Commit Graph

35911 Commits

Author SHA1 Message Date
Yash Katkar
f73194fbbb feat: add the padding if the packet length is odd while updating udp checksum 2024-03-29 21:05:16 +00:00
Jiang Jiang Jian
be06a6f5ff Merge branch 'bugfix/fix_softap_coex_start_issue' into 'master'
fix(wifi): fix softap coex start issue, no wifi request if wifi is not used at idle

See merge request espressif/esp-idf!29772
2024-03-21 21:22:54 +08:00
Alexey Lapshin
0e3673a2bd Merge branch 'feature/esp32p4-coredump-support' into 'master'
esp32p4: panic tests support

Closes IDF-7565, IDF-7861, IDF-9035, and IDF-9075

See merge request espressif/esp-idf!28586
2024-03-21 21:12:25 +08:00
Jiang Jiang Jian
9971413b60 Merge branch 'feature/eap_tls_v1.3_support' into 'master'
wpa_supplicant: Add TLS v1.3 support in WiFi Enterprise Authentication

Closes WIFI-6135

See merge request espressif/esp-idf!24975
2024-03-21 21:10:38 +08:00
Alexey Lapshin
e845d9e0eb feat(esp_system): allow .data to spill over into L2MEM above 0x4ff40000
It may be usefull when .rodata placed into .dram1.data
2024-03-21 15:36:39 +04:00
Alexey Lapshin
cb82161dae feat(system): esp32p4: support panic tests 2024-03-21 15:36:36 +04:00
liuning
81b86f657c fix(wifi): fix softap coex start issue, no wifi request if wifi is not used at idle 2024-03-21 19:35:27 +08:00
Wan Lei
cfcdacaaac Merge branch 'feature/spi_dma_segmented_configure_transfer' into 'master'
feat(spi_master): new feature dma controlled segmented configure transfer(sct) mode (part_1)

Closes IDF-4998

See merge request espressif/esp-idf!22684
2024-03-21 18:50:03 +08:00
Alexey Lapshin
13b55386bf feat(system): esp32p4: support hw stack guard 2024-03-21 14:30:21 +04:00
Tomas Rezucha
ba1ce22b6c Merge branch 'fix/usb_uvc_example_p4' into 'master'
USB Host UVC example fixes for P4

Closes IEC-94, IDF-4942, and IDF-6505

See merge request espressif/esp-idf!29560
2024-03-21 17:47:51 +08:00
Wan Lei
751d50a19a Merge branch 'feat/c6lite_c61_system_step5' into 'master'
feat(esp32c61): system and esp_timer related support (stage 5/8)

See merge request espressif/esp-idf!29652
2024-03-21 17:25:37 +08:00
C.S.M
eeb9aa988c Merge branch 'bugfix/fix_i2c_timing_accuracy' into 'master'
fix(i2c_master): Fix issue that i2c clock got wrong after clearing bus

Closes IDFGH-12366

See merge request espressif/esp-idf!29715
2024-03-21 16:45:50 +08:00
Cao Sen Miao
c0e5f2b73a fix(i2c_master): Fix issue that i2c clock got wrong after reset,
Closes https://github.com/espressif/esp-idf/issues/13397
2024-03-21 13:13:53 +08:00
Rahul Tank
22ee3e8aa6 Merge branch 'bugfix/bonding_across_reboot' into 'master'
fix(nimble): Added support for deleting the oldest bonded device across reboot

See merge request espressif/esp-idf!29612
2024-03-21 12:00:42 +08:00
morris
1f6abf9e7b Merge branch 'feature/mipi_dcs_short_packet' into 'master'
feat(mipi_dsi): use DCS short packet when possible

Closes IDF-9349

See merge request espressif/esp-idf!29441
2024-03-21 11:46:01 +08:00
wanlei
a611e91b2f feat(esp32c61): new chip add system and esp_timer support 2024-03-21 11:31:15 +08:00
Jakob Hasse
25400ca351 Merge branch 'feature/log_priusize_macro' into 'master'
feat(log): Added PRIuSIZE printf formatter macro

See merge request espressif/esp-idf!29725
2024-03-21 10:41:49 +08:00
Jakob Hasse
f482a9153a Merge branch 'fix/add_libbsd_string_h' into 'master'
refactor(linux): Unified libbsd handling

See merge request espressif/esp-idf!29457
2024-03-21 10:11:25 +08:00
Roland Dobai
22b5f69f7b Merge branch 'refactor/idf_tools_version' into 'master'
refactor(idf_tools): IDF version is acquired only from version or header file

Closes IDFGH-12354

See merge request espressif/esp-idf!29711
2024-03-20 20:12:51 +08:00
Roland Dobai
5da7c6e3b2 Merge branch 'docs/docker_groupid' into 'master'
docs(docker): add note about group ID when host device is added to container

Closes IDFGH-12342

See merge request espressif/esp-idf!29717
2024-03-20 19:54:39 +08:00
Frantisek Hrbata
6554cac7dc docs(docker): add note about group ID when host device is added to container
Closes https://github.com/espressif/esp-idf/issues/13373

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2024-03-20 11:15:36 +01:00
Fu Hanxi
b47c9e9c21 Merge branch 'ci/support_full_pipeline_by_components' into 'master'
CI: Support full pipeline by components

See merge request espressif/esp-idf!29760
2024-03-20 17:53:32 +08:00
Fu Hanxi
6acd57df02
ci: support trigger full pipeline by components 2024-03-20 10:03:48 +01:00
Jakob Hasse
e4aa326c3a feat(log): Added PRIuSIZE printf formatter macro 2024-03-20 16:41:22 +08:00
wanlei
51ffd40843 feat(spi_master): rebase dma sct mode support, rename APIs, use malloc conf_buffer 2024-03-20 16:06:43 +08:00
Sudeep Mohanty
4f3cd0deb9 Merge branch 'fix/freertos_task_c_add_coverity_fix' into 'master'
fix(freertos): Fixed an issue where accessing task lists could overrun memory

Closes IDF-9412

See merge request espressif/esp-idf!29746
2024-03-20 15:54:39 +08:00
wanlei
a307096ec0 spi_master: sct mode supported on c6 2024-03-20 15:42:03 +08:00
wanlei
1e6c61daa6 spi_master: sct mode support set line mode, transaction interval time
support line mode 1-2-4-8 depend on targets.
fix sct mode dma descriptor counter compute issue.
add conf_bits_len setting API to control interval time.
2024-03-20 15:42:03 +08:00
Armando
30760a95bb spi_master: spi master sct test app 2024-03-20 15:42:03 +08:00
Armando
b303e4b7a6 spi_master: new segmented-configure-transfer mode 2024-03-20 15:42:03 +08:00
Fu Hanxi
1f3160cd78 Merge branch 'fix/component_manager_load_all_local_components' into 'master'
fix: component manager load all component dirs even set(COMPONENTS ...)

Closes PACMAN-771

See merge request espressif/esp-idf!28797
2024-03-20 15:38:10 +08:00
Harshal Patil
03756359b2 Merge branch 'update/qemu_release_versions' into 'master'
Update QEMU release versions

See merge request espressif/esp-idf!29706
2024-03-20 14:26:07 +08:00
Sarvesh Bodakhe
1d71178193 fix(wpa_supplicant): Add bugfixes related to ciphersuites in wifi enterprise
- Avoid downgrading TLS ciphersuites when client RSA keys are larger than RSA-2048 bit.
- Note that when using bigger certificates on low-power chips without crypto
  hardware acceleration, it is recommended to adjust the task watchdog timer (TWDT)
  if it is enabled. For precise information on timing requirements, you can check
  performance numbers at https://github.com/espressif/mbedtls/wiki/Performance-Numbers.
2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe
05b882baea fix(wpa_supplicant): Update cipher suite list for TLSv1.3 suiteb and some refactoring
- Use MBEDTLS_TLS1_3_AES_256_GCM_SHA384 cipher for TLSv1.3-suiteb
- Call psa_crypto_init() in tls_connection_init() to reduce redundancy
2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe
5903e9ea2b feat(wpa_supplicant): Make CONFIG_ESP_WIFI_EAP_TLS1_3 an experimental feature 2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe
5ce95cae91 fix(esp_wifi): Enable Server certificate validation when using mbedtls TLS v1.3
In TLS v1.2, It was possible to disable server certificate validation simply by using
API 'mbedtls_ssl_conf_authmode'. But this behaviour is changed in TLS v1.3. We can not
disable server certificate validation in TLS v1.3 using this API anymore.

For more details, refer https://github.com/Mbed-TLS/mbedtls/issues/7075
2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe
ec09cdf885 feat(wpa_supplicant): Add TLS v1.3 support for WiFi enterprise
* Add TLS v1.3 support for following EAP methods:
  - EAP-TLS  (RFC 9190)
  - EAP-PEAP (RFC 9427)
  - EAP-TTLS (RFC 9427)
* Add mbedtls porting for TLS v1.3 exporter (RFC 8446 Section 7.5)
* Add new Kconfig flag to enable TLS v1.3 for EAP methods
* Advertise TLS v1.3 signature algorithms if TLS 1.3 is enabled for EAP
  methods
* Advertise TLS v1.3 cipher suites if CONFIG_ESP_WIFI_EAP_TLS1_3 enabled
* Add support to Ack protected success indication
  (workaround for EAP-TLS 1.3 and 1.2 compatibilty)
2024-03-20 09:33:52 +05:30
Glenn Strauss
b3e4aae7bb TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation
Taking sizeof(ptr) is incorrect to determine size of passed in hash and
results in hlen getting set to a very large value since MD5_MAC_LEN >
sizeof(ptr). Provide the actual size of the hash buffer from the caller
to fix this.

tls_key_x_server_params_hash() callers src/tls/tlsv1_client_read.c and
src/tls/tlsv1_server_write.c both pass in a large enough hash (hash[64]
or hash[100]) that this does not appear to have an impact, though it is
still wrong.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2024-03-20 09:33:52 +05:30
Glenn Strauss
b58dbf2808 Update tls_connection_set_verify() documentation to verify_peer=2
This new value was added to verify peer certificate if it is provided,
but not reject the TLS handshake if no peer certificate is provided.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2024-03-20 09:33:52 +05:30
Jouni Malinen
8ff4837830 Fix tls_connection_set_success_data() in TLS library wrappers
Some of the TLS library wrappers defined only an empty function for
tls_connection_set_success_data(). That could result in memory leaks in
TLS server cases, so update these to do the minimal thing and free the
provided buffer as unused.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-03-20 09:33:52 +05:30
Jouni Malinen
6658c3ed63 Remove useless DH file configuration from TLS library wrappers
These operations do not really have any effect since
tls_connection_set_params() is used only in the TLS client case and the
client receives the DH parameters from the server instead of local
configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:52 +05:30
Jouni Malinen
89fc940ec0 EAP-TLS: Do not allow TLSv1.3 success without protected result indication
RFC 9190 requires protected result indication to be used with TLSv1.3,
so do not allow EAP-TLS to complete successfully if the server does not
send that indication.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-03-20 09:33:52 +05:30
Jouni Malinen
98183fe062 EAP-TLS: Replace the Commitment Message term with RFC 9190 language
While the drafts for RFC 9190 used a separate Commitment Message term,
that term was removed from the published RFC. Update the debug prints to
match that final language.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-03-20 09:33:52 +05:30
Jouni Malinen
9cb8c0545f EAP-TLS: Update specification references to RFC 5216 and 9190
The previously used references were pointing to an obsoleted RFC and
draft versions. Replace these with current versions.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-03-20 09:33:52 +05:30
Alexander Clouter
b17d6a1b3a EAP-TTLS peer: Handle Commitment Message for TLS 1.3
Recognize the explicitly defined Commitment Message per
draft-ietf-emu-eap-tls13-13 at the conclusion of the EAP-TTLS with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30
Alexander Clouter
65248148f0 EAP-TLS peer: Handle Commitment Message for TLS 1.3
Recognize the explicitly defined Commitment Message per
draft-ietf-emu-eap-tls13-13 at the conclusion of the EAP-TLS with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30
Alexander Clouter
a5ee253d62 EAP: Extend Session-Id derivation with TLS 1.3 to PEAP and EAP-TTLS
This newer Session-Id/Method-Id derivation is used with PEAP and
EAP-TTLS when using TLS 1.3 per draft-ietf-emu-tls-eap-types-00, so do
not limit this to only EAP-TLS.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30
Alexander Clouter
42e37285e5 EAP-TTLS: Key derivation per draft-ietf-emu-tls-eap-types-00
Use the TLS-Exporter with the label and context as defined in
draft-ietf-emu-tls-eap-types-00 when deriving keys for EAP-TTLS with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30
Alexander Clouter
0d90484018 EAP-PEAP: Key derivation per draft-ietf-emu-tls-eap-types-00
Use the TLS-Exporter with the label and context as defined in
draft-ietf-emu-tls-eap-types-00 when deriving keys for PEAP with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30
Alexander Clouter
252dd1b976 EAP-TTLS/PEAP peer: Fix failure when using session tickets under TLS 1.3
EAP peer does not expect data present when beginning the Phase 2 in
EAP-{TTLS,PEAP} but in TLS 1.3 session tickets are sent after the
handshake completes.

There are several strategies that can be used to handle this, but this
patch picks up from the discussion[1] and implements the proposed use of
SSL_MODE_AUTO_RETRY. SSL_MODE_AUTO_RETRY has already been enabled by
default in OpenSSL 1.1.1, but it needs to be enabled for older versions.

The main OpenSSL wrapper change in tls_connection_decrypt() takes care
of the new possible case with SSL_MODE_AUTO_RETRY for
SSL_ERROR_WANT_READ to indicate that a non-application_data was
processed. That is not really an error case with TLS 1.3, so allow it to
complete and return an empty decrypted application data buffer.
EAP-PEAP/TTLS processing can then use this to move ahead with starting
Phase 2.

[1] https://www.spinics.net/lists/hostap/msg05376.html

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2024-03-20 09:33:52 +05:30