X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=NetworkPkg%2FApplication%2FIpsecConfig%2FPolicyEntryOperation.c;h=7e04573022a49d7957d3b58216874c2d58eab3f3;hp=b50ab7e5740c563bbc6ff3a91646ecced594a746;hb=bef3fd0c68eed51708dcce83443b83ac08b29eff;hpb=686d4d4a86110032ca6d381661fb52f5f3ae7912
diff --git a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
index b50ab7e574..7e04573022 100644
--- a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
+++ b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
@@ -1,7 +1,7 @@
/** @file
The implementation of policy entry operation function in IpSecConfig application.
- Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -25,7 +25,7 @@
@param[out] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.
@param[in] ParamPackage The pointer to the ParamPackage list.
- @param[in, out] ParamPackage The pointer to the Mask.
+ @param[in, out] Mask The pointer to the Mask.
@retval EFI_SUCCESS Fill in EFI_IPSEC_SPD_SELECTOR successfully.
@retval EFI_INVALID_PARAMETER Invalid user input parameter.
@@ -784,6 +784,7 @@ CreateSadEntry (
if (ValueStr != NULL ) {
(*Data)->AlgoInfo.EspAlgoInfo.EncKeyLength = EncKeyLength;
AsciiStr = AllocateZeroPool (EncKeyLength + 1);
+ ASSERT (AsciiStr != NULL);
UnicodeStrToAsciiStr (ValueStr, AsciiStr);
CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.EncKey, AsciiStr, EncKeyLength);
FreePool (AsciiStr);
@@ -813,6 +814,7 @@ CreateSadEntry (
if (ValueStr != NULL) {
(*Data)->AlgoInfo.EspAlgoInfo.AuthKeyLength = AuthKeyLength;
AsciiStr = AllocateZeroPool (AuthKeyLength + 1);
+ ASSERT (AsciiStr != NULL);
UnicodeStrToAsciiStr (ValueStr, AsciiStr);
CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.AuthKey, AsciiStr, AuthKeyLength);
FreePool (AsciiStr);
@@ -913,7 +915,7 @@ CreateSadEntry (
}
//
- // Convert user imput from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.
+ // Convert user input from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.
//
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--tunnel-source");
if (ValueStr != NULL) {
@@ -934,10 +936,28 @@ CreateSadEntry (
*Mask |= SOURCE;
}
}
+
+ //
+ // If it is TunnelMode, then check if the tunnel-source and --tunnel-dest are set
+ //
+ if ((*Data)->Mode == EfiIPsecTunnel) {
+ if ((*Mask & (DEST|SOURCE)) != (DEST|SOURCE)) {
+ ShellPrintHiiEx (
+ -1,
+ -1,
+ NULL,
+ STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_ONE_OF_PARAMETERS),
+ mHiiHandle,
+ mAppName,
+ L"--tunnel-source --tunnel-dest"
+ );
+ ReturnStatus = EFI_INVALID_PARAMETER;
+ }
+ }
ReturnStatus = CreateSpdSelector ((*Data)->SpdSelector, ParamPackage, Mask);
if (CreateNew) {
- if ((*Mask & (SPI | IPSEC_PROTO )) != (SPI | IPSEC_PROTO )) {
+ if ((*Mask & (SPI|IPSEC_PROTO|LOCAL|REMOTE)) != (SPI|IPSEC_PROTO|LOCAL|REMOTE)) {
ShellPrintHiiEx (
-1,
-1,
@@ -945,7 +965,7 @@ CreateSadEntry (
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_ONE_OF_PARAMETERS),
mHiiHandle,
mAppName,
- L"--spi --ipsec-proto --dest"
+ L"--spi --ipsec-proto --local --remote"
);
ReturnStatus = EFI_INVALID_PARAMETER;
} else {
@@ -974,7 +994,7 @@ CreateSadEntry (
ReturnStatus = EFI_INVALID_PARAMETER;
}
} else {
- if ((*Mask & ENCRYPT_ALGO) == 0) {
+ if ((*Mask & (ENCRYPT_ALGO|AUTH_ALGO)) != (ENCRYPT_ALGO|AUTH_ALGO) ) {
ShellPrintHiiEx (
-1,
-1,
@@ -982,7 +1002,7 @@ CreateSadEntry (
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_PARAMETER),
mHiiHandle,
mAppName,
- L"--encrypt-algo"
+ L"--encrypt-algo --auth-algo"
);
ReturnStatus = EFI_INVALID_PARAMETER;
} else if ((*Data)->AlgoInfo.EspAlgoInfo.EncAlgoId != IPSEC_EALG_NONE && (*Mask & ENCRYPT_KEY) == 0) {
@@ -996,6 +1016,17 @@ CreateSadEntry (
L"--encrypt-key"
);
ReturnStatus = EFI_INVALID_PARAMETER;
+ } else if ((*Data)->AlgoInfo.EspAlgoInfo.AuthAlgoId != IPSEC_AALG_NONE && (*Mask & AUTH_KEY) == 0) {
+ ShellPrintHiiEx (
+ -1,
+ -1,
+ NULL,
+ STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_PARAMETER),
+ mHiiHandle,
+ mAppName,
+ L"--auth-key"
+ );
+ ReturnStatus = EFI_INVALID_PARAMETER;
}
}
}