From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5B09781D81 for ; Sun, 15 Jan 2017 20:11:05 -0800 (PST) Received: from GaryWorkstation.apac.novell.com (ip-203-192-156-9.asianetcom.net [203.192.156.9]) by smtp.nue.novell.com with ESMTP (NOT encrypted); Mon, 16 Jan 2017 05:11:00 +0100 From: Gary Lin To: edk2-devel@lists.01.org Cc: Laszlo Ersek , Jordan Justen , Jiaxin Wu Date: Mon, 16 Jan 2017 12:10:13 +0800 Message-Id: <20170116041013.31545-1-glin@suse.com> X-Mailer: git-send-email 2.11.0 Subject: [PATCH] OvmfPkg: Enable HTTPS for Ovmf X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jan 2017 04:11:05 -0000 This commit introduces a new build option to OvmfPkg: TLS_ENABLE. When setting the option, the TLS drivers will be included to support HTTPS. NOTE: HTTP_BOOT_ENABLE is needed to enable HTTPS support since it's pointless to enable TLS alone. Cc: Laszlo Ersek Cc: Jordan Justen Cc: Jiaxin Wu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin --- OvmfPkg/OvmfPkgIa32.dsc | 8 ++++++++ OvmfPkg/OvmfPkgIa32.fdf | 4 ++++ OvmfPkg/OvmfPkgIa32X64.dsc | 8 ++++++++ OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++ OvmfPkg/OvmfPkgX64.dsc | 8 ++++++++ OvmfPkg/OvmfPkgX64.fdf | 4 ++++ 6 files changed, 36 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index e97f7f0262..363f143c68 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -158,6 +159,9 @@ [LibraryClasses] !if $(HTTP_BOOT_ENABLE) == TRUE HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif !endif S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf @@ -715,6 +719,10 @@ [Components] NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif OvmfPkg/VirtioNetDxe/VirtioNet.inf diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 34d57a6079..30c8800932 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -329,6 +329,10 @@ [FV.DXEFV] INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 8e3e04c135..f22bad309a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -163,6 +164,9 @@ [LibraryClasses] !if $(HTTP_BOOT_ENABLE) == TRUE HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif !endif S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf @@ -724,6 +728,10 @@ [Components.X64] NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif OvmfPkg/VirtioNetDxe/VirtioNet.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index df55c2b210..7bc31d42ba 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -329,6 +329,10 @@ [FV.DXEFV] INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 6ec3fe050d..8eca6fd557 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -38,6 +38,7 @@ [Defines] DEFINE NETWORK_IP6_ENABLE = FALSE DEFINE HTTP_BOOT_ENABLE = FALSE DEFINE SMM_REQUIRE = FALSE + DEFINE TLS_ENABLE = FALSE [BuildOptions] GCC:*_UNIXGCC_*_CC_FLAGS = -DMDEPKG_NDEBUG @@ -163,6 +164,9 @@ [LibraryClasses] !if $(HTTP_BOOT_ENABLE) == TRUE HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +!if $(TLS_ENABLE) == TRUE + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf +!endif !endif S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf @@ -722,6 +726,10 @@ [Components] NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + NetworkPkg/TlsDxe/TlsDxe.inf + NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif OvmfPkg/VirtioNetDxe/VirtioNet.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 5e2e1dfaf5..cb7ca131e8 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -329,6 +329,10 @@ [FV.DXEFV] INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!if $(TLS_ENABLE) == TRUE + INF NetworkPkg/TlsDxe/TlsDxe.inf + INF NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf +!endif !endif INF OvmfPkg/VirtioNetDxe/VirtioNet.inf -- 2.11.0