Commit Graph

377 Commits

Author SHA1 Message Date
Hao Wu ce8e582c06 NetworkPkg/IpSecDxe: Add check to avoid possible divide by zero
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-02-21 09:25:54 +08:00
Zhang Lubo 80e63e846a NetworkPkg:Generate the correct operational state of the interface.
Currently, When there are more than 9 Ethernet ports available,
'ifconfig6 -l' is not listing all the ports, only show the ports 0 to 9.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Santhapur Naveen <naveens@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-02-20 10:09:30 +08:00
Jiaxin Wu b173ad7851 NetworkPkg/HttpBootDxe: Update to check specified media type
IANA has approved below new media type for EFI http(s) boot usage:
  application/vnd.efi.img
  application/vnd.efi.iso

HTTP boot driver should be updated to check the above media type
from Content-Type header field.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2017-02-16 22:35:19 +08:00
Jiaxin Wu 6c6452c6e2 NetworkPkg/HttpBootDxe: Declare the functions as EFIAPI to pass the GCC build
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
2017-02-16 22:34:26 +08:00
Jiaxin Wu 5e9e151c20 NetworkPkg/HttpBootDxe: Request HTTP token notify as a DPC at TPL_CALLBACK
This patch is to update the HTTP token notify as a DPC at
TPL_CALLBACK to align with UEFI Spec.

Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
2017-02-15 14:36:52 +08:00
hegdenag 483ee51520 NetworkPkg/iSCSIDxe: Update the condition for IScsiStart Abort
Update existing #define and add a new #define used for the
PCD PcdIScsiAIPNetworkBootPolicy. Update the code in iScsiStart
according to the #define changes in iScsiDriver.h

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-02-15 14:36:10 +08:00
hegdenag b8b769ab81 NetworkPkg/NetworkPkg.dec: Update comments for the PCD
Update comment section for the PCD PcdIScsiAIPNetworkBootPolicy.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-02-15 14:35:55 +08:00
Jiaxin Wu ad1cd1aa09 NetworkPkg/NetworkPkg.uni: Define the prompt and help information for PcdAllowHttpConnections
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2017-02-09 08:33:27 +08:00
Liming Gao b0206b1617 NetworkPkg: Fix some typos of "according"
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Rebecca Cran <rebecca@bluestop.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: He Junjie <junjie.he@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-02-08 14:48:44 +08:00
Zhang, Lubo 7cf59c854f NetworkPkg: Fix protocol handler service in HttpDxe.
When we create a HTTP driver service binding private
instance, there may be different DriverBindingHandle
for Ipv4 or Ipv6, so it is essential to distinguish
the HttpService image which will be used in open
protocol or close protocol.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Sriram Subramanian <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-01-23 15:19:05 +08:00
Thomas Huth f3fa35a002 NetworkPkg: Remove superfluous return statement.
If the code eventually returns "Status" anyway, it does not make
sense to explicitely return "Status" in case of an error, too.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-01-23 10:27:57 +08:00
Jiaxin Wu 221463c2b3 NetworkPkg: Add PCD to enable the HTTP connections switch
v3:
* Correct the commits grammar

v2:
* Rename the PCD to PcdAllowHttpConnections.
* Refine the PCD descriptions.

If the value of PcdAllowHttpConnections is TRUE, HTTP connections are
allowed. Both the "https://" and "http://" URI schemes are permitted.
Otherwise, HTTP connections are denied. Only the "https://" URI scheme
is permitted.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
Tested-by: Gary Lin <glin@suse.com>
2017-01-23 10:25:29 +08:00
Zhang Lubo eabc6e59b9 NetworkPkg: Add dns support for target URL configuration in ISCSI.
v2:
*1. Add IScsiDnsIsConfigured function in IScsiSupported to check
attempt using DNS protocol or not.2. Fix wrongs typos in IScsiDns.c
and .uni file.3. define a macro for the length of target URL.4.
update the Copyright to 2017.

Add DNS support for target URL directly configuration in UI.

Besides, When we enable the option (Get target info via DHCP) ,
the dhcp server will return target info include the  rootpath,
like the format
"iscsi:"<servername>":"<protocol>":"<port>":"<LUN>":"<targetname>
According to the RFC 4173,the server name region is expressed as
IPv4(192.168.10.20 )or IPv6 ([2000:bbbb::3]) or domain name,
but currently we only support the IP address format.
To enable this feature, we can support both.

Another enhancement is that we can deal with the data received from
the iSCSI login response with an target redirection status,
in which contains the Target Address in the format
domainname[:port][,portal-group-tag] required by RFC 3720.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-01-19 11:31:57 +08:00
Gary Lin 7be6e67762 NetworkPkg/TlsAuthConfigDxe: Declare EFIAPI for the ChooseFile handler
The ChooseFile handler, UpdateCAFromFile, has to be EFIAPI or gcc would
use the wrong ABI and cause the crash of the firmware. This commit also
removes the unnecessary type casting in ChooseFile.

Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
2017-01-18 12:57:51 +08:00
Jiaxin Wu 89f06051a5 MdePkg, NetworkPkg: Refine the coding style.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-01-06 11:59:26 +08:00
Jiaxin Wu ab50ab6ea1 NetworkPkg/Ip6Dxe: Fix the potential NULL pointer free
Ip6ConfigSetDnsServer may cause ASSERT if the invalid DNS
server address received. The issue is triggered by the NULL
pointer(Tmp) free.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2017-01-04 08:40:27 +08:00
Jiaxin Wu 63022be1e5 NetworkPkg/NetworkPkg.dsc: Move TLS modules to the supported components
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-29 16:01:36 +08:00
Jiaxin Wu 12b96a93f3 NetworkPkg: Fix potentially uninitialized local variable
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2016-12-26 16:56:23 +08:00
Jiaxin Wu 63f1d6a4c0 NetworkPkg/HttpDxe: Fix the potential NULL dereference
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Hao A <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-26 16:56:14 +08:00
Jiaxin Wu 0e5e7996c9 NetworkPkg/DnsDxe: Fixed the assert issue in DnsDxe
Fix the DnsDxe assert issue when the incorrect answer message
received.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
2016-12-26 16:55:57 +08:00
Jiaxin Wu cd09a27734 NetworkPkg/NetworkPkg.dsc: Enable TlsDxe and TlsAuthConfigDxe module
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-22 20:33:45 +08:00
Jiaxin Wu dac45de3d6 NetworkPkg/HttpDxe: HTTPS support over IPv4 and IPv6
This patch is used to enable HTTPS feature. HttpDxe driver
will consume TlsDxe driver. It can both support http and https
feature, that’s depended on the information of URL, the HTTP
instance can be able to determine whether to use http or https.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-22 20:33:40 +08:00
Jiaxin Wu 9d0fa533dd NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS auth configuration
This patch provides the UI to support TLS auth configuration.
* EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate'
variable. So, TLS supports multiple certificate configuration.
* The variable attribute is BS with NV, which only target at
preventing runtime phase attack.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-22 20:33:35 +08:00
Jiaxin Wu 7e1f2209b0 NetworkPkg/TlsDxe: TlsDxe driver implementation over OpenSSL
v3:
* Typo fix and code refine.
* Rename the internal macros and function:
TLS_INSTANCE_FROM_PROTOCOL_THIS -> TLS_INSTANCE_FROM_PROTOCOL
TLS_INSTANCE_FROM_CONFIGURATION_THIS -> TLS_INSTANCE_FROM_CONFIGURATION
TlsEcryptPacket -> TlsEncryptPacket

v2:
* Refine the TlsEcryptPacket/TlsDecryptPacket function
according the community feedback.

This patch is the implementation of EFI TLS Service Binding
Protocol, EFI TLS Protocol and EFI TLS Configuration Protocol
Interfaces.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-22 20:33:28 +08:00
Hao Wu 413535bb33 NetworkPkg: Refine UintnToAscDecWithFormat functions logic
This commit refines the logic for HttpBootUintnToAscDecWithFormat and
PxeBcUintnToAscDecWithFormat. It avoids using the decrement operator '--'
for array index to prevent possible mis-reports by static code checkers.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2016-12-22 16:17:22 +08:00
Fu Siyuan a35dc6499b NetworkPkg: Replace ASSERT with error return code in PXE and HTTP boot driver.
This patch remove the ASSERT when receive a DHCP packet large than the maximum
cache buffer size.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2016-12-19 08:54:18 +08:00
Jiaxin Wu aa63a86601 NetworkPkg/IpSecDxe: correct one comment and remove the unused buf
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-12-06 18:37:25 +08:00
Fu Siyuan 632dcfd685 NetworkPkg: Check for the max DHCP packet length before use it.
This patch updates the PXE and HTTP boot driver to drop the input DHCP packet
if it exceed the maximum length.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>
2016-11-18 16:30:50 +08:00
Fu Siyuan b340056060 NetworkPkg: Check for NULL pointer before dereference it.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2016-10-31 16:04:02 +08:00
Zhang Lubo 92ec8772df NetworkPkg: Add error handling logic when using AllocateZeroPool
Add error handling logic if failed to apply new memory.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-By: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-By: Fu Siyuan <siyuan.fu@intel.com>
2016-10-31 10:07:31 +08:00
Jiaxin Wu d115b80b7d NetworkPkg: Fix the wrong Timer event check
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2016-10-31 08:45:25 +08:00
Fu Siyuan 6c12fe63f9 NetworkPkg: Update IP4 stack drivers for classless address unicast check.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2016-10-28 14:20:25 +08:00
Laszlo Ersek e72b409784 NetworkPkg/TcpDxe: rebase to ARRAY_SIZE()
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-10-27 11:10:58 +02:00
Laszlo Ersek f256ab43ea NetworkPkg/IScsiDxe: rebase to ARRAY_SIZE()
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-10-27 11:10:58 +02:00
Laszlo Ersek de69024c83 NetworkPkg/IpsecConfig: remove module-local ARRAY_SIZE macro
Rely on the central macro definition from "MdePkg/Include/Base.h" instead.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-10-27 10:50:12 +02:00
Laszlo Ersek 2f2a78f9d6 NetworkPkg/IpsecConfig: guard the definition of ARRAY_SIZE
In one of the next patches, we'll introduce ARRAY_SIZE in
"MdePkg/Include/Base.h". In order to proceed in small steps, make the
module-local definition of ARRAY_SIZE conditional. This way the
introduction of the macro under MdePkg will silently switch this module
over (after which we can remove the module-local definition completely).

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-10-27 10:49:59 +02:00
Zhang Lubo 9c3dcd0f56 NetworkPkg: Support bracketed IPv6 address during a redirection in iSCSI
According to RFC 3720, the TargetAddress provided in a redirection
might be a DNS host name, a dotted-decimal IPv4 address, or a
bracketed IPv6 address. Current ISCSI driver in Networkpkg only
supports dotted-decimal IPv4 address, so we need add IPv6 address
support since it is a combo driver supporting dual stack.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2016-10-26 16:43:31 +08:00
Zhang Lubo 8aa2cdd79f NetworkPkg: Enhance the code in DNS driver.
There may be an error happens when we use the
configure function to set or change the configuration
data for the DNS6 instance, So we will free the
DnsServerList without configured to NULL. If we reset
the instance with the parameter DnsConfigData to NULL, the
DnsServerList will be freed twice.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2016-10-26 16:43:00 +08:00
Zhang Lubo 6692d51954 NetworkPkg: Add dns support for pxe boot based on IPv6.
The BootFileURL option (59) in dhcpv6 is used to deliver
the next server address with bootfile name, as an example
"tftp://[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]/BOOTFILE_NAME;
mode=octet", it can also be “tftp://domain_name/BOOTFILE_NAME;
mode=octet”, this patch is to support this case.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2016-10-26 16:42:35 +08:00
Gary Lin d1c85a17fa NetworkPkg: Fix typos in comments
- assocated -> associated
- malformated -> malformatted
- mal-formated -> mal-formatted
- formated -> formatted
- octects -> octets
- responsiblity -> responsibility
- enought -> enough
- immediatly -> immediately
- integar -> integer
- Alogrithem -> Algorithm
- Initializeion -> Initialization
- primelenght -> primelength
- Vlaue -> Value
- perfoms -> performs
- randome -> random
- verifed -> verified
- finallization -> finalization
- Intializes -> Initializes
- specifed -> specified
- if -> If
- Decrption -> Decryption
- Autahentication -> Authentication
- informatino -> information
- alogrithm -> algorithm
- Authenticaion -> Authentication
- Alogrithem -> Algorithm
- containning -> containing
- paramter -> parameter

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-By: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-By: Jiaxin Wu <jiaxin.wu@intel.com>
2016-10-26 08:50:03 +08:00
Jiaxin Wu 55d05ae145 NetworkPkg: Coding style refine for IpSecDxe
Cc: Bi Dandan <dandan.bi@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2016-10-21 09:03:32 +08:00
Ye Ting a2d59ef291 NetworkPkg: Record user configured TargetIP/Port in iBFT
Current ISCSI driver records redirected iSCSI targetIP/Port in iBFT
once redirection occurs, which removes the possibility of the OS
to reconnect to the configured IP for load balancing. The behavior
is not explicitly described in IBFT spec, though the MSFT expert
confirm we should record original user setting rather than
publish the redirected IP.

Thanks Sriram for reviewing and validating this patch in his test-bed.

Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Subramanian Sriram <sriram-s@hpe.com>
2016-10-14 10:54:26 +08:00
Fu Siyuan 3c0956379c NetworkPkg: Remove redundant code in HTTP boot driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
2016-10-12 16:51:30 +08:00
Zhang Lubo f3612a8d58 NetworkPkg: TcpDriver use EFI_D_NET for DEBUG maessage.
Tcp driver need to use EFI_D_NET to log DEBUG message,
So it becomes easy to separate/filter out debug messages
from network stack versus generic EFI_D_INFO debugs.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
2016-10-09 14:29:23 +08:00
Jiaxin Wu 00df35fe41 NetworkPkg: Clean the previous address since the policy changed
The previous DNS server data will be retained after the policy
changes from Auto to Manual. This patch is used to clean the
previous dhcp configuration data.

Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
2016-09-26 21:25:23 +08:00
Jiaxin Wu 0a92ac8802 NetworkPkg: Correct the DNS token return status by RCODE
When HostNameToIp() and GeneralLookUp() are called with a invalid
host name, RCODE (4 bit field is set as part of responses) error
will returned in packet to identify the domain name referenced in
the query does not exist. So, EFI_NOT_FOUND should be returned
directly.

Current implementation only check the RCODE in successful condition.
Need update the code for more error check according to RFC 1035 4.1.1
section.

Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
2016-09-20 09:12:20 +08:00
Jiaxin Wu 3093f45c44 NetworkPkg/DnsDxe: Handle CNAME type responded from the name server
v2:
* Code refine.
* For DnsCache, the minimum value of TTL is selected between CNAME and A/AAAA record.

According RFC 1034 - 3.6.2, if the query name is an alias, the name server
will include the CNAME record in the response and restart the query at the
domain name specified in the data field of the CNAME record. RFC also provides
one example server action when A query received:

Suppose a name server was processing a query with for USCISIC.ARPA, asking for
type A information, and had the following resource records:
USC-ISIC.ARPA IN CNAME C.ISI.EDU
C.ISI.EDU     IN A     10.0.0.52
Both of these RRs would be returned in the response to the type A query.

Currently, DnsDxe driver doesn't handle the CNAME type response, which will cause
any exception result. The driver need continue the packet parsing while CNAME type
record parsed. So, this patch is used to handle it correctly.

Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Tested-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
2016-09-07 14:28:17 +08:00
Jiaxin Wu 96c13c0117 NetworkPkg/IpSecDxe: Generate SPI randomly and correct IKE_SPI_BASE value
This path made the following update:
* Generate SPI randomly.
* Correct IKE_SPI_BASE value according RFC 4302/4303.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2016-09-06 19:01:04 +08:00
Jiaxin Wu 7822a1d91d NetworkPkg/IpSecDxe: Fix wrong IKE header "FLAG" update
*v2: update the commit log and refine the code comments.

There are three kinds of IKE Exchange process:
#1. Initial Exchange
#2. CREATE_CHILD_SA_Exchange
#3. Information Exchange

The IKE header "FLAG" update is incorrect in #2 and #3 exchange,
which may cause the continue session failure. This patch is used
to correct the updates of IKE header "FLAG" according the RFC4306
section 3.1.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-08-18 16:53:28 +08:00
Jiaxin Wu 40b83d6114 NetworkPkg/IpSecDxe: Fix UEFI IKE Initial Exchange failure
*v2: update the commit log.

IKE Initial Exchange message should cover below process:
           Initiator                    Responder
Message1 HDR,SAil,KEi,Ni  ------>
Message2                  <------   HDR,SArl,KEr,Nr,[CERTREQ]
Message3 HDR,SK{}         ------>
Message4                  <------   HDR,SK{}

If Initial Exchange message is initiated by Linux IKE, it works well.
But the failure will happen if it's initiated by UEFI IKE. This issue
is caused by the no status check of NotifyCookiePayload.

While parsing the IKEv2 packet for IKE_SA_INIT exchange, if the packet
doesn't contain COOKIE Notify payload, EFI_INVALID_PARAMETER will be
returned from Ikev2ParserNotifyCookiePayload(). Current implementation
return this error status directly, then the session will be broken. The
correct behavior should check this status. If no COOKIE Notify payload,
initiator don't need to retry the IKE_SA_INIT.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-08-18 16:53:14 +08:00