michael/u-boot
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lwip: split net/lwip/wget.c

Browse Source 
Split net/lwip/wget.c in two: one part which implements CONFIG_WGET
stays in net/ while the part that implements CONFIG_CMD_WGET is moved
into cmd/.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
This commit is contained in:
Jerome Forissier
2025-06-25 15:19:13 +02:00
parent ba814b8b5a
commit d3761a31ef
3 changed files with 212 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

196
cmd/lwip/wget.c
View File

@@ -2,7 +2,10 @@
/* Copyright (C) 2024-2025 Linaro Ltd. */
#include <command.h>
#include <env.h>
#include <image.h>
#include <net.h>
#include <lwip/altcp_tls.h>
U_BOOT_CMD(wget, 4, 1, do_wget,
"boot image via network using HTTP/HTTPS protocol"
@@ -24,3 +27,196 @@ U_BOOT_CMD(wget, 4, 1, do_wget,
#endif
#endif
);
#if CONFIG_IS_ENABLED(WGET_CACERT) || CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
char *cacert;
size_t cacert_size;
enum auth_mode cacert_auth_mode = AUTH_OPTIONAL;
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
extern const char builtin_cacert[];
extern const size_t builtin_cacert_size;
bool cacert_initialized;
#endif
static int _set_cacert(const void *addr, size_t sz)
{
mbedtls_x509_crt crt;
void *p;
int ret;
if (cacert)
free(cacert);
if (!addr) {
cacert = NULL;
cacert_size = 0;
return CMD_RET_SUCCESS;
}
p = malloc(sz);
if (!p)
return CMD_RET_FAILURE;
cacert = p;
cacert_size = sz;
memcpy(cacert, (void *)addr, sz);
mbedtls_x509_crt_init(&crt);
ret = mbedtls_x509_crt_parse(&crt, cacert, cacert_size);
if (ret) {
if (!wget_info->silent)
printf("Could not parse certificates (%d)\n", ret);
free(cacert);
cacert = NULL;
cacert_size = 0;
return CMD_RET_FAILURE;
}
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
cacert_initialized = true;
#endif
return CMD_RET_SUCCESS;
}
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
int set_cacert_builtin(void)
{
cacert_auth_mode = AUTH_REQUIRED;
return _set_cacert(builtin_cacert, builtin_cacert_size);
}
#endif
#endif /* CONFIG_WGET_CACERT || CONFIG_WGET_BUILTIN_CACERT */
#if CONFIG_IS_ENABLED(WGET_CACERT)
static int set_auth(enum auth_mode auth)
{
cacert_auth_mode = auth;
return CMD_RET_SUCCESS;
}
static int set_cacert(char * const saddr, char * const ssz)
{
ulong addr, sz;
addr = hextoul(saddr, NULL);
sz = hextoul(ssz, NULL);
return _set_cacert((void *)addr, sz);
}
#endif
/*
* Legacy syntax support
* Convert [<server_name_or_ip>:]filename into a URL if needed
*/
static int parse_legacy_arg(char *arg, char *nurl, size_t rem)
{
char *p = nurl;
size_t n;
char *col = strchr(arg, ':');
char *env;
char *server;
char *path;
if (strstr(arg, "http") == arg) {
n = snprintf(nurl, rem, "%s", arg);
if (n < 0 || n > rem)
return -1;
return 0;
}
n = snprintf(p, rem, "%s", "http://");
if (n < 0 || n > rem)
return -1;
p += n;
rem -= n;
if (col) {
n = col - arg;
server = arg;
path = col + 1;
} else {
env = env_get("httpserverip");
if (!env)
env = env_get("serverip");
if (!env) {
log_err("error: httpserver/serverip has to be set\n");
return -1;
}
n = strlen(env);
server = env;
path = arg;
}
if (rem < n)
return -1;
strncpy(p, server, n);
p += n;
rem -= n;
if (rem < 1)
return -1;
*p = '/';
p++;
rem--;
n = strlen(path);
if (rem < n)
return -1;
strncpy(p, path, n);
p += n;
rem -= n;
if (rem < 1)
return -1;
*p = '\0';
return 0;
}
int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
{
char *end;
char *url;
ulong dst_addr;
char nurl[1024];
#if CONFIG_IS_ENABLED(WGET_CACERT)
if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
return set_cacert(argv[2], argv[3]);
if (argc == 3 && !strncmp(argv[1], "cacert", strlen("cacert"))) {
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
if (!strncmp(argv[2], "builtin", strlen("builtin")))
return set_cacert_builtin();
#endif
if (!strncmp(argv[2], "none", strlen("none")))
return set_auth(AUTH_NONE);
if (!strncmp(argv[2], "optional", strlen("optional")))
return set_auth(AUTH_OPTIONAL);
if (!strncmp(argv[2], "required", strlen("required")))
return set_auth(AUTH_REQUIRED);
return CMD_RET_USAGE;
}
#endif
if (argc < 2 || argc > 3)
return CMD_RET_USAGE;
dst_addr = hextoul(argv[1], &end);
if (end == (argv[1] + strlen(argv[1]))) {
if (argc < 3)
return CMD_RET_USAGE;
url = argv[2];
} else {
dst_addr = image_load_addr;
url = argv[1];
}
if (parse_legacy_arg(url, nurl, sizeof(nurl)))
return CMD_RET_FAILURE;
wget_info = &default_wget_info;
if (wget_do_request(dst_addr, nurl))
return CMD_RET_FAILURE;
return CMD_RET_SUCCESS;
}

14
include/net-lwip.h
View File

@@ -6,6 +6,20 @@
#include <lwip/ip4.h>
#include <lwip/netif.h>
/* HTTPS authentication mode */
enum auth_mode {
AUTH_NONE,
AUTH_OPTIONAL,
AUTH_REQUIRED,
};
extern char *cacert;
extern size_t cacert_size;
extern enum auth_mode cacert_auth_mode;
extern bool cacert_initialized;
int set_cacert_builtin(void);
enum proto_t {
TFTPGET
};

202
net/lwip/wget.c
View File

@@ -6,7 +6,6 @@
#include <display_options.h>
#include <efi_loader.h>
#include <env.h>
#include <image.h>
#include <linux/kconfig.h>
#include <lwip/apps/http_client.h>
#include "lwip/altcp_tls.h"
@@ -138,72 +137,6 @@ static int parse_url(char *url, char *host, u16 *port, char **path,
return 0;
}
/*
* Legacy syntax support
* Convert [<server_name_or_ip>:]filename into a URL if needed
*/
static int parse_legacy_arg(char *arg, char *nurl, size_t rem)
{
char *p = nurl;
size_t n;
char *col = strchr(arg, ':');
char *env;
char *server;
char *path;
if (strstr(arg, "http") == arg) {
n = snprintf(nurl, rem, "%s", arg);
if (n < 0 || n > rem)
return -1;
return 0;
}
n = snprintf(p, rem, "%s", "http://");
if (n < 0 || n > rem)
return -1;
p += n;
rem -= n;
if (col) {
n = col - arg;
server = arg;
path = col + 1;
} else {
env = env_get("httpserverip");
if (!env)
env = env_get("serverip");
if (!env) {
log_err("error: httpserver/serverip has to be set\n");
return -1;
}
n = strlen(env);
server = env;
path = arg;
}
if (rem < n)
return -1;
strncpy(p, server, n);
p += n;
rem -= n;
if (rem < 1)
return -1;
*p = '/';
p++;
rem--;
n = strlen(path);
if (rem < n)
return -1;
strncpy(p, path, n);
p += n;
rem -= n;
if (rem < 1)
return -1;
*p = '\0';
return 0;
}
/**
* store_block() - copy received data
*
@@ -338,94 +271,10 @@ static err_t httpc_headers_done_cb(httpc_state_t *connection, void *arg, struct
return ERR_OK;
}
#if CONFIG_IS_ENABLED(WGET_HTTPS)
enum auth_mode {
AUTH_NONE,
AUTH_OPTIONAL,
AUTH_REQUIRED,
};
static char *cacert;
static size_t cacert_size;
static enum auth_mode cacert_auth_mode = AUTH_OPTIONAL;
#endif
#if CONFIG_IS_ENABLED(WGET_CACERT)
static int set_auth(enum auth_mode auth)
{
cacert_auth_mode = auth;
return CMD_RET_SUCCESS;
}
#endif
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
extern const char builtin_cacert[];
extern const size_t builtin_cacert_size;
static bool cacert_initialized;
#endif
#if CONFIG_IS_ENABLED(WGET_CACERT) || CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
static int _set_cacert(const void *addr, size_t sz)
{
mbedtls_x509_crt crt;
void *p;
int ret;
if (cacert)
free(cacert);
if (!addr) {
cacert = NULL;
cacert_size = 0;
return CMD_RET_SUCCESS;
}
p = malloc(sz);
if (!p)
return CMD_RET_FAILURE;
cacert = p;
cacert_size = sz;
memcpy(cacert, (void *)addr, sz);
mbedtls_x509_crt_init(&crt);
ret = mbedtls_x509_crt_parse(&crt, cacert, cacert_size);
if (ret) {
if (!wget_info->silent)
printf("Could not parse certificates (%d)\n", ret);
free(cacert);
cacert = NULL;
cacert_size = 0;
return CMD_RET_FAILURE;
}
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
cacert_initialized = true;
#endif
return CMD_RET_SUCCESS;
}
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
static int set_cacert_builtin(void)
{
return _set_cacert(builtin_cacert, builtin_cacert_size);
}
#endif
#if CONFIG_IS_ENABLED(WGET_CACERT)
static int set_cacert(char * const saddr, char * const ssz)
{
ulong addr, sz;
addr = hextoul(saddr, NULL);
sz = hextoul(ssz, NULL);
return _set_cacert((void *)addr, sz);
}
#endif
#endif /* CONFIG_WGET_CACERT || CONFIG_WGET_BUILTIN_CACERT */
int wget_do_request(ulong dst_addr, char *uri)
{
#if CONFIG_IS_ENABLED(WGET_HTTPS)
@@ -471,6 +320,7 @@ int wget_do_request(ulong dst_addr, char *uri)
char *ca;
size_t ca_sz;
#if CONFIG_IS_ENABLED(WGET_CACERT) || CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
if (!cacert_initialized)
set_cacert_builtin();
@@ -497,7 +347,7 @@ int wget_do_request(ulong dst_addr, char *uri)
* with no verification if not.
*/
}
#endif
if (!ca && !wget_info->silent) {
printf("WARNING: no CA certificates, ");
printf("HTTPS connections not authenticated\n");
@@ -545,54 +395,6 @@ int wget_do_request(ulong dst_addr, char *uri)
return -1;
}
int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
{
char *end;
char *url;
ulong dst_addr;
char nurl[1024];
#if CONFIG_IS_ENABLED(WGET_CACERT)
if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
return set_cacert(argv[2], argv[3]);
if (argc == 3 && !strncmp(argv[1], "cacert", strlen("cacert"))) {
#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
if (!strncmp(argv[2], "builtin", strlen("builtin")))
return set_cacert_builtin();
#endif
if (!strncmp(argv[2], "none", strlen("none")))
return set_auth(AUTH_NONE);
if (!strncmp(argv[2], "optional", strlen("optional")))
return set_auth(AUTH_OPTIONAL);
if (!strncmp(argv[2], "required", strlen("required")))
return set_auth(AUTH_REQUIRED);
return CMD_RET_USAGE;
}
#endif
if (argc < 2 || argc > 3)
return CMD_RET_USAGE;
dst_addr = hextoul(argv[1], &end);
if (end == (argv[1] + strlen(argv[1]))) {
if (argc < 3)
return CMD_RET_USAGE;
url = argv[2];
} else {
dst_addr = image_load_addr;
url = argv[1];
}
if (parse_legacy_arg(url, nurl, sizeof(nurl)))
return CMD_RET_FAILURE;
wget_info = &default_wget_info;
if (wget_do_request(dst_addr, nurl))
return CMD_RET_FAILURE;
return CMD_RET_SUCCESS;
}
/**
* wget_validate_uri() - validate the uri for wget
*