NetworkPkg: Add PCD to enable the HTTP connections switch

v3:
* Correct the commits grammar

v2:
* Rename the PCD to PcdAllowHttpConnections.
* Refine the PCD descriptions.

If the value of PcdAllowHttpConnections is TRUE, HTTP connections are
allowed. Both the "https://" and "http://" URI schemes are permitted.
Otherwise, HTTP connections are denied. Only the "https://" URI scheme
is permitted.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
Tested-by: Gary Lin <glin@suse.com>

NetworkPkg/HttpBootDxe/HttpBootClient.c

@@ -1,7 +1,7 @@
 /** @file
   Implementation of the boot file download function.
 
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
 This program and the accompanying materials are licensed and made available under 
 the terms and conditions of the BSD License that accompanies this distribution.  
@@ -191,6 +191,15 @@ HttpBootDhcp4ExtractUriInfo (
     Private->BootFileUri = Private->FilePathUri;
   }
 
+  //
+  // Check the URI scheme.
+  //
+  Status = HttpBootCheckUriScheme (Private->BootFileUri);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((EFI_D_ERROR, "HttpBootDhcp4ExtractUriInfo: %r.\n", Status));
+    return Status;
+  }
+
   //
   // Configure the default DNS server if server assigned.
   //
@@ -294,6 +303,15 @@ HttpBootDhcp6ExtractUriInfo (
     Private->BootFileUri = Private->FilePathUri;
   }
 
+  //
+  // Check the URI scheme.
+  //
+  Status = HttpBootCheckUriScheme (Private->BootFileUri);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((EFI_D_ERROR, "HttpBootDhcp6ExtractUriInfo: %r.\n", Status));
+    return Status;
+  }
+
   //
   //  Set the Local station address to IP layer.
   //

NetworkPkg/HttpBootDxe/HttpBootConfig.c

@@ -1,7 +1,7 @@
 /** @file
   Helper functions for configuring or getting the parameters relating to HTTP Boot.
 
-Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -446,9 +446,16 @@ HttpBootFormCallback (
   )
 {
   EFI_INPUT_KEY                   Key;
-  UINTN                           Index;
   CHAR16                          *Uri;
+  UINTN                           UriLen;
+  CHAR8                           *AsciiUri;
   HTTP_BOOT_FORM_CALLBACK_INFO    *CallbackInfo;
+  EFI_STATUS                      Status;
+
+  Uri      = NULL;
+  UriLen   = 0;
+  AsciiUri = NULL;
+  Status   = EFI_SUCCESS;
   
   if (This == NULL || Value == NULL) {
     return EFI_INVALID_PARAMETER;
@@ -466,49 +473,63 @@ HttpBootFormCallback (
     // Get user input URI string
     //
     Uri = HiiGetString (CallbackInfo->RegisteredHandle, Value->string, NULL);
-    if (Uri == NULL) {
-      return EFI_UNSUPPORTED;
-    }
-
-    //
-    // Convert the scheme to all lower case.
-    //
-    for (Index = 0; Index < StrLen (Uri); Index++) {
-      if (Uri[Index] == L':') {
-        break;
-      }
-      if (Uri[Index] >= L'A' && Uri[Index] <= L'Z') {
-        Uri[Index] -= (CHAR16)(L'A' - L'a');
-      }
-    }
-
-    //
-    // Set the converted URI string back
-    //
-    HiiSetString (CallbackInfo->RegisteredHandle, Value->string, Uri, NULL);
 
     //
     // The URI should be either an empty string (for corporate environment) ,or http(s) for home environment.
-    // Pop up a message box for other unsupported URI.
+    // Pop up a message box for the unsupported URI.
     //
-    if ((StrLen (Uri) != 0) && (StrnCmp (Uri, L"http://", 7) != 0) && (StrnCmp (Uri, L"https://", 8) != 0)) {
+    if (StrLen (Uri) != 0) {
-      CreatePopUp (
+      UriLen = StrLen (Uri) + 1;
-        EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+      AsciiUri = AllocateZeroPool (UriLen);
-        &Key,
+      if (AsciiUri == NULL) {
-        L"ERROR: Unsupported URI!",
+        FreePool (Uri);
-        L"Only supports HTTP and HTTPS",
+        return EFI_OUT_OF_RESOURCES;
-        NULL
+      }
-        );
+
+      UnicodeStrToAsciiStrS (Uri, AsciiUri, UriLen);
+
+      Status = HttpBootCheckUriScheme (AsciiUri);
+      
+      if (Status == EFI_INVALID_PARAMETER) {
+
+        DEBUG ((EFI_D_ERROR, "HttpBootFormCallback: %r.\n", Status));
+
+        CreatePopUp (
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+          &Key,
+          L"ERROR: Unsupported URI!",
+          L"Only supports HTTP and HTTPS",
+          NULL
+          ); 
+      } else if (Status == EFI_ACCESS_DENIED) {
+      
+        DEBUG ((EFI_D_ERROR, "HttpBootFormCallback: %r.\n", Status));
+      
+        CreatePopUp (
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+          &Key,
+          L"ERROR: Unsupported URI!",
+          L"HTTP is disabled",
+          NULL
+          );
+      }
     }
 
-    FreePool (Uri);
+    if (Uri != NULL) {
+      FreePool (Uri);
+    }
+
+    if (AsciiUri != NULL) {
+      FreePool (AsciiUri);
+    }   
+    
     break;
 
   default:
     break;
   }
 
-  return EFI_SUCCESS;
+  return Status;
 }
 
 /**

NetworkPkg/HttpBootDxe/HttpBootDxe.inf

@@ -1,7 +1,7 @@
 ## @file
 #  This modules produce the Load File Protocol for UEFI HTTP boot.
 # 
-#  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution.  The full text of the license may be found at
@@ -94,5 +94,8 @@
   gEfiVirtualCdGuid            ## SOMETIMES_CONSUMES ## GUID
   gEfiVirtualDiskGuid          ## SOMETIMES_CONSUMES ## GUID
 
+[Pcd]
+  gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections       ## CONSUMES  
+
 [UserExtensions.TianoCore."ExtraFiles"]
   HttpBootDxeExtra.uni

NetworkPkg/HttpBootDxe/HttpBootSupport.c

@@ -1,7 +1,7 @@
 /** @file
   Support functions implementation for UEFI HTTP boot driver.
 
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
 This program and the accompanying materials are licensed and made available under
 the terms and conditions of the BSD License that accompanies this distribution.
@@ -988,6 +988,57 @@ HttpIoRecvResponse (
   return Status;
 }
 
+/**
+  This function checks the HTTP(S) URI scheme.
+
+  @param[in]    Uri              The pointer to the URI string.
+  
+  @retval EFI_SUCCESS            The URI scheme is valid.
+  @retval EFI_INVALID_PARAMETER  The URI scheme is not HTTP or HTTPS.
+  @retval EFI_ACCESS_DENIED      HTTP is disabled and the URI is HTTP.
+
+**/
+EFI_STATUS
+HttpBootCheckUriScheme (
+  IN      CHAR8                  *Uri
+  )
+{
+  UINTN                Index;
+  EFI_STATUS           Status;
+
+  Status = EFI_SUCCESS;
+
+  //
+  // Convert the scheme to all lower case.
+  //
+  for (Index = 0; Index < AsciiStrLen (Uri); Index++) {
+    if (Uri[Index] == ':') {
+      break;
+    }
+    if (Uri[Index] >= 'A' && Uri[Index] <= 'Z') {
+      Uri[Index] -= (CHAR8)('A' - 'a');
+    }
+  }
+
+  //
+  // Return EFI_INVALID_PARAMETER if the URI is not HTTP or HTTPS.
+  //
+  if ((AsciiStrnCmp (Uri, "http://", 7) != 0) && (AsciiStrnCmp (Uri, "https://", 8) != 0)) {
+    DEBUG ((EFI_D_ERROR, "HttpBootCheckUriScheme: Invalid Uri.\n"));
+    return EFI_INVALID_PARAMETER;
+  }
+  
+  //
+  // HTTP is disabled, return EFI_ACCESS_DENIED if the URI is HTTP.
+  //
+  if (!PcdGetBool (PcdAllowHttpConnections) && (AsciiStrnCmp (Uri, "http://", 7) == 0)) {
+    DEBUG ((EFI_D_ERROR, "HttpBootCheckUriScheme: HTTP is disabled.\n"));
+    return EFI_ACCESS_DENIED;
+  }
+
+  return Status;
+}
+
 /**
   Get the URI address string from the input device path.
 

NetworkPkg/HttpBootDxe/HttpBootSupport.h

@@ -1,7 +1,7 @@
 /** @file
   Support functions declaration for UEFI HTTP boot driver.
 
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under 
 the terms and conditions of the BSD License that accompanies this distribution.  
 The full text of the license may be found at
@@ -331,6 +331,21 @@ HttpIoRecvResponse (
      OUT  HTTP_IO_RESPONSE_DATA    *ResponseData
   );
 
+/**
+  This function checks the HTTP(S) URI scheme.
+
+  @param[in]    Uri              The pointer to the URI string.
+  
+  @retval EFI_SUCCESS            The URI scheme is valid.
+  @retval EFI_INVALID_PARAMETER  The URI scheme is not HTTP or HTTPS.
+  @retval EFI_ACCESS_DENIED      HTTP is disabled and the URI is HTTP.
+
+**/
+EFI_STATUS
+HttpBootCheckUriScheme (
+  IN      CHAR8                  *Uri
+  );
+
 /**
   Get the URI address string from the input device path.
 

NetworkPkg/HttpDxe/HttpDxe.inf

@@ -1,7 +1,7 @@
 ## @file
 #  Implementation of EFI HTTP protocol interfaces.
 #
-#  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
@@ -75,5 +75,8 @@
 [Guids]
   gEfiTlsCaCertificateGuid                         ## CONSUMES  ## GUID
 
+[Pcd]
+  gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections       ## CONSUMES  
+
 [UserExtensions.TianoCore."ExtraFiles"]
   HttpDxeExtra.uni

NetworkPkg/HttpDxe/HttpImpl.c

@@ -1,7 +1,7 @@
 /** @file
   Implementation of EFI_HTTP_PROTOCOL protocol interfaces.
 
-  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
   (C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP<BR>
 
   This program and the accompanying materials
@@ -354,6 +354,16 @@ EfiHttpRequest (
     //
     HttpInstance->UseHttps = IsHttpsUrl (Url);
 
+    //
+    // HTTP is disabled, return directly if the URI is not HTTPS.
+    //
+    if (!PcdGetBool (PcdAllowHttpConnections) && !(HttpInstance->UseHttps)) {
+      
+      DEBUG ((EFI_D_ERROR, "EfiHttpRequest: HTTP is disabled.\n"));
+
+      return EFI_ACCESS_DENIED;
+    }
+
     //
     // Check whether we need to create Tls child and open the TLS protocol.
     //

NetworkPkg/NetworkPkg.dec

@@ -4,7 +4,7 @@
 # This package provides network modules that conform to UEFI 2.4 specification.
 #
 # (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
-# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
 #
 # This program and the accompanying materials are licensed and made available under
 # the terms and conditions of the BSD License which accompanies this distribution.
@@ -79,6 +79,12 @@
   # @Prompt Private Key's size.
   gEfiNetworkPkgTokenSpaceGuid.PcdIpsecUefiCertificateKeySize|0x3d5|UINT32|0x00000006
 
+  ## Indicates whether HTTP connections (i.e., unsecured) are permitted or not.
+  # TRUE  - HTTP connections are allowed. Both the "https://" and "http://" URI schemes are permitted.
+  # FALSE - HTTP connections are denied. Only the "https://" URI scheme is permitted.
+  # @Prompt Indicates whether HTTP connections are permitted or not.
+  gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|FALSE|BOOLEAN|0x00000008
+
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and 6355).
   # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT]