From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+113226+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id E8F6C74003D
	for <rebecca@openfw.io>; Fri,  5 Jan 2024 08:37:56 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=QvTD0Acd1OnhGGTjOKOnqgVRgVdhHErPy7eKA5zG810=;
 c=relaxed/simple; d=groups.io;
 h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type;
 s=20140610; t=1704443875; v=1;
 b=vECpTd5UuplyxEVl4U1NPL9GDHcoGSb4yM+AiU90P7gwbEg9QE6DiuGAzU0uH0GTjMFsZvJo
 GC9GHYz/yGt1T4tk0rMrKxs0SsiBMvBsWHYLc9ggHQtvBap4l7L9OMNxZ5ohVxPxw9K//XlcJdS
 CGf2/2S7HUOVddlrPTTdGqi4=
X-Received: by 127.0.0.2 with SMTP id 3xybYY7687511x28p3Brexr7; Fri, 05 Jan 2024 00:37:55 -0800
X-Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.89])
 by mx.groups.io with SMTP id smtpd.web11.19613.1704443874658695629
 for <devel@edk2.groups.io>;
 Fri, 05 Jan 2024 00:37:54 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=hhd7Nj1+cZWWUxSF85Riwhvhxn6pp5T7oQO6BGK6avrxHxLLz4KbuvWZgB5cqbn1tx/EU2bLRO85ZCns5klxnDOQni1eR+lYWeYslIR7hgecb7EDswuNr98DE0aFOIRxa1ZjTPrN70GUaIM4h4sOO5PLlNCNu9zgcoI7qCBTablxGpkwOBREf/0Aok5kpBuEFMLxryT6Eva8sZ3+7BXiLdPTHEFXOhX8nvmgZFycpo/+sXL4iMYniyy7uiVFbHcuoO9sSuo37+DsMM/DmhWUxt2vWuDrXh9oSSNKrEJI9ZuH7/1U/8ZhUjkPzhyDiqlgz4zDdvTlyJJp+tEJ45nsTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=vPv4un6IxUc5HxqLEyG4dwh2Gk/KCGnwkKff2te0tcE=;
 b=kQ75y3pRcGfZPuENY3PJ6IEPeYiG712ZGnpeSF8ObNenlgWR6e1GOlqToM5uggK0eqVwhKTobhNG+k17fm9HCuNgGkTaB2KzoAnb6kYBx6RGORC9Fl4fZgrMESoEPZKP6ukmVEXKmPZ0gHQ+fCs4CYgXfVhGUdl0S8ggBl+p19Un7BfFiOkKtcY2xDQqbV6FdrorFJVEPw89HcTPWXNqPMhgzaJ5QdcDOqcq3YGhKhuEpVCjHi/VgfwlcLqJcR9YLbi3iDMGona6ErOnbYICFZQALGL3TLRWSG6P8EuixqDS4c4KFVZ9ZbBHxoPG5IweHAXtuW+M/PCEXgirt5kSTw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
X-Received: from SJ0PR03CA0199.namprd03.prod.outlook.com (2603:10b6:a03:2ef::24)
 by PH7PR12MB7140.namprd12.prod.outlook.com (2603:10b6:510:200::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.16; Fri, 5 Jan
 2024 08:37:50 +0000
X-Received: from SJ1PEPF00001CEB.namprd03.prod.outlook.com
 (2603:10b6:a03:2ef:cafe::aa) by SJ0PR03CA0199.outlook.office365.com
 (2603:10b6:a03:2ef::24) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.16 via Frontend
 Transport; Fri, 5 Jan 2024 08:37:50 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
X-Received: from SATLEXMB04.amd.com (165.204.84.17) by
 SJ1PEPF00001CEB.mail.protection.outlook.com (10.167.242.27) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.7159.9 via Frontend Transport; Fri, 5 Jan 2024 08:37:50 +0000
X-Received: from TPE-L1-ABNCHANG.amd.com (10.180.168.240) by SATLEXMB04.amd.com
 (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 5 Jan
 2024 02:37:47 -0600
From: "Chang, Abner via groups.io" <abner.chang=amd.com@groups.io>
To: <devel@edk2.groups.io>
CC: Saloni Kasbekar <saloni.kasbekar@intel.com>, Zachary Clark-williams
	<zachary.clark-williams@intel.com>, Michael Brown <mcb30@ipxe.org>, Nickle
 Wang <nicklew@nvidia.com>, Igor Kulchytskyy <igork@ami.com>
Subject: [edk2-devel] [PATCH 2/5] NetwokrPkg/HttpDxe: Consider TLS certificate not found as a success case
Date: Fri, 5 Jan 2024 16:37:13 +0800
Message-ID: <20240105083716.340-3-abner.chang@amd.com>
In-Reply-To: <20240105083716.340-1-abner.chang@amd.com>
References: <20240105083716.340-1-abner.chang@amd.com>
MIME-Version: 1.0
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SJ1PEPF00001CEB:EE_|PH7PR12MB7140:EE_
X-MS-Office365-Filtering-Correlation-Id: 084a1329-91d9-4d01-8ff0-08dc0dc999f8
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Message-Info: 
	Xatrd53Q/TeaNF8D4M50tn2VgB4vQNTbKMeoDONUAV5mIpbkIWuWh/Ksk+gcbpMqjeg7Hx769glCkzllk7tnk9kpK3gI0JsFY2gyCN5W8KSJDJE4sFYrBb+Q+Us3wtcz/0oFW59idkVI/NVLZhkj3rq9Ex8ZS82rj+Q2wdJoFMKTXDmLh+y2PP41mtvMCcd9F1Pkf3Yo01DHsH0YEl8/3p7O8aGLnp8MClG82Z0weakhBoGtNzpwuxwdebHDu9nwdMDiq9KA0SmuytkLFIUJXgzDj+WtAWM6r0uOCKLG1k09SibVsvzVU3lq+ZbPRP5VPGbWmwXgnPByN5mAG7BwwsjiZTxbE5aAXlsLTIlhqDbYBZO1HLxiDdlnkhjSJt981xBUoTJ1z19+F3cg3/IzkrBK9bVYDNpby/Z07PSfRGr4GetGu6vTlRVPhhbGj5c8kg/36WJYnAmxzLiJzHE2lfE2XS6p2PLeZuHaDBNEjJL2x5PSMp1ln6R6fvrSwLNWOCUZda67XxlKiKNKkekA+RxCS20Fsz3HyEMATSfQ1yx0Vp6WDolmlrFzU0pWywAUNgGAsKIRLsduegV+6ky4i9v5WM7gYG1aCkXnSwDJ2Coxbl363yokDvw+t0hH/skmtiaWMot5s3DGl4HvEux2wXdFcxJIoOhqMjyq9Q0qv0prXvP1DapEa79EFb3eAyV3FPgo4g63C7zs+rQIbo0nGxSZZ7kIDGmKVrFwLkAeBNmdZQ/5woizeeexNKbLK/oSjwPZpSV+pLuhcdh7223isQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jan 2024 08:37:50.1309
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 084a1329-91d9-4d01-8ff0-08dc0dc999f8
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	SJ1PEPF00001CEB.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7140
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,abner.chang@amd.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: LZKcw1PU6g58a1T9ww8aKJsyx7686176AA=
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=vECpTd5U;
	dmarc=none;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io;
	arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}")

From: Abner Chang <abner.chang@amd.com>

We still return EFI_SUCCESS to the caller when TlsConfigCertificate
returns error, for the use case the platform doesn't require
certificate for the specific HTTP session. This ensures
HttpInitSession function still initiated and returns EFI_SUCCESS to
the caller. The failure is pushed back to TLS DXE driver if the
HTTP communication actually requires certificate.

Signed-off-by: Abner Chang <abner.chang@amd.com>
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Cc: Michael Brown <mcb30@ipxe.org>
Cc: Nickle Wang <nicklew@nvidia.com>
Cc: Igor Kulchytskyy <igork@ami.com>
---
 NetworkPkg/HttpDxe/HttpsSupport.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSu=
pport.c
index a07323ff0bd..04a830f7152 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -722,8 +722,21 @@ TlsConfigureSession (
   //
   Status =3D TlsConfigCertificate (HttpInstance);
   if (EFI_ERROR (Status)) {
-    DEBUG ((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
-    return Status;
+    if (Status =3D=3D EFI_NOT_FOUND) {
+      DEBUG((DEBUG_WARN, "TLS Certificate is not found on the system!\n"))=
;
+      //
+      // We still return EFI_SUCCESS to the caller when TlsConfigCertifica=
te
+      // returns error, for the use case the platform doesn't require
+      // certificate for the specific HTTP session. This ensures
+      // HttpInitSession function still initiated and returns EFI_SUCCESS =
to
+      // the caller. The failure is pushed back to TLS DXE driver if the
+      // HTTP communication actually requires certificate.
+      //
+      Status =3D EFI_SUCCESS;
+    } else {
+      DEBUG((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
+      return Status;
+    }
   }
=20
   //
--=20
2.37.1.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113226): https://edk2.groups.io/g/devel/message/113226
Mute This Topic: https://groups.io/mt/103539579/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-