From: "Saloni Kasbekar" <saloni.kasbekar@intel.com>
To: "abner.chang@amd.com" <abner.chang@amd.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Clark-williams, Zachary" <zachary.clark-williams@intel.com>,
"Michael Brown" <mcb30@ipxe.org>,
Nickle Wang <nicklew@nvidia.com>,
Igor Kulchytskyy <igork@ami.com>
Subject: Re: [edk2-devel] [PATCH 2/5] NetwokrPkg/HttpDxe: Consider TLS certificate not found as a success case
Date: Fri, 5 Jan 2024 20:26:45 +0000 [thread overview]
Message-ID: <SN7PR11MB828147E35AD2BFCB02D2ECC1F1662@SN7PR11MB8281.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20240105083716.340-3-abner.chang@amd.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
-----Original Message-----
From: abner.chang@amd.com <abner.chang@amd.com>
Sent: Friday, January 5, 2024 12:37 AM
To: devel@edk2.groups.io
Cc: Kasbekar, Saloni <saloni.kasbekar@intel.com>; Clark-williams, Zachary <zachary.clark-williams@intel.com>; Michael Brown <mcb30@ipxe.org>; Nickle Wang <nicklew@nvidia.com>; Igor Kulchytskyy <igork@ami.com>
Subject: [PATCH 2/5] NetwokrPkg/HttpDxe: Consider TLS certificate not found as a success case
From: Abner Chang <abner.chang@amd.com>
We still return EFI_SUCCESS to the caller when TlsConfigCertificate returns error, for the use case the platform doesn't require certificate for the specific HTTP session. This ensures HttpInitSession function still initiated and returns EFI_SUCCESS to the caller. The failure is pushed back to TLS DXE driver if the HTTP communication actually requires certificate.
Signed-off-by: Abner Chang <abner.chang@amd.com>
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Cc: Michael Brown <mcb30@ipxe.org>
Cc: Nickle Wang <nicklew@nvidia.com>
Cc: Igor Kulchytskyy <igork@ami.com>
---
NetworkPkg/HttpDxe/HttpsSupport.c | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSupport.c
index a07323ff0bd..04a830f7152 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -722,8 +722,21 @@ TlsConfigureSession (
//
Status = TlsConfigCertificate (HttpInstance);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
- return Status;
+ if (Status == EFI_NOT_FOUND) {
+ DEBUG((DEBUG_WARN, "TLS Certificate is not found on the system!\n"));
+ //
+ // We still return EFI_SUCCESS to the caller when TlsConfigCertificate
+ // returns error, for the use case the platform doesn't require
+ // certificate for the specific HTTP session. This ensures
+ // HttpInitSession function still initiated and returns EFI_SUCCESS to
+ // the caller. The failure is pushed back to TLS DXE driver if the
+ // HTTP communication actually requires certificate.
+ //
+ Status = EFI_SUCCESS;
+ } else {
+ DEBUG((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
+ return Status;
+ }
}
//
--
2.37.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113319): https://edk2.groups.io/g/devel/message/113319
Mute This Topic: https://groups.io/mt/103539579/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-01-05 20:27 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-05 8:37 [edk2-devel] [PATCH 0/5] Refactor HTTP DXE to provide TLS reconfiguration capability Chang, Abner via groups.io
2024-01-05 8:37 ` [edk2-devel] [PATCH 1/5] NetwokrPkg/HttpDxe: Refactor TlsCreateChild Chang, Abner via groups.io
2024-01-05 17:11 ` Michael Brown
2024-01-05 21:32 ` Saloni Kasbekar
2024-01-07 12:08 ` Chang, Abner via groups.io
2024-01-09 4:31 ` Chang, Abner via groups.io
2024-01-05 8:37 ` [edk2-devel] [PATCH 2/5] NetwokrPkg/HttpDxe: Consider TLS certificate not found as a success case Chang, Abner via groups.io
2024-01-05 17:12 ` Michael Brown
2024-01-05 20:26 ` Saloni Kasbekar [this message]
2024-01-05 8:37 ` [edk2-devel] [PATCH 3/5] NetwokrPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event Chang, Abner via groups.io
2024-01-05 17:14 ` Michael Brown
2024-01-07 12:19 ` Chang, Abner via groups.io
2024-01-07 13:26 ` Chang, Abner via groups.io
2024-01-05 8:37 ` [edk2-devel] [PATCH 4/5] RedfishPkg/RedfishRestExDxe: Implement EDKII_HTTP_CALLBACK_PROTOCOL Chang, Abner via groups.io
2024-01-05 8:37 ` [edk2-devel] [PATCH 5/5] RedfishPkg/RedfishRestExDxe: Update Supported function Chang, Abner via groups.io
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SN7PR11MB828147E35AD2BFCB02D2ECC1F1662@SN7PR11MB8281.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox