summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--NetworkPkg/IpSecDxe/IkeService.c1
-rw-r--r--NetworkPkg/IpSecDxe/IkeService.h3
-rw-r--r--NetworkPkg/IpSecDxe/Ikev2/Exchange.c6
-rw-r--r--NetworkPkg/IpSecDxe/Ikev2/Utility.c6
-rw-r--r--NetworkPkg/IpSecDxe/IpSecDriver.c25
5 files changed, 30 insertions, 11 deletions
diff --git a/NetworkPkg/IpSecDxe/IkeService.c b/NetworkPkg/IpSecDxe/IkeService.c
index 6594963f5d..d8571960a0 100644
--- a/NetworkPkg/IpSecDxe/IkeService.c
+++ b/NetworkPkg/IpSecDxe/IkeService.c
@@ -15,7 +15,6 @@
#include "IkeService.h"
#include "IpSecConfigImpl.h"
-#include "Ikev2/Utility.h"
IKE_EXCHANGE_INTERFACE *mIkeExchange[] = {
&mIkev1Exchange,
diff --git a/NetworkPkg/IpSecDxe/IkeService.h b/NetworkPkg/IpSecDxe/IkeService.h
index 3ebd17919a..0e05dfe976 100644
--- a/NetworkPkg/IpSecDxe/IkeService.h
+++ b/NetworkPkg/IpSecDxe/IkeService.h
@@ -1,7 +1,7 @@
/** @file
Prototypes definitions of IKE service.
- Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -19,6 +19,7 @@
#include "Ike.h"
#include "IpSecImpl.h"
#include "IkeCommon.h"
+#include "Ikev2/Utility.h"
#define IPSEC_CRYPTO_LIB_MEMORY 128 * 1024
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Exchange.c b/NetworkPkg/IpSecDxe/Ikev2/Exchange.c
index 37f9667d3d..9d58ab0a46 100644
--- a/NetworkPkg/IpSecDxe/Ikev2/Exchange.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Exchange.c
@@ -1,7 +1,7 @@
/** @file
The general interfaces of the IKEv2.
- Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -330,7 +330,7 @@ Ikev2NegotiateInfo (
//
// Send out the Packet
//
- if (UdpService != NULL) {
+ if (UdpService != NULL && UdpService->Output != NULL) {
Status = Ikev2SendIkePacket (UdpService, (UINT8 *) SaCommon, IkePacket, 0);
if (EFI_ERROR (Status)) {
@@ -357,7 +357,7 @@ Ikev2NegotiateInfo (
//
// Send out the Packet
//
- if (UdpService != NULL) {
+ if (UdpService != NULL && UdpService->Output != NULL) {
Status = Ikev2SendIkePacket (UdpService, (UINT8 *) &ChildSaSession->SessionCommon, IkePacket, 0);
if (EFI_ERROR (Status)) {
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c b/NetworkPkg/IpSecDxe/Ikev2/Utility.c
index 8769850d41..16be09e14a 100644
--- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c
@@ -2,7 +2,7 @@
The Common operations used by IKE Exchange Process.
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
- Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -891,9 +891,7 @@ Ikev2ChildSaSilentDelete (
RemoteSelector = NULL;
UdpService = IkeSaSession->SessionCommon.UdpService;
- Private = (UdpService->IpVersion == IP_VERSION_4) ?
- IPSEC_PRIVATE_DATA_FROM_UDP4LIST(UdpService->ListHead) :
- IPSEC_PRIVATE_DATA_FROM_UDP6LIST(UdpService->ListHead);
+ Private = IkeSaSession->SessionCommon.Private;
//
// Remove the Established SA from ChildSaEstablishlist.
diff --git a/NetworkPkg/IpSecDxe/IpSecDriver.c b/NetworkPkg/IpSecDxe/IpSecDriver.c
index 454d218c75..d8282b5e2f 100644
--- a/NetworkPkg/IpSecDxe/IpSecDriver.c
+++ b/NetworkPkg/IpSecDxe/IpSecDriver.c
@@ -1,7 +1,7 @@
/** @file
Driver Binding Protocol for IPsec Driver.
- Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -178,6 +178,7 @@ IpSecStop (
IKE_UDP_SERVICE *UdpSrv;
LIST_ENTRY *Entry;
LIST_ENTRY *Next;
+ IKEV2_SA_SESSION *Ikev2SaSession;
//
// Locate ipsec protocol to get private data.
@@ -196,7 +197,27 @@ IpSecStop (
//
if ((IpVersion == IP_VERSION_4 && Private->Udp6Num ==0) ||
(IpVersion == IP_VERSION_6 && Private->Udp4Num ==0)) {
- IkeDeleteAllSas (Private, FALSE);
+ //
+ // If IKEv2 SAs are under establishing, delete it directly.
+ //
+ if (!IsListEmpty (&Private->Ikev2SessionList)) {
+ NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2SessionList) {
+ Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);
+ RemoveEntryList (&Ikev2SaSession->BySessionTable);
+ Ikev2SaSessionFree (Ikev2SaSession);
+ }
+ }
+
+ //
+ // Delete established IKEv2 SAs.
+ //
+ if (!IsListEmpty (&Private->Ikev2EstablishedList)) {
+ NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2EstablishedList) {
+ Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);
+ RemoveEntryList (&Ikev2SaSession->BySessionTable);
+ Ikev2SaSessionFree (Ikev2SaSession);
+ }
+ }
}
if (IpVersion == IP_VERSION_4) {