esp8266 · earlephilhower · Nov 30, 2018 · Nov 22, 2018 · Nov 23, 2018 · Nov 23, 2018
diff --git a/libraries/ESP8266HTTPClient/examples/StreamHttpsClient/StreamHttpsClient.ino b/libraries/ESP8266HTTPClient/examples/StreamHttpsClient/StreamHttpsClient.ino
@@ -9,6 +9,7 @@
 
 #include <ESP8266WiFi.h>
 #include <ESP8266WiFiMulti.h>
+#include <WiFiClientSecure.h>
 
 #include <ESP8266HTTPClient.h>
 

diff --git a/libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.cpp b/libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.cpp
@@ -27,8 +27,9 @@
 
 #ifdef HTTPCLIENT_1_1_COMPATIBLE
 #include <ESP8266WiFi.h>
-#include <WiFiClientSecure.h>
+#include <WiFiClientSecureAxTLS.h>
 #endif
+#include <WiFiClientSecureBearSSL.h>
 
 #include <StreamString.h>
 #include <base64.h>
@@ -64,12 +65,18 @@ class TLSTraits : public TransportTraits
 
     std::unique_ptr<WiFiClient> create() override
     {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
         return std::unique_ptr<WiFiClient>(new axTLS::WiFiClientSecure());
+#pragma GCC diagnostic pop
     }
 
     bool verify(WiFiClient& client, const char* host) override
     {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
         auto wcs = static_cast<axTLS::WiFiClientSecure&>(client);
+#pragma GCC diagnostic pop
         return wcs.verify(_fingerprint.c_str(), host);
     }
 

diff --git a/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.h b/libraries/ESP8266WebServer/src/ESP8266WebServerSecure.h
@@ -19,5 +19,7 @@
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-#include "ESP8266WebServerSecureAxTLS.h"
+#include <WiFiClientSecure.h>
+
+//#include "ESP8266WebServerSecureAxTLS.h"
 #include "ESP8266WebServerSecureBearSSL.h"
diff --git a/libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.cpp b/libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.cpp
@@ -25,7 +25,7 @@
 #include <libb64/cencode.h>
 #include "WiFiServer.h"
 #include "WiFiClient.h"
-#include "ESP8266WebServerSecure.h"
+#include "ESP8266WebServerSecureAxTLS.h"
 
 //#define DEBUG_ESP_HTTP_SERVER
 #ifdef DEBUG_ESP_PORT
@@ -36,6 +36,9 @@
 
 namespace axTLS {
 
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
+
 ESP8266WebServerSecure::ESP8266WebServerSecure(IPAddress addr, int port) 
 : _serverSecure(addr, port)
 {
@@ -46,6 +49,8 @@ ESP8266WebServerSecure::ESP8266WebServerSecure(int port)
 {
 }
 
+#pragma GCC diagnostic pop
+
 void ESP8266WebServerSecure::setServerKeyAndCert_P(const uint8_t *key, int keyLen, const uint8_t *cert, int certLen)
 {
     _serverSecure.setServerKeyAndCert_P(key, keyLen, cert, certLen);
@@ -131,7 +136,10 @@ void ESP8266WebServerSecure::handleClient() {
   }
 
   if (!keepCurrentClient) {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
     _currentClientSecure = WiFiClientSecure();
+#pragma GCC diagnostic pop
     _currentStatus = HC_NONE;
     _currentUpload.reset();
   }

diff --git a/libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.h b/libraries/ESP8266WebServer/src/ESP8266WebServerSecureAxTLS.h
@@ -24,7 +24,8 @@
 #define ESP8266WEBSERVERSECURE_H
 
 #include <ESP8266WebServer.h>
-#include <WiFiServerSecure.h>
+#include <WiFiServerSecureAxTLS.h>
+#include <WiFiClientSecureAxTLS.h>
 
 namespace axTLS {
 

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_CertStore/BearSSL_CertStore.ino b/libraries/ESP8266WiFi/examples/BearSSL_CertStore/BearSSL_CertStore.ino
@@ -34,11 +34,17 @@
 // Released to the public domain
 
 #include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
 #include <CertStoreBearSSL.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 // A single, global CertStore which can be used by all
 // connections.  Needs to stay live the entire time any of
@@ -192,11 +198,11 @@ void setup() {
   Serial.println();
   Serial.println();
 
-  #ifdef USE_SDCARD
+#ifdef USE_SDCARD
   SD.begin();
-  #else
+#else
   SPIFFS.begin();
-  #endif
+#endif
 
   // We start by connecting to a WiFi network
   Serial.print("Connecting to ");

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_MaxFragmentLength/BearSSL_MaxFragmentLength.ino b/libraries/ESP8266WiFi/examples/BearSSL_MaxFragmentLength/BearSSL_MaxFragmentLength.ino
@@ -5,9 +5,15 @@
 // Released to the public domain
 
 #include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 void fetch(BearSSL::WiFiClientSecure *client) {
   client->write("GET / HTTP/1.0\r\nHost: tls.mbed.org\r\nUser-Agent: ESP8266\r\n\r\n");

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_Server/BearSSL_Server.ino b/libraries/ESP8266WiFi/examples/BearSSL_Server/BearSSL_Server.ino
@@ -35,10 +35,16 @@
 */
 
 #include <ESP8266WiFi.h>
+#include <WiFiServerSecure.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 // The HTTPS server
 BearSSL::WiFiServerSecure server(443);

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_ServerClientCert/BearSSL_ServerClientCert.ino b/libraries/ESP8266WiFi/examples/BearSSL_ServerClientCert/BearSSL_ServerClientCert.ino
@@ -63,10 +63,16 @@
 */
 
 #include <ESP8266WiFi.h>
+#include <WiFiServerSecure.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 // The server which will require a client cert signed by the trusted CA
 BearSSL::WiFiServerSecure server(443);

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_Sessions/BearSSL_Sessions.ino b/libraries/ESP8266WiFi/examples/BearSSL_Sessions/BearSSL_Sessions.ino
@@ -4,10 +4,16 @@
 // Released to the public domain
 
 #include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 const char *   host = "api.github.com";
 const uint16_t port = 443;

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_Validation/BearSSL_Validation.ino b/libraries/ESP8266WiFi/examples/BearSSL_Validation/BearSSL_Validation.ino
@@ -5,10 +5,16 @@
 // Released to the public domain
 
 #include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
 #include <time.h>
 
-const char *ssid = "....";
-const char *pass = "....";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char *ssid = STASSID;
+const char *pass = PSK;
 
 const char *   host = "api.github.com";
 const uint16_t port = 443;

diff --git a/libraries/ESP8266WiFi/examples/HTTPSRequest/HTTPSRequest.ino b/libraries/ESP8266WiFi/examples/HTTPSRequest/HTTPSRequest.ino
@@ -19,15 +19,20 @@
 #include <ESP8266WiFi.h>
 #include <WiFiClientSecure.h>
 
-const char* ssid = "........";
-const char* password = "........";
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = PSK;
 
 const char* host = "api.github.com";
 const int httpsPort = 443;
 
 // Use web browser to view and copy
 // SHA1 fingerprint of the certificate
-const char* fingerprint = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
+const char fingerprint[] PROGMEM = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
 
 void setup() {
   Serial.begin(115200);
@@ -49,17 +54,15 @@ void setup() {
   WiFiClientSecure client;
   Serial.print("connecting to ");
   Serial.println(host);
+
+  Serial.printf("Using fingerprint '%s'\n", fingerprint);
+  client.setFingerprint(fingerprint);
+
   if (!client.connect(host, httpsPort)) {
     Serial.println("connection failed");
     return;
   }
 
-  if (client.verify(fingerprint, host)) {
-    Serial.println("certificate matches");
-  } else {
-    Serial.println("certificate doesn't match");
-  }
-
   String url = "/repos/esp8266/Arduino/commits/master/status";
   Serial.print("requesting URL: ");
   Serial.println(url);

diff --git a/libraries/ESP8266WiFi/examples/HTTPSRequestAxTLS/HTTPSRequestAxTLS.ino b/libraries/ESP8266WiFi/examples/HTTPSRequestAxTLS/HTTPSRequestAxTLS.ino
@@ -0,0 +1,105 @@
+/*
+    HTTP over TLS (HTTPS) example sketch
+
+    This example demonstrates how to use
+    WiFiClientSecure class to access HTTPS API.
+    We fetch and display the status of
+    esp8266/Arduino project continuous integration
+    build.
+
+    Limitations:
+      only RSA certificates
+      no support of Perfect Forward Secrecy (PFS)
+      TLSv1.2 is supported since version 2.4.0-rc1
+
+    Created by Ivan Grokhotkov, 2015.
+    This example is in public domain.
+*/
+
+#include <ESP8266WiFi.h>
+
+// force use of AxTLS (BearSSL is now default)
+#include <WiFiClientSecureAxTLS.h>
+using namespace axTLS;
+
+#ifndef STASSID
+#define STASSID "your-ssid"
+#define PSK  "your-password"
+#endif
+
+const char* ssid = STASSID;
+const char* password = PSK;
+
+const char* host = "api.github.com";
+const int httpsPort = 443;
+
+// Use web browser to view and copy
+// SHA1 fingerprint of the certificate
+const char* fingerprint = "5F F1 60 31 09 04 3E F2 90 D2 B0 8A 50 38 04 E8 37 9F BC 76";
+
+void setup() {
+  Serial.begin(115200);
+  Serial.println();
+  Serial.print("connecting to ");
+  Serial.println(ssid);
+  WiFi.mode(WIFI_STA);
+  WiFi.begin(ssid, password);
+  while (WiFi.status() != WL_CONNECTED) {
+    delay(500);
+    Serial.print(".");
+  }
+  Serial.println("");
+  Serial.println("WiFi connected");
+  Serial.println("IP address: ");
+  Serial.println(WiFi.localIP());
+
+  // Use WiFiClientSecure class to create TLS connection
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored  "-Wdeprecated-declarations"
+  WiFiClientSecure client;
+#pragma GCC diagnostic pop
+  Serial.print("connecting to ");
+  Serial.println(host);
+  if (!client.connect(host, httpsPort)) {
+    Serial.println("connection failed");
+    return;
+  }
+
+  if (client.verify(fingerprint, host)) {
+    Serial.println("certificate matches");
+  } else {
+    Serial.println("certificate doesn't match");
+  }
+
+  String url = "/repos/esp8266/Arduino/commits/master/status";
+  Serial.print("requesting URL: ");
+  Serial.println(url);
+
+  client.print(String("GET ") + url + " HTTP/1.1\r\n" +
+               "Host: " + host + "\r\n" +
+               "User-Agent: BuildFailureDetectorESP8266\r\n" +
+               "Connection: close\r\n\r\n");
+
+  Serial.println("request sent");
+  while (client.connected()) {
+    String line = client.readStringUntil('\n');
+    if (line == "\r") {
+      Serial.println("headers received");
+      break;
+    }
+  }
+  String line = client.readStringUntil('\n');
+  if (line.startsWith("{\"state\":\"success\"")) {
+    Serial.println("esp8266/Arduino CI successfull!");
+  } else {
+    Serial.println("esp8266/Arduino CI has failed");
+  }
+  Serial.println("reply was:");
+  Serial.println("==========");
+  Serial.println(line);
+  Serial.println("==========");
+  Serial.println("closing connection");
+}
+
+void loop() {
+}
diff --git a/...Fi/examples/HTTPSRequestCACert/CACert.ino → ...amples/HTTPSRequestCACertAxTLS/CACert.ino b/...Fi/examples/HTTPSRequestCACert/CACert.ino → ...amples/HTTPSRequestCACertAxTLS/CACert.ino