout mechanism build on top of WiFiClientSecureBearSSL. This change introduce fail fast via connected() returning false. Further it imply return -1 from read methods indicating broken channel upon which user should perform reconnect if needed.
Fixes#6005
To avoid issues as seen in 2.5.1 release where an invalid JSON was
published for a few hours, fail the board script if JQ can't parse the
generated output file.
* Update time.cpp
Migrate configTime() to use sntp_set_timezone_in_seconds() to correctly allow timezone spec in seconds without rounding
* Add sntp-lwip2.h for timezone function
With SSO implementation in String, StreamString::write generates wrong strings under some circumstances.
Reason is that String::len() returns strlen(sso_buf) if SSO=true but with newly written data (in StreamString::write) the null-termination missing at the time len() is called.
Furthermore, len() is called twice which is inefficient if SSO=true.
* Git ignore
* - StreamString fix
* Remove changes to gitignore
* Fix missing space for 0-terminator lost in conversion
fix switching to static address with lwip2
For some reason, ip address is not propagated in a visible way for lwip2
when switching to static address (wifi.config()) *after* wifi.begin().
This patch calls lwip-v1.4's netif_set_addr() with the new ip address to set
all things up, just like it is done and right when wifi.begin() is called
after wifi.config().
Also tested when IPv6 is enabled.
fix documentation: It is more natural to set an IP address before starting WiFi
(.. and not after dhcp has started)
fixes#5839fixes#6024
* Upgrade to https: serving for JSON, links in docs
Fixes#5480
* Update boards.rst documentation
* Update more documentation http: refs to https:
* Remove obsolete staging info
* Drop obsolete versions from JSON programatically
After the final merge is done on the JSON, strip out any named versions
from the final product.
Removing 1.6.5-* and 2.5.0-beta(1,2,3) for now.
* Remove 2.4.0-rc(0/1) from JSON, too
do interleave informations on addresses within reception pbuf chain:
before: (data-pbuf) -> (data-pbuf) -> (data-pbuf) -> ... in the receiving order
now: (address+port-info-pbuf -> data-pbuf) -> (address_port-info-pbuf -> data-pbuf) -> ...
address/port informations are updated along with data exposed to user
Fixes#5996
* Add extensions to probe message for EC, others
probeMFLN was failing on some connection attempts to servers which only
supported EC based ciphers because it did not include the proper TLS
handshake extensions to list what kinds of ECs it supported.
Add those to the probeMFLN ClientHello message to make probes pass.
* Add client.getMFLNStatus method, returns MFLN state
After a connection it is useful to check whether MFLN negotiation
succeeded. getMFLNStatus returns a bool (valid only after
client.connect() succeeds, of course) indicating whether the requested
buffer sizes were negotiated successfully.
* New menu option to minimize BSSL ROM with only RSA
Adds a menu option and define to limit BearSSL to older RSA connection
options. This saves ~45K program memory and can speed up connections
since EC, while more secure, is significantly slower on the chip.
The supported ciphers are identical to the ones that axTLS supported.
Fixes#6005
* Add default SSLFLAGS(blank) to platform.txt
* Fix unused variable warning
* Add clarifying comment to menu items
Force GCC to run with -funsigned-char during host tests to make
the PC match the default behaviour used by the xtensa GCC port.
As noted in #6010. Thanks @MichaelBrunn3r
