[PATCH 0/6] Enable https for wget

Ilias Apalodimas ilias.apalodimas at linaro.org
Fri Oct 18 17:05:56 CEST 2024 

Hi Simon,

On Fri, 18 Oct 2024 at 18:03, Simon Glass <sjg at chromium.org> wrote:
>
> Hi Ilias,
>
> On Fri, 18 Oct 2024 at 08:22, Ilias Apalodimas
> <ilias.apalodimas at linaro.org> wrote:
> >
> > Since lwIP and mbedTLS have been merged turning on https:// support is
> > relatively easy. We need to enable the missing algorithms and modes of
> > operation in mbedTLS and enable TLS in lwIP. Someof the lwIP patches
> > are in their github as PRS, but since they haven't been merged yet, we
> > need to carry them for a while
> >
> > patch#1 enables the crypto algorithms we need in mbedTLS
> > patches#2, #3 enable anf fix the lwIP part we need
> > patch#4 is adding https:// parsing support in our wget
> > patch#5 is making https:// the default for QEMU lwip defconfig so
> > people can easily test
> > and finaly patch#6 updates our documentation
> >
> > Ilias Apalodimas (4):
> >   mbedtls: Enable TLS 1.2 support
> >   net: lwip: Enable https:// support for wget
> >   configs: Enable htts for wget on qemu arm64
> >   doc: uefi: Describe UEFI HTTPs boot
> >
> > Javier Tia (2):
> >   net: lwip: Update lwIP for mbedTLS > 3.0 support and enable https
> >   net: lwip: Add Support Server Name Indication support
> >
> >  cmd/Kconfig                                   | 19 +++++
> >  configs/qemu_arm64_lwip_defconfig             |  1 +
> >  doc/develop/uefi/uefi.rst                     | 45 ++++++++++-
> >  lib/lwip/Makefile                             |  3 +
> >  .../src/apps/altcp_tls/altcp_tls_mbedtls.c    | 50 +++++++-----
> >  lib/lwip/lwip/src/core/tcp_out.c              | 10 +--
> >  lib/lwip/lwip/src/include/lwip/altcp_tls.h    |  2 +-
> >  lib/lwip/u-boot/lwipopts.h                    |  6 ++
> >  lib/mbedtls/Kconfig                           | 12 +++
> >  lib/mbedtls/Makefile                          | 33 +++++++-
> >  lib/mbedtls/mbedtls_def_config.h              | 52 +++++++++++++
> >  net/lwip/Kconfig                              |  2 +-
> >  net/lwip/wget.c                               | 78 +++++++++++++++++--
> >  13 files changed, 273 insertions(+), 40 deletions(-)
> >
> > --
> > 2.45.2
> >
>
> Can we create a sandbox build with lwip as well? I'd really like to
> get that testing moving, so we can test simple networking cases, as we
> do without lwip.
>

Someone is already on it. But it's going to take some time as the
current sandbox stack makes too many assumption for the backing TCP
stack

Thanks
/Ilias
> Regards,
> Simon

More information about the U-Boot mailing list