sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NetworkPkg: Add PCD to enable the HTTP connections switch

Browse Source 
v3:
* Correct the commits grammar

v2:
* Rename the PCD to PcdAllowHttpConnections.
* Refine the PCD descriptions.

If the value of PcdAllowHttpConnections is TRUE, HTTP connections are
allowed. Both the "https://" and "http://" URI schemes are permitted.
Otherwise, HTTP connections are denied. Only the "https://" URI scheme
is permitted.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
Tested-by: Gary Lin <glin@suse.com>
This commit is contained in:
Jiaxin Wu
2017-01-06 11:53:57 +08:00
parent 70420e31a0
commit 221463c2b3
8 changed files with 167 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
NetworkPkg/HttpDxe/HttpDxe.inf
View File

@@ -1,7 +1,7 @@
## @file
# Implementation of EFI HTTP protocol interfaces.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -75,5 +75,8 @@
[Guids]
gEfiTlsCaCertificateGuid ## CONSUMES ## GUID
[Pcd]
gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections ## CONSUMES
[UserExtensions.TianoCore."ExtraFiles"]
HttpDxeExtra.uni

12
NetworkPkg/HttpDxe/HttpImpl.c
View File

@@ -1,7 +1,7 @@
/** @file
Implementation of EFI_HTTP_PROTOCOL protocol interfaces.
Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
@@ -354,6 +354,16 @@ EfiHttpRequest (
//
HttpInstance->UseHttps = IsHttpsUrl (Url);
//
// HTTP is disabled, return directly if the URI is not HTTPS.
//
if (!PcdGetBool (PcdAllowHttpConnections) && !(HttpInstance->UseHttps)) {
DEBUG ((EFI_D_ERROR, "EfiHttpRequest: HTTP is disabled.\n"));
return EFI_ACCESS_DENIED;
}
//
// Check whether we need to create Tls child and open the TLS protocol.
//