mirror of
https://github.com/u-boot/u-boot.git
synced 2025-04-27 16:01:27 +00:00
12cc6531a1
Introduce Kconfig symbols WGET_BUILTIN_CACERT and WGET_BUILTIN_CACERT_PATH to provide root certificates at build time. Usage example: wget -O cacert.crt https://cacerts.digicert.com/DigiCertTLSECCP384RootG5.crt make qemu_arm64_lwip_defconfig echo CONFIG_WGET_BUILTIN_CACERT=y >>.config echo CONFIG_WGET_BUILTIN_CACERT_PATH=cacert.crt >>.config make olddefconfig make -j$(nproc) CROSS_COMPILE="ccache aarch64-linux-gnu-" qemu-system-aarch64 -M virt -nographic -cpu max \ -object rng-random,id=rng0,filename=/dev/urandom \ -device virtio-rng-pci,rng=rng0 -bios u-boot.bin => dhcp # HTTPS transfer using the builtin CA certificates => wget https://digicert-tls-ecc-p384-root-g5.chain-demos.digicert.com/ 1867 bytes transferred in 1 ms (1.8 MiB/s) Bytes transferred = 1867 (74b hex) Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
50 lines
1.4 KiB
C
50 lines
1.4 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/* Copyright (C) 2024 Linaro Ltd. */
|
|
|
|
#include <command.h>
|
|
#include <net.h>
|
|
|
|
#if defined(CONFIG_CMD_DHCP)
|
|
U_BOOT_CMD(dhcp, 3, 1, do_dhcp,
|
|
"boot image via network using DHCP/TFTP protocol",
|
|
"[loadAddress] [[hostIPaddr:]bootfilename]");
|
|
#endif
|
|
|
|
#if defined(CONFIG_CMD_PING)
|
|
U_BOOT_CMD(ping, 2, 1, do_ping, "send ICMP ECHO_REQUEST to network host",
|
|
"pingAddress");
|
|
#endif
|
|
|
|
#if defined(CONFIG_CMD_TFTPBOOT)
|
|
U_BOOT_CMD(tftpboot, 3, 0, do_tftpb,
|
|
"boot image via network using TFTP protocol\n",
|
|
"[loadAddress] [[hostIPaddr:]bootfilename]");
|
|
#endif
|
|
|
|
#if defined(CONFIG_CMD_DNS)
|
|
U_BOOT_CMD(dns, 3, 1, do_dns, "lookup the IP of a hostname",
|
|
"hostname [envvar]");
|
|
#endif
|
|
|
|
#if defined(CONFIG_CMD_WGET)
|
|
U_BOOT_CMD(wget, 4, 1, do_wget,
|
|
"boot image via network using HTTP/HTTPS protocol"
|
|
#if defined(CONFIG_WGET_CACERT)
|
|
"\nwget cacert - configure wget root certificates"
|
|
#endif
|
|
,
|
|
"[loadAddress] url\n"
|
|
"wget [loadAddress] [host:]path\n"
|
|
" - load file"
|
|
#if defined(CONFIG_WGET_CACERT)
|
|
"\nwget cacert <address> <length>\n"
|
|
" - provide CA certificates (0 0 to remove current)"
|
|
"\nwget cacert none|optional|required\n"
|
|
" - set server certificate verification mode (default: optional)"
|
|
#if defined(CONFIG_WGET_BUILTIN_CACERT)
|
|
"\nwget cacert builtin\n"
|
|
" - use the builtin CA certificates"
|
|
#endif
|
|
#endif
|
|
);
|
|
#endif
|