esp32/lwip: fix wpa2-enterprise vulnerability and support lwip window scale

1. Fix WiFi wpa2-enterprise vulnerability bug
2. Support LWIP window scale

diff --git a/components/esp32/Kconfig b/components/esp32/Kconfig
index 6d432a4d84cb3be95f2cd2a4490383d1316f8be8..bd6126e199af172f36345a3cd037c96adc693b5c 100644 (file)
--- a/components/esp32/Kconfig
+++ b/components/esp32/Kconfig
@@ -908,7 +908,8 @@ config ESP32_WIFI_STATIC_RX_BUFFER_NUM
 
 config ESP32_WIFI_DYNAMIC_RX_BUFFER_NUM
     int "Max number of WiFi dynamic RX buffers"
-    range 0 128
+    range 0 128 if !LWIP_WND_SCALE
+    range 0 1024 if LWIP_WND_SCALE
     default 32
     help
         Set the number of WiFi dynamic RX buffers, 0 means unlimited RX buffers will be allocated

diff --git a/components/esp32/lib b/components/esp32/lib
index d4fc472cb423e18067623ffbf572e789429fcd57..0c69df05ab77d519eaeba9f3c86113fde2d0dc82 160000 (submodule)
--- a/components/esp32/lib
+++ b/components/esp32/lib
@@ -1 +1 @@
-Subproject commit d4fc472cb423e18067623ffbf572e789429fcd57
+Subproject commit 0c69df05ab77d519eaeba9f3c86113fde2d0dc82

diff --git a/components/lwip/Kconfig b/components/lwip/Kconfig
index 5dfd3cade1c4f2bb15dd535f5b5bfa4fab7ded74..442593bfd75f4eb2fa05a30ae494a354a611dc13 100644 (file)
--- a/components/lwip/Kconfig
+++ b/components/lwip/Kconfig
@@ -148,7 +148,8 @@ config GARP_TMR_INTERVAL
 config TCPIP_RECVMBOX_SIZE
     int "TCPIP task receive mail box size"
     default 32
-    range 6 64
+    range 6 64 if !LWIP_WND_SCALE
+    range 6 1024 if LWIP_WND_SCALE
     help
         Set TCPIP task receive mail box size. Generally bigger value means higher throughput
         but more memory. The value should be bigger than UDP/TCP mail box size.
@@ -331,7 +332,8 @@ config TCP_WND_DEFAULT
 config TCP_RECVMBOX_SIZE
     int "Default TCP receive mail box size"
     default 6
-    range 6 64
+    range 6 64 if !LWIP_WND_SCALE
+    range 6 1024 if LWIP_WND_SCALE
     help
         Set TCP receive mail box size. Generally bigger value means higher throughput
         but more memory. The recommended value is: TCP_WND_DEFAULT/TCP_MSS + 2, e.g. if 
@@ -391,6 +393,21 @@ config TCP_OVERSIZE_DISABLE
 
 endchoice
 
+config LWIP_WND_SCALE
+    bool "Support TCP window scale"
+        depends on WIFI_LWIP_ALLOCATION_FROM_SPIRAM_FIRST
+        default n
+        help
+            Enable this feature to support TCP window scaling.
+
+    config TCP_RCV_SCALE
+        int "Set TCP receiving window scaling factor"
+        depends on LWIP_WND_SCALE
+        range 0 14
+        default 0
+        help
+            Enable this feature to support TCP window scaling.
+
 endmenu # TCP
 
 menu "UDP"

diff --git a/components/lwip/include/lwip/port/lwipopts.h b/components/lwip/include/lwip/port/lwipopts.h
index 0a206f40ec15a3444206dbdead7043af9b6ce309..6b5111c889f7172cb72513814382ea8c5a694332 100644 (file)
--- a/components/lwip/include/lwip/port/lwipopts.h
+++ b/components/lwip/include/lwip/port/lwipopts.h
@@ -348,6 +348,19 @@
 #error "One of CONFIG_TCP_OVERSIZE_xxx options should be set by sdkconfig"
 #endif
 
+/**
+ * LWIP_WND_SCALE and TCP_RCV_SCALE:
+ * Set LWIP_WND_SCALE to 1 to enable window scaling.
+ * Set TCP_RCV_SCALE to the desired scaling factor (shift count in the
+ * range of [0..14]).
+ * When LWIP_WND_SCALE is enabled but TCP_RCV_SCALE is 0, we can use a large
+ * send window while having a small receive window only.
+ */
+#ifdef CONFIG_LWIP_WND_SCALE
+#define LWIP_WND_SCALE                  1
+#define TCP_RCV_SCALE                   CONFIG_TCP_RCV_SCALE
+#endif
+
 /*
    ----------------------------------
    ---------- Pbuf options ----------