Re: [edk2] [staging/HTTPS-TLS][PATCH] CryptoPkg: Multiple bugs fix in TlsLib

Tue, 19 Jul 2016 22:29:04 -0700 

Reviewed-by: Qin Long <[email protected]>

Best Regards & Thanks,
LONG, Qin

> -----Original Message-----
> From: edk2-devel [mailto:[email protected]] On Behalf Of
> Jiaxin Wu
> Sent: Wednesday, July 20, 2016 1:01 PM
> To: [email protected]
> Cc: Ye, Ting; Long, Qin
> Subject: [edk2] [staging/HTTPS-TLS][PATCH] CryptoPkg: Multiple bugs fix in
> TlsLib
> 
> This path made the following update:
> * Fix X64 build error
> * Correct and refine Set/Get compression method
> * Fix GetHostPublicCert() failure
> 
> Cc: Long Qin <[email protected]>
> Cc: Ye Ting <[email protected]>
> Cc: Palmer Thomas <[email protected]>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiaxin Wu <[email protected]>
> ---
>  CryptoPkg/Include/Library/TlsLib.h |  2 +-  CryptoPkg/Library/TlsLib/TlsLib.c
> | 26 +++++++++++++++-----------
>  2 files changed, 16 insertions(+), 12 deletions(-)
> 
> diff --git a/CryptoPkg/Include/Library/TlsLib.h
> b/CryptoPkg/Include/Library/TlsLib.h
> index d62375b..e0c1b25 100644
> --- a/CryptoPkg/Include/Library/TlsLib.h
> +++ b/CryptoPkg/Include/Library/TlsLib.h
> @@ -500,11 +500,11 @@ TlsGetCurrentCipher (
>    @param[in,out]  CompressionId    The current compression method used
> by
>                                     the TLS object.
> 
>    @retval  EFI_SUCCESS           The compression method was returned
> successfully.
>    @retval  EFI_INVALID_PARAMETER The parameter is invalid.
> -  @retval  EFI_UNSUPPORTED       Unsupported compression method.
> +  @retval  EFI_ABORTED           Invalid Compression method.
> 
>  **/
>  EFI_STATUS
>  EFIAPI
>  TlsGetCurrentCompressionId (
> diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c
> b/CryptoPkg/Library/TlsLib/TlsLib.c
> index d9267f4..1f3554a 100644
> --- a/CryptoPkg/Library/TlsLib/TlsLib.c
> +++ b/CryptoPkg/Library/TlsLib/TlsLib.c
> @@ -671,11 +671,11 @@ TlsDoHandshake (
>        PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
>      }
>    }
> 
>    if (Ret < 1) {
> -    Ret = SSL_get_error (TlsConn->Ssl, Ret);
> +    Ret = SSL_get_error (TlsConn->Ssl, (int) Ret);
>      if (Ret == SSL_ERROR_SSL ||
>          Ret == SSL_ERROR_SYSCALL ||
>          Ret == SSL_ERROR_ZERO_RETURN) {
>        DEBUG ((
>          DEBUG_ERROR,
> @@ -1055,11 +1055,16 @@ TlsSetCompressionMethod (
> 
>    Cm  = NULL;
>    Ret = 0;
> 
>    if (CompMethod == 0) {
> -    Cm = NULL;
> +    //
> +    // TLS defines one standard compression method,
> CompressionMethod.null (0),
> +    // which specifies that data exchanged via the record protocol will not 
> be
> compressed.
> +    // So, return EFI_SUCCESS directly (RFC 3749).
> +    //
> +    return EFI_SUCCESS;
>    } else if (CompMethod == 1) {
>      Cm = COMP_zlib();
>    } else {
>      return EFI_UNSUPPORTED;
>    }
> @@ -1067,11 +1072,11 @@ TlsSetCompressionMethod (
>    //
>    // Adds the compression method to the list of available
>    // compression methods.
>    //
>    Ret = SSL_COMP_add_compression_method (CompMethod, Cm);
> -  if (Ret != 1) {
> +  if (Ret != 0) {
>      return EFI_UNSUPPORTED;
>    }
> 
>    return EFI_SUCCESS;
>  }
> @@ -1252,11 +1257,11 @@ TlsGetCurrentCipher (
>    @param[in,out]  CompressionId    The current compression method used
> by
>                                     the TLS object.
> 
>    @retval  EFI_SUCCESS           The compression method was returned
> successfully.
>    @retval  EFI_INVALID_PARAMETER The parameter is invalid.
> -  @retval  EFI_UNSUPPORTED       Unsupported compression method.
> +  @retval  EFI_ABORTED           Invalid Compression method.
> 
>  **/
>  EFI_STATUS
>  EFIAPI
>  TlsGetCurrentCompressionId (
> @@ -1279,17 +1284,16 @@ TlsGetCurrentCompressionId (
>    if (TlsConn == NULL || TlsConn->Ssl == NULL || CompressionId == NULL) {
>      return EFI_INVALID_PARAMETER;
>    }
> 
>    StackSslComp = SSL_COMP_get_compression_methods ();
> -  if (StackSslComp == NULL) {
> -    return EFI_UNSUPPORTED;
> -  }
> 
>    CompMethod = SSL_get_current_compression (TlsConn->Ssl);
> -  if (CompMethod == NULL) {
> -    return EFI_UNSUPPORTED;
> +
> +  if (StackSslComp == NULL || CompMethod == NULL) {
> +    *CompressionId = 0;
> +    return EFI_SUCCESS;
>    }
> 
>    for (Index = 0; Index < (UINTN) sk_SSL_COMP_num (StackSslComp);
> Index++) {
>      SslComp = sk_SSL_COMP_value (StackSslComp, (int) Index);
>      if (AsciiStrCmp (SSL_COMP_get_name (CompMethod), SslComp->name)
> == 0) { @@ -1298,11 +1302,11 @@ TlsGetCurrentCompressionId (
> 
>      SslComp = NULL;
>    }
> 
>    if (SslComp == NULL) {
> -    return EFI_UNSUPPORTED;
> +    return EFI_ABORTED;
>    }
> 
>    *CompressionId = (UINT8) (SslComp->id);
> 
>    return EFI_SUCCESS;
> @@ -1792,11 +1796,11 @@ TlsGetHostPublicCert (
>    if (*DataSize < (UINTN) i2d_X509 (Cert, NULL)) {
>      *DataSize = (UINTN) i2d_X509 (Cert, NULL);
>      return EFI_BUFFER_TOO_SMALL;
>    }
> 
> -  i2d_X509 (Cert, Data);
> +  *DataSize = (UINTN) i2d_X509 (Cert, (unsigned char **) &Data);
> 
>    return Status;
>  }
> 
>  /**
> --
> 1.9.5.msysgit.1
> 
> _______________________________________________
> edk2-devel mailing list
> [email protected]
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to