Documentation for ESP-IDF v4.1.2 is available at https://docs.espressif.com/projects/esp-idf/en/v4.1.2/
ESP-IDF v4.1.2 is a bugfix update for ESP-IDF v4.1.1. ESP-IDF v4.3 is the latest stable release at time of writing.
ESP-IDF v4.1.x will be supported until February 2023, according to the ESP-IDF Support Policy.
Obtaining v4.1.2
For full installation instructions, see the ESP-IDF Programming Guide.
The source files attached to this release will not work due to our use of git submodules. Use one of the following methods instead:
Using git
To get this release, use the following commands:
git clone -b v4.1.2 --recursive https://github.com/espressif/esp-idf.git esp-idf-v4.1.2
cd esp-idf-v4.1.2/
This is the recommended way of obtaining release v4.1.2.
Download an archive with submodules included
Attached to this release is an esp-idf-v4.1.2.zip
archive. It includes .git
directory and all the submodules, so can be used out of the box. This archive is provided for users who have connectivity issues preventing them from cloning from GitHub.
This archive can also be downloaded from Espressif's download server:
https://dl.espressif.com/dl/esp-idf/releases/esp-idf-v4.1.2.zip
Changelog
This is the list of changes since release v4.1.1:
Major Bug Fixes
- Fixed arithmetic overflow issue in FreeRTOS queue API (CVE-2021-31571)
- Flash Encryption: Fixed potential physical access TOCTOU attack to remove encrypted partition flag in partition table (CVE-2021-27926)
Breaking Changes
- [esp_tls_wolfssl] Previously an API named wolfssl_tlsext_host_name was inappropriately used for domain (host) name check. In earlier case if the domain name was different than the ISSUER field in the peer's server certificate, then the connection might have succeeded (provided skip_common_name = false). The old API is now replaced with wolfSSL_check_domain_name, which makes wolfSSL to check if the domain name provided matches with the ISSUER name on the peer's server certificate. With this API change, wolfSSL_connect should return a fatal error in case of a domain name mismatch
- Removed support for ESP32-S2-Beta chip
Known Issues
- Nimble resolvable private address does not work properly in some use scenarios.
Bluetooth
Controller
- Added check for NULL valued combination key to prevent ‘Impersonation in the Pin Pairing Protocol’ Vulnerability (CVE-2020-26555)
- Fixed assert without SW coexist enabled
- Fixed Shutdown Bluetooth before ESP_restarte
- Fixed bt controller task watchdog in Wi-Fi test
- Modified log level of messages E8192 ELx200 ELx40 to debugging, to prevent same issue occur repetitively due to too much logging
- Fixed the issue of modem sleep which may lead to the crash issue "assert(-218959118,0)"
- Fixed for C2H flow control parameter check in Bluetooth controller. Required for NimBLE Host flow control to work
- Fixed controller does not report disconnect event to host
Bluetooth Low Energy
- Deleted the Kconfig option: BLE ADV priority high
- Fixes BLE ACL Tx Flush issue during Reset/Reboot
Classic Bluetooth
- Fixed handling of invalid feature page response
- Fixed unexpected LMP timeout problem when rejecting remote device
- Fixed unable to initiate SCO connection when peer device not accept sniff mode
Bluedroid
- Added check for peer device bdaddr to be different than ours when sending conn req to prevent ‘Impersonation in the Pin Pairing Protocol’ Vulnerability
Classic Bluetooth
- A2DP: Added Init & Deinit Event for A2DP
- A2DP: Fixed underrun issue
- HFP: Fix issue that bta_hf_client_sco_co_out_data is called, it will crash
- SPP: Fixed SPP VFS demo crash when use dynamic memory
- SPP: Fixed SPP VFS memory leaks when exception occurs
- SPP: Add API esp_spp_stop_srv_scn to stop a specific server
- SPP: Add parameter service_name with event ESP_SPP_DISCOVERY_COMP_EVT
- SPP: Add parameter scn with event ESP_SPP_START_EVT
- SPP: Add parameter scn with event ESP_SPP_SRV_STOP_EVT
- AVRCP: Fixed an issue that target doesn't handle set_player_app_value command
- HFP: Fixed crash in btc_hf_arg_deep_copy when name or number is NULL
- Added API to config QoS for Classic Bluetooth ACL link
- Added change to consider Audio Major Class while showing discovery results
- HFP-AG: Fixed error when enabling dynamic memory allocation
- A2DP: Fixed A2DP deint crash
Bluetooth Low Energy
- Added connection parameter check
- Fixed ble connection maximum latency is 499
- Disable bluedroid congest error log print
- Fixed read multiple characteristics failed
- Fixed add white list failed
- Fixed bluedroid repair failed if the two most significant bits of public address is '01'
- Fixed congest return value
- Fixed BLE read multi char err when the number of handles is more than 10
- Fixed scan response length error
- Fixed vendor hci memory leak
- Fixed multi-connection pair failure
- Updated connection state when getting connection cancel complete
- Fixed crash caused by enabling GATTC NVS
- Fixed spelling mistakes
- Modify parameter description for esp_ble_gattc_open()
- Fixed data length update failed
- Fixed no callback when the value being used is the same as the value to be set
- Fixed start scan crash issue
- Do not malloc a new event in r_lld_evt_end() if the event already exists
NimBLE
- Fixed host flow control in NimBLE host
- Fixed ‘Impersonation in the Passkey Entry Protocol’ Vulnerability (CVE-2020-26558)
- Fixed WDT crash observed during security exchanges
- Fixed compilation issues when host based privacy is disabled
Blufi
- Fixed issue of sending longer customer data causing congestion
ESP-BLE-Mesh
- Fixed Node ID adv with wrong timeout value
- Need uuid when adding device for provisioning by Provisioner
- Added support of receiving heartbeat messages for Provisioner
- Support using multiple NVS namespaces to store information by Provisioner
- Replace the Zephyr integer types with C99 types [Zephyr]
- Added a separate callback for BLE Mesh and BLE adv/scan coexistence
- Support scanning normal BLE advertising packets when BLE Mesh is working
- Enable updating lighting hsl state
- Fixed Proxy Client may fail to resend messages
- Use different random value for each provisioning by Provisioner
- Fixed deinit server models with no matching model id
- Fixed number endianness error for Provisioner when using input/output auth (#6862)
- Fixed provisioning input/output count number should be at least 1 (#6863)
- Added check of Provisioning Random & Confirmation sent/received by Provisioner(CVE-2020-26556 & CVE-2020-26560)
- Recommended to use OOB mechanism to exchange Public Key (CVE-2020-26559)
- Recommended to use randomly generated AuthValue for Static OOB (CVE-2020-26557)
- Added an option to make Unprovisioned Device Beacon interval configurable
Wi-Fi Coexistence
- Adjusted WiFi scan duration from 120ms to 100ms
- Fixed IRAM_ATTR missing in coex mode
Wi-Fi
- Fixed smartconfig issue when router replies ARP late
- Updated exception handling for iperf example's scan when no APs was found
- Fixed return type of esp_wifi_deinit when Wi-Fi is not stopped
- Fixed issue of crashing when verbose logs are enabled
- Fixed CSA and BAR crash issue
- Using deport reg instead of ahb
- Revert to report specific reason code when receiving deauth during 4-way-handshake
- Fixed the bug that tx ampdu parameter is not from peer device.
- Changed country code last byte to space instead of \0
- Fixed softap cannot forward A-MSDU
- Faster WiFi station connect improvement, avoid 100ms passive scan
- Added FCS failed packets filter
- Updated ESP32 phy lib to v4660
- Fixed max tx power to 20dBm
- Fixed the issue that the esp_wifi_sta_get_ap_info can't get country
- Fixed phy version log could not disable issue
- Updated description for new API esp_wifi_set_inactive_time() in wifi.rst
- Update description to avoid using WiFi modem sleep for WiFi/BT coexistence
- Fixed description of unusable API esp_wifi_restart()
- Updated esp_now_fetch_peer description
- Updated table format problem for esp_wifi_set_max_tx_power()
- Add support for 802.1x sha256 auth key mode
- Fixed system crash on scan failure
- Do not check the return value of esp_wifi_connect()
- Fixed resources leaks detected in static analysis
- Fixed setting channel error after WiFi stop
- wpa_supplicant: Prevent reinstallation of an already in-use group key
- Fixed amsdu and fragment vulnerabilities
- Removed support for ESP32-S2-Beta chip
Ethernet
- Speed up Ethernet start up process
Security
- Flash_encryption: Fixed the flash_encrypted_write/read issue under 40M psram and 80M spi flash on ESP32 (#6322, #6254)
- Flash Encryption: Fixed potential physical access TOCTOU attack to remove encrypted partition flag in partition table (CVE-2021-27926)
- Partition Table: The partition table MD5 checksum is now checked when the partition table is loaded by the app, in addition to the existing check in the bootloader
Peripheral Drivers
- ADC: Fixed the issue that ADC power is affected by Wi-Fi usage
- ADC: Fixed issue of crashing when verbose logs are enabled
- CAN: Added support for running ISR when cache is disabled
- CAN: Fixed an issue where log functions were called from within critical sections leading a crash
- CAN: Fixed an issue where semaphores were taken from within a critical section
- Freemodbus: Added MB_PORT_PARITY_GET() to propagate UART parity options from mb controller to serial port layer (#6377)
- Freemodbus: Fixed the serial modbus examples to use TOUT feature
- Freemodbus: Increased the maximum modbus tasks priority
- GPIO: Fixed an issue that light sleep can't be awoken by GPIO
- I2C: Fixed PM lock release in case of a timeout
- I2S: Fixed driver uninstall can't disable the module
- MCPWM: Fixed MCPWM second fault line broken (#6053)
- SPI Flash: Add config option to override inherited flash size from bootloader header
- SPI: Fixed duplex mode switch issue when switching multiple devices (#4641, #1080)
- SPI: Fixed CS polarity configuration issue (#4726, #5490)
- UART: Fixed UART FIFO read on ESP32 with -O2 optimization
- UART: Fixed UART set timeout in the driver
- Timer: Place timer_spinlock_give/timer_spinlock_take in IRAM
- Timer: Fixed auto reload issue in default isr callback (#7001)
- Fixed extern "C" declarations in touch_sensor.h and esp_adc_cal.h (#6633, #6634)
Core System
- esp_log: Correct timestamp formatting to unsigned integer type
- Fixed possible failure to boot if Stack Smashing Protection was set to Overall mode (#6403)
- Fixed error in reserved PSRAM region if set to 8MB PSRAM size (#5373)
- Fixed default values for all RTC sources in the CONFIG_ESP32xx_RTC_CLK_CAL_CYCLES option (#6037)
- Removed core1 disable cache in cache_utils.c
- Fixed arithmetic overflow issue in FreeRTOS queue API (CVE-2021-31571)
- Fixed possible deadlock when using pthread_join() and log level set to Debug or higher
Build System
- Fixed getting component private requirements
- Fixed overriding Python path with -DPYTHON when building IDF as CMake library (#6285)
- Improved error message if the Python dependency check completely fails to run due to an issue with the Python interpreter
FreeRTOS
- xQueueGenericCreateStatic and xRingbufferCreate functions can no longer be used while cache is disabled
Power Management
- Optimized deep sleep current in Wi-Fi softap mode
LWIP
- Fixed potential crash of ping when zero ping interval supplied
- esp_netif: Fixed get/set hostname API to reflect user settings (#6085)
- esp_netif: Fixed PPP netif event posting to correctly include the esp_netif instance pointer (#6009)
- Fixed assert when tcp send data
- Optimized logging of dhcp key state transition
- Documented that lwIP does not support delete of a task while it is actively waiting on select() or poll()
mDNS
- Fixed length calculation of mDNS text field (#6114)
- Fixed issue of crash when wifi interface get deleted and mdns continues to receive the packets (#6973)
TCP Transport
- Enable TCP keep-alive function in transport level
OTA
- otatool: Fixed incorrect using otadata.seq&crc in switch_ota_partition cmd
- Fixed incorrect first byte from esp_ota_get_app_elf_sha256 for -O2 optimization level (#6389)
HTTP Client
- Fixed buffer overread when esp_http_client_read is called after esp_http_client_perform (#6146)
- Fixed issue with esp_http_client when disable_auto_redirect is enabled
- Fixed issue with digest auth when opaque field is not present in response
- Added a configuration in esp_http_client_config_t to set user agent string
- Fixed esp_http_client_read with OpenSSL server for file size aligned to 289 bytes
mbedTLS
- Upgraded to release v2.16.9
ESP-TLS
- Updated "tls->sockfd" after the socket is freed internally
- Fixed memory leak in esp-tls for freeing up global ca store
- esp_tls_wolfssl: Use correct API to validate domain name with peer's server certificate.
- Fixed misplaced parenthesis
ESP-MQTT
- Added a new API to enqueue publish messages with qos>0
Storage
- NVS Flash: prevent erasing initialized partition (#4755, #2777)
- NVS: Fixed partition de-intialization function to only close its own handles
Tools & Debugging
- Fix the exception when specifying baudrate argument for IDF Monitor
- Specify UTF-8 encoding for Eclipse Make build which is not the default value under Python 2 (#6505)
- Prefer python3 during install and export (#6471)
- Make the installation simpler by not requiring to set up manually an alias for python on Unix systems where it doesn't exist by default
- esptool: Updated to latest release/v2
- Reinstall virtualenv if it is broken (#6656)
- Fixed crash of IDF Monitor in case processing input with Unicode character
- idf_tools.py: Improved error message about tool being installed but failed to run
- idf_tools.py: Catch the correct exception raised when the external tool is not available (#7140)
- export.bat/install.bat: Print human-readable error message if Git or Python is not in PATH
- idf.py: Fixed unpredictable order of global_action_callbacks with python < 3.7
- Support the setting of a mirror for all GitHub asset URLs downloaded as part of IDF Tools install process
- GDB Stub: Fixed GDB assertion when listing threads
- ldgen: Fix object file name truncation with mapping symbols
- Upgrade OpenOCD to version v0.10.0-esp32-20210401
Protocomm
- Fixed NULL pointer check to address issue found in static analysis (#6440)
Examples
- Fixed enable CONFIG_EXAMPLE_RESET_PROVISIONED will cause device crash
- Fixed broken links to IDF examples
- SPI Flash FatFs: Fixed ext flash FatFs cannot connect to external flash issue
- pppos_client: Fixed a race condition on closing the PPP mode
- flash_encryption: Fixed the partition table - The partition_example.csv should not have fixed offsets for partitions because we want to move the whole table. The fixed offsets in the table were cleared.
- MQTT: Updated certificates used on ssl and wss (#6776)
Documentation
- Removed RTD download PDF link, fixed broken translation links
- Updated Chinese translation and fixed typos for build-system, ulp, unit-tests, and idf-monitor
- Updated docs/en/api-reference/protocols/icmp_echo.rst and docs/en/get-started/windows-setup.rst