When in basic SSL mode, don't include ciphers for EC for the server by
replacinf the BearSSL "support everything" init call with our own
version which obeys the requested BASIC_SSL.
Saves ~46KB on TLS servers, about the same as basic SSL saves for
clients.
* Use placement new for ETSTimer - no heap fragmentation, new/delete semantics unchanged.
* Make change completely invisible to derived classes at compile-time.
* Fix "sizeof() incomplete type ETSTimer" error.
* C++ reinterpret_cast<> instead of C-style cast.
void* instead of uint32_t - fixes x86_64 server compiles.
* Simplify casts.
* Revert to complete placement new treatment of ETSTimer member.
* Cleanup includes
* Fix omitted casts
* Change per review https://github.com/esp8266/Arduino/pull/6164#pullrequestreview-243583458
* wtf - local compile didn't catch this sloppy mistake
* Resolves review https://github.com/esp8266/Arduino/pull/6164#discussion_r290388119
* Reviewer stated that floating point operations are inlined, software operations -
reduce number of code spots to one.
__This is a breaking change, but the header and example did warn
everyone that this API was in flux due to the incompatible SD and SPIFFS
File implementations.__
BearSSL CertStores now simply need a filesystem and the names of the
data (generated on-chip) and archive (uploaded by user) files on it.
No more need to roll your own virtual CertStoreFile class.
Update the library, examples, and device test.
Fixes#6082
Add an info64() call which returns used and total sizes as 64 bit
quantities. A default wrapper that just copies the 32-bit values is
included for LittleFS/SPIFFS which can't hit those capacities.
* std::bind has issues with type inference, use lambdas whereever possible.
* Fix indentation.
* More descriptive placeholder name in lambda expression
* Use formal argument names for remaining currying placeholders
* Add LittleFS as internal flash filesystem
Adds a LittleFS object which uses the ARMmbed littlefs embedded filesystem,
https://github.com/ARMmbed/littlefs, to enable a new filesystem for onboard
flash utilizing the exact same API as the existing SPIFFS filesystem.
LittleFS is built for low memory systems that are subject to random power
losses, is actively supported by the ARMmbed community, supports directories,
and seems to be much faster in the large-ish read-mostly applications I use.
LittleFS, however, has a larger minimum file allocation unit and does not do
static wear levelling. This means that for systems that need many little
files (<4K), have small SPIFFS areas (64K), or which have a large static
set of files covering the majority of flash coupled with a frequently
updated set of other files, it may not perform as well.
Simply replace SPIFFS.begin() with LittleFS.begin() in your sketch,
use LittleFS.open in place of SPIFFS.open to open files, and everything
else just works thanks to the magic of @igrr's File base class.
**LITTLEFS FLASH LAYOUT IS INCOMPATIBLE WITH SPIFFS**
Since it is a completely different filesystem, you will need to reformat
your flash (and lose any data therein) to use it. Tools to build the
flash filesystem and upload are at
https://github.com/earlephilhower/arduino-esp8266littlefs-plugin and
https://github.com/earlephilhower/mklittlefs/ . The mklittlefs tool
is installed as part of the Arduino platform installation, automatically.
The included example shows a contrived read-mostly example and
demonstrates how the same calls work on either SPIFFS.* or LittleFS.*
Host tests are also included as part of CI.
Directories are fully supported in LittleFS. This means that LittleFS
will have a slight difference vs. SPIFFS when you use
LittleFS.openDir()/Dir.next(). On SPIFFS dir.next()
will return all filesystem entries, including ones in "subdirs"
(because in SPIFFS there are no subdirs and "/" is the same as any
other character in a filename).
On LittleFS, dir.next() will only return entries in the directory
specified, not subdirs. So to list files in "/subdir/..." you need
to actually openDir("/subdir") and use Dir.next() to parse through
just those elements. The returned filenames also only have the
filename returned, not full paths. So on a FS with "/a/1", "/a/2"
when you do openDir("/a"); dir.next().getName(); you get "1" and "2"
and not "/a/1" and "/a/2" like in SPIFFS. This is consistent with
POSIX ideas about reading directories and more natural for a FS.
Most code will not be affected by this, but if you depend on
openDir/Dir.next() you need to be aware of it.
Corresponding ::mkdir, ::rmdir, ::isDirectory, ::isFile,
::openNextFile, and ::rewind methods added to Filesystem objects.
Documentation has been updated with this and other LittleFS information.
Subdirectories are made silently when they do not exist when you
try and create a file in a subdir. They are silently removed when
the last file in them is deleted. This is consistent with what
SPIFFS does but is obviously not normal POSIX behavior. Since there
has never been a "FS.mkdir()" method this is the only way to be
compatible with legacy SPIFFS code.
SPIFFS code has been refactored to pull out common flash_hal_* ops
and placed in its own namespace, like LittleFS.
* Fix up merge blank line issue
* Merge in the FSConfig changs from SDFS PR
Enable setConfig for LittleFS as well plys merge the SPIFFS changes
done in the SDFS PR.
* Fix merge errors
* Update to use v2-alpha branch
The V2-alpha branch supports small file optimizations which can help
increase the utilization of flash when small files are prevalent.
It also adds support for metadata, which means we can start adding
things like file creation times, if desired (not yet).
* V2 of littlefs is now in upstream/master
* Update test to support non-creation-ordered files
In a directory, the order in which "readNextFile()" will return a name
is undefined. SPIFFS may return it in order, but LittleFS does not as
of V2. Update the test to look for files by name when doing
readNextFile() testing.
* Fix LittleFS.truncate implementation
* Fix SDFS tests
SDFS, SPIFFS, and LittleFS now all share the same common set of tests,
greatly increasing the SDFS test coverage.
* Update to point to mklittlefs v2
Upgrade mklittlefs to V2 format support
* Remove extra FS::write(const char *s) method
This was removed in #5861 and erroneously re-introduced here.
* Minimize spurious differences from master
* Dramatically reduce memory usage
Reduce the program and read chunk sizes which impacts performance
minimally but reduces per-file RAM usage of 16KB to <1KB.
* Add @d-a-v's host emulation for LittleFS
* Fix SW Serial library version
* Fix free space reporting
Thanks to @TD-er for discovering the issue
* Update littlefs to latest upstream
* Remove sdfat version included by accident
* Update SDFAT to include MOCK changes required
* Update to include SD.h test of file append
-Expose HTTP Digest authentication with H1 hash as the argument
-Preserved HTTP authentication with username/password arguments
-Added a public static function for generating the H1 hash
-Created an example of how to use this called HttpHashCredAuth.ino
* Use bounded waiting instead of infinite one to avoid deadlock
* Reduce timeout to fail much sooner if server is not acking our data
* Return timeout to 15 seconds on every disconnect
* Add comment to introduced delay to make it super clear
Fixes#6081
The SD rewrite blanked out some of the internal FAT info.. Restore the
function calls and return proper values.
Because size() is used in many printf()s, we can't just change its
return type to uint64. Instead, when size is > size-max warn.
Add SD.size64 which can be used by new apps who care about >4GB cards.
Prints a warning if debugging enabled
W/o this change, file::write('a'); tries to use the template and fails
since char is a basic type.
The reason it is needed is due to pre 2.5.x behavior, File::write(char)
silently was cast to File::write(uint8_t). With the template write,
though, this is not performed.
* Add Print::write tests and add'l overrides
Ensure that print::write does something sane and doesn't cause a compile
time error about templates when used for Files.
Test using SPIFFS file since Print is an abstract type.
* Drop X509 context after successful server verification to save heap space
After completing handshake in BSSL, server is already verified and X509 context is no longer needed. Depending on verification method it save more or less heap space.
* Bugfix: Report not connected if there is no ready data and TLS connection is broken
Added the change for reporting not connected if TLS session is broken and there is no more buffered decrypted data. TLS can be broken if message authentication (MAC) cannot be verified. BearSSL enters BR_SSL_CLOSED state when processing invalid encrypted application data fragment. In such situation the current implementation get stuck forever unless user has own timeout mechanism build on top of WiFiClientSecureBearSSL. This change introduce fail fast via connected() returning false. Further it imply return -1 from read methods indicating broken channel upon which user should perform reconnect if needed.
Fixes#6005
fix switching to static address with lwip2
For some reason, ip address is not propagated in a visible way for lwip2
when switching to static address (wifi.config()) *after* wifi.begin().
This patch calls lwip-v1.4's netif_set_addr() with the new ip address to set
all things up, just like it is done and right when wifi.begin() is called
after wifi.config().
Also tested when IPv6 is enabled.
fix documentation: It is more natural to set an IP address before starting WiFi
(.. and not after dhcp has started)
fixes#5839fixes#6024
do interleave informations on addresses within reception pbuf chain:
before: (data-pbuf) -> (data-pbuf) -> (data-pbuf) -> ... in the receiving order
now: (address+port-info-pbuf -> data-pbuf) -> (address_port-info-pbuf -> data-pbuf) -> ...
address/port informations are updated along with data exposed to user
Fixes#5996
* Add extensions to probe message for EC, others
probeMFLN was failing on some connection attempts to servers which only
supported EC based ciphers because it did not include the proper TLS
handshake extensions to list what kinds of ECs it supported.
Add those to the probeMFLN ClientHello message to make probes pass.
* Add client.getMFLNStatus method, returns MFLN state
After a connection it is useful to check whether MFLN negotiation
succeeded. getMFLNStatus returns a bool (valid only after
client.connect() succeeds, of course) indicating whether the requested
buffer sizes were negotiated successfully.
* New menu option to minimize BSSL ROM with only RSA
Adds a menu option and define to limit BearSSL to older RSA connection
options. This saves ~45K program memory and can speed up connections
since EC, while more secure, is significantly slower on the chip.
The supported ciphers are identical to the ones that axTLS supported.
Fixes#6005
* Add default SSLFLAGS(blank) to platform.txt
* Fix unused variable warning
* Add clarifying comment to menu items
* Minor bug fixes in Maximum Fragment Length Negotation example, mainly giving background processes some time in fetch()
* Minor layout changes to pass travis tests
* Use PolledTimeout for timeout
* Update EspSoftwareSerial to release 5.0.0.
(Includes half-duplex patch for SerialStress.ino)
* Updated EspSoftwareSerial to allow Platformio builds that lack defaults for RX/TX defines.
* polledTimeout: add option to use CPU count instead of millis()
* use more "using" alias
* more c++/clear code, using typename (thanks @devyte)
* rename class name to include unit, introduce timeMax() and check it with assert()
* remove useless defines
* improve api readability, add micro-second unit
* update example
* mock: emulate getCycleCount, add/fix polledTimeout CI test
* + nano-seconds, assert -> message, comments, host test
* allow 0 for timeout (enables immediate timeout, fix division by 0)
* typo, set member instead of local variable
* unify error message
* slight change on checkExpired() allows "never expired"
also removed printed message, add YieldAndDelay, simplify calculations
* remove traces of debug.h/cpp in this PR
* include missing <limits> header
* back to original expired test, introduce boolean _neverExpires, fix reset(), getTimeout() is invalid
* fix expiredOneShot with _timeout==0 check
* reenable getTimeout()
* expose checkExpired with unit conversion
* fix timing comments, move critical code to iram
* add member ::neverExpires and use it where relevant
* improve clarity
* remove exposed checkExpired(), adapt LEAmDNS with equivalent
* add API ::resetToNeverExpires(), use it in LEAmDNS
* remove offending constness from ::flagged() LEAmDNS (due do API fix in PolledTimeout)
* simplify "Fast" base classes
* minor variable rename
* Fix examples
* compliance with good c++ manners
* minor changes for consistency
* add missing const
* expired() and bool() moved to iram
* constexpr compensation computing
* add/update comments
* move neverExpires and alwaysExpired
OTA is broken in AP mode because ESP8266mDNS is checking whether the station is connected before processing. Change the logic to WiFi.isConnected() OR WiFi.softAPgetStationNum()>0 fixes the issue.
* Update ESP8266SSDP.h
Fix SSDP bug: The response to M-Search Packet with ST field set to UUID should be with the UUID not the Device Type
Integrated 'uuid:' prefix into the char array of the _uuid
* Update ESP8266SSDP.cpp
Fix SSDP bug: The response to M-Search Packet with ST field set to UUID should be with the UUID not the Device Type
Integrated 'uuid:' prefix into the char array of the _uuid
* include 'uuid:' in format String and in flash
* Update ESP8266SSDP.cpp
* fix DEBUG macros
All fmt strings in flash
fix#5658
This also allows to avoid warnings and easy mistakes with (no brace):
if (something)
DEBUGV("blah");
* use newlib unaligned-compatible printf for DEBUGV
* remove useless putprintf since ::printf already uses ets_putc
* optionally allow redirects on http OTA updates
* Refactored HTTPClient::begin(url...) & setURL functions, now only beginInternal parses URL, sets ports
Added HTTPRedirect example.
* fix indentation for style check
* add space after while for style check
* don't use deprecated begin method in redirect example
* moved redirect handling code to HTTPClient.
only GET and HEAD requests are currently handled automatically
Redirects that fail to be automatically handled return the redirect code as before
* added support for POST/303 redirect
added device redirect tests
* add missing getLocation() implementation
* if the new location is only a path then only update the URI
