diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2021-06-29 18:33:37 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-06-30 19:20:41 +0000 |
| commit | bb33c27fbed6c1ed39d243bedd407e8e93a2b3a9 (patch) | |
| tree | fbf909638717d0a9256a0920ae1c655f8e6e827f /ArmVirtPkg | |
| parent | 47fea2abcb8b73a503568e1e2bb83a52d00a73b2 (diff) | |
| download | edk2-bb33c27fbed6c1ed39d243bedd407e8e93a2b3a9.zip edk2-bb33c27fbed6c1ed39d243bedd407e8e93a2b3a9.tar.gz edk2-bb33c27fbed6c1ed39d243bedd407e8e93a2b3a9.tar.bz2 | |
NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro
Introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro for NetworkPkg.
When explicitly set to FALSE, remove MD5 from IScsiDxe's CHAP algorithm
list.
Set NETWORK_ISCSI_MD5_ENABLE to TRUE by default, for compatibility
reasons. Not just to minimize the disruption for platforms that currently
include IScsiDxe, but also because RFC 7143 mandates MD5 for CHAP, and
some vendors' iSCSI targets support MD5 only.
With MD5 enabled, IScsiDxe will suggest SHA256, and then fall back to MD5
if the target requests it. With MD5 disabled, IScsiDxe will suggest
SHA256, and break off the connection (and session) if the target doesn't
support SHA256.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3355
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210629163337.14120-7-lersek@redhat.com>
Diffstat (limited to 'ArmVirtPkg')
0 files changed, 0 insertions, 0 deletions