From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.65; helo=mga03.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D805C21F85E76 for ; Tue, 27 Mar 2018 22:28:46 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Mar 2018 22:35:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,369,1517904000"; d="scan'208";a="45895291" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga002.jf.intel.com with ESMTP; 27 Mar 2018 22:35:24 -0700 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 27 Mar 2018 22:35:24 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.235]) by SHSMSX104.ccr.corp.intel.com ([169.254.5.226]) with mapi id 14.03.0319.002; Wed, 28 Mar 2018 13:35:22 +0800 From: "Wu, Jiaxin" To: Laszlo Ersek , edk2-devel-01 CC: "Fu, Siyuan" Thread-Topic: [PATCH 0/5] NetworkPkg: HTTP and TLS updates Thread-Index: AQHTwfxnOIFtfMl8+Eq6d6OGIW5ByqPlKPSA Date: Wed, 28 Mar 2018 05:35:21 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B72741639EC72@SHSMSX103.ccr.corp.intel.com> References: <20180322163933.29122-1-lersek@redhat.com> In-Reply-To: <20180322163933.29122-1-lersek@redhat.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiY2IyODMyZjUtYWViYS00MzNmLWEyMzktZDM4ZTVmMjBlMjY2IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE2LjUuOS4zIiwiVHJ1c3RlZExhYmVsSGFzaCI6IjZUYmZlZVFBb3ZOZWhEaU5oN0xNbVJEM1JTcFJjNmJpOVRGREJIZkxpT2c9In0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 0/5] NetworkPkg: HTTP and TLS updates X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Mar 2018 05:28:47 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Series Reviewed-by: Jiaxin Wu Thanks, Jiaxin > -----Original Message----- > From: Laszlo Ersek [mailto:lersek@redhat.com] > Sent: Friday, March 23, 2018 12:39 AM > To: edk2-devel-01 > Cc: Wu, Jiaxin ; Fu, Siyuan > Subject: [PATCH 0/5] NetworkPkg: HTTP and TLS updates >=20 > Repo: https://github.com/lersek/edk2.git > Branch: http_and_tls_updates >=20 > Patch #4 fixes TianoCore BZ#909 > . >=20 > Patches #2 and #3 are cleanups / preparation for patch #4. >=20 > Patch #1 fixes an independent typo that I noticed in the code while > configuring my DHCP server for HTTP(S) booting. It's isolated, so I put > it first in the series. >=20 > Patch #5 is preparation for future platform enablement, so that a > platform can create both "TlsCaCertificate" and "HttpTlsCipherList" > variables on every boot from scratch as volatile variables (without > flash varstore footprint). >=20 > I regression-tested this series with a successful HTTPS boot of an ISO > image from OVMF, using a DER-formatted self-signed certificate that I > enrolled with TlsAuthConfigDxe. >=20 > Cc: Jiaxin Wu > Cc: Siyuan Fu >=20 > Thanks, > Laszlo >=20 > Laszlo Ersek (5): > NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing > NetworkPkg/HttpDxe: use error handler epilogue in > TlsConfigCertificate() > NetworkPkg/HttpDxe: drop misleading comment / status code in cert > config > NetworkPkg/HttpDxe: sanity-check the TlsCaCertificate variable before > use > NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable > attributes >=20 > NetworkPkg/HttpBootDxe/HttpBootDhcp4.c | 4 +- > NetworkPkg/HttpDxe/HttpDxe.inf | 3 +- > NetworkPkg/HttpDxe/HttpsSupport.c | 74 ++++++++++++++++++-= - > NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c | 15 ++-- > 4 files changed, 80 insertions(+), 16 deletions(-) >=20 > -- > 2.14.1.3.gb7cf6e02401b