[PATCH] doc: cmd: wget: remove erroneous note
Heinrich Schuchardt
xypron.glpk at gmx.de
Tue Jun 17 14:03:55 CEST 2025
On 17.06.25 13:33, Jerome Forissier wrote:
> The note about U-Boot not being able to verify server certificates is
> false now that WGET_CACERT and WGET_CACERT_BUILTIN have been added.
> Remove it.
Thank you for the patch.
I can't find the string WGET_CACERT_BUILTIN in origin/next. Do you mean
CONFIG_WGET_BUILTIN_CACERT?
Otherwise
Reviewed-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
>
> Signed-off-by: Jerome Forissier <jerome.forissier at linaro.org>
> ---
>
> doc/usage/cmd/wget.rst | 7 -------
> 1 file changed, 7 deletions(-)
>
> diff --git a/doc/usage/cmd/wget.rst b/doc/usage/cmd/wget.rst
> index 44033aaff39..06df2842549 100644
> --- a/doc/usage/cmd/wget.rst
> +++ b/doc/usage/cmd/wget.rst
> @@ -185,13 +185,6 @@ TCP Selective Acknowledgments in the legacy network stack can be enabled via
> CONFIG_PROT_TCP_SACK=y. This will improve the download speed. Selective
> Acknowledgments are enabled by default with lwIP.
>
> -.. note::
> -
> - U-Boot currently has no way to verify certificates for HTTPS.
> - A place to store the root CA certificates is needed, and then MBed TLS would
> - need to walk the entire chain. Therefore, man-in-the middle attacks are
> - possible and HTTPS should not be relied upon for payload authentication.
> -
> Return value
> ------------
>
More information about the U-Boot
mailing list