From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <thomas.palmer@hpe.com>
Received: from NAM03-DM3-obe.outbound.protection.outlook.com
 (mail-dm3nam03on0721.outbound.protection.outlook.com
 [IPv6:2a01:111:f400:fe49::721])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 4D7701A1E27
 for <edk2-devel@lists.01.org>; Fri, 29 Jul 2016 15:32:32 -0700 (PDT)
Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) by
 CS1PR84MB0149.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.28) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.1.549.15; Fri, 29 Jul 2016 22:32:30 +0000
Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) by
 CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) with mapi id
 15.01.0549.016; Fri, 29 Jul 2016 22:32:29 +0000
From: "Palmer, Thomas" <thomas.palmer@hpe.com>
To: Jiaxin Wu <jiaxin.wu@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: Samer El-Haj-Mahmoud <Smahmoud@lenovo.com>, Long Qin <qin.long@intel.com>, 
 Ye Ting <ting.ye@intel.com>, Fu Siyuan <siyuan.fu@intel.com>
Thread-Topic: [staging/HTTPS-TLS][PATCH 2/2] NetworkPkg: Continue the session
 even no local cert found
Thread-Index: AQHR2BpN6MLhNVp8Ek6gUMW89ep+26AwIepA
Date: Fri, 29 Jul 2016 22:32:29 +0000
Message-ID: <CS1PR84MB0151A88C4878953519592EF6ED010@CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM>
References: <1467873537-32344-1-git-send-email-jiaxin.wu@intel.com>
 <1467873537-32344-3-git-send-email-jiaxin.wu@intel.com>
In-Reply-To: <1467873537-32344-3-git-send-email-jiaxin.wu@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=thomas.palmer@hpe.com; 
x-originating-ip: [15.203.227.4]
x-ms-office365-filtering-correlation-id: 235dc8ad-65e2-43f0-99ec-08d3b8003994
x-microsoft-exchange-diagnostics: 1; CS1PR84MB0149;
 6:+phv3trDR0ejJ2jqyESLIiKZD84bFHHLQkmkysPygquQmOXfxZFRvDEPMzTLoAEqFYnYhSBIjUexX507dRLQWJFu6sKAX76gIwPqI09kLVynpMOIwy98UjQH+h6f8bl4ZLdInR/+aeX1LnLRg/GmUco76ocmbhLFGU2lYBl5+5+iO7ZGlxMSL+22M2VrlTmvNaf6M5M6/06V2SmOQVQam0erubs+ECj+pn3DqX98rnIlkBUM8lOinRa7KpWVrHkgUzwxhr62TYy3dMS2IzfdANBvfcWTmztz1+xmwc2i1b6+hakqo+k0uWNpwXSOmzrAwbWK3TB5aATn8a2syyqJNg==;
 5:scgOyNxgThFGNOYD7lK6u4t0i5lwn7tSkv1nqeQAVMhjTvEOr8kXBwUjv6Ff3TAzUTs13rze7UZ+WrAVr5jBKDNbb+l9xFvyXegmeAL78M2FZaIbbNZqwrbNR1zuoSRWD8C6Xve+W+FN6aewgDkGhg==;
 24:Nfr9M36PP3vE+Xrfm12n2LmNCU2vxcChEGYiMm2d9W4JUQA+uIEEC7T9PJ0V7n12jQWFA4tuUqg+P7dODtP/CEsm5AHdO1H4nJvMiHB6ttA=;
 7:4BTarMH6foycriIWW0LaILr6flp8uK8GsyOu7/72pKZHqvkQF6eKW54BnExJGqeheZE5PyXr2iNY2IXo5SPdoaep3tF2/TfNRq7QLKy7urLh/LvYBPviz8345sw5WUc2l1XdWaqGFlU0ipK4E5opG/hkafsL2S+cJvIzVsC65bauau31lUIcmnNLEwy+m1Rd4IcEOcsNgCr876VXUaheBZrxtdtCLN23oNM713J7PNPbFAuf2GGJa30CMVU3Zhvr
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CS1PR84MB0149;
x-microsoft-antispam-prvs: <CS1PR84MB0149631B597FAA7B5B6F03CAED010@CS1PR84MB0149.NAMPRD84.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(227479698468861)(3940261145250)(162533806227266)(228905959029699); 
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
 RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026);
 SRVR:CS1PR84MB0149; BCL:0; PCL:0; RULEID:; SRVR:CS1PR84MB0149; 
x-forefront-prvs: 0018A2705B
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(6009001)(7916002)(377454003)(189002)(199003)(13464003)(8676002)(2900100001)(3280700002)(106356001)(81156014)(74316002)(106116001)(33656002)(97736004)(2501003)(189998001)(77096005)(3660700001)(8936002)(5001770100001)(4326007)(86362001)(2906002)(81166006)(2950100001)(87936001)(305945005)(92566002)(7736002)(586003)(66066001)(122556002)(9686002)(19580395003)(68736007)(6116002)(19580405001)(10400500002)(102836003)(3846002)(5002640100001)(54356999)(105586002)(99286002)(101416001)(7696003)(76176999)(50986999)(7846002);
 DIR:OUT; SFP:1102; SCL:1; SRVR:CS1PR84MB0149;
 H:CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords;
 MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: hpe.com does not designate
 permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: hpe.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2016 22:32:29.3961 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR84MB0149
Subject: Re: [staging/HTTPS-TLS][PATCH 2/2] NetworkPkg: Continue the session even no local cert found
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2016 22:32:32 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed by Thomas Palmer <thomas.palmer@hpe.com>

-----Original Message-----
From: Jiaxin Wu [mailto:jiaxin.wu@intel.com]=20
Sent: Thursday, July 7, 2016 1:39 AM
To: edk2-devel@lists.01.org
Cc: Palmer, Thomas <thomas.palmer@hpe.com>; Samer El-Haj-Mahmoud <Smahmoud@=
lenovo.com>; Long Qin <qin.long@intel.com>; Ye Ting <ting.ye@intel.com>; Fu=
 Siyuan <siyuan.fu@intel.com>
Subject: [staging/HTTPS-TLS][PATCH 2/2] NetworkPkg: Continue the session ev=
en no local cert found

This patch did following updates:
* To support "Live Certificate" case, allow to continue the session even no=
 local cert found.
* Fix potential assert issue when connection failed.

Cc: Palmer Thomas <thomas.palmer@hpe.com>
Cc: Samer El-Haj-Mahmoud <Smahmoud@lenovo.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
---
 NetworkPkg/HttpDxe/HttpsSupport.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSu=
pport.c
index 36f658c..969225d 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -531,14 +531,14 @@ TlsConfigureSession (
   if (EFI_ERROR (Status)) {
     goto ERROR;
   }
  =20
   //
-  // Tls Config Certificate
+  // Tls Config Certificate if 'TlsCaCertificate' variable existed.=20
   //
   Status =3D TlsConfigCertificate (HttpInstance);
-  if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) && Status !=3D EFI_NOT_FOUND) {
     DEBUG ((EFI_D_ERROR, "TLS Certificate Config Error!\n"));
     goto ERROR;
   }
  =20
   //
@@ -1184,11 +1184,13 @@ TlsConnectSession (
     if(HttpInstance->TlsSessionState =3D=3D EfiTlsSessionError) { =20
       return EFI_ABORTED;   =20
     }
   }
=20
-  ASSERT(HttpInstance->TlsSessionState =3D=3D EfiTlsSessionDataTransferrin=
g);
+  if (HttpInstance->TlsSessionState !=3D EfiTlsSessionDataTransferring) {
+    Status =3D EFI_ABORTED;
+  }
=20
   return Status;
 }
=20
 /**
--
1.9.5.msysgit.1