# DEFINE NETWORK_IP4_ENABLE = TRUE\r
# DEFINE NETWORK_IP6_ENABLE = TRUE\r
# DEFINE NETWORK_TLS_ENABLE = TRUE\r
+# DEFINE NETWORK_HTTP_ENABLE = FALSE\r
# DEFINE NETWORK_HTTP_BOOT_ENABLE = TRUE\r
# DEFINE NETWORK_ALLOW_HTTP_CONNECTIONS = FALSE\r
-# DEFINE NETWORK_ISCSI_ENABLE = TRUE\r
+# DEFINE NETWORK_ISCSI_ENABLE = FALSE\r
+# DEFINE NETWORK_ISCSI_MD5_ENABLE = TRUE\r
# DEFINE NETWORK_VLAN_ENABLE = TRUE\r
#\r
# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r
+# (C) Copyright 2020 Hewlett Packard Enterprise Development LP<BR>\r
#\r
# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
DEFINE NETWORK_TLS_ENABLE = TRUE\r
!endif\r
\r
+!ifndef NETWORK_HTTP_ENABLE\r
+ #\r
+ # This flag is to enable or disable HTTP(S) feature.\r
+ # The default is set to FALSE to not affecting the existing\r
+ # platforms.\r
+ # NETWORK_HTTP_ENABLE set to FALSE is not affecting NETWORK_HTTP_BOOT_ENABLE\r
+ # when NETWORK_HTTP_BOOT_ENABLE is TRUE.\r
+ DEFINE NETWORK_HTTP_ENABLE = FALSE\r
+!endif\r
+\r
!ifndef NETWORK_HTTP_BOOT_ENABLE\r
#\r
# This flag is to enable or disable HTTP(S) boot feature.\r
#\r
+ #\r
DEFINE NETWORK_HTTP_BOOT_ENABLE = TRUE\r
!endif\r
\r
# Both OpensslLib.inf and OpensslLibCrypto.inf library instance can be used\r
# since libssl is not required for iSCSI.\r
#\r
- DEFINE NETWORK_ISCSI_ENABLE = TRUE\r
+ DEFINE NETWORK_ISCSI_ENABLE = FALSE\r
+!endif\r
+\r
+!ifndef NETWORK_ISCSI_MD5_ENABLE\r
+ #\r
+ # This flag enables the deprecated MD5 hash algorithm in iSCSI CHAP\r
+ # authentication.\r
+ #\r
+ # Note: The NETWORK_ISCSI_MD5_ENABLE flag only makes a difference if\r
+ # NETWORK_ISCSI_ENABLE is TRUE; otherwise, NETWORK_ISCSI_MD5_ENABLE is\r
+ # ignored.\r
+ #\r
+ # With NETWORK_ISCSI_MD5_ENABLE set to TRUE, MD5 is enabled as the\r
+ # least preferred CHAP hash algorithm. With NETWORK_ISCSI_MD5_ENABLE\r
+ # set to FALSE, MD5 is disabled statically, at build time.\r
+ #\r
+ # The default value is TRUE, because RFC 7143 mandates MD5, and because\r
+ # several vendors' iSCSI targets only support MD5, for CHAP.\r
+ #\r
+ DEFINE NETWORK_ISCSI_MD5_ENABLE = TRUE\r
!endif\r
\r
!if $(NETWORK_ENABLE) == TRUE\r
!error "Must enable at least IP4 or IP6 stack if NETWORK_ENABLE is set to TRUE!"\r
!endif\r
\r
- !if ($(NETWORK_HTTP_BOOT_ENABLE) == TRUE) AND ($(NETWORK_TLS_ENABLE) == FALSE) AND ($(NETWORK_ALLOW_HTTP_CONNECTIONS) == FALSE)\r
- !error "Must enable TLS to support HTTPS, or allow unsecured HTTP connection, if NETWORK_HTTP_BOOT_ENABLE is set to TRUE!"\r
+ !if ($(NETWORK_HTTP_BOOT_ENABLE) == TRUE) OR ($(NETWORK_HTTP_ENABLE) == TRUE)\r
+ !if ($(NETWORK_TLS_ENABLE) == FALSE) AND ($(NETWORK_ALLOW_HTTP_CONNECTIONS) == FALSE)\r
+ !error "Must enable TLS to support HTTPS, or allow unsecured HTTP connection, if NETWORK_HTTP_BOOT_ENABLE or NETWORK_HTTP_ENABLE is set to TRUE!"\r
+ !endif\r
!endif\r
!endif\r