tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/NetworkPkg
History
Vineel Kovvuri 6f9e83f757 NetworkPkg/HttpDxe: Enable wildcard host name matching for HTTP+TLS. 
The current UEFI implementation of HTTPS during its TLS configuration
uses
EFI_TLS_VERIFY_FLAG_NO_WILDCARDS for host name verification. As per the
spec
this flag does is "to disable the match of any wildcards in the host
name". So,
certificates which are issued with wildcards(*.dm.corp.net etc) in it
will fail
the TLS host name matching. On the other hand,
EFI_TLS_VERIFY_FLAG_NONE(misnomer) means "no additional flags set for
hostname
validation. Wildcards are supported and they match only in the left-most
label."
this behavior/definition is coming from openssl's X509_check_host() api
https://www.openssl.org/docs/man1.1.0/man3/X509_check_host.html

Without EFI_TLS_VERIFY_FLAG_NONE any UEFI application using certificates
issued
with wildcards in them would fail to match while trying to communicate
with
HTTPS endpoint.

BugZilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3691

Signed-off-by: Vineel Kovvuri <vineelko@microsoft.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
 		2021-11-03 21:26:27 +00:00
..
Application/VConfig NetworkPkg: Move Network library header file from MdeModulePkg to NetworkPkg 2019-05-27 09:25:18 +08:00
ArpDxe NetworkPkg/ArpDxe: Recycle invalid ARP packets (CVE-2019-14559) 2020-02-21 03:01:57 +00:00
Dhcp4Dxe NetworkPkg/Dhcp4Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
Dhcp6Dxe NetworkPkg/Dhcp6Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
DnsDxe NetworkPkg/DnsDxe: cosmetic fixups 2021-01-05 14:37:21 +00:00
DpcDxe NetworkPkg/DpcDxe: Fix few typos 2020-02-10 22:30:07 +00:00
HttpBootDxe NetworkPkg/HttpBootDxe: make file extension check case-insensitive 2021-10-22 10:04:10 +00:00
HttpDxe NetworkPkg/HttpDxe: Enable wildcard host name matching for HTTP+TLS. 2021-11-03 21:26:27 +00:00
HttpUtilitiesDxe NetworkPkg: Remove unnecessary MdeModulePkg/MdeModulePkg.dec dependency in INF 2019-10-08 09:20:34 +08:00
IScsiDxe NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro 2021-06-30 19:20:41 +00:00
Include NetworkPkg: Add HTTP Additional Event Notifications 2021-07-28 16:19:19 +00:00
Ip4Dxe NetworkPkg/Ip4Dxe: Check the received package length (CVE-2019-14559). 2020-02-19 10:13:42 +00:00
Ip6Dxe NetworkPkg/Ip6Dxe: Validate source data record length 2020-04-17 17:34:33 +00:00
Library DxeHttpIoLib: Http boot failure with no initializes timeout value. 2021-01-20 12:33:38 +00:00
MnpDxe NetworkPkg/MnpDxe: Fix various typos 2020-02-10 22:30:07 +00:00
Mtftp4Dxe NetworkPkg/Mtftp4Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
Mtftp6Dxe NetworkPkg/Mtftp6Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
SnpDxe NetworkPkg/SnpDxe: Prevent invalid PCI BAR access 2020-04-17 17:34:33 +00:00
TcpDxe NetworkPkg/TcpDxe/Tcp: Fix various typos 2020-02-10 22:30:07 +00:00
TlsAuthConfigDxe NetworkPkg/TlsAuthConfigDxe: Use HiiPopUp() instead of CreatePopUp() 2020-04-17 17:34:33 +00:00
TlsDxe NetworkPkg/Tls: Fix few typos 2020-02-10 22:30:07 +00:00
Udp4Dxe NetworkPkg/Udp4Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
Udp6Dxe NetworkPkg/Udp6Dxe: Fix various typos 2020-02-10 22:30:07 +00:00
UefiPxeBcDxe NetworkPkg/UefiPxeBcDxe: handle competing DHCP servers (more) gracefully 2020-04-01 14:12:09 +00:00
VlanConfigDxe NetworkPkg/VlanConfigDxe: Fix few typos 2020-02-10 22:30:07 +00:00
WifiConnectionManagerDxe NetworkPkg: add missing newline at end of file 2019-10-04 11:18:22 +01:00
Network.dsc.inc NetworkPkg: Enable MD5 while enable iSCSI 2020-11-17 19:26:50 +00:00
Network.fdf.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkBuildOptions.dsc.inc NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro 2021-06-30 19:20:41 +00:00
NetworkComponents.dsc.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkDefines.dsc.inc NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro 2021-06-30 19:20:41 +00:00
NetworkLibs.dsc.inc NetworkPkg: Add Http IO Helper Library to NetworkPkg 2020-12-04 11:45:07 +00:00
NetworkPcds.dsc.inc
NetworkPkg.ci.yaml NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkPkg.dec NetworkPkg: Add HTTP Additional Event Notifications 2021-07-28 16:19:19 +00:00
NetworkPkg.dsc NetworkPkg: Making the HTTP IO timeout value programmable with PCD 2021-07-28 16:19:19 +00:00
NetworkPkg.uni NetworkPkg: Making the HTTP IO timeout value programmable with PCD 2021-07-28 16:19:19 +00:00
NetworkPkgExtra.uni