IpsecConfigApp add the check for the required options (--local, --remote, Auth-algo, Auth-key) for SAD adding.

Signed-off-by: qianouyang
Reviewed-by: czhan46



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12829 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
qianouyang 2011-12-08 03:15:55 +00:00
parent c20d62b5d2
commit da7c529ca1
2 changed files with 43 additions and 13 deletions

View File

@ -477,8 +477,9 @@ DumpSadEntry (
DumpBuf ((UINT8 *)(Data->AlgoInfo.EspAlgoInfo.EncKey), Data->AlgoInfo.EspAlgoInfo.EncKeyLength); DumpBuf ((UINT8 *)(Data->AlgoInfo.EspAlgoInfo.EncKey), Data->AlgoInfo.EspAlgoInfo.EncKeyLength);
} }
} }
if (Data->SpdSelector != NULL) {
Print (L"\n"); Print (L"\n");
if (Data->SpdSelector != NULL) {
Print (L" ");
DumpSpdSelector (Data->SpdSelector); DumpSpdSelector (Data->SpdSelector);
Print (L"\n"); Print (L"\n");
} }

View File

@ -913,7 +913,7 @@ CreateSadEntry (
} }
// //
// Convert user imput from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID. // Convert user input from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.
// //
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--tunnel-source"); ValueStr = ShellCommandLineGetValue (ParamPackage, L"--tunnel-source");
if (ValueStr != NULL) { if (ValueStr != NULL) {
@ -934,10 +934,12 @@ CreateSadEntry (
*Mask |= SOURCE; *Mask |= SOURCE;
} }
} }
ReturnStatus = CreateSpdSelector ((*Data)->SpdSelector, ParamPackage, Mask);
if (CreateNew) { //
if ((*Mask & (SPI | IPSEC_PROTO )) != (SPI | IPSEC_PROTO )) { // If it is TunnelMode, then check if the tunnel-source and --tunnel-dest are set
//
if ((*Data)->Mode == EfiIPsecTunnel) {
if ((*Mask & (DEST|SOURCE)) != (DEST|SOURCE)) {
ShellPrintHiiEx ( ShellPrintHiiEx (
-1, -1,
-1, -1,
@ -945,7 +947,23 @@ CreateSadEntry (
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_ONE_OF_PARAMETERS), STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_ONE_OF_PARAMETERS),
mHiiHandle, mHiiHandle,
mAppName, mAppName,
L"--spi --ipsec-proto --dest" L"--tunnel-source --tunnel-dest"
);
ReturnStatus = EFI_INVALID_PARAMETER;
}
}
ReturnStatus = CreateSpdSelector ((*Data)->SpdSelector, ParamPackage, Mask);
if (CreateNew) {
if ((*Mask & (SPI|IPSEC_PROTO|LOCAL|REMOTE)) != (SPI|IPSEC_PROTO|LOCAL|REMOTE)) {
ShellPrintHiiEx (
-1,
-1,
NULL,
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_ONE_OF_PARAMETERS),
mHiiHandle,
mAppName,
L"--spi --ipsec-proto --local --remote"
); );
ReturnStatus = EFI_INVALID_PARAMETER; ReturnStatus = EFI_INVALID_PARAMETER;
} else { } else {
@ -974,7 +992,7 @@ CreateSadEntry (
ReturnStatus = EFI_INVALID_PARAMETER; ReturnStatus = EFI_INVALID_PARAMETER;
} }
} else { } else {
if ((*Mask & ENCRYPT_ALGO) == 0) { if ((*Mask & (ENCRYPT_ALGO|AUTH_ALGO)) != (ENCRYPT_ALGO|AUTH_ALGO) ) {
ShellPrintHiiEx ( ShellPrintHiiEx (
-1, -1,
-1, -1,
@ -982,7 +1000,7 @@ CreateSadEntry (
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_PARAMETER), STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_PARAMETER),
mHiiHandle, mHiiHandle,
mAppName, mAppName,
L"--encrypt-algo" L"--encrypt-algo --auth-algo"
); );
ReturnStatus = EFI_INVALID_PARAMETER; ReturnStatus = EFI_INVALID_PARAMETER;
} else if ((*Data)->AlgoInfo.EspAlgoInfo.EncAlgoId != IPSEC_EALG_NONE && (*Mask & ENCRYPT_KEY) == 0) { } else if ((*Data)->AlgoInfo.EspAlgoInfo.EncAlgoId != IPSEC_EALG_NONE && (*Mask & ENCRYPT_KEY) == 0) {
@ -996,6 +1014,17 @@ CreateSadEntry (
L"--encrypt-key" L"--encrypt-key"
); );
ReturnStatus = EFI_INVALID_PARAMETER; ReturnStatus = EFI_INVALID_PARAMETER;
} else if ((*Data)->AlgoInfo.EspAlgoInfo.AuthAlgoId != IPSEC_AALG_NONE && (*Mask & AUTH_KEY) == 0) {
ShellPrintHiiEx (
-1,
-1,
NULL,
STRING_TOKEN (STR_IPSEC_CONFIG_MISSING_PARAMETER),
mHiiHandle,
mAppName,
L"--auth-key"
);
ReturnStatus = EFI_INVALID_PARAMETER;
} }
} }
} }