projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
nearly completed PA-TNC error handling
[strongswan.git] / src / libimcv / imc / imc_agent.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imcv.h"
16 #include "imc_agent.h"
17
18 #include <debug.h>
19 #include <utils/linked_list.h>
20 #include <threading/rwlock.h>
21
22 typedef struct private_imc_agent_t private_imc_agent_t;
23
24 /**
25 * Private data of an imc_agent_t object.
26 */
27 struct private_imc_agent_t {
28
29 /**
30 * Public members of imc_agent_t
31 */
32 imc_agent_t public;
33
34 /**
35 * name of IMC
36 */
37 const char *name;
38
39 /**
40 * message type of IMC
41 */
42 TNC_MessageType type;
43
44 /**
45 * ID of IMC as assigned by TNCC
46 */
47 TNC_IMCID id;
48
49 /**
50 * list of TNCC connection entries
51 */
52 linked_list_t *connections;
53
54 /**
55 * rwlock to lock TNCS connection entries
56 */
57 rwlock_t *connection_lock;
58
59 /**
60 * Inform a TNCS about the set of message types the IMC is able to receive
61 *
62 * @param imc_id IMC ID assigned by TNCC
63 * @param supported_types list of supported message types
64 * @param type_count number of list elements
65 * @return TNC result code
66 */
67 TNC_Result (*report_message_types)(TNC_IMCID imc_id,
68 TNC_MessageTypeList supported_types,
69 TNC_UInt32 type_count);
70
71 /**
72 * Call when an IMC-IMC message is to be sent
73 *
74 * @param imc_id IMC ID assigned by TNCC
75 * @param connection_id network connection ID assigned by TNCC
76 * @param msg message to send
77 * @param msg_len message length in bytes
78 * @param msg_type message type
79 * @return TNC result code
80 */
81 TNC_Result (*send_message)(TNC_IMCID imc_id,
82 TNC_ConnectionID connection_id,
83 TNC_BufferReference msg,
84 TNC_UInt32 msg_len,
85 TNC_MessageType msg_type);
86 };
87
88 METHOD(imc_agent_t, bind_functions, TNC_Result,
89 private_imc_agent_t *this, TNC_TNCC_BindFunctionPointer bind_function)
90 {
91 if (!bind_function)
92 {
93 DBG1(DBG_IMC, "TNC client failed to provide bind function");
94 return TNC_RESULT_INVALID_PARAMETER;
95 }
96 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypes",
97 (void**)&this->report_message_types) != TNC_RESULT_SUCCESS)
98 {
99 this->report_message_types = NULL;
100 }
101 if (bind_function(this->id, "TNC_TNCC_RequestHandshakeRetry",
102 (void**)&this->public.request_handshake_retry) != TNC_RESULT_SUCCESS)
103 {
104 this->public.request_handshake_retry = NULL;
105 }
106 if (bind_function(this->id, "TNC_TNCC_SendMessage",
107 (void**)&this->send_message) != TNC_RESULT_SUCCESS)
108 {
109 this->send_message = NULL;
110 }
111 DBG2(DBG_IMC, "IMC %u \"%s\" provided with bind function",
112 this->id, this->name);
113
114 if (this->report_message_types)
115 {
116 this->report_message_types(this->id, &this->type, 1);
117 }
118 return TNC_RESULT_SUCCESS;
119 }
120
121 /**
122 * finds a connection state based on its Connection ID
123 */
124 static imc_state_t* find_connection(private_imc_agent_t *this,
125 TNC_ConnectionID id)
126 {
127 enumerator_t *enumerator;
128 imc_state_t *state, *found = NULL;
129
130 this->connection_lock->read_lock(this->connection_lock);
131 enumerator = this->connections->create_enumerator(this->connections);
132 while (enumerator->enumerate(enumerator, &state))
133 {
134 if (id == state->get_connection_id(state))
135 {
136 found = state;
137 break;
138 }
139 }
140 enumerator->destroy(enumerator);
141 this->connection_lock->unlock(this->connection_lock);
142
143 return found;
144 }
145
146 /**
147 * delete a connection state with a given Connection ID
148 */
149 static bool delete_connection(private_imc_agent_t *this, TNC_ConnectionID id)
150 {
151 enumerator_t *enumerator;
152 imc_state_t *state;
153 bool found = FALSE;
154
155 this->connection_lock->write_lock(this->connection_lock);
156 enumerator = this->connections->create_enumerator(this->connections);
157 while (enumerator->enumerate(enumerator, &state))
158 {
159 if (id == state->get_connection_id(state))
160 {
161 found = TRUE;
162 state->destroy(state);
163 this->connections->remove_at(this->connections, enumerator);
164 break;
165 }
166 }
167 enumerator->destroy(enumerator);
168 this->connection_lock->unlock(this->connection_lock);
169
170 return found;
171 }
172
173 METHOD(imc_agent_t, create_state, TNC_Result,
174 private_imc_agent_t *this, imc_state_t *state)
175 {
176 TNC_ConnectionID connection_id;
177
178 connection_id = state->get_connection_id(state);
179 if (find_connection(this, connection_id))
180 {
181 DBG1(DBG_IMC, "IMC %u \"%s\" already created a state for Connection ID %u",
182 this->id, this->name, connection_id);
183 state->destroy(state);
184 return TNC_RESULT_OTHER;
185 }
186 this->connection_lock->write_lock(this->connection_lock);
187 this->connections->insert_last(this->connections, state);
188 this->connection_lock->unlock(this->connection_lock);
189 DBG2(DBG_IMC, "IMC %u \"%s\" created a state for Connection ID %u",
190 this->id, this->name, connection_id);
191 return TNC_RESULT_SUCCESS;
192 }
193
194 METHOD(imc_agent_t, delete_state, TNC_Result,
195 private_imc_agent_t *this, TNC_ConnectionID connection_id)
196 {
197 if (!delete_connection(this, connection_id))
198 {
199 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
200 this->id, this->name, connection_id);
201 return TNC_RESULT_FATAL;
202 }
203 DBG2(DBG_IMC, "IMC %u \"%s\" deleted the state of Connection ID %u",
204 this->id, this->name, connection_id);
205 return TNC_RESULT_SUCCESS;
206 }
207
208 METHOD(imc_agent_t, change_state, TNC_Result,
209 private_imc_agent_t *this, TNC_ConnectionID connection_id,
210 TNC_ConnectionState new_state)
211 {
212 imc_state_t *state;
213
214 switch (new_state)
215 {
216 case TNC_CONNECTION_STATE_HANDSHAKE:
217 case TNC_CONNECTION_STATE_ACCESS_ALLOWED:
218 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
219 case TNC_CONNECTION_STATE_ACCESS_NONE:
220 state = find_connection(this, connection_id);
221 if (!state)
222 {
223 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
224 this->id, this->name, connection_id);
225 return TNC_RESULT_FATAL;
226 }
227 state->change_state(state, new_state);
228 DBG2(DBG_IMC, "IMC %u \"%s\" changed state of Connection ID %u to '%N'",
229 this->id, this->name, connection_id,
230 TNC_Connection_State_names, new_state);
231 break;
232 case TNC_CONNECTION_STATE_CREATE:
233 DBG1(DBG_IMC, "state '%N' should be handled by create_state()",
234 TNC_Connection_State_names, new_state);
235 return TNC_RESULT_FATAL;
236 case TNC_CONNECTION_STATE_DELETE:
237 DBG1(DBG_IMC, "state '%N' should be handled by delete_state()",
238 TNC_Connection_State_names, new_state);
239 return TNC_RESULT_FATAL;
240 default:
241 DBG1(DBG_IMC, "IMC %u \"%s\" was notified of unknown state %u "
242 "for Connection ID %u",
243 this->id, this->name, new_state, connection_id);
244 return TNC_RESULT_INVALID_PARAMETER;
245 }
246 return TNC_RESULT_SUCCESS;
247 }
248
249 METHOD(imc_agent_t, get_state, bool,
250 private_imc_agent_t *this, TNC_ConnectionID connection_id,
251 imc_state_t **state)
252 {
253 *state = find_connection(this, connection_id);
254 if (!*state)
255 {
256 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
257 this->id, this->name, connection_id);
258 return FALSE;
259 }
260 return TRUE;
261 }
262
263 METHOD(imc_agent_t, send_message, TNC_Result,
264 private_imc_agent_t *this, TNC_ConnectionID connection_id, chunk_t msg)
265 {
266 if (!this->send_message)
267 {
268 return TNC_RESULT_FATAL;
269 }
270 return this->send_message(this->id, connection_id, msg.ptr, msg.len,
271 this->type);
272 }
273
274 METHOD(imc_agent_t, receive_message, TNC_Result,
275 private_imc_agent_t *this, TNC_ConnectionID connection_id, chunk_t msg,
276 TNC_MessageType msg_type, pa_tnc_msg_t **pa_tnc_msg)
277 {
278 pa_tnc_msg_t *pa_msg, *error_msg;
279 pa_tnc_attr_t *error_attr;
280 enumerator_t *enumerator;
281 TNC_Result result;
282
283 DBG2(DBG_IMV, "IMC %u \"%s\" received message type 0x%08x for Connection ID %u",
284 this->id, this->name, msg_type, connection_id);
285
286 *pa_tnc_msg = NULL;
287 pa_msg = pa_tnc_msg_create_from_data(msg);
288
289 switch (pa_msg->process(pa_msg))
290 {
291 case SUCCESS:
292 *pa_tnc_msg = pa_msg;
293 break;
294 case VERIFY_ERROR:
295 if (!this->send_message)
296 {
297 /* TNCC doen't have a SendMessage() function */
298 return TNC_RESULT_FATAL;
299 }
300
301 /* build error message */
302 error_msg = pa_tnc_msg_create();
303 enumerator = pa_msg->create_error_enumerator(pa_msg);
304 while (enumerator->enumerate(enumerator, &error_attr))
305 {
306 error_msg->add_attribute(error_msg,
307 error_attr->get_ref(error_attr));
308 }
309 enumerator->destroy(enumerator);
310 error_msg->build(error_msg);
311
312 /* send error message */
313 msg = error_msg->get_encoding(error_msg);
314 result = this->send_message(this->id, connection_id,
315 msg.ptr, msg.len, msg_type);
316
317 /* clean up */
318 error_msg->destroy(error_msg);
319 pa_msg->destroy(pa_msg);
320 return result;
321 case FAILED:
322 default:
323 pa_msg->destroy(pa_msg);
324 return TNC_RESULT_FATAL;
325 }
326 return TNC_RESULT_SUCCESS;
327 }
328
329 METHOD(imc_agent_t, destroy, void,
330 private_imc_agent_t *this)
331 {
332 DBG1(DBG_IMC, "IMC %u \"%s\" terminated", this->id, this->name);
333 this->connections->destroy_function(this->connections, free);
334 this->connection_lock->destroy(this->connection_lock);
335 free(this);
336
337 /* decrease the reference count or terminate */
338 libimcv_deinit();
339 }
340
341 /**
342 * Described in header.
343 */
344 imc_agent_t *imc_agent_create(const char *name,
345 pen_t vendor_id, u_int32_t subtype,
346 TNC_IMCID id, TNC_Version *actual_version)
347 {
348 private_imc_agent_t *this;
349
350 /* initialize or increase the reference count */
351 if (!libimcv_init())
352 {
353 return NULL;
354 }
355
356 INIT(this,
357 .public = {
358 .bind_functions = _bind_functions,
359 .create_state = _create_state,
360 .delete_state = _delete_state,
361 .change_state = _change_state,
362 .get_state = _get_state,
363 .send_message = _send_message,
364 .receive_message = _receive_message,
365 .destroy = _destroy,
366 },
367 .name = name,
368 .type = (vendor_id << 8) | (subtype && 0xff),
369 .id = id,
370 .connections = linked_list_create(),
371 .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
372 );
373
374 *actual_version = TNC_IFIMC_VERSION_1;
375 DBG1(DBG_IMC, "IMC %u \"%s\" initialized", this->id, this->name);
376
377 return &this->public;
378 }
379
strongSwan - IPsec VPN