From 43ab6622a8b13baa9389efda818186ae96a327de Mon Sep 17 00:00:00 2001 From: Abner Chang Date: Thu, 4 Jan 2024 17:46:07 +0800 Subject: [PATCH] NetworkPkg/HttpDxe: Consider TLS certificate not found as a success case We still return EFI_SUCCESS to the caller when TlsConfigCertificate returns error, for the use case the platform doesn't require certificate for the specific HTTP session. This ensures HttpInitSession function still initiated and returns EFI_SUCCESS to the caller. The failure is pushed back to TLS DXE driver if the HTTP communication actually requires certificate. Signed-off-by: Abner Chang Cc: Saloni Kasbekar Cc: Zachary Clark-williams Cc: Michael Brown Cc: Nickle Wang Cc: Igor Kulchytskyy Reviewed-by: Michael Brown Reviewed-by: Saloni Kasbekar --- NetworkPkg/HttpDxe/HttpsSupport.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSupport.c index a07323ff0b..04a830f715 100644 --- a/NetworkPkg/HttpDxe/HttpsSupport.c +++ b/NetworkPkg/HttpDxe/HttpsSupport.c @@ -722,8 +722,21 @@ TlsConfigureSession ( // Status = TlsConfigCertificate (HttpInstance); if (EFI_ERROR (Status)) { - DEBUG ((DEBUG_ERROR, "TLS Certificate Config Error!\n")); - return Status; + if (Status == EFI_NOT_FOUND) { + DEBUG((DEBUG_WARN, "TLS Certificate is not found on the system!\n")); + // + // We still return EFI_SUCCESS to the caller when TlsConfigCertificate + // returns error, for the use case the platform doesn't require + // certificate for the specific HTTP session. This ensures + // HttpInitSession function still initiated and returns EFI_SUCCESS to + // the caller. The failure is pushed back to TLS DXE driver if the + // HTTP communication actually requires certificate. + // + Status = EFI_SUCCESS; + } else { + DEBUG((DEBUG_ERROR, "TLS Certificate Config Error!\n")); + return Status; + } } //