[PATCH 3/5] NetworkPkg/HttpDxe: drop misleading comment / status code in cert config

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Laszlo Ersek <lersek@redhat.com>
To: edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>, Siyuan Fu <siyuan.fu@intel.com>
Subject: [PATCH 3/5] NetworkPkg/HttpDxe: drop misleading comment / status code in cert config
Date: Thu, 22 Mar 2018 17:39:31 +0100	[thread overview]
Message-ID: <20180322163933.29122-4-lersek@redhat.com> (raw)
In-Reply-To: <20180322163933.29122-1-lersek@redhat.com>

For TlsConfigureSession(), it makes sense to exempt EFI_NOT_FOUND from
TlsConfigCipherList() / gRT->GetVariable(), because there is a default
cipher list (SSL_DEFAULT_CIPHER_LIST) we can fall back to.

The same is not true of TlsConfigCertificate(), because there is no
default CA cert list. The platform (or the user of the Setup utility) is
required to configure a CA cert list first.

Remove the misleading comment and status code mapping in
TlsConfigCertificate().

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 NetworkPkg/HttpDxe/HttpsSupport.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSupport.c
index 9103987a0e4c..baab77225fdf 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -423,9 +423,7 @@ TlsConfigCertificate (
   if (EFI_ERROR (Status)) {
     //
     // GetVariable still error or the variable is corrupted.
-    // Fall back to the default value.
     //
-    Status = EFI_NOT_FOUND;
     goto FreeCACert;
   }
 
-- 
2.14.1.3.gb7cf6e02401b

next prev parent reply	other threads:[~2018-03-22 16:33 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-22 16:39 [PATCH 0/5] NetworkPkg: HTTP and TLS updates Laszlo Ersek
2018-03-22 16:39 ` [PATCH 1/5] NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing Laszlo Ersek
2018-03-22 16:39 ` [PATCH 2/5] NetworkPkg/HttpDxe: use error handler epilogue in TlsConfigCertificate() Laszlo Ersek
2018-03-22 16:39 ` Laszlo Ersek [this message]
2018-03-22 16:39 ` [PATCH 4/5] NetworkPkg/HttpDxe: sanity-check the TlsCaCertificate variable before use Laszlo Ersek
2018-03-22 16:39 ` [PATCH 5/5] NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable attributes Laszlo Ersek
2018-03-27  9:32 ` [PATCH 0/5] NetworkPkg: HTTP and TLS updates Laszlo Ersek
2018-03-28  4:32 ` Fu, Siyuan
2018-03-28  5:35 ` Wu, Jiaxin
2018-03-28 11:18   ` Laszlo Ersek

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9103987a0e4 dfblob:baab77225fd )
 OR (
bs:"[PATCH 3/5] NetworkPkg/HttpDxe: drop misleading comment / status code in cert config" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180322163933.29122-4-lersek@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox