src/libcharon/plugins/tnccs_20/tnccs_20.c

   1 /*
   2  * Copyright (C) 2010 Sansar Choinyanbuu
   3  * HSR Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include "tnccs_20.h"
  17
  18 #include <debug.h>
  19 #include <daemon.h>
  20 #include <threading/mutex.h>
  21 #include <tnc/tncif.h>
  22 #include <tnc/tncifimv_names.h>
  23 #include <tnc/tnccs/tnccs.h>
  24
  25 typedef struct private_tnccs_20_t private_tnccs_20_t;
  26
  27 /**
  28  * Private data of a tnccs_20_t object.
  29  */
  30 struct private_tnccs_20_t {
  31
  32         /**
  33          * Public tls_t interface.
  34          */
  35         tls_t public;
  36
  37         /**
  38          * TNCC if TRUE, TNCS if FALSE
  39          */
  40         bool is_server;
  41
  42         /**
  43          * Connection ID assigned to this TNCCS connection
  44          */
  45         TNC_ConnectionID connection_id;
  46
  47         /**
  48          * Batch being constructed
  49          */
  50         chunk_t batch;
  51
  52         /**
  53          * Mutex locking the batch in construction
  54          */
  55         mutex_t *mutex;
  56
  57         /**
  58          * Set of IMV recommendations  (TNC Server only)
  59          */
  60         recommendations_t *recs;
  61 };
  62
  63 METHOD(tnccs_t, send_message, void,
  64         private_tnccs_20_t* this, TNC_BufferReference message,
  65                                                           TNC_UInt32 message_len,
  66                                                           TNC_MessageType message_type)
  67 {
  68         chunk_t msg = { message, message_len };
  69
  70         DBG1(DBG_TNC, "TNCCS 2.0 send message");
  71         this->mutex->lock(this->mutex);
  72         this->batch = chunk_cat("mc", this->batch, msg);
  73         this->mutex->unlock(this->mutex);
  74 }
  75
  76 METHOD(tls_t, process, status_t,
  77         private_tnccs_20_t *this, void *buf, size_t buflen)
  78 {
  79         char *pos;
  80         size_t len;
  81
  82         if (this->is_server && !this->connection_id)
  83         {
  84                 this->connection_id = charon->tnccs->create_connection(charon->tnccs,
  85                                                                 (tnccs_t*)this, _send_message,  &this->recs);
  86                 if (!this->connection_id)
  87                 {
  88                         return FAILED;
  89                 }
  90                 charon->imvs->notify_connection_change(charon->imvs,
  91                                                         this->connection_id, TNC_CONNECTION_STATE_CREATE);
  92         }
  93         DBG1(DBG_TNC, "received TNCCS Batch (%u bytes) for Connection ID %u",
  94                                    buflen, this->connection_id);
  95         DBG3(DBG_TNC, "%.*s", buflen, buf);
  96         pos = strchr(buf, '|');
  97         if (pos)
  98         {
  99                 pos++;
 100                 len = buflen - (pos - (char*)buf);
 101         }
 102         else
 103         {
 104                 pos = buf;
 105                 len = buflen;
 106         }
 107         DBG1(DBG_TNC, "received message '%.*s'", len, pos);
 108         if (this->is_server)
 109         {
 110                 charon->imvs->receive_message(charon->imvs, this->connection_id,
 111                                                                           pos, len, 0x0080ab31);
 112                 charon->imvs->batch_ending(charon->imvs, this->connection_id);
 113         }
 114         else
 115         {
 116                 charon->imcs->receive_message(charon->imcs, this->connection_id,
 117                                                                           pos, len, 0x0080ab31);
 118                 charon->imcs->batch_ending(charon->imcs, this->connection_id);
 119         }
 120         return NEED_MORE;
 121 }
 122
 123 METHOD(tls_t, build, status_t,
 124         private_tnccs_20_t *this, void *buf, size_t *buflen, size_t *msglen)
 125 {
 126         char *msg = this->is_server ? "tncs->tncc 2.0|" : "tncc->tncs 2.0|";
 127         size_t len;
 128
 129         this->mutex->lock(this->mutex);
 130         this->batch = chunk_cat("cm", chunk_create(msg, strlen(msg)), this->batch);
 131         this->mutex->unlock(this->mutex);
 132
 133         if (!this->is_server && !this->connection_id)
 134         {
 135                 this->connection_id = charon->tnccs->create_connection(charon->tnccs,
 136                                                                                 (tnccs_t*)this, _send_message, NULL);
 137                 if (!this->connection_id)
 138                 {
 139                         return FAILED;
 140                 }
 141                 charon->imcs->notify_connection_change(charon->imcs,
 142                                                         this->connection_id, TNC_CONNECTION_STATE_CREATE);
 143                 charon->imcs->notify_connection_change(charon->imcs,
 144                                                         this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
 145                 charon->imcs->begin_handshake(charon->imcs, this->connection_id);
 146         }
 147
 148         this->mutex->lock(this->mutex);
 149         len = this->batch.len;
 150         *msglen = len;
 151         *buflen = len;
 152         memcpy(buf, this->batch.ptr, len);
 153         chunk_free(&this->batch);
 154         this->mutex->unlock(this->mutex);
 155
 156         DBG1(DBG_TNC, "sending TNCCS Batch (%d bytes) for Connection ID %u",
 157                                    len, this->connection_id);
 158         DBG3(DBG_TNC, "%.*s", len, buf);
 159
 160         return ALREADY_DONE;
 161 }
 162
 163 METHOD(tls_t, is_server, bool,
 164         private_tnccs_20_t *this)
 165 {
 166         return this->is_server;
 167 }
 168
 169 METHOD(tls_t, get_purpose, tls_purpose_t,
 170         private_tnccs_20_t *this)
 171 {
 172         return TLS_PURPOSE_EAP_TNC;
 173 }
 174
 175 METHOD(tls_t, is_complete, bool,
 176         private_tnccs_20_t *this)
 177 {
 178         TNC_IMV_Action_Recommendation rec;
 179         TNC_IMV_Evaluation_Result eval;
 180
 181         if (this->recs && this->recs->have_recommendation(this->recs, &rec, &eval))
 182         {
 183                 DBG2(DBG_TNC, "Final recommendation '%N' and evaluation '%N'",
 184                          action_recommendation_names, rec, evaluation_result_names, eval);
 185
 186                 return charon->imvs->enforce_recommendation(charon->imvs, rec);
 187         }
 188         else
 189         {
 190                 return FALSE;
 191         }
 192 }
 193
 194 METHOD(tls_t, get_eap_msk, chunk_t,
 195         private_tnccs_20_t *this)
 196 {
 197         return chunk_empty;
 198 }
 199
 200 METHOD(tls_t, destroy, void,
 201         private_tnccs_20_t *this)
 202 {
 203         charon->tnccs->remove_connection(charon->tnccs, this->connection_id);
 204         this->mutex->destroy(this->mutex);
 205         free(this->batch.ptr);
 206         free(this);
 207 }
 208
 209 /**
 210  * See header
 211  */
 212 tls_t *tnccs_20_create(bool is_server)
 213 {
 214         private_tnccs_20_t *this;
 215
 216         INIT(this,
 217                 .public = {
 218                         .process = _process,
 219                         .build = _build,
 220                         .is_server = _is_server,
 221                         .get_purpose = _get_purpose,
 222                         .is_complete = _is_complete,
 223                         .get_eap_msk = _get_eap_msk,
 224                         .destroy = _destroy,
 225                 },
 226                 .is_server = is_server,
 227                 .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
 228         );
 229
 230         return &this->public;
 231 }