Update IPsec.h file to follow approved ECR which will be collected into future UEFI 2.3 Specification after 2.3 errata B and future UEFI Specifications after 2.3. The changes mainly include:

1. Add EFI_IPSEC2_PROTOCOL
  2. Remove IPsec Authentication Algorithm Definition and IPsec Encryption Algorithm    
     Definition.
  3. Add EFI_IPSEC_SA_DATA2 data structure.
And also update IPv4 driver to call EFI_IPSEC2_PROTOCOL.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10941 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
qianouyang
2010-10-15 05:40:41 +00:00
parent a725268048
commit 705f53a9b4
9 changed files with 506 additions and 200 deletions

View File

@@ -250,6 +250,31 @@ Ip4Output (
Head->Src = IpIf->Ip;
}
//
// Before IPsec process, prepared the IP head.
//
HeadLen = sizeof (IP4_HEAD) + ((OptLen + 3) & (~0x03));
Head->HeadLen = (UINT8) HeadLen >> 2;
Head->Id = mIp4Id++;
Head->Ver = 4;
//
// Call IPsec process.
//
Status = Ip4IpSecProcessPacket (
IpSb,
&Head,
&Packet,
&Option,
&OptLen,
EfiIPsecOutBound,
Context
);
if (EFI_ERROR(Status)) {
return Status;
}
//
// Route the packet unless overrided, that is, GateWay isn't zero.
//
@@ -291,30 +316,11 @@ Ip4Output (
}
}
//
// TODO: currently Option/OptLen are not included into encryption scope.
//
Status = Ip4IpSecProcessPacket (
IpSb,
Head,
&Packet,
Option,
OptLen,
EfiIPsecOutBound,
Context
);
if (EFI_ERROR(Status)) {
return Status;
}
//
// OK, selected the source and route, fragment the packet then send
// them. Tag each fragment other than the first one as spawn from it.
//
Mtu = IpSb->MaxPacketSize + sizeof (IP4_HEAD);
HeadLen = sizeof (IP4_HEAD) + ((OptLen + 3) & (~0x03));
Head->Id = mIp4Id++;
Mtu = IpSb->MaxPacketSize + sizeof (IP4_HEAD);
if (Packet->TotalSize + HeadLen > Mtu) {
//