NetworkPkg/IpSecDxe: Fix wrong IKE header "FLAG" update
*v2: update the commit log and refine the code comments. There are three kinds of IKE Exchange process: #1. Initial Exchange #2. CREATE_CHILD_SA_Exchange #3. Information Exchange The IKE header "FLAG" update is incorrect in #2 and #3 exchange, which may cause the continue session failure. This patch is used to correct the updates of IKE header "FLAG" according the RFC4306 section 3.1. Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Zhang Lubo <lubo.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
This commit is contained in:
@@ -128,7 +128,11 @@ Ikev2InfoGenerator (
|
||||
// The input parameter is not correct.
|
||||
//
|
||||
goto ERROR_EXIT;
|
||||
}
|
||||
}
|
||||
|
||||
if (IkeSaSession->SessionCommon.IsInitiator) {
|
||||
IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT ;
|
||||
}
|
||||
} else {
|
||||
//
|
||||
// Delete the Child SA Information Exchagne
|
||||
@@ -180,13 +184,16 @@ Ikev2InfoGenerator (
|
||||
// Change the IsOnDeleting Flag
|
||||
//
|
||||
ChildSaSession->SessionCommon.IsOnDeleting = TRUE;
|
||||
|
||||
if (ChildSaSession->SessionCommon.IsInitiator) {
|
||||
IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT ;
|
||||
}
|
||||
}
|
||||
|
||||
if (InfoContext == NULL) {
|
||||
IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;
|
||||
} else {
|
||||
IkePacket->Header->Flags = IKE_HEADER_FLAGS_RESPOND;
|
||||
if (InfoContext != NULL) {
|
||||
IkePacket->Header->Flags |= IKE_HEADER_FLAGS_RESPOND;
|
||||
}
|
||||
|
||||
return IkePacket;
|
||||
|
||||
ERROR_EXIT:
|
||||
|
Reference in New Issue
Block a user