[PATCH] OvmfPkg: Enable HTTPS for Ovmf

* [PATCH] OvmfPkg: Enable HTTPS for Ovmf
@ 2017-01-16  4:10 Gary Lin
  2017-01-16  5:44 ` Wu, Jiaxin
  0 siblings, 1 reply; 8+ messages in thread
From: Gary Lin @ 2017-01-16  4:10 UTC (permalink / raw)
  To: edk2-devel; +Cc: Laszlo Ersek, Jordan Justen, Jiaxin Wu

This commit introduces a new build option to OvmfPkg: TLS_ENABLE.
When setting the option, the TLS drivers will be included to support
HTTPS.

NOTE: HTTP_BOOT_ENABLE is needed to enable HTTPS support since it's
      pointless to enable TLS alone.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
---
 OvmfPkg/OvmfPkgIa32.dsc    | 8 ++++++++
 OvmfPkg/OvmfPkgIa32.fdf    | 4 ++++
 OvmfPkg/OvmfPkgIa32X64.dsc | 8 ++++++++
 OvmfPkg/OvmfPkgIa32X64.fdf | 4 ++++
 OvmfPkg/OvmfPkgX64.dsc     | 8 ++++++++
 OvmfPkg/OvmfPkgX64.fdf     | 4 ++++
 6 files changed, 36 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index e97f7f0262..363f143c68 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -38,6 +38,7 @@ [Defines]
   DEFINE NETWORK_IP6_ENABLE      = FALSE
   DEFINE HTTP_BOOT_ENABLE        = FALSE
   DEFINE SMM_REQUIRE             = FALSE
+  DEFINE TLS_ENABLE              = FALSE
 
 [BuildOptions]
   GCC:*_UNIXGCC_*_CC_FLAGS             = -DMDEPKG_NDEBUG
@@ -158,6 +159,9 @@ [LibraryClasses]
 
 !if $(HTTP_BOOT_ENABLE) == TRUE
   HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
+!if $(TLS_ENABLE) == TRUE
+  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
+!endif
 !endif
 
   S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
@@ -715,6 +719,10 @@ [Components]
   NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   NetworkPkg/HttpDxe/HttpDxe.inf
   NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  NetworkPkg/TlsDxe/TlsDxe.inf
+  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 34d57a6079..30c8800932 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -329,6 +329,10 @@ [FV.DXEFV]
   INF  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   INF  NetworkPkg/HttpDxe/HttpDxe.inf
   INF  NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  INF  NetworkPkg/TlsDxe/TlsDxe.inf
+  INF  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   INF  OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 8e3e04c135..f22bad309a 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -38,6 +38,7 @@ [Defines]
   DEFINE NETWORK_IP6_ENABLE      = FALSE
   DEFINE HTTP_BOOT_ENABLE        = FALSE
   DEFINE SMM_REQUIRE             = FALSE
+  DEFINE TLS_ENABLE              = FALSE
 
 [BuildOptions]
   GCC:*_UNIXGCC_*_CC_FLAGS             = -DMDEPKG_NDEBUG
@@ -163,6 +164,9 @@ [LibraryClasses]
 
 !if $(HTTP_BOOT_ENABLE) == TRUE
   HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
+!if $(TLS_ENABLE) == TRUE
+  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
+!endif
 !endif
 
   S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
@@ -724,6 +728,10 @@ [Components.X64]
   NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   NetworkPkg/HttpDxe/HttpDxe.inf
   NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  NetworkPkg/TlsDxe/TlsDxe.inf
+  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index df55c2b210..7bc31d42ba 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -329,6 +329,10 @@ [FV.DXEFV]
   INF  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   INF  NetworkPkg/HttpDxe/HttpDxe.inf
   INF  NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  INF  NetworkPkg/TlsDxe/TlsDxe.inf
+  INF  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   INF  OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 6ec3fe050d..8eca6fd557 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -38,6 +38,7 @@ [Defines]
   DEFINE NETWORK_IP6_ENABLE      = FALSE
   DEFINE HTTP_BOOT_ENABLE        = FALSE
   DEFINE SMM_REQUIRE             = FALSE
+  DEFINE TLS_ENABLE              = FALSE
 
 [BuildOptions]
   GCC:*_UNIXGCC_*_CC_FLAGS             = -DMDEPKG_NDEBUG
@@ -163,6 +164,9 @@ [LibraryClasses]
 
 !if $(HTTP_BOOT_ENABLE) == TRUE
   HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf
+!if $(TLS_ENABLE) == TRUE
+  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
+!endif
 !endif
 
   S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
@@ -722,6 +726,10 @@ [Components]
   NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   NetworkPkg/HttpDxe/HttpDxe.inf
   NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  NetworkPkg/TlsDxe/TlsDxe.inf
+  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 5e2e1dfaf5..cb7ca131e8 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -329,6 +329,10 @@ [FV.DXEFV]
   INF  NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf
   INF  NetworkPkg/HttpDxe/HttpDxe.inf
   INF  NetworkPkg/HttpBootDxe/HttpBootDxe.inf
+!if $(TLS_ENABLE) == TRUE
+  INF  NetworkPkg/TlsDxe/TlsDxe.inf
+  INF  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+!endif
 !endif
   INF  OvmfPkg/VirtioNetDxe/VirtioNet.inf
 
-- 
2.11.0



^ permalink raw reply related	[flat|nested] 8+ messages in thread