Hi Tom, The following changes since commit 1b42f57ec82ceba4d5f08cfb359717232301cfa5:
Merge tag 'v2025.04-rc4' into next (2025-03-10 20:18:51 -0600) are available in the Git repository at: https://source.denx.de/u-boot/custodians/u-boot-net.git/ tags/net-next-20250310 for you to fetch changes up to 22f3c9cd024459887066c6d82fab8766447cc289: configs: qemu_arm64_lwip_defconfig: enable WGET_CACERT (2025-03-11 14:16:03 +0100) CI link: https://source.denx.de/u-boot/custodians/u-boot-net/-/pipelines/25084 This is mainly about adding support for root certificates, which brings proper authentication to HTTPS and makes it secure at last. As you can see from the small size of the patches, this is mostly trivial and is a benefit of using lwIP and MBed TLS, as expected. Thanks, -- Jerome ---------------------------------------------------------------- Pull request net-next-20250310. net-lwip: * Add support for CA (root) certificates to HTTPS * Add CONFIG_LWIP_DEBUG_RXTX to trace in/out messages ---------------------------------------------------------------- Jerome Forissier (8): net: lwip: rename linkoutput() as net_lwip_tx() net: lwip: add CONFIG_LWIP_DEBUG_RXTX net: lwip: extend wget to support CA (root) certificates lwip: tls: enforce checking of server certificates based on CA availability lwip: tls: warn when no CA exists amd log certificate validation errors net: lwip: add support for built-in root certificates doc: cmd: wget: document cacert subcommand configs: qemu_arm64_lwip_defconfig: enable WGET_CACERT cmd/Kconfig | 22 ++++ cmd/net-lwip.c | 21 ++- configs/qemu_arm64_lwip_defconfig | 1 + doc/usage/cmd/wget.rst | 82 +++++++++++- .../lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c | 9 +- .../src/include/lwip/apps/altcp_tls_mbedtls_opts.h | 6 - net/lwip/Kconfig | 6 + net/lwip/Makefile | 6 + net/lwip/net-lwip.c | 18 ++- net/lwip/wget.c | 141 ++++++++++++++++++++- 10 files changed, 295 insertions(+), 17 deletions(-)
