Update 30.07. #3
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Comment out verify step in eboot.c Meant for #7458 , but still requires a recompiled eboot.elf. * Rebuild eboot.elf from changed source Co-authored-by: Earle F. Philhower, III <earlephilhower@yahoo.com>
PR #7464 removed the reset of client authentication settings when server authentication settings were changed, however it never did initialize the client authentication information to nullptr in the constructor. This can result in crashes during connections when client certs are not applied. Fix by resetting the client authenticaion variables on object construction.
* Initialize _ledPin _ledPin should be initialized to -1 in the constructor to avoid setting a random pin when calling Updater::end without having called Updater::begin before. This happens, for example, in the Homie software * Fix field sequence
Co-authored-by: Earle F. Philhower, III <earlephilhower@yahoo.com>
* CVE-2020-12638 workaround for WPA downgrade attack When connected to an encrypted (WEP/WPA) router, a rogue packet can cause the ESP8266 WiFi stack to drop to an unecrypted rogue network of the same SSID. Handle this by dropping the WiFi connection immediately and reconnecting to the stored WPA/WEP network requested by the application, whenever the AUTHMODE changes to OPEN from a secured mode. https://lbsfilm.at/blog/wpa2-authenticationmode-downgrade-in-espressif-microprocessors for more details.
In the HTTPS example we were using a fingerprint which changes almost daily as the github.com certificates are regenerated. Replace this with a trust anchor based on the ultimate root CA that github.com uses to sign their certificates. Assuming they don't change CAs, this certificate should be good until 2030+ Fixes #7489
* webhook api * simplify webserver debug printouts, move text to flash * Hook examples in HelloServer example * print executable code address in example * simplify example per @mcspr suggestion
Matching standard Arduino cores, make the default analogWrite() take values from 0...255. Users can always use the analogWriteRange() call to change to a different setup. Add a `analogWriteResolution` which takes a number of bits and sets the range from 0...(1<<bits)-1, part of the standard Arduino API. Remove the PWMRANGE define. It's non-standard and not generally valid (i.e. it's fixed at 1024 of 256, but the real range varies depending on what you last set). Also add note about the change and how to fix pre 3.0 applications. Fixes #2895
Add mention that OTA Update class will block changes to flash mode bits if the image is uncompressed, and link to the recent discussion on this. Co-authored-by: Earle F. Philhower, III <earlephilhower@yahoo.com>
Jason2866
added a commit
that referenced
this pull request
Aug 3, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.