From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.120]) by mx.groups.io with SMTP id smtpd.web11.14187.1595516564245172612 for ; Thu, 23 Jul 2020 08:02:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=b4wUnigv; spf=pass (domain: redhat.com, ip: 207.211.31.120, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595516563; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xJvasmJxcA5FtUkZhnioHDWnk7kVtHPiHPn/Y67v4sE=; b=b4wUnigvrIC4s9gBh4i4u5LithWk1qXpOHGFhy0sZi1zo0AC2ONUY8YBlVETLQ1ldOI0/t VLEr6slm0qmz59yK/Os0DIqWmDS/NOuMJJnyc4JZIXiRh9oFImYDdAsC55bqsyIiwAkGh/ RNZuNi4hTOtaOEEmfWjSLTzj5vnsalE= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-399-20sWBfHOOOa92dmbqQWYUw-1; Thu, 23 Jul 2020 11:02:37 -0400 X-MC-Unique: 20sWBfHOOOa92dmbqQWYUw-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0770A102C7EE; Thu, 23 Jul 2020 15:02:36 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-114-52.ams2.redhat.com [10.36.114.52]) by smtp.corp.redhat.com (Postfix) with ESMTP id C01FB741A0; Thu, 23 Jul 2020 15:02:33 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v3 1/1] ShellPkg/DynamicCommand: add HttpDynamicCommand From: "Laszlo Ersek" To: devel@edk2.groups.io, vladimir.olovyannikov@broadcom.com Cc: Samer El-Haj-Mahmoud , Zhichao Gao , Maciej Rabeda , Jiaxin Wu , Siyuan Fu , Ray Ni , Liming Gao , Nd References: <20200713183137.9825-1-vladimir.olovyannikov@broadcom.com> Message-ID: <6b8ae026-a39c-3b68-4280-fc532b5954d6@redhat.com> Date: Thu, 23 Jul 2020 17:02:32 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit On 07/23/20 16:54, Laszlo Ersek wrote: > On 07/13/20 20:31, Vladimir Olovyannikov via groups.io wrote: >> Introduce an http client utilizing EDK2 HTTP protocol, to >> allow fast image downloading from http/https servers. >> HTTP download speed is usually faster than tftp. >> The client is based on the same approach as tftp dynamic command, and >> uses the same UEFI Shell command line parameters. This makes it easy >> integrating http into existing UEFI Shell scripts. >> Note that to enable HTTP download, feature Pcd >> gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections must >> be set to TRUE. >> >> Signed-off-by: Vladimir Olovyannikov >> Tested-By: Samer El-Haj-Mahmoud >> Cc: Zhichao Gao >> Cc: Maciej Rabeda >> Cc: Jiaxin Wu >> Cc: Siyuan Fu >> Cc: Ray Ni >> Cc: Liming Gao >> Cc: Nd >> --- >> .../DynamicCommand/HttpDynamicCommand/Http.c | 1700 +++++++++++++++++ >> .../DynamicCommand/HttpDynamicCommand/Http.h | 84 + >> .../HttpDynamicCommand/Http.uni | 113 ++ >> .../HttpDynamicCommand/HttpApp.c | 53 + >> .../HttpDynamicCommand/HttpApp.inf | 58 + >> .../HttpDynamicCommand/HttpDynamicCommand.c | 134 ++ >> .../HttpDynamicCommand/HttpDynamicCommand.inf | 63 + >> ShellPkg/Include/Guid/ShellLibHiiGuid.h | 5 + >> ShellPkg/ShellPkg.dec | 1 + >> ShellPkg/ShellPkg.dsc | 5 + >> 10 files changed, 2216 insertions(+) >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/Http.c >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/Http.h >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/Http.uni >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/HttpApp.c >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/HttpApp.inf >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.c >> create mode 100644 ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf > > I tested this, in an OVMF IA32X64 VM, and in an ArmVirtQemu (AARCH64) VM. > > I tested HTTP download, HTTPS download, and also willfully triggered a > Volume Full failure (checked free space on the FS with "vol" first, then > attempted to download a larger file than that). Also attempted a > download to read-only media (refused correctly with "Write Protected"). > > I tested FQDNs and IPv4 addresses in the URLs. > > I used "wget-style" URLs, mainly. > > For setting the CA certificates, I used the method described in > OvmfPkg/README, in section "HTTPS Boot". > > Compared the local files downloaded by this command vs. local files > downloaded from the same URLs using other tools (browser, wget etc). I > used a few hundred KB large files for this. > > One suggestion: if the download fails for some reason, but the local > file creation succeeded, then upon exit, the local file should be > deleted. Otherwise an incomplete (possibly zero size) file is left in > the filesystem. > > Tested-by: Laszlo Ersek Another comment relating to usage. (This is by no means an observation for the code, at best it could be included in some developer documentation or in some wiki page.) Having access to the DebugLib outputs of the drivers that provide the underlying protocols for this shell command is very useful. For example those logs can report certificate validation issues. Such access is usually not difficult with virtual machines, but on physical machines, it could be more challenging. I guess one way around that is to use such DebugLib instances in the platform firmware (i.e. in the underlying protocol drivers) that write to the UEFI consoles. That tends to mess up the display in the shell window, but it does provide more information. Thanks Laszlo