projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Moved debug.[ch] to utils folder
[strongswan.git] / src / libimcv / imc / imc_agent.c
1 /*
2 * Copyright (C) 2011-2012 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "imcv.h"
17 #include "imc_agent.h"
18
19 #include <tncif_names.h>
20
21 #include <utils/debug.h>
22 #include <threading/rwlock.h>
23
24 typedef struct private_imc_agent_t private_imc_agent_t;
25
26 /**
27 * Private data of an imc_agent_t object.
28 */
29 struct private_imc_agent_t {
30
31 /**
32 * Public members of imc_agent_t
33 */
34 imc_agent_t public;
35
36 /**
37 * name of IMC
38 */
39 const char *name;
40
41 /**
42 * message types registered by IMC
43 */
44 pen_type_t *supported_types;
45
46 /**
47 * number of message types registered by IMC
48 */
49 u_int32_t type_count;
50
51 /**
52 * ID of IMC as assigned by TNCC
53 */
54 TNC_IMCID id;
55
56 /**
57 * List of additional IMC IDs assigned by TNCC
58 */
59 linked_list_t *additional_ids;
60
61 /**
62 * list of TNCC connection entries
63 */
64 linked_list_t *connections;
65
66 /**
67 * rwlock to lock TNCC connection entries
68 */
69 rwlock_t *connection_lock;
70
71 /**
72 * Inform a TNCC about the set of message types the IMC is able to receive
73 *
74 * @param imc_id IMC ID assigned by TNCC
75 * @param supported_types list of supported message types
76 * @param type_count number of list elements
77 * @return TNC result code
78 */
79 TNC_Result (*report_message_types)(TNC_IMCID imc_id,
80 TNC_MessageTypeList supported_types,
81 TNC_UInt32 type_count);
82
83 /**
84 * Inform a TNCC about the set of message types the IMC is able to receive
85 *
86 * @param imc_id IMC ID assigned by TNCC
87 * @param supported_vids list of supported message vendor IDs
88 * @param supported_subtypes list of supported message subtypes
89 * @param type_count number of list elements
90 * @return TNC result code
91 */
92 TNC_Result (*report_message_types_long)(TNC_IMCID imc_id,
93 TNC_VendorIDList supported_vids,
94 TNC_MessageSubtypeList supported_subtypes,
95 TNC_UInt32 type_count);
96
97 /**
98 * Get the value of an attribute associated with a connection
99 * or with the TNCC as a whole.
100 *
101 * @param imc_id IMC ID assigned by TNCC
102 * @param connection_id network connection ID assigned by TNCC
103 * @param attribute_id attribute ID
104 * @param buffer_len length of buffer in bytes
105 * @param buffer buffer
106 * @param out_value_len size in bytes of attribute stored in buffer
107 * @return TNC result code
108 */
109 TNC_Result (*get_attribute)(TNC_IMCID imc_id,
110 TNC_ConnectionID connection_id,
111 TNC_AttributeID attribute_id,
112 TNC_UInt32 buffer_len,
113 TNC_BufferReference buffer,
114 TNC_UInt32 *out_value_len);
115
116 /**
117 * Set the value of an attribute associated with a connection
118 * or with the TNCC as a whole.
119 *
120 * @param imc_id IMV ID assigned by TNCC
121 * @param connection_id network connection ID assigned by TNCC
122 * @param attribute_id attribute ID
123 * @param buffer_len length of buffer in bytes
124 * @param buffer buffer
125 * @return TNC result code
126 */
127 TNC_Result (*set_attribute)(TNC_IMCID imc_id,
128 TNC_ConnectionID connection_id,
129 TNC_AttributeID attribute_id,
130 TNC_UInt32 buffer_len,
131 TNC_BufferReference buffer);
132
133 /**
134 * Reserve an additional IMC ID
135 *
136 * @param imc_id primary IMC ID assigned by TNCC
137 * @param out_imc_id additional IMC ID assigned by TNCC
138 * @return TNC result code
139 */
140 TNC_Result (*reserve_additional_id)(TNC_IMCID imc_id,
141 TNC_UInt32 *out_imc_id);
142
143 };
144
145 METHOD(imc_agent_t, bind_functions, TNC_Result,
146 private_imc_agent_t *this, TNC_TNCC_BindFunctionPointer bind_function)
147 {
148 if (!bind_function)
149 {
150 DBG1(DBG_IMC, "TNC client failed to provide bind function");
151 return TNC_RESULT_INVALID_PARAMETER;
152 }
153 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypes",
154 (void**)&this->report_message_types) != TNC_RESULT_SUCCESS)
155 {
156 this->report_message_types = NULL;
157 }
158 if (bind_function(this->id, "TNC_TNCC_ReportMessageTypesLong",
159 (void**)&this->report_message_types_long) != TNC_RESULT_SUCCESS)
160 {
161 this->report_message_types_long = NULL;
162 }
163 if (bind_function(this->id, "TNC_TNCC_RequestHandshakeRetry",
164 (void**)&this->public.request_handshake_retry) != TNC_RESULT_SUCCESS)
165 {
166 this->public.request_handshake_retry = NULL;
167 }
168 if (bind_function(this->id, "TNC_TNCC_SendMessage",
169 (void**)&this->public.send_message) != TNC_RESULT_SUCCESS)
170 {
171 this->public.send_message = NULL;
172 }
173 if (bind_function(this->id, "TNC_TNCC_SendMessageLong",
174 (void**)&this->public.send_message_long) != TNC_RESULT_SUCCESS)
175 {
176 this->public.send_message_long = NULL;
177 }
178 if (bind_function(this->id, "TNC_TNCC_GetAttribute",
179 (void**)&this->get_attribute) != TNC_RESULT_SUCCESS)
180 {
181 this->get_attribute = NULL;
182 }
183 if (bind_function(this->id, "TNC_TNCC_SetAttribute",
184 (void**)&this->set_attribute) != TNC_RESULT_SUCCESS)
185 {
186 this->set_attribute = NULL;
187 }
188 if (bind_function(this->id, "TNC_TNCC_ReserveAdditionalIMCID",
189 (void**)&this->reserve_additional_id) != TNC_RESULT_SUCCESS)
190 {
191 this->reserve_additional_id = NULL;
192 }
193 DBG2(DBG_IMC, "IMC %u \"%s\" provided with bind function",
194 this->id, this->name);
195
196 if (this->report_message_types_long)
197 {
198 TNC_VendorIDList vendor_id_list;
199 TNC_MessageSubtypeList subtype_list;
200 int i;
201
202 vendor_id_list = malloc(this->type_count * sizeof(TNC_UInt32));
203 subtype_list = malloc(this->type_count * sizeof(TNC_UInt32));
204
205 for (i = 0; i < this->type_count; i++)
206 {
207 vendor_id_list[i] = this->supported_types[i].vendor_id;
208 subtype_list[i] = this->supported_types[i].type;
209 }
210 this->report_message_types_long(this->id, vendor_id_list, subtype_list,
211 this->type_count);
212 free(vendor_id_list);
213 free(subtype_list);
214 }
215 else if (this->report_message_types)
216 {
217 TNC_MessageTypeList type_list;
218 int i;
219
220 type_list = malloc(this->type_count * sizeof(TNC_UInt32));
221
222 for (i = 0; i < this->type_count; i++)
223 {
224 type_list[i] = (this->supported_types[i].vendor_id << 8) |
225 (this->supported_types[i].type & 0xff);
226 }
227 this->report_message_types(this->id, type_list, this->type_count);
228 free(type_list);
229 }
230 return TNC_RESULT_SUCCESS;
231 }
232
233 /**
234 * finds a connection state based on its Connection ID
235 */
236 static imc_state_t* find_connection(private_imc_agent_t *this,
237 TNC_ConnectionID id)
238 {
239 enumerator_t *enumerator;
240 imc_state_t *state, *found = NULL;
241
242 this->connection_lock->read_lock(this->connection_lock);
243 enumerator = this->connections->create_enumerator(this->connections);
244 while (enumerator->enumerate(enumerator, &state))
245 {
246 if (id == state->get_connection_id(state))
247 {
248 found = state;
249 break;
250 }
251 }
252 enumerator->destroy(enumerator);
253 this->connection_lock->unlock(this->connection_lock);
254
255 return found;
256 }
257
258 /**
259 * delete a connection state with a given Connection ID
260 */
261 static bool delete_connection(private_imc_agent_t *this, TNC_ConnectionID id)
262 {
263 enumerator_t *enumerator;
264 imc_state_t *state;
265 bool found = FALSE;
266
267 this->connection_lock->write_lock(this->connection_lock);
268 enumerator = this->connections->create_enumerator(this->connections);
269 while (enumerator->enumerate(enumerator, &state))
270 {
271 if (id == state->get_connection_id(state))
272 {
273 found = TRUE;
274 state->destroy(state);
275 this->connections->remove_at(this->connections, enumerator);
276 break;
277 }
278 }
279 enumerator->destroy(enumerator);
280 this->connection_lock->unlock(this->connection_lock);
281
282 return found;
283 }
284
285 /**
286 * Read a boolean attribute
287 */
288 static bool get_bool_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
289 TNC_AttributeID attribute_id)
290 {
291 TNC_UInt32 len;
292 char buf[4];
293
294 return this->get_attribute &&
295 this->get_attribute(this->id, id, attribute_id, 4, buf, &len) ==
296 TNC_RESULT_SUCCESS && len == 1 && *buf == 0x01;
297 }
298
299 /**
300 * Read a string attribute
301 */
302 static char* get_str_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
303 TNC_AttributeID attribute_id)
304 {
305 TNC_UInt32 len;
306 char buf[BUF_LEN];
307
308 if (this->get_attribute &&
309 this->get_attribute(this->id, id, attribute_id, BUF_LEN, buf, &len) ==
310 TNC_RESULT_SUCCESS && len <= BUF_LEN)
311 {
312 return strdup(buf);
313 }
314 return NULL;
315 }
316
317 /**
318 * Read an UInt32 attribute
319 */
320 static u_int32_t get_uint_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
321 TNC_AttributeID attribute_id)
322 {
323 TNC_UInt32 len;
324 char buf[4];
325
326 if (this->get_attribute &&
327 this->get_attribute(this->id, id, attribute_id, 4, buf, &len) ==
328 TNC_RESULT_SUCCESS && len == 4)
329 {
330 return untoh32(buf);
331 }
332 return 0;
333 }
334
335 METHOD(imc_agent_t, create_state, TNC_Result,
336 private_imc_agent_t *this, imc_state_t *state)
337 {
338 TNC_ConnectionID conn_id;
339 char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
340 bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
341 u_int32_t max_msg_len;
342
343 conn_id = state->get_connection_id(state);
344 if (find_connection(this, conn_id))
345 {
346 DBG1(DBG_IMC, "IMC %u \"%s\" already created a state for Connection ID %u",
347 this->id, this->name, conn_id);
348 state->destroy(state);
349 return TNC_RESULT_OTHER;
350 }
351
352 /* Get and display attributes from TNCC via IF-IMC */
353 has_long = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_LONG_TYPES);
354 has_excl = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_EXCLUSIVE);
355 has_soh = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_SOH);
356 tnccs_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_PROTOCOL);
357 tnccs_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_VERSION);
358 t_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_PROTOCOL);
359 t_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_VERSION);
360 max_msg_len = get_uint_attribute(this, conn_id, TNC_ATTRIBUTEID_MAX_MESSAGE_SIZE);
361
362 state->set_flags(state, has_long, has_excl);
363 state->set_max_msg_len(state, max_msg_len);
364
365 DBG2(DBG_IMC, "IMC %u \"%s\" created a state for %s %s Connection ID %u: "
366 "%slong %sexcl %ssoh", this->id, this->name,
367 tnccs_p ? tnccs_p:"?", tnccs_v ? tnccs_v:"?", conn_id,
368 has_long ? "+":"-", has_excl ? "+":"-", has_soh ? "+":"-");
369 DBG2(DBG_IMC, " over %s %s with maximum PA-TNC message size of %u bytes",
370 t_p ? t_p:"?", t_v ? t_v :"?", max_msg_len);
371
372 free(tnccs_p);
373 free(tnccs_v);
374 free(t_p);
375 free(t_v);
376
377 this->connection_lock->write_lock(this->connection_lock);
378 this->connections->insert_last(this->connections, state);
379 this->connection_lock->unlock(this->connection_lock);
380 return TNC_RESULT_SUCCESS;
381 }
382
383 METHOD(imc_agent_t, delete_state, TNC_Result,
384 private_imc_agent_t *this, TNC_ConnectionID connection_id)
385 {
386 if (!delete_connection(this, connection_id))
387 {
388 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
389 this->id, this->name, connection_id);
390 return TNC_RESULT_FATAL;
391 }
392 DBG2(DBG_IMC, "IMC %u \"%s\" deleted the state of Connection ID %u",
393 this->id, this->name, connection_id);
394 return TNC_RESULT_SUCCESS;
395 }
396
397 METHOD(imc_agent_t, change_state, TNC_Result,
398 private_imc_agent_t *this, TNC_ConnectionID connection_id,
399 TNC_ConnectionState new_state,
400 imc_state_t **state_p)
401 {
402 imc_state_t *state;
403
404 switch (new_state)
405 {
406 case TNC_CONNECTION_STATE_HANDSHAKE:
407 case TNC_CONNECTION_STATE_ACCESS_ALLOWED:
408 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
409 case TNC_CONNECTION_STATE_ACCESS_NONE:
410 state = find_connection(this, connection_id);
411
412 if (!state)
413 {
414 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
415 this->id, this->name, connection_id);
416 return TNC_RESULT_FATAL;
417 }
418 state->change_state(state, new_state);
419 DBG2(DBG_IMC, "IMC %u \"%s\" changed state of Connection ID %u to '%N'",
420 this->id, this->name, connection_id,
421 TNC_Connection_State_names, new_state);
422 if (state_p)
423 {
424 *state_p = state;
425 }
426 break;
427 case TNC_CONNECTION_STATE_CREATE:
428 DBG1(DBG_IMC, "state '%N' should be handled by create_state()",
429 TNC_Connection_State_names, new_state);
430 return TNC_RESULT_FATAL;
431 case TNC_CONNECTION_STATE_DELETE:
432 DBG1(DBG_IMC, "state '%N' should be handled by delete_state()",
433 TNC_Connection_State_names, new_state);
434 return TNC_RESULT_FATAL;
435 default:
436 DBG1(DBG_IMC, "IMC %u \"%s\" was notified of unknown state %u "
437 "for Connection ID %u",
438 this->id, this->name, new_state, connection_id);
439 return TNC_RESULT_INVALID_PARAMETER;
440 }
441 return TNC_RESULT_SUCCESS;
442 }
443
444 METHOD(imc_agent_t, get_state, bool,
445 private_imc_agent_t *this, TNC_ConnectionID connection_id,
446 imc_state_t **state)
447 {
448 *state = find_connection(this, connection_id);
449 if (!*state)
450 {
451 DBG1(DBG_IMC, "IMC %u \"%s\" has no state for Connection ID %u",
452 this->id, this->name, connection_id);
453 return FALSE;
454 }
455 return TRUE;
456 }
457
458 METHOD(imc_agent_t, get_name, const char*,
459 private_imc_agent_t *this)
460 {
461 return this->name;
462 }
463
464 METHOD(imc_agent_t, get_id, TNC_IMCID,
465 private_imc_agent_t *this)
466 {
467 return this->id;
468 }
469
470 METHOD(imc_agent_t, reserve_additional_ids, TNC_Result,
471 private_imc_agent_t *this, int count)
472 {
473 TNC_Result result;
474 TNC_UInt32 id;
475 void *pointer;
476
477 if (!this->reserve_additional_id)
478 {
479 DBG1(DBG_IMC, "IMC %u \"%s\" did not detect the capability to reserve "
480 "additional IMC IDs from the TNCC", this->id, this->name);
481 return TNC_RESULT_ILLEGAL_OPERATION;
482 }
483 while (count > 0)
484 {
485 result = this->reserve_additional_id(this->id, &id);
486 if (result != TNC_RESULT_SUCCESS)
487 {
488 DBG1(DBG_IMC, "IMC %u \"%s\" failed to reserve %d additional IMC IDs",
489 this->id, this->name, count);
490 return result;
491 }
492 count--;
493
494 /* store the scalar value in the pointer */
495 pointer = (void*)id;
496 this->additional_ids->insert_last(this->additional_ids, pointer);
497 DBG2(DBG_IMC, "IMC %u \"%s\" reserved additional ID %u",
498 this->id, this->name, id);
499 }
500 return TNC_RESULT_SUCCESS;
501 }
502
503 METHOD(imc_agent_t, count_additional_ids, int,
504 private_imc_agent_t *this)
505 {
506 return this->additional_ids->get_count(this->additional_ids);
507 }
508
509 METHOD(imc_agent_t, create_id_enumerator, enumerator_t*,
510 private_imc_agent_t *this)
511 {
512 return this->additional_ids->create_enumerator(this->additional_ids);
513 }
514
515 METHOD(imc_agent_t, destroy, void,
516 private_imc_agent_t *this)
517 {
518 DBG1(DBG_IMC, "IMC %u \"%s\" terminated", this->id, this->name);
519 this->additional_ids->destroy(this->additional_ids);
520 this->connections->destroy_function(this->connections, free);
521 this->connection_lock->destroy(this->connection_lock);
522 free(this);
523
524 /* decrease the reference count or terminate */
525 libimcv_deinit();
526 }
527
528 /**
529 * Described in header.
530 */
531 imc_agent_t *imc_agent_create(const char *name,
532 pen_type_t *supported_types, u_int32_t type_count,
533 TNC_IMCID id, TNC_Version *actual_version)
534 {
535 private_imc_agent_t *this;
536
537 /* initialize or increase the reference count */
538 if (!libimcv_init())
539 {
540 return NULL;
541 }
542
543 INIT(this,
544 .public = {
545 .bind_functions = _bind_functions,
546 .create_state = _create_state,
547 .delete_state = _delete_state,
548 .change_state = _change_state,
549 .get_state = _get_state,
550 .get_name = _get_name,
551 .get_id = _get_id,
552 .reserve_additional_ids = _reserve_additional_ids,
553 .count_additional_ids = _count_additional_ids,
554 .create_id_enumerator = _create_id_enumerator,
555 .destroy = _destroy,
556 },
557 .name = name,
558 .supported_types = supported_types,
559 .type_count = type_count,
560 .id = id,
561 .additional_ids = linked_list_create(),
562 .connections = linked_list_create(),
563 .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
564 );
565
566 *actual_version = TNC_IFIMC_VERSION_1;
567 DBG1(DBG_IMC, "IMC %u \"%s\" initialized", this->id, this->name);
568
569 return &this->public;
570 }
571
strongSwan - IPsec VPN