summaryrefslogtreecommitdiff
path: root/NetworkPkg/HttpBootDxe/HttpBootClient.c
diff options
context:
space:
mode:
authorSaloni Kasbekar <saloni.kasbekar@intel.com>2022-07-19 06:54:22 -0700
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2022-07-19 17:43:07 +0000
commit671b0cea510ad6de02ee9d6dbdf8f9bbb881f35d (patch)
treefa52e51e9d1d9e4926bce6b983e6e9d5790adc42 /NetworkPkg/HttpBootDxe/HttpBootClient.c
parent19a87683654a4969a9f86a3d02199c253c789970 (diff)
downloadedk2-671b0cea510ad6de02ee9d6dbdf8f9bbb881f35d.zip
edk2-671b0cea510ad6de02ee9d6dbdf8f9bbb881f35d.tar.gz
edk2-671b0cea510ad6de02ee9d6dbdf8f9bbb881f35d.tar.bz2
NetworkPkg/HttpBootDxe: Add Support for HTTP Boot Basic Authentication
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2504 Add support for TLS Client Authentication using Basic Authentication for HTTP Boot Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com> Cc: Wu Jiaxin <jiaxin.wu@intel.com> Cc: Siyuan Fu <siyuan.fu@intel.com> Signed-off-by: Saloni Kasbekar <saloni.kasbekar@intel.com> Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Diffstat (limited to 'NetworkPkg/HttpBootDxe/HttpBootClient.c')
-rw-r--r--NetworkPkg/HttpBootDxe/HttpBootClient.c99
1 files changed, 98 insertions, 1 deletions
diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.c b/NetworkPkg/HttpBootDxe/HttpBootClient.c
index 62e8723..40f64fc 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootClient.c
+++ b/NetworkPkg/HttpBootDxe/HttpBootClient.c
@@ -922,6 +922,7 @@ HttpBootGetBootFileCallback (
@retval EFI_BUFFER_TOO_SMALL The BufferSize is too small to read the current directory entry.
BufferSize has been updated with the size needed to complete
the request.
+ @retval EFI_ACCESS_DENIED The server needs to authenticate the client.
@retval Others Unexpected error happened.
**/
@@ -951,6 +952,9 @@ HttpBootGetBootFile (
CHAR16 *Url;
BOOLEAN IdentityMode;
UINTN ReceivedSize;
+ CHAR8 BaseAuthValue[80];
+ EFI_HTTP_HEADER *HttpHeader;
+ CHAR8 *Data;
ASSERT (Private != NULL);
ASSERT (Private->HttpCreated);
@@ -1009,8 +1013,9 @@ HttpBootGetBootFile (
// Host
// Accept
// User-Agent
+ // [Authorization]
//
- HttpIoHeader = HttpIoCreateHeader (3);
+ HttpIoHeader = HttpIoCreateHeader ((Private->AuthData != NULL) ? 4 : 3);
if (HttpIoHeader == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ERROR_2;
@@ -1064,6 +1069,35 @@ HttpBootGetBootFile (
}
//
+ // Add HTTP header field 4: Authorization
+ //
+ if (Private->AuthData != NULL) {
+ ASSERT (HttpIoHeader->MaxHeaderCount == 4);
+
+ if ((Private->AuthScheme != NULL) && (CompareMem (Private->AuthScheme, "Basic", 5) != 0)) {
+ Status = EFI_UNSUPPORTED;
+ goto ERROR_3;
+ }
+
+ AsciiSPrint (
+ BaseAuthValue,
+ sizeof (BaseAuthValue),
+ "%a %a",
+ "Basic",
+ Private->AuthData
+ );
+
+ Status = HttpIoSetHeader (
+ HttpIoHeader,
+ HTTP_HEADER_AUTHORIZATION,
+ BaseAuthValue
+ );
+ if (EFI_ERROR (Status)) {
+ goto ERROR_3;
+ }
+ }
+
+ //
// 2.2 Build the rest of HTTP request info.
//
RequestData = AllocatePool (sizeof (EFI_HTTP_REQUEST_DATA));
@@ -1111,6 +1145,7 @@ HttpBootGetBootFile (
goto ERROR_4;
}
+ Data = NULL;
Status = HttpIoRecvResponse (
&Private->HttpIo,
TRUE,
@@ -1121,6 +1156,68 @@ HttpBootGetBootFile (
StatusCode = HttpIo->RspToken.Message->Data.Response->StatusCode;
HttpBootPrintErrorMessage (StatusCode);
Status = ResponseData->Status;
+ if ((StatusCode == HTTP_STATUS_401_UNAUTHORIZED) || \
+ (StatusCode == HTTP_STATUS_407_PROXY_AUTHENTICATION_REQUIRED))
+ {
+ if ((Private->AuthData != NULL) || (Private->AuthScheme != NULL)) {
+ if (Private->AuthData != NULL) {
+ FreePool (Private->AuthData);
+ Private->AuthData = NULL;
+ }
+
+ if (Private->AuthScheme != NULL) {
+ FreePool (Private->AuthScheme);
+ Private->AuthScheme = NULL;
+ }
+
+ Status = EFI_ACCESS_DENIED;
+ goto ERROR_4;
+ }
+
+ //
+ // Server indicates the user has to provide a user-id and password as a means of identification.
+ //
+ if (Private->HttpBootCallback != NULL) {
+ Data = AllocateZeroPool (sizeof (CHAR8) * HTTP_BOOT_AUTHENTICATION_INFO_MAX_LEN);
+ if (Data == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ERROR_4;
+ }
+
+ Status = Private->HttpBootCallback->Callback (
+ Private->HttpBootCallback,
+ HttpBootHttpAuthInfo,
+ TRUE,
+ HTTP_BOOT_AUTHENTICATION_INFO_MAX_LEN,
+ Data
+ );
+ if (EFI_ERROR (Status)) {
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+
+ goto ERROR_5;
+ }
+
+ Private->AuthData = (CHAR8 *)Data;
+ }
+
+ HttpHeader = HttpFindHeader (
+ ResponseData->HeaderCount,
+ ResponseData->Headers,
+ HTTP_HEADER_WWW_AUTHENTICATE
+ );
+ if (HttpHeader != NULL) {
+ Private->AuthScheme = AllocateZeroPool (AsciiStrLen (HttpHeader->FieldValue) + 1);
+ if (Private->AuthScheme == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ CopyMem (Private->AuthScheme, HttpHeader->FieldValue, AsciiStrLen (HttpHeader->FieldValue));
+ }
+
+ Status = EFI_ACCESS_DENIED;
+ }
}
goto ERROR_5;