From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Vineel Kovvuri <vineel.kovvuri@gmail.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"sean.brogan@microsoft.com" <sean.brogan@microsoft.com>,
"bret.barkelew@microsoft.com" <bret.barkelew@microsoft.com>,
"Michael.Turner@microsoft.com" <Michael.Turner@microsoft.com>
Cc: Vineel Kovvuri <vineelko@microsoft.com>
Subject: Re: [PATCH 2/2] Allow wildcards in hostname
Date: Wed, 13 Oct 2021 02:50:26 +0000 [thread overview]
Message-ID: <PH0PR11MB4885FC93B115D409059C12208CB79@PH0PR11MB4885.namprd11.prod.outlook.com> (raw)
In-Reply-To: <06e1abfade77dbf913e3e25f1e26dfc54f550696.1633999992.git.vineelko@microsoft.com>
It seems the Bugzilla only describes the ECC, but no much info on why we need allow wildcards in hostname.
The git log in mu is also unclear to me - "This enables certain local network recovery stories. May re-evaluate as those stories change. "
I am OK with ECC change, and give R-B.
But I would like to understand more on why we need allow wildcards in general. What are the stories?
If this is only for "recovery stories", should we also allow wildcards in recovery boot path?
For example, should we have a PCD to platform owner make decision? E.g. normal boot - NO. recovery boot - YES ?
Thank you
Yao Jiewen
> -----Original Message-----
> From: Vineel Kovvuri <vineel.kovvuri@gmail.com>
> Sent: Tuesday, October 12, 2021 1:38 PM
> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>;
> sean.brogan@microsoft.com; bret.barkelew@microsoft.com;
> Michael.Turner@microsoft.com
> Cc: Vineel Kovvuri <vineelko@microsoft.com>
> Subject: [PATCH 2/2] Allow wildcards in hostname
>
> This PR is cherry-picked from
> https://github.com/microsoft/mu_basecore/commit/d0c7733400c35722499ee
> dcd4279042a9bcb0eb4
>
> BugZilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>
> Signed-off-by: Vineel Kovvuri <vineelko@microsoft.com>
> ---
> NetworkPkg/HttpDxe/HttpsSupport.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c
> b/NetworkPkg/HttpDxe/HttpsSupport.c
> index 7e0bf85c3c..0f28ae9447 100644
> --- a/NetworkPkg/HttpDxe/HttpsSupport.c
> +++ b/NetworkPkg/HttpDxe/HttpsSupport.c
> @@ -625,7 +625,7 @@ TlsConfigureSession (
> //
> HttpInstance->TlsConfigData.ConnectionEnd = EfiTlsClient;
> HttpInstance->TlsConfigData.VerifyMethod = EFI_TLS_VERIFY_PEER;
> - HttpInstance->TlsConfigData.VerifyHost.Flags =
> EFI_TLS_VERIFY_FLAG_NO_WILDCARDS;
> + HttpInstance->TlsConfigData.VerifyHost.Flags =
> EFI_TLS_VERIFY_FLAG_NONE;
> HttpInstance->TlsConfigData.VerifyHost.HostName = HttpInstance-
> >RemoteHost;
> HttpInstance->TlsConfigData.SessionState = EfiTlsSessionNotStarted;
>
> --
> 2.17.1
next prev parent reply other threads:[~2021-10-13 2:50 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-12 5:38 [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve chipher algorithms Vineel Kovvuri
2021-10-12 5:38 ` [PATCH 2/2] Allow wildcards in hostname Vineel Kovvuri
2021-10-13 2:50 ` Yao, Jiewen [this message]
2021-10-13 2:45 ` [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve chipher algorithms Yao, Jiewen
2021-10-17 2:49 ` Yao, Jiewen
2021-10-18 20:06 ` vineelko
2021-11-03 0:37 ` Yao, Jiewen
2021-11-03 8:34 ` Vineel Kovvuri
2021-11-08 22:29 ` [edk2-devel] " Vineel Kovvuri
2021-11-09 8:06 ` Yao, Jiewen
2021-11-09 8:58 ` Gerd Hoffmann
2021-11-10 16:18 ` Vineel Kovvuri
2021-11-11 13:05 ` Gerd Hoffmann
2021-11-11 13:26 ` Yao, Jiewen
2021-11-18 18:40 ` Vineel Kovvuri
2022-02-23 2:32 ` yi1 li
2022-02-23 2:46 ` Vineel Kovvuri
2022-02-23 2:54 ` yi1 li
2022-02-24 6:51 ` Vineel Kovvuri
2022-02-24 8:20 ` yi1 li
2022-02-25 17:51 ` Vineel Kovvuri
2022-02-26 15:54 ` yi1 li
2022-02-28 8:24 ` yi1 li
2022-03-01 14:04 ` Gerd Hoffmann
2022-03-01 17:38 ` Sean
2022-03-02 4:23 ` yi1 li
2022-03-02 6:59 ` Yao, Jiewen
2022-03-02 7:42 ` Gerd Hoffmann
2022-03-02 11:56 ` Yao, Jiewen
2022-03-03 8:43 ` yi1 li
2022-03-03 10:05 ` Yao, Jiewen
2022-03-04 2:15 ` Vineel Kovvuri
2022-03-02 7:58 ` Gerd Hoffmann
2022-03-03 6:30 ` Vineel Kovvuri
2022-03-03 6:37 ` Vineel Kovvuri
2021-11-09 8:55 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR11MB4885FC93B115D409059C12208CB79@PH0PR11MB4885.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox