Michał Żygowski submitted this change.

View Change

Approvals: build bot (Jenkins): Verified Michał Żygowski: Looks good to me, approved 
payloads/ipxe: Enable HTTPS support

Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0
Signed-off-by: Felix Singer <migy@darmstadt.ccc.de>
Signed-off-by: Piotr Król <piotr.krol@3mdeb.com>
Signed-off-by: Krystian Hebel <krystian.hebel@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31086
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
---
M payloads/external/Makefile.inc
M payloads/external/iPXE/Kconfig
M payloads/external/iPXE/Makefile
3 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/payloads/external/Makefile.inc b/payloads/external/Makefile.inc
index 0a96aff..7319a11 100644
--- a/payloads/external/Makefile.inc
+++ b/payloads/external/Makefile.inc
@@ -263,6 +263,7 @@
 	CONFIG_SCRIPT=$(PXE_CONFIG_SCRIPT) \
 	CONFIG_HAS_SCRIPT=$(CONFIG_PXE_ADD_SCRIPT) \
 	CONFIG_PXE_NO_PROMT=$(CONFIG_PXE_NO_PROMT) \
+	CONFIG_PXE_HAS_HTTPS=$(CONFIG_PXE_HAS_HTTPS) \
 	MFLAGS= MAKEFLAGS=
 
 # LinuxBoot
diff --git a/payloads/external/iPXE/Kconfig b/payloads/external/iPXE/Kconfig
index 7cb0d1e..1636138 100644
--- a/payloads/external/iPXE/Kconfig
+++ b/payloads/external/iPXE/Kconfig
@@ -113,5 +113,13 @@
 	  Uses the ipxe script instead showing the prompt:
 	  "Press Ctrl-B to start iPXE..."
 
+config PXE_HAS_HTTPS
+	bool "Enable HTTPS protocol"
+	default y
+	depends on BUILD_IPXE
+	help
+	  Enable HTTPS protocol, which allows you to encrypt all communication
+	  with a web server and to verify the server's identity
+
 endmenu
 endif
diff --git a/payloads/external/iPXE/Makefile b/payloads/external/iPXE/Makefile
index 0c071fa..489bcfa 100644
--- a/payloads/external/iPXE/Makefile
+++ b/payloads/external/iPXE/Makefile
@@ -65,6 +65,10 @@
 	sed 's|#define\s*BANNER_TIMEOUT.*|#define BANNER_TIMEOUT 0|' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp"
 	mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h"
 endif
+ifeq ($(CONFIG_PXE_HAS_HTTPS),y)
+	sed 's|.*DOWNLOAD_PROTO_HTTPS|#define DOWNLOAD_PROTO_HTTPS|g' "$(project_dir)/src/config/general.h" > "$(project_dir)/src/config/general.h.tmp"
+	mv "$(project_dir)/src/config/general.h.tmp" "$(project_dir)/src/config/general.h"
+endif
 
 build: config $(CONFIG_SCRIPT)
 ifeq ($(CONFIG_HAS_SCRIPT),y)

To view, visit change 31086. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ia25d4ce9260fa8c00fdea0e19f5e927559371af0
Gerrit-Change-Number: 31086
Gerrit-PatchSet: 10
Gerrit-Owner: Felix Singer <felixsinger@posteo.net>
Gerrit-Reviewer: Felix Singer <felixsinger@posteo.net>
Gerrit-Reviewer: Krystian Hebel <krystian.hebel@3mdeb.com>
Gerrit-Reviewer: Martin Roth <martinroth@google.com>
Gerrit-Reviewer: Michał Żygowski <michal.zygowski@3mdeb.com>
Gerrit-Reviewer: Nico Huber <nico.h@gmx.de>
Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com>
Gerrit-Reviewer: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Gerrit-Reviewer: Piotr Król <piotr.krol@3mdeb.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-MessageType: merged