From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <siyuan.fu@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.88; helo=mga01.intel.com;
 envelope-from=siyuan.fu@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id E84DA2095744A
 for <edk2-devel@lists.01.org>; Tue, 27 Mar 2018 21:26:16 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
 by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 27 Mar 2018 21:32:54 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.48,369,1517904000"; d="scan'208";a="41863928"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
 by fmsmga001.fm.intel.com with ESMTP; 27 Mar 2018 21:32:54 -0700
Received: from fmsmsx117.amr.corp.intel.com (10.18.116.17) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Tue, 27 Mar 2018 21:32:54 -0700
Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by
 fmsmsx117.amr.corp.intel.com (10.18.116.17) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Tue, 27 Mar 2018 21:32:53 -0700
Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.235]) by
 SHSMSX104.ccr.corp.intel.com ([169.254.5.226]) with mapi id 14.03.0319.002;
 Wed, 28 Mar 2018 12:32:52 +0800
From: "Fu, Siyuan" <siyuan.fu@intel.com>
To: Laszlo Ersek <lersek@redhat.com>, edk2-devel-01 <edk2-devel@lists.01.org>
CC: "Wu, Jiaxin" <jiaxin.wu@intel.com>
Thread-Topic: [PATCH 0/5] NetworkPkg: HTTP and TLS updates
Thread-Index: AQHTwfxnlVCnv61OHEKuxJPJYKhXNaPlF6hg
Date: Wed, 28 Mar 2018 04:32:51 +0000
Message-ID: <B1FF2E9001CE9041BD10B825821D5BC58B46B83F@SHSMSX103.ccr.corp.intel.com>
References: <20180322163933.29122-1-lersek@redhat.com>
In-Reply-To: <20180322163933.29122-1-lersek@redhat.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ctpclassification: CTP_NT
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiY2FiZThjYmMtNTFiYS00YWU5LTg1OTgtZmYzODUwMmU1NWYwIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiI2T1dXUWF0aVEyMkxJUFo5NjlyYmhzcFliYjNRbWZOQ2p1NU0zdDNONGNXRFZJamx1N0UraUNRNnZxSFwvbGVqSCJ9
dlp-product: dlpe-windows
dlp-version: 11.0.0.116
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH 0/5] NetworkPkg: HTTP and TLS updates
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2018 04:26:17 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>


> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Thursday, March 22, 2018 9:39 AM
> To: edk2-devel-01 <edk2-devel@lists.01.org>
> Cc: Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [PATCH 0/5] NetworkPkg: HTTP and TLS updates
>=20
> Repo:   https://github.com/lersek/edk2.git
> Branch: http_and_tls_updates
>=20
> Patch #4 fixes TianoCore BZ#909
> <https://bugzilla.tianocore.org/show_bug.cgi?id=3D909>.
>=20
> Patches #2 and #3 are cleanups / preparation for patch #4.
>=20
> Patch #1 fixes an independent typo that I noticed in the code while
> configuring my DHCP server for HTTP(S) booting. It's isolated, so I put
> it first in the series.
>=20
> Patch #5 is preparation for future platform enablement, so that a
> platform can create both "TlsCaCertificate" and "HttpTlsCipherList"
> variables on every boot from scratch as volatile variables (without
> flash varstore footprint).
>=20
> I regression-tested this series with a successful HTTPS boot of an ISO
> image from OVMF, using a DER-formatted self-signed certificate that I
> enrolled with TlsAuthConfigDxe.
>=20
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
>=20
> Thanks,
> Laszlo
>=20
> Laszlo Ersek (5):
>   NetworkPkg/HttpBootDxe: fix typo in DHCPv4 packet parsing
>   NetworkPkg/HttpDxe: use error handler epilogue in
>     TlsConfigCertificate()
>   NetworkPkg/HttpDxe: drop misleading comment / status code in cert
>     config
>   NetworkPkg/HttpDxe: sanity-check the TlsCaCertificate variable before
>     use
>   NetworkPkg/TlsAuthConfigDxe: preserve TlsCaCertificate variable
>     attributes
>=20
>  NetworkPkg/HttpBootDxe/HttpBootDhcp4.c          |  4 +-
>  NetworkPkg/HttpDxe/HttpDxe.inf                  |  3 +-
>  NetworkPkg/HttpDxe/HttpsSupport.c               | 74 ++++++++++++++++++-=
-
>  NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c | 15 ++--
>  4 files changed, 80 insertions(+), 16 deletions(-)
>=20
> --
> 2.14.1.3.gb7cf6e02401b