Weirdly we have to stop the AP too (which we never started),
or cyw43_tcpip_link_status still reports that STA is connected.
As long as AP mode isn't implemented, this doesn't matter and
we can just do it.
Foamyguy discovered that trying to send >2920 bytes at once consistently
failed. I further discovered that sometimes trying to send >1460 bytes
would fail too. By "fail", I mean that it would take a very long time
(around 200 * 50ms) before erroneously reporting that all bytes were
written.
In my testing, this change causes larger writes to successfully
send either 2920 or 1460 bytes (possibly after doing some 50ms waits
for a previous packet to clear).
The documentation of socket.send always stated that it COULD send fewer
bytes than requested, but adafruit_httpserver assumed that the number
of requested bytes were always sent, so after this change alone,
adafruit_httpserver will still not work properly.
Closes: #7077 (albeit fixes are needed in adafruit_httpserver too)
This reduces power consumption during true deep sleep.
In my measurements with ppk2 and a program that _irrevocably_ entered
deep sleep (no time alarm or pin alarm), power usage as measured on a
ppk2 decreased from ~10mA to ~1mA.
Another reduction of -48 bytes can be had if the fine calculation
step is skipped. The worst difference compared to the old reference
code with my calibration values in the 0° to 60° was 2°C,
and the difference at 25°C is 1°C.
The final size decrease for non-full builds like Trinket M0 is 268
bytes.
Perform most arithmetic with scaled integer values.
For my calibration values
```
const uint32_t NVMCTRL_TEMP_LOG[]={0xfc05511e, 0xcc7ac0f7};
```
the maximum difference between the old and new calculation is 0.50°C.
The difference is smallest (0.13°) at 25.87°C in the old scale.
This reduces mcu_processor_get_temperature from 568 bytes to 348 bytes
(-220 bytes)
The prefixed versions raise Python exceptions, the un-prefixed return
negative error values. We don't want to raise an exception from here,
it leaves the SSL stack in an undefined state.
Adds support for the BananaPi BPI-PicoW-S3 Boards.
Based on esp32s3 chip.
With one WS2812 LED, one monochrome LED, one ceramic antenna.
Support double-reset to tinyUF2.
## Testing self-signed certificates and `load_verify_locations`
Obtain the badssl "self-signed" certificate in the correct form:
```sh
openssl s_client -servername self-signed.badssl.com -connect untrusted-root.badssl.com:443 < /dev/null | openssl x509 > self-signed.pem
```
Copy it and the script to CIRCUITPY:
```python
import os
import wifi
import socketpool
import ssl
import adafruit_requests
TEXT_URL = "https://self-signed.badssl.com/"
if not wifi.radio.ipv4_address:
wifi.radio.connect(os.getenv('WIFI_SSID'), os.getenv('WIFI_PASSWORD'))
pool = socketpool.SocketPool(wifi.radio)
context = ssl.create_default_context()
requests = adafruit_requests.Session(pool, context)
print(f"Fetching from {TEXT_URL} without certificate (should fail)")
try:
response = requests.get(TEXT_URL)
except Exception as e:
print(f"Failed: {e}")
else:
print(f"{response.status_code=}, should have failed with exception")
print("Loading server certificate")
with open("/self-signed.pem", "rb") as certfile:
context.load_verify_locations(cadata=certfile.read())
requests = adafruit_requests.Session(pool, context)
print(f"Fetching from {TEXT_URL} with certificate (should succeed)")
try:
response = requests.get(TEXT_URL)
except Exception as e:
print(f"Unexpected exception: {e}")
else:
print(f"{response.status_code=}, should be 200 OK")
```
Tested with badssl.com:
1. Get client certificates from https://badssl.com/download/
2. Convert public portion with `openssl x509 -in badssl.com-client.pem -out CIRCUITPY/cert.pem`
3. Convert private portion with `openssl rsa -in badssl.com-client.pem -out CIRCUITPY/privkey.pem` and the password `badssl.com`
4. Put wifi settings in CIRCUITPY/.env
5. Run the below Python script:
```py
import os
import wifi
import socketpool
import ssl
import adafruit_requests
TEXT_URL = "https://client.badssl.com/"
wifi.radio.connect(os.getenv('WIFI_SSID'), os.getenv('WIFI_PASSWORD'))
pool = socketpool.SocketPool(wifi.radio)
context = ssl.create_default_context()
requests = adafruit_requests.Session(pool, context)
print(f"Fetching from {TEXT_URL} without certificate (should fail)")
response = requests.get(TEXT_URL)
print(f"{response.status_code=}, should be 400 Bad Request")
input("hit enter to continue\r")
print("Loading client certificate")
context.load_cert_chain("/cert.pem", "privkey.pem")
requests = adafruit_requests.Session(pool, context)
print(f"Fetching from {TEXT_URL} with certificate (should succeed)")
response = requests.get(TEXT_URL)
print(f"{response.status_code=}, should be 200 OK")
```
Closes: #7017
* Remove the 'GP23' alias for CYW1
* Remove the 'CYW0' alias for CYW0
* Switch VBUS_SENSE to CYW2, remove 'GP24' alias
Code that wants to use SMPS_MODE, VBUS_SENSE and LED while being
portable to the W and non-W variants should use those names, not alias
names.
* Remove A3 / VOLTAGE_MONITOR
Right now this cannot be used. The ability to check the voltage monitor
should be added back in some fashion in the future.
This is intended (but not entirely verified) to match our esp32 builds.
It does fix accessing https://circuitpython.org, which failed before with
"MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE".
It still doesn't work on a personal website of mine with valid letsencrypt
certificate but I haven't verified whether it works on esp32s2 with CP.
That site only allows TLS 1.3, while this mbedtls only supports up to
1.2.
The version of mbedtls we adopted based on micropython's use has no
TLS 1.3 support, but the one in espressif esp-idf does.
Note: at this time, the ssl module on pico_w never verifies the server
certificate. This means it does not actually provide a higher security
level than regular socket / http protocols.
Before this, CIRCUITPY would start at 1MB anyway. This appeared to work
only because I hadn't checked the actual size of the CIRCUITPY drive,
and because until now the flash hadn't actually crossed that 1MB
boundary into CIRCUITPY storage.
WARNING: on pico_w, upgrading/downgrading CircuitPython across this commit
boundary will erase the CIRCUITPY filesystem. After this commit,
switching between pico and pico_w firmware will erase the CIRCUITPY
filesystem
.. it needs to operate on a FILE* rather than FIL depending on
the build.
Note that this is comparing output to expected, not to cpython dotenv
package. Because run-tests.py starts the CPython interpreter with the
'-S' (skip site initialization) flag, pip-installed packages are
not available for import inside a test file. Instead, the exp
file is generated manually:
```
circuitpython/tests$ python3 circuitpython/dotenv_test.py > circuitpython/dotenv_test.py.exp
```
Unfortunately, the test fails on test e15:
```diff
FAILURE /home/jepler/src/circuitpython/tests/results/circuitpython_dotenv_test.py
--- /home/jepler/src/circuitpython/tests/results/circuitpython_dotenv_test.py.exp 2022-10-04 09:48:16.307703128 -0500
+++ /home/jepler/src/circuitpython/tests/results/circuitpython_dotenv_test.py.out 2022-10-04 09:48:16.307703128 -0500
@@ -14,7 +14,7 @@
line
e13 e13value
e14 None
-e15 e15value
+e15 None
e16 #
e17 def
e18 #has a hash
```
.. the value actually needs to be enforced each time the STA or AP
is enabled, because internally there's a call to cyw43_wifi_pm with the
library's defaut power management value, not ours.
Add a getter, though it only returns our idea of what the power
management register is set to, it doesn't read out from the actual
hardware, sadly.