On 05/01/2024 08:41, Chang, Abner wrote:
We are not aware there is a TlsConnectSession() for TLS handshake using the
default TLS configuration data and it returns a failure as expected because the
default TLS configuration is TLS_VERIFY_HOST without certificate installed on
system.
This
Zachary Clark-williams
> > ; Nickle Wang ;
> Igor
> > Kulchytskyy
> > Subject: Re: [edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> > policy
> >
> > Caution: This message originated from an External Source. Use proper
> caution
> > when ope
; Nickle Wang ; Igor
> Kulchytskyy
> Subject: Re: [edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 02
On 02/01/2024 16:31, Chang, Abner via groups.io wrote:
From: Michael Brown
- Allow the call to Request() to perform its normal TLS configuration
via TlsConfigureSession(), as though the connection were going to
perform host verification etc as per the platform default policy. This
[AMD Official Use Only - General]
> -Original Message-
> From: Michael Brown
> Sent: Tuesday, January 2, 2024 8:42 PM
> To: devel@edk2.groups.io; Chang, Abner
> Cc: Saloni Kasbekar ; Zachary Clark-williams
> ; Nickle Wang ; Igor
> Kulchytskyy
> Subject: Re: [edk
On 02/01/2024 06:06, Chang, Abner via groups.io wrote:
What do you think about:
- installing TLS on HTTP handle (as you have already implemented)
- using EDKII_HTTP_CALLBACK_PROTOCOL to catch the HttpEventInitSession
and perform whatever calls are needed to SetData() to modify the TLS
; Nickle Wang ; Igor
> Kulchytskyy
> Subject: Re: [edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 29
On 29/12/2023 15:07, Chang, Abner via groups.io wrote:
To locate TLS protocol from the HTTP handle and configure TLS configuration
data at the return from EfiHttpRequest during that short window of non-blocking
request is not reliable. It also doesn't make sense to ask upper layer
application
oups.io
> Cc: Saloni Kasbekar ; Zachary Clark-williams
> ; Nickle Wang ; Igor
> Kulchytskyy
> Subject: RE: [edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
>
>
> > -Original Message-
> > From: Michael Brown
> > Sent: Friday, Decembe
dk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 28/12/2023 23:37, Chang, Abner via groups.io wrote:
> >
On 28/12/2023 23:37, Chang, Abner via groups.io wrote:
As far as I am aware, EfiHttpRequest sets up all of the relevant data
structures but functions as a non-blocking open. If you reconfigure the
TLS session immediately after return from EfiHttpRequest() then this
reconfiguration should take
[edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 28/12/2023 15:04, Chang, Abner via groups.io wrote:
>
On 28/12/2023 15:04, Chang, Abner via groups.io wrote:
With the TLS protocol installed onto the same handle, I don't think you
then even need to use RegisterProtocolNotify(). On return from
EFI_HTTP_PROTOCOL.Request() you can open the TLS protocol on the handle
and immediately call
[edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 28/12/2023 02:47, Chang, Abner via groups.io wrote:
> &g
On 28/12/2023 02:47, Chang, Abner via groups.io wrote:
On 26/12/2023 11:28, Chang, Abner via groups.io wrote:
Platform developer can provide this protoocl to EFI HTTP driver to
configure TLS using TLS conifg data provided by
EDKII_HTTPS_TLS_PLATFORM_POLICY_PROTOCOL for the specific HTTP
t: Re: [edk2-devel] [RFC][PATCH 0/2] Introduce HTTPS Platform TLS
> policy
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On 26/12/2023 11:28, Chang, Abner via groups.io wrote:
> &g
On 26/12/2023 11:28, Chang, Abner via groups.io wrote:
For the HTTPS connetion that doesn't require TLS peer verification,
EDKII_HTTPS_TLS_PLATFORM_POLICY_PROTOCOL is introduced to platform
developer to provide the TLS configure data that is different than
the default TLS configuration. The use
From: Abner Chang
For the HTTPS connetion that doesn't require TLS peer verification,
EDKII_HTTPS_TLS_PLATFORM_POLICY_PROTOCOL is introduced to platform
developer to provide the TLS configure data that is different than
the default TLS configuration. The use case such as Redfish service
18 matches
Mail list logo