Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 3856dd674843618fa85b4276b474e4ffa1ecf23d / . / net / lwip / wget.c
blob: f9af2fc0d2b786d8d714f2f1c9270d254ccd4f66 [file] [log] [blame]
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
2/* Copyright (C) 2024 Linaro Ltd. */
3
4#include <command.h>
5#include <console.h>
6#include <display_options.h>
7#include <efi_loader.h>
Tom Rinic31301c2025-05-15 17:31:50 -0600[diff] [blame]8#include <env.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]9#include <image.h>
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]10#include <linux/kconfig.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]11#include <lwip/apps/http_client.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]12#include "lwip/altcp_tls.h"
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]13#include <lwip/errno.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]14#include <lwip/timeouts.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]15#include <rng.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]16#include <mapmem.h>
17#include <net.h>
18#include <time.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]19#include <dm/uclass.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]20
Heinrich Schuchardtd064fc92024-11-08 18:45:26 +0100[diff] [blame]21#define SERVER_NAME_SIZE 254
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]22#define HTTP_PORT_DEFAULT 80
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]23#define HTTPS_PORT_DEFAULT 443
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]24#define PROGRESS_PRINT_STEP_BYTES (100 * 1024)
25
26enum done_state {
Jerome Forissier97083502024-11-07 12:27:57 +0100[diff] [blame]27 NOT_DONE = 0,
28 SUCCESS = 1,
29 FAILURE = 2
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]30};
31
32struct wget_ctx {
Adriano Cordovaa8a8d5c62024-11-11 18:09:00 -0300[diff] [blame]33 char server_name[SERVER_NAME_SIZE];
34 u16 port;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]35 char *path;
36 ulong daddr;
37 ulong saved_daddr;
38 ulong size;
39 ulong prevsize;
40 ulong start_time;
41 enum done_state done;
42};
43
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]44static void wget_lwip_fill_info(struct pbuf *hdr, u16_t hdr_len, u32_t hdr_cont_len)
45{
Adriano Cordova50a2a0b2024-11-26 13:19:21 -0300[diff] [blame]46 if (wget_info->headers) {
47 if (hdr_len < MAX_HTTP_HEADERS_SIZE)
48 pbuf_copy_partial(hdr, (void *)wget_info->headers, hdr_len, 0);
49 else
50 hdr_len = 0;
51 wget_info->headers[hdr_len] = 0;
52 }
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]53 wget_info->hdr_cont_len = (u32)hdr_cont_len;
54}
55
56static void wget_lwip_set_file_size(u32_t rx_content_len)
57{
58 wget_info->file_size = (ulong)rx_content_len;
59}
60
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]61bool wget_validate_uri(char *uri);
62
63int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len,
64 size_t *olen)
65{
66 struct udevice *dev;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]67 int ret;
68
69 *olen = 0;
70
71 ret = uclass_get_device(UCLASS_RNG, 0, &dev);
72 if (ret) {
73 log_err("Failed to get an rng: %d\n", ret);
74 return ret;
75 }
Ilias Apalodimas4276a3c2024-11-14 16:29:15 +0200[diff] [blame]76 ret = dm_rng_read(dev, output, len);
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]77 if (ret)
78 return ret;
79
Ilias Apalodimas4276a3c2024-11-14 16:29:15 +0200[diff] [blame]80 *olen = len;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]81
82 return 0;
83}
84
85static int parse_url(char *url, char *host, u16 *port, char **path,
86 bool *is_https)
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]87{
88 char *p, *pp;
89 long lport;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]90 size_t prefix_len = 0;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]91
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]92 if (!wget_validate_uri(url)) {
93 log_err("Invalid URL. Use http(s)://\n");
94 return -EINVAL;
95 }
96
97 *is_https = false;
98 *port = HTTP_PORT_DEFAULT;
99 prefix_len = strlen("http://");
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]100 p = strstr(url, "http://");
101 if (!p) {
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]102 p = strstr(url, "https://");
103 prefix_len = strlen("https://");
104 *port = HTTPS_PORT_DEFAULT;
105 *is_https = true;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]106 }
107
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]108 p += prefix_len;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]109
110 /* Parse hostname */
111 pp = strchr(p, ':');
112 if (!pp)
113 pp = strchr(p, '/');
114 if (!pp)
115 return -EINVAL;
116
117 if (p + SERVER_NAME_SIZE <= pp)
118 return -EINVAL;
119
120 memcpy(host, p, pp - p);
121 host[pp - p] = '\0';
122
123 if (*pp == ':') {
124 /* Parse port number */
125 p = pp + 1;
126 lport = simple_strtol(p, &pp, 10);
127 if (pp && *pp != '/')
128 return -EINVAL;
129 if (lport > 65535)
130 return -EINVAL;
131 *port = (u16)lport;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]132 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]133
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]134 if (*pp != '/')
135 return -EINVAL;
136 *path = pp;
137
138 return 0;
139}
140
141/*
142 * Legacy syntax support
143 * Convert [<server_name_or_ip>:]filename into a URL if needed
144 */
145static int parse_legacy_arg(char *arg, char *nurl, size_t rem)
146{
147 char *p = nurl;
148 size_t n;
149 char *col = strchr(arg, ':');
150 char *env;
151 char *server;
152 char *path;
153
154 if (strstr(arg, "http") == arg) {
155 n = snprintf(nurl, rem, "%s", arg);
156 if (n < 0 || n > rem)
157 return -1;
158 return 0;
159 }
160
161 n = snprintf(p, rem, "%s", "http://");
162 if (n < 0 || n > rem)
163 return -1;
164 p += n;
165 rem -= n;
166
167 if (col) {
168 n = col - arg;
169 server = arg;
170 path = col + 1;
171 } else {
172 env = env_get("httpserverip");
173 if (!env)
174 env = env_get("serverip");
175 if (!env) {
176 log_err("error: httpserver/serverip has to be set\n");
177 return -1;
178 }
179 n = strlen(env);
180 server = env;
181 path = arg;
182 }
183
184 if (rem < n)
185 return -1;
Jerome Forissierc7157322024-11-26 15:45:06 +0100[diff] [blame]186 strncpy(p, server, n);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]187 p += n;
188 rem -= n;
189 if (rem < 1)
190 return -1;
191 *p = '/';
192 p++;
193 rem--;
194 n = strlen(path);
195 if (rem < n)
196 return -1;
Jerome Forissierc7157322024-11-26 15:45:06 +0100[diff] [blame]197 strncpy(p, path, n);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]198 p += n;
199 rem -= n;
200 if (rem < 1)
201 return -1;
202 *p = '\0';
203
204 return 0;
205}
206
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]207/**
208 * store_block() - copy received data
209 *
210 * This function is called by the receive callback to copy a block of data
211 * into its final location (ctx->daddr). Before doing so, it checks if the copy
212 * is allowed.
213 *
214 * @ctx: the context for the current transfer
215 * @src: the data received from the TCP stack
216 * @len: the length of the data
217 */
218static int store_block(struct wget_ctx *ctx, void *src, u16_t len)
219{
220 ulong store_addr = ctx->daddr;
221 uchar *ptr;
222
223 /* Avoid overflow */
224 if (wget_info->buffer_size && wget_info->buffer_size < ctx->size + len)
225 return -1;
226
227 if (CONFIG_IS_ENABLED(LMB) && wget_info->set_bootdev) {
228 if (store_addr + len < store_addr ||
229 lmb_read_check(store_addr, len)) {
230 if (!wget_info->silent) {
231 printf("\nwget error: ");
232 printf("trying to overwrite reserved memory\n");
233 }
234 return -1;
235 }
236 }
237
238 ptr = map_sysmem(store_addr, len);
239 memcpy(ptr, src, len);
240 unmap_sysmem(ptr);
241
242 ctx->daddr += len;
243 ctx->size += len;
244 if (ctx->size - ctx->prevsize > PROGRESS_PRINT_STEP_BYTES) {
245 if (!wget_info->silent)
246 printf("#");
247 ctx->prevsize = ctx->size;
248 }
249
250 return 0;
251}
252
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]253static err_t httpc_recv_cb(void *arg, struct altcp_pcb *pcb, struct pbuf *pbuf,
254 err_t err)
255{
256 struct wget_ctx *ctx = arg;
257 struct pbuf *buf;
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]258 err_t ret;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]259
260 if (!pbuf)
261 return ERR_BUF;
262
263 if (!ctx->start_time)
264 ctx->start_time = get_timer(0);
265
266 for (buf = pbuf; buf; buf = buf->next) {
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]267 if (store_block(ctx, buf->payload, buf->len) < 0) {
268 altcp_abort(pcb);
269 ret = ERR_BUF;
270 goto out;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]271 }
272 }
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]273 altcp_recved(pcb, pbuf->tot_len);
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]274 ret = ERR_OK;
275out:
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]276 pbuf_free(pbuf);
Jerome Forissierc21e4e32025-04-17 15:26:59 +0200[diff] [blame]277 return ret;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]278}
279
280static void httpc_result_cb(void *arg, httpc_result_t httpc_result,
281 u32_t rx_content_len, u32_t srv_res, err_t err)
282{
283 struct wget_ctx *ctx = arg;
284 ulong elapsed;
285
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]286 wget_info->status_code = (u32)srv_res;
287
288 if (err == ERR_BUF) {
289 ctx->done = FAILURE;
290 return;
291 }
292
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]293 if (httpc_result != HTTPC_RESULT_OK) {
294 log_err("\nHTTP client error %d\n", httpc_result);
295 ctx->done = FAILURE;
296 return;
297 }
298 if (srv_res != 200) {
299 log_err("\nHTTP server error %d\n", srv_res);
300 ctx->done = FAILURE;
301 return;
302 }
303
304 elapsed = get_timer(ctx->start_time);
305 if (!elapsed)
306 elapsed = 1;
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]307 if (!wget_info->silent) {
308 if (rx_content_len > PROGRESS_PRINT_STEP_BYTES)
309 printf("\n");
310 printf("%u bytes transferred in %lu ms (", rx_content_len,
311 elapsed);
312 print_size(rx_content_len / elapsed * 1000, "/s)\n");
313 printf("Bytes transferred = %lu (%lx hex)\n", ctx->size,
314 ctx->size);
315 }
Adriano Cordova93cba0f2024-12-04 00:05:23 -0300[diff] [blame]316 if (wget_info->set_bootdev)
317 efi_set_bootdev("Http", ctx->server_name, ctx->path, map_sysmem(ctx->saved_daddr, 0),
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]318 rx_content_len);
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]319 wget_lwip_set_file_size(rx_content_len);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]320 if (env_set_hex("filesize", rx_content_len) ||
321 env_set_hex("fileaddr", ctx->saved_daddr)) {
322 log_err("Could not set filesize or fileaddr\n");
323 ctx->done = FAILURE;
324 return;
325 }
326
327 ctx->done = SUCCESS;
328}
329
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]330static err_t httpc_headers_done_cb(httpc_state_t *connection, void *arg, struct pbuf *hdr,
331 u16_t hdr_len, u32_t content_len)
332{
333 wget_lwip_fill_info(hdr, hdr_len, content_len);
334
335 if (wget_info->check_buffer_size && (ulong)content_len > wget_info->buffer_size)
336 return ERR_BUF;
337
338 return ERR_OK;
339}
340
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]341#if CONFIG_IS_ENABLED(WGET_HTTPS)
342enum auth_mode {
343 AUTH_NONE,
344 AUTH_OPTIONAL,
345 AUTH_REQUIRED,
346};
347
348static char *cacert;
349static size_t cacert_size;
350static enum auth_mode cacert_auth_mode = AUTH_OPTIONAL;
351#endif
352
353#if CONFIG_IS_ENABLED(WGET_CACERT)
354static int set_auth(enum auth_mode auth)
355{
356 cacert_auth_mode = auth;
357
358 return CMD_RET_SUCCESS;
359}
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]360#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]361
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]362#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
363extern const char builtin_cacert[];
364extern const size_t builtin_cacert_size;
365static bool cacert_initialized;
366#endif
367
368#if CONFIG_IS_ENABLED(WGET_CACERT) || CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
369static int _set_cacert(const void *addr, size_t sz)
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]370{
371 mbedtls_x509_crt crt;
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]372 void *p;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]373 int ret;
374
375 if (cacert)
376 free(cacert);
377
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]378 if (!addr) {
379 cacert = NULL;
380 cacert_size = 0;
381 return CMD_RET_SUCCESS;
382 }
383
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]384 p = malloc(sz);
385 if (!p)
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]386 return CMD_RET_FAILURE;
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]387 cacert = p;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]388 cacert_size = sz;
389
390 memcpy(cacert, (void *)addr, sz);
391
392 mbedtls_x509_crt_init(&crt);
393 ret = mbedtls_x509_crt_parse(&crt, cacert, cacert_size);
394 if (ret) {
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]395 if (!wget_info->silent)
396 printf("Could not parse certificates (%d)\n", ret);
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]397 free(cacert);
398 cacert = NULL;
399 cacert_size = 0;
400 return CMD_RET_FAILURE;
401 }
402
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]403#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
404 cacert_initialized = true;
405#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]406 return CMD_RET_SUCCESS;
407}
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]408
409#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
410static int set_cacert_builtin(void)
411{
412 return _set_cacert(builtin_cacert, builtin_cacert_size);
413}
414#endif
415
416#if CONFIG_IS_ENABLED(WGET_CACERT)
417static int set_cacert(char * const saddr, char * const ssz)
418{
419 ulong addr, sz;
420
421 addr = hextoul(saddr, NULL);
422 sz = hextoul(ssz, NULL);
423
424 return _set_cacert((void *)addr, sz);
425}
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]426#endif
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]427#endif /* CONFIG_WGET_CACERT || CONFIG_WGET_BUILTIN_CACERT */
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]428
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200[diff] [blame]429int wget_do_request(ulong dst_addr, char *uri)
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]430{
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]431#if CONFIG_IS_ENABLED(WGET_HTTPS)
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]432 altcp_allocator_t tls_allocator;
433#endif
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]434 httpc_connection_t conn;
435 httpc_state_t *state;
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200[diff] [blame]436 struct udevice *udev;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]437 struct netif *netif;
438 struct wget_ctx ctx;
439 char *path;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]440 bool is_https;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]441
442 ctx.daddr = dst_addr;
443 ctx.saved_daddr = dst_addr;
444 ctx.done = NOT_DONE;
445 ctx.size = 0;
446 ctx.prevsize = 0;
447 ctx.start_time = 0;
448
Adriano Cordova484ade32024-12-03 09:55:34 -0300[diff] [blame]449 if (parse_url(uri, ctx.server_name, &ctx.port, &path, &is_https))
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]450 return CMD_RET_USAGE;
451
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200[diff] [blame]452 if (net_lwip_eth_start() < 0)
453 return CMD_RET_FAILURE;
454
455 if (!wget_info)
456 wget_info = &default_wget_info;
457
458 udev = eth_get_dev();
459
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]460 netif = net_lwip_new_netif(udev);
461 if (!netif)
462 return -1;
463
Tim Harvey3856dd62025-05-30 08:38:26 -0700[diff] [blame^]464 /* if URL with hostname init dns */
465 if (!ipaddr_aton(ctx.server_name, NULL) && net_lwip_dns_init())
466 return CMD_RET_FAILURE;
467
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]468 memset(&conn, 0, sizeof(conn));
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]469#if CONFIG_IS_ENABLED(WGET_HTTPS)
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]470 if (is_https) {
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]471 char *ca;
472 size_t ca_sz;
473
474#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
475 if (!cacert_initialized)
476 set_cacert_builtin();
477#endif
478 ca = cacert;
479 ca_sz = cacert_size;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]480
481 if (cacert_auth_mode == AUTH_REQUIRED) {
482 if (!ca || !ca_sz) {
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]483 if (!wget_info->silent)
484 printf("Error: cacert authentication "
485 "mode is 'required' but no CA "
486 "certificates given\n");
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]487 return CMD_RET_FAILURE;
488 }
489 } else if (cacert_auth_mode == AUTH_NONE) {
490 ca = NULL;
491 ca_sz = 0;
492 } else if (cacert_auth_mode == AUTH_OPTIONAL) {
493 /*
494 * Nothing to do, this is the default behavior of
495 * altcp_tls to check server certificates against CA
496 * certificates when the latter are provided and proceed
497 * with no verification if not.
498 */
499 }
500
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]501 if (!ca && !wget_info->silent) {
502 printf("WARNING: no CA certificates, ");
503 printf("HTTPS connections not authenticated\n");
504 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]505 tls_allocator.alloc = &altcp_tls_alloc;
506 tls_allocator.arg =
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]507 altcp_tls_create_config_client(ca, ca_sz,
508 ctx.server_name);
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]509
510 if (!tls_allocator.arg) {
511 log_err("error: Cannot create a TLS connection\n");
512 net_lwip_remove_netif(netif);
513 return -1;
514 }
515
516 conn.altcp_allocator = &tls_allocator;
517 }
518#endif
519
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]520 conn.result_fn = httpc_result_cb;
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]521 conn.headers_done_fn = httpc_headers_done_cb;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]522 ctx.path = path;
Adriano Cordovaa8a8d5c62024-11-11 18:09:00 -0300[diff] [blame]523 if (httpc_get_file_dns(ctx.server_name, ctx.port, path, &conn, httpc_recv_cb,
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]524 &ctx, &state)) {
525 net_lwip_remove_netif(netif);
526 return CMD_RET_FAILURE;
527 }
528
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]529 errno = 0;
530
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]531 while (!ctx.done) {
532 net_lwip_rx(udev, netif);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]533 if (ctrlc())
534 break;
535 }
536
537 net_lwip_remove_netif(netif);
538
539 if (ctx.done == SUCCESS)
540 return 0;
541
Jerome Forissier95b10352025-04-17 15:26:58 +0200[diff] [blame]542 if (errno == EPERM && !wget_info->silent)
543 printf("Certificate verification failed\n");
544
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]545 return -1;
546}
547
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]548int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
549{
550 char *end;
551 char *url;
552 ulong dst_addr;
553 char nurl[1024];
554
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]555#if CONFIG_IS_ENABLED(WGET_CACERT)
556 if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
557 return set_cacert(argv[2], argv[3]);
558 if (argc == 3 && !strncmp(argv[1], "cacert", strlen("cacert"))) {
Jerome Forissier7231a692025-03-05 15:26:45 +0100[diff] [blame]559#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
560 if (!strncmp(argv[2], "builtin", strlen("builtin")))
561 return set_cacert_builtin();
562#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100[diff] [blame]563 if (!strncmp(argv[2], "none", strlen("none")))
564 return set_auth(AUTH_NONE);
565 if (!strncmp(argv[2], "optional", strlen("optional")))
566 return set_auth(AUTH_OPTIONAL);
567 if (!strncmp(argv[2], "required", strlen("required")))
568 return set_auth(AUTH_REQUIRED);
569 return CMD_RET_USAGE;
570 }
571#endif
572
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]573 if (argc < 2 || argc > 3)
574 return CMD_RET_USAGE;
575
576 dst_addr = hextoul(argv[1], &end);
Jerome Forissier97083502024-11-07 12:27:57 +0100[diff] [blame]577 if (end == (argv[1] + strlen(argv[1]))) {
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]578 if (argc < 3)
579 return CMD_RET_USAGE;
580 url = argv[2];
581 } else {
582 dst_addr = image_load_addr;
583 url = argv[1];
584 }
585
586 if (parse_legacy_arg(url, nurl, sizeof(nurl)))
Jerome Forissier97083502024-11-07 12:27:57 +0100[diff] [blame]587 return CMD_RET_FAILURE;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]588
Adriano Cordova25e88412024-11-11 18:09:01 -0300[diff] [blame]589 wget_info = &default_wget_info;
Adriano Cordovab479fc42024-12-04 00:05:16 -0300[diff] [blame]590 if (wget_do_request(dst_addr, nurl))
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]591 return CMD_RET_FAILURE;
592
593 return CMD_RET_SUCCESS;
594}
595
596/**
597 * wget_validate_uri() - validate the uri for wget
598 *
599 * @uri: uri string
600 *
601 * This function follows the current U-Boot wget implementation.
602 * scheme: only "http:" is supported
603 * authority:
604 * - user information: not supported
605 * - host: supported
606 * - port: not supported(always use the default port)
607 *
608 * Uri is expected to be correctly percent encoded.
609 * This is the minimum check, control codes(0x1-0x19, 0x7F, except '\0')
610 * and space character(0x20) are not allowed.
611 *
612 * TODO: stricter uri conformance check
613 *
614 * Return: true on success, false on failure
615 */
616bool wget_validate_uri(char *uri)
617{
618 char c;
619 bool ret = true;
620 char *str_copy, *s, *authority;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]621 size_t prefix_len = 0;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]622
623 for (c = 0x1; c < 0x21; c++) {
624 if (strchr(uri, c)) {
625 log_err("invalid character is used\n");
626 return false;
627 }
628 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]629
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]630 if (strchr(uri, 0x7f)) {
631 log_err("invalid character is used\n");
632 return false;
633 }
634
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]635 if (!strncmp(uri, "http://", strlen("http://"))) {
636 prefix_len = strlen("http://");
Jerome Forissier42129542025-02-04 17:00:49 +0100[diff] [blame]637 } else if (CONFIG_IS_ENABLED(WGET_HTTPS)) {
638 if (!strncmp(uri, "https://", strlen("https://"))) {
639 prefix_len = strlen("https://");
640 } else {
641 log_err("only http(s):// is supported\n");
642 return false;
643 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]644 } else {
Jerome Forissier42129542025-02-04 17:00:49 +0100[diff] [blame]645 log_err("only http:// is supported\n");
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]646 return false;
647 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200[diff] [blame]648
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200[diff] [blame]649 str_copy = strdup(uri);
650 if (!str_copy)
651 return false;
652
653 s = str_copy + strlen("http://");
654 authority = strsep(&s, "/");
655 if (!s) {
656 log_err("invalid uri, no file path\n");
657 ret = false;
658 goto out;
659 }
660 s = strchr(authority, '@');
661 if (s) {
662 log_err("user information is not supported\n");
663 ret = false;
664 goto out;
665 }
666
667out:
668 free(str_copy);
669
670 return ret;
671}