implemented the RFC 5792 PA-TNC protocol and an example IMC/IMV pair
[strongswan.git] / src / libimcv / imc / imc_agent.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imc_agent.h"
16
17 #include <debug.h>
18 #include <utils/linked_list.h>
19 #include <threading/rwlock.h>
20
21 typedef struct private_imc_agent_t private_imc_agent_t;
22
23 /**
24 * Private data of an imc_agent_t object.
25 */
26 struct private_imc_agent_t {
27
28 /**
29 * Public members of imc_agent_t
30 */
31 imc_agent_t public;
32
33 /**
34 * name of IMC
35 */
36 const char *name;
37
38 /**
39 * message type of IMC
40 */
41 TNC_MessageType type;
42
43 /**
44 * ID of IMC as assigned by TNCC
45 */
46 TNC_IMCID id;
47
48 /**
49 * list of TNCC connection entries
50 */
51 linked_list_t *connections;
52
53 /**
54 * rwlock to lock TNCS connection entries
55 */
56 rwlock_t *connection_lock;
57
58 /**
59 * Inform a TNCS about the set of message types the IMC is able to receive
60 *
61 * @param imc_id IMC ID assigned by TNCC
62 * @param supported_types list of supported message types
63 * @param type_count number of list elements
64 * @return TNC result code
65 */
66 TNC_Result (*report_message_types)(TNC_IMCID imc_id,
67 TNC_MessageTypeList supported_types,
68 TNC_UInt32 type_count);
69
70 /**
71 * Call when an IMC-IMC message is to be sent
72 *
73 * @param imc_id IMC ID assigned by TNCC
74 * @param connection_id network connection ID assigned by TNCC
75 * @param msg message to send
76 * @param msg_len message length in bytes
77 * @param msg_type message type
78 * @return TNC result code
79 */
80 TNC_Result (*send_message)(TNC_IMCID imc_id,
81 TNC_ConnectionID connection_id,
82 TNC_BufferReference msg,
83 TNC_UInt32 msg_len,
84 TNC_MessageType msg_type);
85 };
86
87 METHOD(imc_agent_t, bind_functions, TNC_Result,
88 private_imc_agent_t *this, TNC_TNCC_BindFunctionPointer bind_function)
89 {
90 if (!bind_function)
91 {
92 DBG1(DBG_IMC, "TNC client failed to provide bind function");
93 return TNC_RESULT_INVALID_PARAMETER;
94 }
95 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypes",
96 (void**)&this->report_message_types) != TNC_RESULT_SUCCESS)
97 {
98 this->report_message_types = NULL;
99 }
100 if (bind_function(this->id, "TNC_TNCC_RequestHandshakeRetry",
101 (void**)&this->public.request_handshake_retry) != TNC_RESULT_SUCCESS)
102 {
103 this->public.request_handshake_retry = NULL;
104 }
105 if (bind_function(this->id, "TNC_TNCC_SendMessage",
106 (void**)&this->send_message) != TNC_RESULT_SUCCESS)
107 {
108 this->send_message = NULL;
109 }
110 DBG2(DBG_IMC, "IMC %u \"%s\" provided with bind function",
111 this->id, this->name);
112
113 if (this->report_message_types)
114 {
115 this->report_message_types(this->id, &this->type, 1);
116 }
117 return TNC_RESULT_SUCCESS;
118 }
119
120 /**
121 * finds a connection state based on its Connection ID
122 */
123 static imc_state_t* find_connection(private_imc_agent_t *this,
124 TNC_ConnectionID id)
125 {
126 enumerator_t *enumerator;
127 imc_state_t *state, *found = NULL;
128
129 this->connection_lock->read_lock(this->connection_lock);
130 enumerator = this->connections->create_enumerator(this->connections);
131 while (enumerator->enumerate(enumerator, &state))
132 {
133 if (id == state->get_connection_id(state))
134 {
135 found = state;
136 break;
137 }
138 }
139 enumerator->destroy(enumerator);
140 this->connection_lock->unlock(this->connection_lock);
141
142 return found;
143 }
144
145 /**
146 * delete a connection state with a given Connection ID
147 */
148 static bool delete_connection(private_imc_agent_t *this, TNC_ConnectionID id)
149 {
150 enumerator_t *enumerator;
151 imc_state_t *state;
152 bool found = FALSE;
153
154 this->connection_lock->write_lock(this->connection_lock);
155 enumerator = this->connections->create_enumerator(this->connections);
156 while (enumerator->enumerate(enumerator, &state))
157 {
158 if (id == state->get_connection_id(state))
159 {
160 found = TRUE;
161 state->destroy(state);
162 this->connections->remove_at(this->connections, enumerator);
163 break;
164 }
165 }
166 enumerator->destroy(enumerator);
167 this->connection_lock->unlock(this->connection_lock);
168
169 return found;
170 }
171
172 METHOD(imc_agent_t, create_state, TNC_Result,
173 private_imc_agent_t *this, imc_state_t *state)
174 {
175 TNC_ConnectionID connection_id;
176
177 connection_id = state->get_connection_id(state);
178 if (find_connection(this, connection_id))
179 {
180 DBG1(DBG_IMC, "IMC %u \"%s\" already created a state for Connection ID %u",
181 this->id, this->name, connection_id);
182 state->destroy(state);
183 return TNC_RESULT_OTHER;
184 }
185 this->connection_lock->write_lock(this->connection_lock);
186 this->connections->insert_last(this->connections, state);
187 this->connection_lock->unlock(this->connection_lock);
188 DBG2(DBG_IMC, "IMC %u \"%s\" created a state for Connection ID %u",
189 this->id, this->name, connection_id);
190 return TNC_RESULT_SUCCESS;
191 }
192
193 METHOD(imc_agent_t, delete_state, TNC_Result,
194 private_imc_agent_t *this, TNC_ConnectionID connection_id)
195 {
196 if (!delete_connection(this, connection_id))
197 {
198 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
199 this->id, this->name, connection_id);
200 return TNC_RESULT_FATAL;
201 }
202 DBG2(DBG_IMC, "IMC %u \"%s\" deleted the state of Connection ID %u",
203 this->id, this->name, connection_id);
204 return TNC_RESULT_SUCCESS;
205 }
206
207 METHOD(imc_agent_t, change_state, TNC_Result,
208 private_imc_agent_t *this, TNC_ConnectionID connection_id,
209 TNC_ConnectionState new_state)
210 {
211 imc_state_t *state;
212
213 switch (new_state)
214 {
215 case TNC_CONNECTION_STATE_HANDSHAKE:
216 case TNC_CONNECTION_STATE_ACCESS_ALLOWED:
217 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
218 case TNC_CONNECTION_STATE_ACCESS_NONE:
219 state = find_connection(this, connection_id);
220 if (!state)
221 {
222 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
223 this->id, this->name, connection_id);
224 return TNC_RESULT_FATAL;
225 }
226 state->change_state(state, new_state);
227 DBG2(DBG_IMC, "IMC %u \"%s\" changed state of Connection ID %u to '%N'",
228 this->id, this->name, connection_id,
229 TNC_Connection_State_names, new_state);
230 break;
231 case TNC_CONNECTION_STATE_CREATE:
232 DBG1(DBG_IMC, "state '%N' should be handled by create_state()",
233 TNC_Connection_State_names, new_state);
234 return TNC_RESULT_FATAL;
235 case TNC_CONNECTION_STATE_DELETE:
236 DBG1(DBG_IMC, "state '%N' should be handled by delete_state()",
237 TNC_Connection_State_names, new_state);
238 return TNC_RESULT_FATAL;
239 default:
240 DBG1(DBG_IMC, "IMC %u \"%s\" was notified of unknown state %u "
241 "for Connection ID %u",
242 this->id, this->name, new_state, connection_id);
243 return TNC_RESULT_INVALID_PARAMETER;
244 }
245 return TNC_RESULT_SUCCESS;
246 }
247
248 METHOD(imc_agent_t, get_state, bool,
249 private_imc_agent_t *this, TNC_ConnectionID connection_id,
250 imc_state_t **state)
251 {
252 *state = find_connection(this, connection_id);
253 if (!*state)
254 {
255 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
256 this->id, this->name, connection_id);
257 return FALSE;
258 }
259 return TRUE;
260 }
261
262 METHOD(imc_agent_t, send_message, TNC_Result,
263 private_imc_agent_t *this, TNC_ConnectionID connection_id, chunk_t msg)
264 {
265 if (!this->send_message)
266 {
267 return TNC_RESULT_FATAL;
268 }
269 return this->send_message(this->id, connection_id, msg.ptr, msg.len,
270 this->type);
271 }
272
273 METHOD(imc_agent_t, destroy, void,
274 private_imc_agent_t *this)
275 {
276 DBG1(DBG_IMC, "IMC %u \"%s\" terminated", this->id, this->name);
277 this->connections->destroy_function(this->connections, free);
278 this->connection_lock->destroy(this->connection_lock);
279 free(this);
280 }
281
282 /**
283 * Described in header.
284 */
285 imc_agent_t *imc_agent_create(const char *name,
286 pen_t vendor_id, u_int32_t subtype,
287 TNC_IMCID id, TNC_Version *actual_version)
288 {
289 private_imc_agent_t *this;
290
291 INIT(this,
292 .public = {
293 .bind_functions = _bind_functions,
294 .create_state = _create_state,
295 .delete_state = _delete_state,
296 .change_state = _change_state,
297 .get_state = _get_state,
298 .send_message = _send_message,
299 .destroy = _destroy,
300 },
301 .name = name,
302 .type = (vendor_id << 8) | (subtype && 0xff),
303 .id = id,
304 .connections = linked_list_create(),
305 .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
306 );
307
308 *actual_version = TNC_IFIMC_VERSION_1;
309 DBG1(DBG_IMC, "IMC %u \"%s\" initialized", this->id, this->name);
310
311 return &this->public;
312 }
313