projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
restrict PA-TNC messages to maximum size
[strongswan.git] / src / libimcv / imc / imc_agent.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imcv.h"
16 #include "imc_agent.h"
17
18 #include <tncif_names.h>
19
20 #include <debug.h>
21 #include <threading/rwlock.h>
22
23 typedef struct private_imc_agent_t private_imc_agent_t;
24
25 /**
26 * Private data of an imc_agent_t object.
27 */
28 struct private_imc_agent_t {
29
30 /**
31 * Public members of imc_agent_t
32 */
33 imc_agent_t public;
34
35 /**
36 * name of IMC
37 */
38 const char *name;
39
40 /**
41 * message vendor ID of IMC
42 */
43 TNC_VendorID vendor_id;
44
45 /**
46 * message subtype of IMC
47 */
48 TNC_MessageSubtype subtype;
49
50 /**
51 * ID of IMC as assigned by TNCC
52 */
53 TNC_IMCID id;
54
55 /**
56 * List of additional IMC IDs assigned by TNCC
57 */
58 linked_list_t *additional_ids;
59
60 /**
61 * list of TNCC connection entries
62 */
63 linked_list_t *connections;
64
65 /**
66 * rwlock to lock TNCC connection entries
67 */
68 rwlock_t *connection_lock;
69
70 /**
71 * Inform a TNCC about the set of message types the IMC is able to receive
72 *
73 * @param imc_id IMC ID assigned by TNCC
74 * @param supported_types list of supported message types
75 * @param type_count number of list elements
76 * @return TNC result code
77 */
78 TNC_Result (*report_message_types)(TNC_IMCID imc_id,
79 TNC_MessageTypeList supported_types,
80 TNC_UInt32 type_count);
81
82 /**
83 * Inform a TNCC about the set of message types the IMC is able to receive
84 *
85 * @param imc_id IMC ID assigned by TNCC
86 * @param supported_vids list of supported message vendor IDs
87 * @param supported_subtypes list of supported message subtypes
88 * @param type_count number of list elements
89 * @return TNC result code
90 */
91 TNC_Result (*report_message_types_long)(TNC_IMCID imc_id,
92 TNC_VendorIDList supported_vids,
93 TNC_MessageSubtypeList supported_subtypes,
94 TNC_UInt32 type_count);
95
96 /**
97 * Call when an IMC-IMC message is to be sent
98 *
99 * @param imc_id IMC ID assigned by TNCC
100 * @param connection_id network connection ID assigned by TNCC
101 * @param msg message to send
102 * @param msg_len message length in bytes
103 * @param msg_type message type
104 * @return TNC result code
105 */
106 TNC_Result (*send_message)(TNC_IMCID imc_id,
107 TNC_ConnectionID connection_id,
108 TNC_BufferReference msg,
109 TNC_UInt32 msg_len,
110 TNC_MessageType msg_type);
111
112
113 /**
114 * Call when an IMC-IMC message is to be sent with long message types
115 *
116 * @param imc_id IMC ID assigned by TNCC
117 * @param connection_id network connection ID assigned by TNCC
118 * @param msg_flags message flags
119 * @param msg message to send
120 * @param msg_len message length in bytes
121 * @param msg_vid message vendor ID
122 * @param msg_subtype message subtype
123 * @param dst_imc_id destination IMV ID
124 * @return TNC result code
125 */
126 TNC_Result (*send_message_long)(TNC_IMCID imc_id,
127 TNC_ConnectionID connection_id,
128 TNC_UInt32 msg_flags,
129 TNC_BufferReference msg,
130 TNC_UInt32 msg_len,
131 TNC_VendorID msg_vid,
132 TNC_MessageSubtype msg_subtype,
133 TNC_UInt32 dst_imv_id);
134
135 /**
136 * Get the value of an attribute associated with a connection
137 * or with the TNCC as a whole.
138 *
139 * @param imc_id IMC ID assigned by TNCC
140 * @param connection_id network connection ID assigned by TNCC
141 * @param attribute_id attribute ID
142 * @param buffer_len length of buffer in bytes
143 * @param buffer buffer
144 * @param out_value_len size in bytes of attribute stored in buffer
145 * @return TNC result code
146 */
147 TNC_Result (*get_attribute)(TNC_IMCID imc_id,
148 TNC_ConnectionID connection_id,
149 TNC_AttributeID attribute_id,
150 TNC_UInt32 buffer_len,
151 TNC_BufferReference buffer,
152 TNC_UInt32 *out_value_len);
153
154 /**
155 * Set the value of an attribute associated with a connection
156 * or with the TNCC as a whole.
157 *
158 * @param imc_id IMV ID assigned by TNCC
159 * @param connection_id network connection ID assigned by TNCC
160 * @param attribute_id attribute ID
161 * @param buffer_len length of buffer in bytes
162 * @param buffer buffer
163 * @return TNC result code
164 */
165 TNC_Result (*set_attribute)(TNC_IMCID imc_id,
166 TNC_ConnectionID connection_id,
167 TNC_AttributeID attribute_id,
168 TNC_UInt32 buffer_len,
169 TNC_BufferReference buffer);
170
171 /**
172 * Reserve an additional IMC ID
173 *
174 * @param imc_id primary IMC ID assigned by TNCC
175 * @param out_imc_id additional IMC ID assigned by TNCC
176 * @return TNC result code
177 */
178 TNC_Result (*reserve_additional_id)(TNC_IMCID imc_id,
179 TNC_UInt32 *out_imc_id);
180
181 };
182
183 METHOD(imc_agent_t, bind_functions, TNC_Result,
184 private_imc_agent_t *this, TNC_TNCC_BindFunctionPointer bind_function)
185 {
186 if (!bind_function)
187 {
188 DBG1(DBG_IMC, "TNC client failed to provide bind function");
189 return TNC_RESULT_INVALID_PARAMETER;
190 }
191 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypes",
192 (void**)&this->report_message_types) != TNC_RESULT_SUCCESS)
193 {
194 this->report_message_types = NULL;
195 }
196 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypesLong",
197 (void**)&this->report_message_types_long) != TNC_RESULT_SUCCESS)
198 {
199 this->report_message_types_long = NULL;
200 }
201 if (bind_function(this->id, "TNC_TNCC_RequestHandshakeRetry",
202 (void**)&this->public.request_handshake_retry) != TNC_RESULT_SUCCESS)
203 {
204 this->public.request_handshake_retry = NULL;
205 }
206 if (bind_function(this->id, "TNC_TNCC_SendMessage",
207 (void**)&this->send_message) != TNC_RESULT_SUCCESS)
208 {
209 this->send_message = NULL;
210 }
211 if (bind_function(this->id, "TNC_TNCC_SendMessageLong",
212 (void**)&this->send_message_long) != TNC_RESULT_SUCCESS)
213 {
214 this->send_message_long = NULL;
215 }
216 if (bind_function(this->id, "TNC_TNCC_GetAttribute",
217 (void**)&this->get_attribute) != TNC_RESULT_SUCCESS)
218 {
219 this->get_attribute = NULL;
220 }
221 if (bind_function(this->id, "TNC_TNCC_SetAttribute",
222 (void**)&this->set_attribute) != TNC_RESULT_SUCCESS)
223 {
224 this->set_attribute = NULL;
225 }
226 if (bind_function(this->id, "TNC_TNCC_ReserveAdditionalIMCID",
227 (void**)&this->reserve_additional_id) != TNC_RESULT_SUCCESS)
228 {
229 this->reserve_additional_id = NULL;
230 }
231 DBG2(DBG_IMC, "IMC %u \"%s\" provided with bind function",
232 this->id, this->name);
233
234 if (this->report_message_types_long)
235 {
236 this->report_message_types_long(this->id, &this->vendor_id,
237 &this->subtype, 1);
238 }
239 else if (this->report_message_types &&
240 this->vendor_id <= TNC_VENDORID_ANY &&
241 this->subtype <= TNC_SUBTYPE_ANY)
242 {
243 TNC_MessageType type;
244
245 type = (this->vendor_id << 8) | this->subtype;
246 this->report_message_types(this->id, &type, 1);
247 }
248 return TNC_RESULT_SUCCESS;
249 }
250
251 /**
252 * finds a connection state based on its Connection ID
253 */
254 static imc_state_t* find_connection(private_imc_agent_t *this,
255 TNC_ConnectionID id)
256 {
257 enumerator_t *enumerator;
258 imc_state_t *state, *found = NULL;
259
260 this->connection_lock->read_lock(this->connection_lock);
261 enumerator = this->connections->create_enumerator(this->connections);
262 while (enumerator->enumerate(enumerator, &state))
263 {
264 if (id == state->get_connection_id(state))
265 {
266 found = state;
267 break;
268 }
269 }
270 enumerator->destroy(enumerator);
271 this->connection_lock->unlock(this->connection_lock);
272
273 return found;
274 }
275
276 /**
277 * delete a connection state with a given Connection ID
278 */
279 static bool delete_connection(private_imc_agent_t *this, TNC_ConnectionID id)
280 {
281 enumerator_t *enumerator;
282 imc_state_t *state;
283 bool found = FALSE;
284
285 this->connection_lock->write_lock(this->connection_lock);
286 enumerator = this->connections->create_enumerator(this->connections);
287 while (enumerator->enumerate(enumerator, &state))
288 {
289 if (id == state->get_connection_id(state))
290 {
291 found = TRUE;
292 state->destroy(state);
293 this->connections->remove_at(this->connections, enumerator);
294 break;
295 }
296 }
297 enumerator->destroy(enumerator);
298 this->connection_lock->unlock(this->connection_lock);
299
300 return found;
301 }
302
303 /**
304 * Read a boolean attribute
305 */
306 static bool get_bool_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
307 TNC_AttributeID attribute_id)
308 {
309 TNC_UInt32 len;
310 char buf[4];
311
312 return this->get_attribute &&
313 this->get_attribute(this->id, id, attribute_id, 4, buf, &len) ==
314 TNC_RESULT_SUCCESS && len == 1 && *buf == 0x01;
315 }
316
317 /**
318 * Read a string attribute
319 */
320 static char* get_str_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
321 TNC_AttributeID attribute_id)
322 {
323 TNC_UInt32 len;
324 char buf[BUF_LEN];
325
326 if (this->get_attribute &&
327 this->get_attribute(this->id, id, attribute_id, BUF_LEN, buf, &len) ==
328 TNC_RESULT_SUCCESS && len <= BUF_LEN)
329 {
330 return strdup(buf);
331 }
332 return NULL;
333 }
334
335 /**
336 * Read an UInt32 attribute
337 */
338 static u_int32_t get_uint_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
339 TNC_AttributeID attribute_id)
340 {
341 TNC_UInt32 len;
342 char buf[4];
343
344 if (this->get_attribute &&
345 this->get_attribute(this->id, id, attribute_id, 4, buf, &len) ==
346 TNC_RESULT_SUCCESS && len == 4)
347 {
348 return untoh32(buf);
349 }
350 return 0;
351 }
352
353 METHOD(imc_agent_t, create_state, TNC_Result,
354 private_imc_agent_t *this, imc_state_t *state)
355 {
356 TNC_ConnectionID conn_id;
357 char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
358 bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
359 u_int32_t max_msg_len;
360
361 conn_id = state->get_connection_id(state);
362 if (find_connection(this, conn_id))
363 {
364 DBG1(DBG_IMC, "IMC %u \"%s\" already created a state for Connection ID %u",
365 this->id, this->name, conn_id);
366 state->destroy(state);
367 return TNC_RESULT_OTHER;
368 }
369
370 /* Get and display attributes from TNCC via IF-IMC */
371 has_long = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_LONG_TYPES);
372 has_excl = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_EXCLUSIVE);
373 has_soh = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_SOH);
374 tnccs_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_PROTOCOL);
375 tnccs_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_VERSION);
376 t_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_PROTOCOL);
377 t_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_VERSION);
378 max_msg_len = get_uint_attribute(this, conn_id, TNC_ATTRIBUTEID_MAX_MESSAGE_SIZE);
379
380 state->set_flags(state, has_long, has_excl);
381 state->set_max_msg_len(state, max_msg_len);
382
383 DBG2(DBG_IMC, "IMC %u \"%s\" created a state for %s %s Connection ID %u: "
384 "%slong %sexcl %ssoh", this->id, this->name,
385 tnccs_p ? tnccs_p:"?", tnccs_v ? tnccs_v:"?", conn_id,
386 has_long ? "+":"-", has_excl ? "+":"-", has_soh ? "+":"-");
387 DBG2(DBG_IMC, " over %s %s with maximum PA-TNC msg size of %u bytes",
388 t_p ? t_p:"?", t_v ? t_v :"?", max_msg_len);
389
390 free(tnccs_p);
391 free(tnccs_v);
392 free(t_p);
393 free(t_v);
394
395 this->connection_lock->write_lock(this->connection_lock);
396 this->connections->insert_last(this->connections, state);
397 this->connection_lock->unlock(this->connection_lock);
398 return TNC_RESULT_SUCCESS;
399 }
400
401 METHOD(imc_agent_t, delete_state, TNC_Result,
402 private_imc_agent_t *this, TNC_ConnectionID connection_id)
403 {
404 if (!delete_connection(this, connection_id))
405 {
406 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
407 this->id, this->name, connection_id);
408 return TNC_RESULT_FATAL;
409 }
410 DBG2(DBG_IMC, "IMC %u \"%s\" deleted the state of Connection ID %u",
411 this->id, this->name, connection_id);
412 return TNC_RESULT_SUCCESS;
413 }
414
415 METHOD(imc_agent_t, change_state, TNC_Result,
416 private_imc_agent_t *this, TNC_ConnectionID connection_id,
417 TNC_ConnectionState new_state,
418 imc_state_t **state_p)
419 {
420 imc_state_t *state;
421
422 switch (new_state)
423 {
424 case TNC_CONNECTION_STATE_HANDSHAKE:
425 case TNC_CONNECTION_STATE_ACCESS_ALLOWED:
426 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
427 case TNC_CONNECTION_STATE_ACCESS_NONE:
428 state = find_connection(this, connection_id);
429
430 if (!state)
431 {
432 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
433 this->id, this->name, connection_id);
434 return TNC_RESULT_FATAL;
435 }
436 state->change_state(state, new_state);
437 DBG2(DBG_IMC, "IMC %u \"%s\" changed state of Connection ID %u to '%N'",
438 this->id, this->name, connection_id,
439 TNC_Connection_State_names, new_state);
440 if (state_p)
441 {
442 *state_p = state;
443 }
444 break;
445 case TNC_CONNECTION_STATE_CREATE:
446 DBG1(DBG_IMC, "state '%N' should be handled by create_state()",
447 TNC_Connection_State_names, new_state);
448 return TNC_RESULT_FATAL;
449 case TNC_CONNECTION_STATE_DELETE:
450 DBG1(DBG_IMC, "state '%N' should be handled by delete_state()",
451 TNC_Connection_State_names, new_state);
452 return TNC_RESULT_FATAL;
453 default:
454 DBG1(DBG_IMC, "IMC %u \"%s\" was notified of unknown state %u "
455 "for Connection ID %u",
456 this->id, this->name, new_state, connection_id);
457 return TNC_RESULT_INVALID_PARAMETER;
458 }
459 return TNC_RESULT_SUCCESS;
460 }
461
462 METHOD(imc_agent_t, get_state, bool,
463 private_imc_agent_t *this, TNC_ConnectionID connection_id,
464 imc_state_t **state)
465 {
466 *state = find_connection(this, connection_id);
467 if (!*state)
468 {
469 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
470 this->id, this->name, connection_id);
471 return FALSE;
472 }
473 return TRUE;
474 }
475
476 METHOD(imc_agent_t, send_message, TNC_Result,
477 private_imc_agent_t *this, TNC_ConnectionID connection_id, bool excl,
478 TNC_UInt32 src_imc_id, TNC_UInt32 dst_imv_id, linked_list_t *attr_list)
479 {
480 TNC_MessageType type;
481 TNC_UInt32 msg_flags;
482 TNC_Result result = TNC_RESULT_FATAL;
483 imc_state_t *state;
484 pa_tnc_attr_t *attr;
485 pa_tnc_msg_t *pa_tnc_msg;
486 chunk_t msg;
487 enumerator_t *enumerator;
488
489 state = find_connection(this, connection_id);
490 if (!state)
491 {
492 DBG1(DBG_IMV, "IMC %u \"%s\" has no state for Connection ID %u",
493 this->id, this->name, connection_id);
494 return TNC_RESULT_FATAL;
495 }
496
497 while (attr_list->get_count(attr_list))
498 {
499 pa_tnc_msg = pa_tnc_msg_create(state->get_max_msg_len(state));
500
501 enumerator = attr_list->create_enumerator(attr_list);
502 while (enumerator->enumerate(enumerator, &attr))
503 {
504 if (!pa_tnc_msg->add_attribute(pa_tnc_msg, attr))
505 {
506 break;
507 }
508 attr_list->remove_at(attr_list, enumerator);
509 }
510 enumerator->destroy(enumerator);
511
512 /* build and send the PA-TNC message via the IF-IMC interface */
513 pa_tnc_msg->build(pa_tnc_msg);
514 msg = pa_tnc_msg->get_encoding(pa_tnc_msg);
515
516 if (state->has_long(state) && this->send_message_long)
517 {
518 if (!src_imc_id)
519 {
520 src_imc_id = this->id;
521 }
522 msg_flags = excl ? TNC_MESSAGE_FLAGS_EXCLUSIVE : 0;
523
524 result = this->send_message_long(src_imc_id, connection_id,
525 msg_flags, msg.ptr, msg.len, this->vendor_id,
526 this->subtype, dst_imv_id);
527 }
528 else if (this->send_message)
529 {
530 type = (this->vendor_id << 8) | this->subtype;
531
532 result = this->send_message(this->id, connection_id, msg.ptr,
533 msg.len, type);
534 }
535
536 pa_tnc_msg->destroy(pa_tnc_msg);
537
538 if (result != TNC_RESULT_SUCCESS)
539 {
540 break;
541 }
542 }
543 return result;
544 }
545
546 METHOD(imc_agent_t, receive_message, TNC_Result,
547 private_imc_agent_t *this, imc_state_t *state, chunk_t msg,
548 TNC_VendorID msg_vid, TNC_MessageSubtype msg_subtype,
549 TNC_UInt32 src_imv_id, TNC_UInt32 dst_imc_id, pa_tnc_msg_t **pa_tnc_msg)
550 {
551 pa_tnc_msg_t *pa_msg;
552 pa_tnc_attr_t *error_attr;
553 linked_list_t *error_attr_list;
554 enumerator_t *enumerator;
555 TNC_UInt32 src_imc_id, dst_imv_id;
556 TNC_ConnectionID connection_id;
557 TNC_Result result;
558
559 connection_id = state->get_connection_id(state);
560
561 if (state->has_long(state))
562 {
563 if (dst_imc_id != TNC_IMCID_ANY)
564 {
565 DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u "
566 "from IMV %u to IMC %u", this->id, this->name,
567 connection_id, src_imv_id, dst_imc_id);
568 }
569 else
570 {
571 DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u "
572 "from IMV %u", this->id, this->name, connection_id,
573 src_imv_id);
574 }
575 }
576 else
577 {
578 DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u",
579 this->id, this->name, connection_id);
580 }
581
582 *pa_tnc_msg = NULL;
583 pa_msg = pa_tnc_msg_create_from_data(msg);
584
585 switch (pa_msg->process(pa_msg))
586 {
587 case SUCCESS:
588 *pa_tnc_msg = pa_msg;
589 break;
590 case VERIFY_ERROR:
591 /* extract and copy by refence all error attributes */
592 error_attr_list = linked_list_create();
593
594 enumerator = pa_msg->create_error_enumerator(pa_msg);
595 while (enumerator->enumerate(enumerator, &error_attr))
596 {
597 error_attr_list->insert_last(error_attr_list,
598 error_attr->get_ref(error_attr));
599 }
600 enumerator->destroy(enumerator);
601
602 src_imc_id = (dst_imc_id == TNC_IMCID_ANY) ? this->id : dst_imc_id;
603 dst_imv_id = state->has_excl(state) ? src_imv_id : TNC_IMVID_ANY;
604
605 result = send_message(this, connection_id, state->has_excl(state),
606 src_imc_id, dst_imv_id, error_attr_list);
607
608 error_attr_list->destroy(error_attr_list);
609 pa_msg->destroy(pa_msg);
610 return result;
611 case FAILED:
612 default:
613 pa_msg->destroy(pa_msg);
614 return TNC_RESULT_FATAL;
615 }
616 return TNC_RESULT_SUCCESS;
617 }
618
619 METHOD(imc_agent_t, reserve_additional_ids, TNC_Result,
620 private_imc_agent_t *this, int count)
621 {
622 TNC_Result result;
623 TNC_UInt32 id;
624 void *pointer;
625
626 if (!this->reserve_additional_id)
627 {
628 DBG1(DBG_IMC, "IMC %u \"%s\" did not detect the capability to reserve "
629 "additional IMC IDs from the TNCC", this->id, this->name);
630 return TNC_RESULT_ILLEGAL_OPERATION;
631 }
632 while (count > 0)
633 {
634 result = this->reserve_additional_id(this->id, &id);
635 if (result != TNC_RESULT_SUCCESS)
636 {
637 DBG1(DBG_IMC, "IMC %u \"%s\" failed to reserve %d additional IMC IDs",
638 this->id, this->name, count);
639 return result;
640 }
641 count--;
642
643 /* store the scalar value in the pointer */
644 pointer = (void*)id;
645 this->additional_ids->insert_last(this->additional_ids, pointer);
646 DBG2(DBG_IMC, "IMC %u \"%s\" reserved additional ID %u",
647 this->id, this->name, id);
648 }
649 return TNC_RESULT_SUCCESS;
650 }
651
652 METHOD(imc_agent_t, count_additional_ids, int,
653 private_imc_agent_t *this)
654 {
655 return this->additional_ids->get_count(this->additional_ids);
656 }
657
658 METHOD(imc_agent_t, create_id_enumerator, enumerator_t*,
659 private_imc_agent_t *this)
660 {
661 return this->additional_ids->create_enumerator(this->additional_ids);
662 }
663
664 METHOD(imc_agent_t, destroy, void,
665 private_imc_agent_t *this)
666 {
667 DBG1(DBG_IMC, "IMC %u \"%s\" terminated", this->id, this->name);
668 this->additional_ids->destroy(this->additional_ids);
669 this->connections->destroy_function(this->connections, free);
670 this->connection_lock->destroy(this->connection_lock);
671 free(this);
672
673 /* decrease the reference count or terminate */
674 libimcv_deinit();
675 }
676
677 /**
678 * Described in header.
679 */
680 imc_agent_t *imc_agent_create(const char *name,
681 pen_t vendor_id, u_int32_t subtype,
682 TNC_IMCID id, TNC_Version *actual_version)
683 {
684 private_imc_agent_t *this;
685
686 /* initialize or increase the reference count */
687 if (!libimcv_init())
688 {
689 return NULL;
690 }
691
692 INIT(this,
693 .public = {
694 .bind_functions = _bind_functions,
695 .create_state = _create_state,
696 .delete_state = _delete_state,
697 .change_state = _change_state,
698 .get_state = _get_state,
699 .send_message = _send_message,
700 .receive_message = _receive_message,
701 .reserve_additional_ids = _reserve_additional_ids,
702 .count_additional_ids = _count_additional_ids,
703 .create_id_enumerator = _create_id_enumerator,
704 .destroy = _destroy,
705 },
706 .name = name,
707 .vendor_id = vendor_id,
708 .subtype = subtype,
709 .id = id,
710 .additional_ids = linked_list_create(),
711 .connections = linked_list_create(),
712 .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
713 );
714
715 *actual_version = TNC_IFIMC_VERSION_1;
716 DBG1(DBG_IMC, "IMC %u \"%s\" initialized", this->id, this->name);
717
718 return &this->public;
719 }
720
strongSwan - IPsec VPN