Commit Graph

9 Commits

Author SHA1 Message Date
Laszlo Ersek 0fd13678a6 NetworkPkg/HttpDxe: sanity-check the TlsCaCertificate variable before use
In TlsConfigCertificate(), make sure that the set of EFI_SIGNATURE_LIST
objects that the platform stored to "TlsCaCertificate" is well-formed.

In addition, because HttpInstance->TlsConfiguration->SetData() expects
X509 certificates only, ensure that the EFI_SIGNATURE_LIST objects only
report X509 certificates, as described under EFI_CERT_X509_GUID in the
UEFI-2.7 spec.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=909
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:34 +02:00
Jiaxin Wu 7ff68b5edc NetworkPkg: Read HttpTlsCipherList variable and configure it for HTTPS session.
v2:
* Refine the error handling returned from GetVariable.

This patch is to read the HttpTlsCipherList variable and configure it for the
later HTTPS session.

If the variable is not set by any platform, EFI_NOT_FOUND will be returned
from GetVariable service. In such a case, the default CipherList created in
TlsDxe driver will be used.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Cc: Zimmer Vincent <vincent.zimmer@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-02-14 07:31:49 +08:00
Liming Gao f3494b80f4 NetworkPkg: Update Protocol/Guid usage in INF file to match source code logic
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-10-10 18:10:21 +08:00
Jiaxin Wu 221463c2b3 NetworkPkg: Add PCD to enable the HTTP connections switch
v3:
* Correct the commits grammar

v2:
* Rename the PCD to PcdAllowHttpConnections.
* Refine the PCD descriptions.

If the value of PcdAllowHttpConnections is TRUE, HTTP connections are
allowed. Both the "https://" and "http://" URI schemes are permitted.
Otherwise, HTTP connections are denied. Only the "https://" URI scheme
is permitted.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
Tested-by: Gary Lin <glin@suse.com>
2017-01-23 10:25:29 +08:00
Jiaxin Wu dac45de3d6 NetworkPkg/HttpDxe: HTTPS support over IPv4 and IPv6
This patch is used to enable HTTPS feature. HttpDxe driver
will consume TlsDxe driver. It can both support http and https
feature, that’s depended on the information of URL, the HTTP
instance can be able to determine whether to use http or https.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-22 20:33:40 +08:00
Zhang Lubo b659408b93 NetworkPkg:Enable Http Boot over Ipv6 stack
Add new features to support Http boot over ipv6 stack.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18743 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-09 03:30:42 +00:00
Fu Siyuan 49c9f74cc1 NetworkPkg: Update Http driver to use DPC mechanism.
This patch updates the HttpDxe driver to use the DPC mechanism to avoid long
time delay when single event.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18451 6f19259b-4bc3-4df7-8a09-765794883524
2015-09-14 09:06:26 +00:00
Jiaxin Wu 5ca29abe52 NetworkPkg: Update HttpDxe driver to consume EFI_HTTP_UTILITIES_PROTOCOL
v2:
* Register a notification function to be executed for Http utilities protocol
in the drivers entry points.

Since we add EFI_HTTP_UTILITIES_PROTOCOL support, HttpDxe driver should
be updated to remove internal http utilities functions and consume this
protocol directly.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Samer El-Haj-Mahmoud <elhaj@hp.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18316 6f19259b-4bc3-4df7-8a09-765794883524
2015-08-26 06:19:53 +00:00
Ye Ting 47f51a064f NetworkPkg: Add HTTP Driver
Add HTTP driver to support HTTP protocols defined in UEFI 2.5 specification.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hp.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17855 6f19259b-4bc3-4df7-8a09-765794883524
2015-07-07 09:09:21 +00:00