NetworkPkg: Add PCD to enable the HTTP connections switch
v3: * Correct the commits grammar v2: * Rename the PCD to PcdAllowHttpConnections. * Refine the PCD descriptions. If the value of PcdAllowHttpConnections is TRUE, HTTP connections are allowed. Both the "https://" and "http://" URI schemes are permitted. Otherwise, HTTP connections are denied. Only the "https://" URI scheme is permitted. Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Kinney Michael D <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Gary Lin <glin@suse.com> Tested-by: Gary Lin <glin@suse.com>
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
## @file
|
||||
# Implementation of EFI HTTP protocol interfaces.
|
||||
#
|
||||
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
|
||||
# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions of the BSD License
|
||||
@@ -75,5 +75,8 @@
|
||||
[Guids]
|
||||
gEfiTlsCaCertificateGuid ## CONSUMES ## GUID
|
||||
|
||||
[Pcd]
|
||||
gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections ## CONSUMES
|
||||
|
||||
[UserExtensions.TianoCore."ExtraFiles"]
|
||||
HttpDxeExtra.uni
|
@@ -1,7 +1,7 @@
|
||||
/** @file
|
||||
Implementation of EFI_HTTP_PROTOCOL protocol interfaces.
|
||||
|
||||
Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
|
||||
(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
@@ -354,6 +354,16 @@ EfiHttpRequest (
|
||||
//
|
||||
HttpInstance->UseHttps = IsHttpsUrl (Url);
|
||||
|
||||
//
|
||||
// HTTP is disabled, return directly if the URI is not HTTPS.
|
||||
//
|
||||
if (!PcdGetBool (PcdAllowHttpConnections) && !(HttpInstance->UseHttps)) {
|
||||
|
||||
DEBUG ((EFI_D_ERROR, "EfiHttpRequest: HTTP is disabled.\n"));
|
||||
|
||||
return EFI_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
//
|
||||
// Check whether we need to create Tls child and open the TLS protocol.
|
||||
//
|
||||
|
Reference in New Issue
Block a user