Commit Graph

529 Commits

Author SHA1 Message Date
Vijayenthiran Subramaniam a2481def5d NetworkPkg/IScsiDxe: add debug logs for failed SetVariable attempts
Add debug messages for failed attempts to write to a variable.

Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
2018-11-23 14:27:11 +08:00
Jiaxin Wu fd95015673 NetworkPkg/TlsDxe: Fix failure to process multiple TLS records.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1290.

Current implementation failed to parse the multiple TLS record
messages due to the incorrect pointer of TLS record header. This
patch is to resolve that problem.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-11-01 09:37:41 +08:00
Jiaxin Wu c41da21704 NetworkPkg/Mtftp6Dxe: Remove the trailing white spaces.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-11-01 09:37:34 +08:00
Jiaxin Wu 2f6693c283 NetworkPkg/Mtftp6Dxe: Correct the total received and saved block number.
The block returned from Mtftp6RemoveBlockNum is not the total received and
saved block number if it works in passive (Slave) mode.

The issue was exposed by the EMS test.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-10-29 08:31:18 +08:00
Jiaxin Wu 95aea2fac9 NetworkPkg/IpSecDxe: Fix issue to parse SA Payload.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1251

*v2: Correct the type of parameters in Ikev2ParseProposalData(), and refined
the corresponding description.

IpSecDxe failed to create the Child SA during parsing SA Payload, the issue
was caused by the below commit:

SHA-1: 1e0db7b119
* MdeModulePkg/NetworkPkg: Checking for NULL pointer before use.

In above commit, it changed the value of IsMatch in Ikev2ChildSaParseSaPayload()
to FALSE. That's correct but it exposed the potential bug in to match the correct
proposal Data, which will cause the issue happen.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-10-22 09:04:57 +08:00
Jiaxin Wu ddc6d41d12 NetworkPkg: Correct the time stamp and fix the integer overflow issue.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=883.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-10-22 09:04:56 +08:00
Jiaxin Wu 1682cc9353 NetworkPkg/TlsDxe: Remove the redundant library class.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1018.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-10-22 09:04:55 +08:00
Jiaxin Wu e8601e972f NetworkPkg/UefiPxeBcDxe: Correct comments to align with the input parameter.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1230

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-10-09 08:43:35 +08:00
Li, Songpeng 130e629284 NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow.
The input param String of AsciiStrStr() requires a pointer to
 Null-terminated string, however in HttpUtilitiesParse(),
 the Buffersize before AllocateZeroPool() is equal to the size
 of TCP header, after the CopyMem(), it might not end with
 Null-terminator. It might cause memory access overflow.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-09-29 10:51:37 +08:00
Songpeng Li 2239ea71b6 NetworkPkg/HttpDxe: fix read memory access overflow in HTTPBoot.
The input param String of AsciiStrStr() requires a pointer to
 Null-terminated string, however in HttpTcpReceiveHeader(),
 the Buffersize before AllocateZeroPool() is equal to the size
 of TCP header, after the CopyMem(), it might not end with
 Null-terminator. It might cause memory access overflow.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-09-29 10:51:27 +08:00
Jiaxin Wu 24c55f5dcc NetworkPkg/UefiPxeBcDxe: Add the clarification compared to UefiPxeBcDxe in MdeModulePkg.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1205

This patch is to add the driver usage/difference clarification
compared to UefiPxeBcDxe in MdeModulePkg.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-27 09:00:07 +08:00
Jiaxin Wu 0bcbdf9c74 NetworkPkg/IScsiDxe: Add the clarification compared to IScsiDxe in MdeModulePkg.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1205

This patch is to add the driver usage/difference clarification
compared to IScsiDxe in MdeModulePkg.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-27 09:00:06 +08:00
Jiaxin Wu 897720daef NetworkPkg/TcpDxe: Add the clarification compared to Tcp4Dxe in MdeModulePkg.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1205

This patch is to add the driver usage/difference clarification
compared to Tcp4Dxe in MdeModulePkg.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-27 09:00:06 +08:00
Jiaxin Wu 160b082e64 NetworkPkg/UefiPxeBcDxe: Use the specified MTFTP windowsize.
*v2: Since the new PCD (PcdPxeTftpWindowSize) was renamed/defined in
NetworkPkg instead of MdeModulePkg, this new version is to update the
consuming PXE driver.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886

This patch is to use the specified MTFTP windowsize to benefit the PXE
download performance.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-09-27 09:00:02 +08:00
Jiaxin Wu 2fff697f1e NetworkPkg: Define one PCD for PXE to specify MTFTP windowsize.
*v2: Rename and redefine the PCD in NetworkPkg instead of MdeModulePkg.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886

This patch is to define one new PCD for PXE driver to specify MTFTP windowsize so as
to improve the PXE download performance. The default value is set to 4.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-09-27 09:00:02 +08:00
Jiaxin Wu f3427f12a4 NetworkPkg/Mtftp6Dxe: Support windowsize in read request operation.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=886

This patch is to support the TFTP windowsize option described in RFC 7440.
The feature allows the client and server to negotiate a window size of
consecutive blocks to send as an alternative for replacing the single-block
lockstep schema.

Currently, the windowsize for write request operation is not supported since
there is no real use cases.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Shao Ming <ming.shao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-09-27 09:00:00 +08:00
edk2-devel-bounces@lists.01.org cde5a72d36 NetworkPkg: UefiPxeBcDxe: Add EXCLUSIVE attribute when opening SNP protocol installed by PXE.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1152

v2: Sync the same logic to Ipv6 and update code comments.

The PXE driver installs a SNP and open this SNP with attribute BY_DRIVER
to avoid it being opened by MNP driver, this SNP is also expected not to
be opened by other drivers with EXCLUSIVE attribute. In some cases, other
drivers may happen to do this by error, and thus cause a system crash.
This patch adds EXCLUSIVE attribute when opening SNP in PXE driver, and
will reject all OpenProtocol requests by EXCLUSIVE.

Cc: Subramanian, Sriram <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wang Fan <fan.wang@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2018-09-17 14:32:35 +08:00
Songpeng Li b701aae6a8 NetworkPkg: UefiPxeBcDxe: Remove the redundant code.
The function PxeBcFreeBootFileOption that is never called
have been removed.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-08-23 16:30:47 +08:00
Songpeng Li 8343c75024 NetworkPkg: TcpDxe: Remove the redundant code.
The function TcpPawsOK that is never called have been removed.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-08-23 16:30:46 +08:00
Songpeng Li ad1e45ddb5 NetworkPkg: IpSecDxe: Remove the redundant code.
The functions that are never called have been removed.
They are Ikev2OnPacketAccepted, Ikev2SaSessionOnDeleting,
Ikev2ChildSaSessionLookupByMid, Ikev2ChildSaSessionOnDeleting
and Ikev2ChildExchangeRekeySpi.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-08-23 16:30:46 +08:00
Songpeng Li fafdb489a7 NetworkPkg: IScsiDxe: Remove the redundant code and definition.
The function IScsiFindTcbByITT that is never called have been removed.
The definition gEfiAcpi20TableGuid has been removed.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1064
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-08-23 16:30:45 +08:00
Laszlo Ersek 6896efdec2 NetworkPkg/TlsAuthConfigDxe: fix TlsCaCertificate attributes retrieval
Per spec, the GetVariable() runtime service is not required to populate
(*Attributes) on output when it fails with EFI_BUFFER_TOO_SMALL.

Therefore we have to fetch the full contents of the TlsCaCertificate
variable temporarily, just so we can (a) get the current attributes, and
(b) add EFI_VARIABLE_APPEND_WRITE to them for the subsequent SetVariable()
call.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Songpeng Li <songpeng.li@intel.com>
Reported-by: Songpeng Li <songpeng.li@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1090
Fixes: b90c335fbb
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-08-22 10:32:43 +02:00
Laszlo Ersek 9f5d1f7c31 NetworkPkg/TlsAuthConfigDxe: replace OpenFileByDevicePath() with UefiLib API
Replace the OpenFileByDevicePath() function with EfiOpenFileByDevicePath()
from UefiLib, correcting the following issues:

- imprecise comments on OpenFileByDevicePath(),
- code duplication between this module and other modules,
- local variable name "EfiSimpleFileSystemProtocol" starting with "Efi"
  prefix,
- bogus "FileHandle = NULL" assignments,
- passing a potentially unaligned "FILEPATH_DEVICE_PATH.PathName" field to
  a protocol member function (forbidden by the UEFI spec),
- leaking "Handle1" when the device path type/subtype check fails in the
  loop,
- stale SHELL_FILE_HANDLE reference in a comment.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1008
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
2018-08-16 20:02:50 +02:00
chenc2 4fcb0d5458 NetworkPkg: Removing ipf which is no longer supported from edk2.
Removing rules for Ipf sources file:
* Remove the source file which path with "ipf" and also listed in
  [Sources.IPF] section of INF file.
* Remove the source file which listed in [Components.IPF] section
  of DSC file and not listed in any other [Components] section.
* Remove the embedded Ipf code for MDE_CPU_IPF.

Removing rules for Inf file:
* Remove IPF from VALID_ARCHITECTURES comments.
* Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section.
* Remove the INF which only listed in [Components.IPF] section in DSC.
* Remove statements from [BuildOptions] that provide IPF specific flags.
* Remove any IPF sepcific sections.

Removing rules for Dec file:
* Remove [Includes.IPF] section from Dec.

Removing rules for Dsc file:
* Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC.
* Remove any IPF specific sections.
* Remove statements from [BuildOptions] that provide IPF specific flags.

Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-08-14 08:58:30 +08:00
Jiaxin Wu 7191827f90 NetworkPkg/HttpDxe: Strip square brackets in IPv6 expressed HostName.
*v2: Optimize the patch by calculating AsciiStrSize() only once.

In URI, the colon (:) is used to terminate the HostName path before
a port number. However, if HostName is expressed as IPv6 format, colon
characters in IPv6 addresses will conflict with the colon before port
number. To alleviate this conflict in URI, the IPv6 expressed HostName
are enclosed in square brackets ([]). To record the real IPv6 HostName,
square brackets should be stripped.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-08-03 08:34:03 +08:00
Jiaxin Wu 895b87e380 NetworkPkg/HttpDxe: Fix the bug when parsing HTTP(S) message body.
*v2: Resolve the conflict commit.

*v3: Fixed the failure if BodyLength in HTTP token is less than the received
size of HTTPS message.

HttpBodyParserCallback function is to parse the HTTP(S) message body so as to
confirm whether there is the next message header. But it doesn't record the
parsing message data/length correctly.

This patch is refine the parsing logic so as to fix the potential failure.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Gary Lin <glin@suse.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Tested-by: Gary Lin <glin@suse.com>
2018-07-12 08:37:54 +08:00
Liming Gao f75a7f568e NetworkPkg: Clean up source files
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
2018-06-28 11:19:49 +08:00
Fu Siyuan 1e0db7b119 MdeModulePkg/NetworkPkg: Checking for NULL pointer before use.
Contributed-under: TianoCore Contribution Agreement 1.1

Signed-off-by: Sivaraman Nainar <sivaramann@amiindia.co.in>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-06-21 08:49:47 +08:00
Jiaxin Wu e9b4a4625c NetworkPkg/NetworkPkg.dsc: Add the instance of library class [SafeIntLib].
This patch is to add the instance of library class [SafeIntLib] to fix the
NetworkPkg build error, which is caused by the commit of 2167c7f7 that the
TlsLib will always consume SafeIntLib.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
2018-05-07 11:39:32 +08:00
Laszlo Ersek b1c81b6ec3 NetworkPkg/TlsDxe: clean up byte order conversion for EfiTlsCipherList
Fix the following style issues:

- "Data" is accessed through a pointer to UINT16 rather than to a pointer
  to EFI_TLS_CIPHER. While technically correct, UINT16 is harder to
  interpret against the UEFI spec.

- Array subscripting is written with weird *(Pointer + Offset)
  expressions, rather than with Pointer[Offset].

- The byte order is converted with HTONS(), while it should be NTOHS().
  Either way, use the Data1 and Data2 fields of EFI_TLS_CIPHER instead.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-04-13 14:06:12 +02:00
Laszlo Ersek 44eb974081 NetworkPkg/TlsDxe: verify DataSize for EfiTlsCipherList
TlsSetSessionData() shouldn't just ignore an incomplete EFI_TLS_CIPHER
element at the end of "Data":

- Generally speaking, malformed input for a security API is best rejected
  explicitly.

- Specifically speaking, the size of EFI_TLS_CIPHER is 2 bytes. If
  DataSize is 1 on input, then the initial check for (DataSize == 0) will
  fail, but then TlsSetCipherList() will be called with CipherNum=0.

Return EFI_INVALID_PARAMETER from TlsSetSessionData() if "Data" doesn't
contain a whole number of EFI_TLS_CIPHER elements. While at it, introduce
the dedicated variable CipherCount.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-04-13 14:06:09 +02:00
Laszlo Ersek b90c335fbb NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable attributes
If the platform creates the "TlsCaCertificate" variable as volatile, then
EnrollX509toVariable() shouldn't fail to extend it just because
TLS_AUTH_CONFIG_VAR_BASE_ATTR contains the EFI_VARIABLE_NON_VOLATILE
attribute.

Thus, if the variable exists, add the EFI_VARIABLE_APPEND_WRITE attribute
to the variable's current attributes. This is what DeleteCert() does
already.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:36 +02:00
Laszlo Ersek 0fd13678a6 NetworkPkg/HttpDxe: sanity-check the TlsCaCertificate variable before use
In TlsConfigCertificate(), make sure that the set of EFI_SIGNATURE_LIST
objects that the platform stored to "TlsCaCertificate" is well-formed.

In addition, because HttpInstance->TlsConfiguration->SetData() expects
X509 certificates only, ensure that the EFI_SIGNATURE_LIST objects only
report X509 certificates, as described under EFI_CERT_X509_GUID in the
UEFI-2.7 spec.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=909
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:34 +02:00
Laszlo Ersek 78a6782158 NetworkPkg/HttpDxe: drop misleading comment / status code in cert config
For TlsConfigureSession(), it makes sense to exempt EFI_NOT_FOUND from
TlsConfigCipherList() / gRT->GetVariable(), because there is a default
cipher list (SSL_DEFAULT_CIPHER_LIST) we can fall back to.

The same is not true of TlsConfigCertificate(), because there is no
default CA cert list. The platform (or the user of the Setup utility) is
required to configure a CA cert list first.

Remove the misleading comment and status code mapping in
TlsConfigCertificate().

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:32 +02:00
Laszlo Ersek 6f3487a79b NetworkPkg/HttpDxe: use error handler epilogue in TlsConfigCertificate()
Introduce a FreeCACert label near the end of the function, so that we can
keep the FreePool(CACert) statement centralized for error and success
exits.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:29 +02:00
Laszlo Ersek 1ba4a4df39 NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing
The string "HTTPClient" has 10 non-NUL characters; the value 9 is a
copy-paste leftover from "PXEClient". Check for all 10 characters in the
vendor-class-identifier option when determining whether the DHCP offer is
an HTTP offer.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-03-28 13:07:07 +02:00
Liming Gao d9885abf80 NetworkPkg: Correct HttpTlsCipherList.h file format to DOS
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-26 11:11:46 +08:00
Jiaxin Wu 2f1b849dc8 NetworkPkg/UefiPxeBcDxe: Configure the ARP Instance/RouteTable with new address
After completed a DHCP D.O.R.A process and got the new address, the ARP Instance
and RouteTable should be configured so as to avoid the later Pxe.Arp failure.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-22 08:25:20 +08:00
Jiaxin Wu 07bd82d42b NetworkPkg/HttpDxe: Handle the large data request via HTTPS channel.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-22 08:25:02 +08:00
Jiaxin Wu cb3350ec62 NetworkPkg/TlsDxe: Handle the multiple TLS record messages encryption/decryption.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-22 08:24:53 +08:00
Jiaxin Wu 841d8698dd NetworkPkg/IScsiDxe: Fix the ISCSI connection failure in certain case.
The ISCSI connection will fail for the first time if the target info is
retrieved from DHCP and expressed as URI format. The issue is caused by
the missing DNS protocol dependency check during the driver support
function.

This patch is to fix the above issue.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-13 16:55:24 +08:00
Jiaxin Wu 79f84eb676 NetworkPkg/HttpDxe: Support HTTP Delete Method.
Per the request to support HttpMethodDelete:
https://bugzilla.tianocore.org/show_bug.cgi?id=879,
This patch is to enable the HTTP Delete Method.

Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-02 11:15:54 +08:00
Jiaxin Wu db79f8019d NetworkPkg/Udp6Dxe: Fix the failure to leave one multicast group address.
The issue was enrolled by the commit of ceec3638. One of the change in the commit
was to return the status from NetMapIterate in Udp6Groups function. But it should
not return EFI_ABORTED directly in case McastIp is not NULL, which means to terminate
the iteration and leave the McastIp successfully.

Cc: Wang Fan <fan.wang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-03-02 11:15:38 +08:00
Jiaxin Wu f33d39949b NetworkPkg/HttpBootDxe: Fix the incorrect error message output.
For IPv6 case, if one invalid URL returned from DHCP server, HttpBootDxe
driver could not retrieve the URL host address from DNS server. In such a
case, the error message should be printed as:
  Error: Could not retrieve the host address from DNS server.
Instead of:
  Error: Could not discover the boot information for DHCP server.
Then, we can still output as following:
  Error: Could not retrieve NBP file size from HTTP server.

Besides, currently implementation in HttpBootLoadFile will always output
error message even the HTTP process is correct.

This patch is to fix above issue.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-03-02 11:15:14 +08:00
Jiaxin Wu 951c6e63f8 NetworkPkg/HttpBootDxe: Correct the parameter check for the usage of HttpBootGetFileFromCache.
The patch is to fix the incorrect parameter check for the HttpBootGetFileFromCache().

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2018-03-02 11:14:52 +08:00
Jiaxin Wu 7ff68b5edc NetworkPkg: Read HttpTlsCipherList variable and configure it for HTTPS session.
v2:
* Refine the error handling returned from GetVariable.

This patch is to read the HttpTlsCipherList variable and configure it for the
later HTTPS session.

If the variable is not set by any platform, EFI_NOT_FOUND will be returned
from GetVariable service. In such a case, the default CipherList created in
TlsDxe driver will be used.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Cc: Zimmer Vincent <vincent.zimmer@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-02-14 07:31:49 +08:00
Jiaxin Wu e34914db19 NetworkPkg: Define one private variable for HTTPS to set Tls CipherList.
v2:
* Rename the file/variable name.

This variable (HttpTlsCipherList) can be set by any platform that want to
control its own preferred Tls CipherList for the later HTTPS session.

The valid contents of variable must follow the TLS CipherList format defined
in RFC 5246. The valid length of variable must be an integral multiple of 2.
For example, if below cipher suites are preferred:
    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = {0x00,0x3C}
    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = {0x00,0x3D}
Then, the contents of variable should be:
    {0x00,0x3C,0x00,0x3D}

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Cc: Zimmer Vincent <vincent.zimmer@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2018-02-14 07:31:43 +08:00
Fu Siyuan ccd05ddd50 NetworkPkg: Add warning message for PXE if failed to read system GUID from SMBIOS.
Current PXE driver uses zero GUID if failed to get the system GUID from smbios
table, and some OS PXE boot may fail in such case. This patch is to add a warning
message to inform user that smbios table is missed on the platform.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
2018-02-05 13:38:40 +08:00
Jiaxin Wu 7ee089f604 NetworkPkg/HttpBootDxe: Avoid to corrupt HttpBootDxe setup screen.
When giving an invalid URI in Boot URI field within HTTP Boot
configuration page, the AsciiPrint will corrupt the setup screen.

This patch is to resolve the issue.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2018-01-25 13:37:26 +08:00
Fu Siyuan 32ae05811d NetworkPkg: Update package version to 0.98
Update package version of NetworkPkg to 0.98.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
2018-01-23 13:27:08 +08:00