/** @file\r
The implementation of IPSEC_CONFIG_PROTOCOL.\r
\r
- Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
}\r
\r
//\r
- // Compare the all LocalAddress fields in the two Spdselectors.\r
+ // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors.\r
// First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare \r
// SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return\r
// TRUE.\r
}\r
\r
//\r
- // Compare the all LocalAddress fields in the two Spdselectors.\r
+ // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors.\r
// First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare \r
// SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return\r
// TRUE.\r
}\r
\r
//\r
- // Compare the all LocalAddress fields in the two Spdselectors.\r
- // First, SpdSel1->LocalAddress to SpdSel2->LocalAddress && Compare \r
- // SpdSel1->RemoteAddress to SpdSel2->RemoteAddress. If all match, return\r
+ // Compare the all LocalAddress and RemoteAddress fields in the two Spdselectors.\r
+ // First, SpdSel1->LocalAddress to SpdSel2->RemoteAddress && Compare \r
+ // SpdSel1->RemoteAddress to SpdSel2->LocalAddress. If all match, return\r
// TRUE.\r
//\r
for (Index = 0; Index < SpdSel1->LocalAddressCount; Index++) {\r
mode is Tunnel, and its tunnel option is NULL.\r
- The Action of Data is protected and its policy \r
mode is not Tunnel and it tunnel option is not NULL.\r
+ - SadEntry requied to be set into new SpdEntry's Sas has \r
+ been found but it is invalid.\r
@retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
@retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
\r
LIST_ENTRY *Entry;\r
LIST_ENTRY *Entry2;\r
LIST_ENTRY *NextEntry;\r
+ LIST_ENTRY *NextEntry2;\r
IPSEC_SPD_ENTRY *SpdEntry;\r
IPSEC_SAD_ENTRY *SadEntry;\r
UINTN SpdEntrySize;\r
SpdSas = &SpdEntry->Data->Sas;\r
\r
//\r
- // TODO: Deleted the related SAs.\r
+ // Remove the related SAs from Sas(SadEntry->BySpd). If the SA entry is established by \r
+ // IKE, remove from mConfigData list(SadEntry->List) and then free it directly since its \r
+ // SpdEntry will be freed later.\r
//\r
- NET_LIST_FOR_EACH (Entry2, SpdSas) {\r
- SadEntry = IPSEC_SAD_ENTRY_FROM_SPD (Entry2);\r
- SadEntry->Data->SpdEntry = NULL;\r
+ NET_LIST_FOR_EACH_SAFE (Entry2, NextEntry2, SpdSas) {\r
+ SadEntry = IPSEC_SAD_ENTRY_FROM_SPD (Entry2);\r
+ \r
+ if (SadEntry->Data->SpdEntry != NULL) {\r
+ RemoveEntryList (&SadEntry->BySpd);\r
+ SadEntry->Data->SpdEntry = NULL;\r
+ }\r
+ \r
+ if (!(SadEntry->Data->ManualSet)) {\r
+ RemoveEntryList (&SadEntry->List);\r
+ FreePool (SadEntry);\r
+ }\r
}\r
\r
//\r
NET_LIST_FOR_EACH (Entry, SadList) {\r
SadEntry = IPSEC_SAD_ENTRY_FROM_LIST (Entry);\r
\r
- for (Index = 0; Index < SpdData->SaIdCount; Index++) {\r
-\r
- if (CompareSaId (\r
- (EFI_IPSEC_CONFIG_SELECTOR *) &SpdData->SaId[Index],\r
- (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry->Id\r
- )) {\r
- if (SadEntry->Data->SpdEntry != NULL) { \r
- RemoveEntryList (&SadEntry->BySpd);\r
+ for (Index = 0; Index < SpdData->SaIdCount; Index++) {\r
+ if (CompareSaId (\r
+ (EFI_IPSEC_CONFIG_SELECTOR *) &SpdData->SaId[Index],\r
+ (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry->Id\r
+ )) {\r
+ //\r
+ // Check whether the found SadEntry is vaild.\r
+ //\r
+ if (IsSubSpdSelector (\r
+ (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry->Data->SpdSelector,\r
+ (EFI_IPSEC_CONFIG_SELECTOR *) SpdEntry->Selector\r
+ )) {\r
+ if (SadEntry->Data->SpdEntry != NULL) {\r
+ RemoveEntryList (&SadEntry->BySpd);\r
+ }\r
+ InsertTailList (&SpdEntry->Data->Sas, &SadEntry->BySpd);\r
+ SadEntry->Data->SpdEntry = SpdEntry;\r
+ } else {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
}\r
- InsertTailList (&SpdEntry->Data->Sas, &SadEntry->BySpd);\r
- SadEntry->Data->SpdEntry = SpdEntry; \r
- }\r
- }\r
+ } \r
}\r
+ \r
//\r
// Insert the new SPD entry.\r
//\r