Nodemcu 3.0 Update

[kit-klein]

This PR updates the project to use the 3.0-master_20200610 firmware. 3.0 should be the last major esp sdk update for the 8266 chip.

The firmware update required some notable changes

1. the ds18b20 c module has been replaced with a lua version (similar to pro board). The c module support was removed in 3.0.
2. the enduser_setup.html has been adjusted to hit the /update endpoint instead of the setwifi endpoint. setwifi now expects a form POST instead of the previous query param style (which /update still accepts)
3. a partition table is now used which is defined in firmware/nodemcu-firmware-overlay/app/user/user_main.c.
4. LFS size has been increased from 0x1000 to 0x4000. Our build script will now throw an error if the compiled LFS exceeds this new limit.

Along with the firmware update several other notable changes occurred.

1. The firmware script has been refactored to work more like the pro board (uses luac.cross directly, handles pulling down the correct firmware repo, supports similar arguments).
2. Our calls to node.info() now specify the "sw_version" argument. The legacy style of not providing an argument is deprecated and will soon be removed.

To date I've verified the following

• provisions wifi OK (laptop (osx w/ chrome), android, ios)
• discoverable in HA
• provisionable in HA
• binary sensor works
• binary output works
• ds18 sensor works
• led control works
• terminal logs contain no errors or crashes
• provisions with konnected cloud and sends updates to smart things
• sends updates to an HA instance with https enabled

mbedTLS Notes My first attempts to use a migrated version of our old user_mbedtls.h config failed to handshake with aws-iot. I decided to use the nodeMCU recommended config and then do some deep debugging to understand the issues. The recommended config had quite a few changes vs the config we were using. Obvious big differences are

• we only support TLS 1.2 now
• support for ECDSA (less memory intensive than RSA)

You can see the full changes in this commit.

While testing I realized a few important things.

1. In user_config.h the SSL_BUFFER_SIZE needed to be increased. It appears some of the certs provided by AWS-IOT require a buffer of at least 5377 (I opted for 5380). This could need changed in the future if aws certs grow.
2. AWS-IOT has two versions of endpoints (https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html). In my testing the -ats endpoint has a longer cert chain - causing us to run out of memory if we use RSA signature. ECDSA signatures use less memory and are able to connect to -ats endpoints. The non -ats endpoint works fine with both RSA and ECDSA.
3. The duckdns/letsencrypt add-on for hass seems to only support RSA signatures. The cert chain is short and we are able to connect without issue.

For now I'm leaving both RSA and ECDSA enabled and adding logic to ensure we don't connect to the -ats endpoint. In the future if we want to use the -ats endpoint we can disable RSA by undefining MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED and MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED. Just know this may break our ability to negotiate https with home assistant.

Future mbedTLS debugging attempts will output verbose logs if you

1. set debug_threshold = 3 in app/mbedtls/library/debug.c
2. define DEVELOP_VERSION in user_config.h
3. define MBEDTLS_SSL_DEBUG_ALL in user_mbedtls.h

[heythisisnate]

great stuff! give me some time to test and play with it.