From c7f473642a35a18a014e57290e462e23d3771056 Mon Sep 17 00:00:00 2001 From: Felix Singer Date: Fri, 25 Jan 2019 03:44:20 +0100 Subject: [PATCH] payloads/ipxe: Enable HTTPS support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0 Signed-off-by: Felix Singer Signed-off-by: Piotr Król Signed-off-by: Krystian Hebel Reviewed-on: https://review.coreboot.org/c/coreboot/+/31086 Tested-by: build bot (Jenkins) Reviewed-by: Michał Żygowski --- payloads/external/Makefile.inc | 1 + payloads/external/iPXE/Kconfig | 8 ++++++++ payloads/external/iPXE/Makefile | 4 ++++ 3 files changed, 13 insertions(+) diff --git a/payloads/external/Makefile.inc b/payloads/external/Makefile.inc index 0a96aff90b..7319a11a6d 100644 --- a/payloads/external/Makefile.inc +++ b/payloads/external/Makefile.inc @@ -263,6 +263,7 @@ payloads/external/iPXE/ipxe/ipxe.rom ipxe: $(DOTCONFIG) $(PXE_CONFIG_SCRIPT) CONFIG_SCRIPT=$(PXE_CONFIG_SCRIPT) \ CONFIG_HAS_SCRIPT=$(CONFIG_PXE_ADD_SCRIPT) \ CONFIG_PXE_NO_PROMT=$(CONFIG_PXE_NO_PROMT) \ + CONFIG_PXE_HAS_HTTPS=$(CONFIG_PXE_HAS_HTTPS) \ MFLAGS= MAKEFLAGS= # LinuxBoot diff --git a/payloads/external/iPXE/Kconfig b/payloads/external/iPXE/Kconfig index 7cb0d1e249..1636138039 100644 --- a/payloads/external/iPXE/Kconfig +++ b/payloads/external/iPXE/Kconfig @@ -113,5 +113,13 @@ config PXE_SCRIPT Uses the ipxe script instead showing the prompt: "Press Ctrl-B to start iPXE..." +config PXE_HAS_HTTPS + bool "Enable HTTPS protocol" + default y + depends on BUILD_IPXE + help + Enable HTTPS protocol, which allows you to encrypt all communication + with a web server and to verify the server's identity + endmenu endif diff --git a/payloads/external/iPXE/Makefile b/payloads/external/iPXE/Makefile index 0c071fa13b..489bcfae9c 100644 --- a/payloads/external/iPXE/Makefile +++ b/payloads/external/iPXE/Makefile @@ -65,6 +65,10 @@ ifeq ($(CONFIG_PXE_NO_PROMT),y) sed 's|#define\s*BANNER_TIMEOUT.*|#define BANNER_TIMEOUT 0|' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp" mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h" endif +ifeq ($(CONFIG_PXE_HAS_HTTPS),y) + sed 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp" + mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h" +endif build: config $(CONFIG_SCRIPT) ifeq ($(CONFIG_HAS_SCRIPT),y)