projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
imc/imv->send_message() uses attr_list
[strongswan.git] / src / libimcv / imv / imv_agent.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imcv.h"
16 #include "imv_agent.h"
17
18 #include <tncif_names.h>
19
20 #include <debug.h>
21 #include <threading/rwlock.h>
22
23 typedef struct private_imv_agent_t private_imv_agent_t;
24
25 /**
26 * Private data of an imv_agent_t object.
27 */
28 struct private_imv_agent_t {
29
30 /**
31 * Public members of imv_agent_t
32 */
33 imv_agent_t public;
34
35 /**
36 * name of IMV
37 */
38 const char *name;
39
40 /**
41 * message vendor ID of IMV
42 */
43 TNC_VendorID vendor_id;
44
45 /**
46 * message subtype of IMV
47 */
48 TNC_MessageSubtype subtype;
49
50 /**
51 * ID of IMV as assigned by TNCS
52 */
53 TNC_IMVID id;
54
55 /**
56 * List of additional IMV IDs assigned by TNCS
57 */
58 linked_list_t *additional_ids;
59
60 /**
61 * list of TNCS connection entries
62 */
63 linked_list_t *connections;
64
65 /**
66 * rwlock to lock TNCS connection entries
67 */
68 rwlock_t *connection_lock;
69
70 /**
71 * Inform a TNCS about the set of message types the IMV is able to receive
72 *
73 * @param imv_id IMV ID assigned by TNCS
74 * @param supported_types list of supported message types
75 * @param type_count number of list elements
76 * @return TNC result code
77 */
78 TNC_Result (*report_message_types)(TNC_IMVID imv_id,
79 TNC_MessageTypeList supported_types,
80 TNC_UInt32 type_count);
81
82 /**
83 * Inform a TNCS about the set of message types the IMV is able to receive
84 *
85 * @param imv_id IMV ID assigned by TNCS
86 * @param supported_vids list of supported message vendor IDs
87 * @param supported_subtypes list of supported message subtypes
88 * @param type_count number of list elements
89 * @return TNC result code
90 */
91 TNC_Result (*report_message_types_long)(TNC_IMVID imv_id,
92 TNC_VendorIDList supported_vids,
93 TNC_MessageSubtypeList supported_subtypes,
94 TNC_UInt32 type_count);
95
96 /**
97 * Call when an IMV-IMC message is to be sent
98 *
99 * @param imv_id IMV ID assigned by TNCS
100 * @param connection_id network connection ID assigned by TNCS
101 * @param msg message to send
102 * @param msg_len message length in bytes
103 * @param msg_type message type
104 * @return TNC result code
105 */
106 TNC_Result (*send_message)(TNC_IMVID imv_id,
107 TNC_ConnectionID connection_id,
108 TNC_BufferReference msg,
109 TNC_UInt32 msg_len,
110 TNC_MessageType msg_type);
111
112 /**
113 * Call when an IMV-IMC message is to be sent with long message types
114 *
115 * @param imv_id IMV ID assigned by TNCS
116 * @param connection_id network connection ID assigned by TNCS
117 * @param msg_flags message flags
118 * @param msg message to send
119 * @param msg_len message length in bytes
120 * @param msg_vid message vendor ID
121 * @param msg_subtype message subtype
122 * @param dst_imc_id destination IMC ID
123 * @return TNC result code
124 */
125 TNC_Result (*send_message_long)(TNC_IMVID imv_id,
126 TNC_ConnectionID connection_id,
127 TNC_UInt32 msg_flags,
128 TNC_BufferReference msg,
129 TNC_UInt32 msg_len,
130 TNC_VendorID msg_vid,
131 TNC_MessageSubtype msg_subtype,
132 TNC_UInt32 dst_imc_id);
133
134 /**
135 * Deliver IMV Action Recommendation and IMV Evaluation Results to the TNCS
136 *
137 * @param imv_id IMV ID assigned by TNCS
138 # @param connection_id network connection ID assigned by TNCS
139 * @param rec IMV action recommendation
140 * @param eval IMV evaluation result
141 * @return TNC result code
142 */
143 TNC_Result (*provide_recommendation)(TNC_IMVID imv_id,
144 TNC_ConnectionID connection_id,
145 TNC_IMV_Action_Recommendation rec,
146 TNC_IMV_Evaluation_Result eval);
147
148 /**
149 * Get the value of an attribute associated with a connection
150 * or with the TNCS as a whole.
151 *
152 * @param imv_id IMV ID assigned by TNCS
153 * @param connection_id network connection ID assigned by TNCS
154 * @param attribute_id attribute ID
155 * @param buffer_len length of buffer in bytes
156 * @param buffer buffer
157 * @param out_value_len size in bytes of attribute stored in buffer
158 * @return TNC result code
159 */
160 TNC_Result (*get_attribute)(TNC_IMVID imv_id,
161 TNC_ConnectionID connection_id,
162 TNC_AttributeID attribute_id,
163 TNC_UInt32 buffer_len,
164 TNC_BufferReference buffer,
165 TNC_UInt32 *out_value_len);
166
167 /**
168 * Set the value of an attribute associated with a connection
169 * or with the TNCS as a whole.
170 *
171 * @param imv_id IMV ID assigned by TNCS
172 * @param connection_id network connection ID assigned by TNCS
173 * @param attribute_id attribute ID
174 * @param buffer_len length of buffer in bytes
175 * @param buffer buffer
176 * @return TNC result code
177 */
178 TNC_Result (*set_attribute)(TNC_IMVID imv_id,
179 TNC_ConnectionID connection_id,
180 TNC_AttributeID attribute_id,
181 TNC_UInt32 buffer_len,
182 TNC_BufferReference buffer);
183
184 /**
185 * Reserve an additional IMV ID
186 *
187 * @param imv_id primary IMV ID assigned by TNCS
188 * @param out_imv_id additional IMV ID assigned by TNCS
189 * @return TNC result code
190 */
191 TNC_Result (*reserve_additional_id)(TNC_IMVID imv_id,
192 TNC_UInt32 *out_imv_id);
193
194 };
195
196 METHOD(imv_agent_t, bind_functions, TNC_Result,
197 private_imv_agent_t *this, TNC_TNCS_BindFunctionPointer bind_function)
198 {
199 if (!bind_function)
200 {
201 DBG1(DBG_IMV, "TNC server failed to provide bind function");
202 return TNC_RESULT_INVALID_PARAMETER;
203 }
204 if (bind_function(this->id, "TNC_TNCS_ReportMessageTypes",
205 (void**)&this->report_message_types) != TNC_RESULT_SUCCESS)
206 {
207 this->report_message_types = NULL;
208 }
209 if (bind_function(this->id, "TNC_TNCS_ReportMessageTypesLong",
210 (void**)&this->report_message_types_long) != TNC_RESULT_SUCCESS)
211 {
212 this->report_message_types_long = NULL;
213 }
214 if (bind_function(this->id, "TNC_TNCS_RequestHandshakeRetry",
215 (void**)&this->public.request_handshake_retry) != TNC_RESULT_SUCCESS)
216 {
217 this->public.request_handshake_retry = NULL;
218 }
219 if (bind_function(this->id, "TNC_TNCS_SendMessage",
220 (void**)&this->send_message) != TNC_RESULT_SUCCESS)
221 {
222 this->send_message = NULL;
223 }
224 if (bind_function(this->id, "TNC_TNCS_SendMessageLong",
225 (void**)&this->send_message_long) != TNC_RESULT_SUCCESS)
226 {
227 this->send_message_long = NULL;
228 }
229 if (bind_function(this->id, "TNC_TNCS_ProvideRecommendation",
230 (void**)&this->provide_recommendation) != TNC_RESULT_SUCCESS)
231 {
232 this->provide_recommendation = NULL;
233 }
234 if (bind_function(this->id, "TNC_TNCS_GetAttribute",
235 (void**)&this->get_attribute) != TNC_RESULT_SUCCESS)
236 {
237 this->get_attribute = NULL;
238 }
239 if (bind_function(this->id, "TNC_TNCS_SetAttribute",
240 (void**)&this->set_attribute) != TNC_RESULT_SUCCESS)
241 {
242 this->set_attribute = NULL;
243 }
244 if (bind_function(this->id, "TNC_TNCC_ReserveAdditionalIMVID",
245 (void**)&this->reserve_additional_id) != TNC_RESULT_SUCCESS)
246 {
247 this->reserve_additional_id = NULL;
248 }
249 DBG2(DBG_IMV, "IMV %u \"%s\" provided with bind function",
250 this->id, this->name);
251
252 if (this->report_message_types_long)
253 {
254 this->report_message_types_long(this->id, &this->vendor_id,
255 &this->subtype, 1);
256 }
257 else if (this->report_message_types &&
258 this->vendor_id <= TNC_VENDORID_ANY &&
259 this->subtype <= TNC_SUBTYPE_ANY)
260 {
261 TNC_MessageType type;
262
263 type = (this->vendor_id << 8) | this->subtype;
264 this->report_message_types(this->id, &type, 1);
265 }
266 return TNC_RESULT_SUCCESS;
267 }
268
269 /**
270 * finds a connection state based on its Connection ID
271 */
272 static imv_state_t* find_connection(private_imv_agent_t *this,
273 TNC_ConnectionID id)
274 {
275 enumerator_t *enumerator;
276 imv_state_t *state, *found = NULL;
277
278 this->connection_lock->read_lock(this->connection_lock);
279 enumerator = this->connections->create_enumerator(this->connections);
280 while (enumerator->enumerate(enumerator, &state))
281 {
282 if (id == state->get_connection_id(state))
283 {
284 found = state;
285 break;
286 }
287 }
288 enumerator->destroy(enumerator);
289 this->connection_lock->unlock(this->connection_lock);
290
291 return found;
292 }
293
294 /**
295 * delete a connection state with a given Connection ID
296 */
297 static bool delete_connection(private_imv_agent_t *this, TNC_ConnectionID id)
298 {
299 enumerator_t *enumerator;
300 imv_state_t *state;
301 bool found = FALSE;
302
303 this->connection_lock->write_lock(this->connection_lock);
304 enumerator = this->connections->create_enumerator(this->connections);
305 while (enumerator->enumerate(enumerator, &state))
306 {
307 if (id == state->get_connection_id(state))
308 {
309 found = TRUE;
310 state->destroy(state);
311 this->connections->remove_at(this->connections, enumerator);
312 break;
313 }
314 }
315 enumerator->destroy(enumerator);
316 this->connection_lock->unlock(this->connection_lock);
317
318 return found;
319 }
320
321 /**
322 * Read a boolean attribute
323 */
324 static bool get_bool_attribute(private_imv_agent_t *this, TNC_ConnectionID id,
325 TNC_AttributeID attribute_id)
326 {
327 TNC_UInt32 len;
328 char buf[4];
329
330 return this->get_attribute &&
331 this->get_attribute(this->id, id, attribute_id, 4, buf, &len) ==
332 TNC_RESULT_SUCCESS && len == 1 && *buf == 0x01;
333 }
334
335 /**
336 * Read a string attribute
337 */
338 static char* get_str_attribute(private_imv_agent_t *this, TNC_ConnectionID id,
339 TNC_AttributeID attribute_id)
340 {
341 TNC_UInt32 len;
342 char buf[BUF_LEN];
343
344 if (this->get_attribute &&
345 this->get_attribute(this->id, id, attribute_id, BUF_LEN, buf, &len) ==
346 TNC_RESULT_SUCCESS && len <= BUF_LEN)
347 {
348 return strdup(buf);
349 }
350 return NULL;
351 }
352
353 METHOD(imv_agent_t, create_state, TNC_Result,
354 private_imv_agent_t *this, imv_state_t *state)
355 {
356 TNC_ConnectionID conn_id;
357 char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
358 bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
359
360 conn_id = state->get_connection_id(state);
361 if (find_connection(this, conn_id))
362 {
363 DBG1(DBG_IMV, "IMV %u \"%s\" already created a state for Connection ID %u",
364 this->id, this->name, conn_id);
365 state->destroy(state);
366 return TNC_RESULT_OTHER;
367 }
368
369 /* Get and display attributes from TNCS via IF-IMV */
370 has_long = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_LONG_TYPES);
371 has_excl = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_EXCLUSIVE);
372 has_soh = get_bool_attribute(this, conn_id, TNC_ATTRIBUTEID_HAS_SOH);
373 tnccs_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_PROTOCOL);
374 tnccs_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFTNCCS_VERSION);
375 t_p = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_PROTOCOL);
376 t_v = get_str_attribute(this, conn_id, TNC_ATTRIBUTEID_IFT_VERSION);
377
378 state->set_flags(state, has_long, has_excl);
379
380 DBG2(DBG_IMV, "IMV %u \"%s\" created a state for Connection ID %u: "
381 "%s %s with %slong %sexcl %ssoh over %s %s",
382 this->id, this->name, conn_id, tnccs_p ? tnccs_p:"?",
383 tnccs_v ? tnccs_v:"?", has_long ? "+":"-", has_excl ? "+":"-",
384 has_soh ? "+":"-", t_p ? t_p:"?", t_v ? t_v :"?");
385 free(tnccs_p);
386 free(tnccs_v);
387 free(t_p);
388 free(t_v);
389
390 this->connection_lock->write_lock(this->connection_lock);
391 this->connections->insert_last(this->connections, state);
392 this->connection_lock->unlock(this->connection_lock);
393 return TNC_RESULT_SUCCESS;
394 }
395
396 METHOD(imv_agent_t, delete_state, TNC_Result,
397 private_imv_agent_t *this, TNC_ConnectionID connection_id)
398 {
399 if (!delete_connection(this, connection_id))
400 {
401 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
402 this->id, this->name, connection_id);
403 return TNC_RESULT_FATAL;
404 }
405 DBG2(DBG_IMV, "IMV %u \"%s\" deleted the state of Connection ID %u",
406 this->id, this->name, connection_id);
407 return TNC_RESULT_SUCCESS;
408 }
409
410 METHOD(imv_agent_t, change_state, TNC_Result,
411 private_imv_agent_t *this, TNC_ConnectionID connection_id,
412 TNC_ConnectionState new_state,
413 imv_state_t **state_p)
414 {
415 imv_state_t *state;
416
417 switch (new_state)
418 {
419 case TNC_CONNECTION_STATE_HANDSHAKE:
420 case TNC_CONNECTION_STATE_ACCESS_ALLOWED:
421 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
422 case TNC_CONNECTION_STATE_ACCESS_NONE:
423 state = find_connection(this, connection_id);
424 if (!state)
425 {
426 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
427 this->id, this->name, connection_id);
428 return TNC_RESULT_FATAL;
429 }
430 state->change_state(state, new_state);
431 DBG2(DBG_IMV, "IMV %u \"%s\" changed state of Connection ID %u to '%N'",
432 this->id, this->name, connection_id,
433 TNC_Connection_State_names, new_state);
434 if (state_p)
435 {
436 *state_p = state;
437 }
438 break;
439 case TNC_CONNECTION_STATE_CREATE:
440 DBG1(DBG_IMV, "state '%N' should be handled by create_state()",
441 TNC_Connection_State_names, new_state);
442 return TNC_RESULT_FATAL;
443 case TNC_CONNECTION_STATE_DELETE:
444 DBG1(DBG_IMV, "state '%N' should be handled by delete_state()",
445 TNC_Connection_State_names, new_state);
446 return TNC_RESULT_FATAL;
447 default:
448 DBG1(DBG_IMV, "IMV %u \"%s\" was notified of unknown state %u "
449 "for Connection ID %u",
450 this->id, this->name, new_state, connection_id);
451 return TNC_RESULT_INVALID_PARAMETER;
452 }
453 return TNC_RESULT_SUCCESS;
454 }
455
456 METHOD(imv_agent_t, get_state, bool,
457 private_imv_agent_t *this, TNC_ConnectionID connection_id,
458 imv_state_t **state)
459 {
460 *state = find_connection(this, connection_id);
461 if (!*state)
462 {
463 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
464 this->id, this->name, connection_id);
465 return FALSE;
466 }
467 return TRUE;
468 }
469
470 METHOD(imv_agent_t, send_message, TNC_Result,
471 private_imv_agent_t *this, TNC_ConnectionID connection_id, bool excl,
472 TNC_UInt32 src_imv_id, TNC_UInt32 dst_imc_id, linked_list_t *attr_list)
473 {
474 TNC_MessageType type;
475 TNC_UInt32 msg_flags;
476 imv_state_t *state;
477 pa_tnc_attr_t *attr;
478 pa_tnc_msg_t *pa_tnc_msg;
479 chunk_t msg;
480
481 state = find_connection(this, connection_id);
482 if (!state)
483 {
484 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
485 this->id, this->name, connection_id);
486 return TNC_RESULT_FATAL;
487 }
488
489 pa_tnc_msg = pa_tnc_msg_create();
490
491 while (attr_list->remove_first(attr_list, (void**)&attr) == SUCCESS)
492 {
493 pa_tnc_msg->add_attribute(pa_tnc_msg, attr);
494 }
495 pa_tnc_msg->build(pa_tnc_msg);
496 msg = pa_tnc_msg->get_encoding(pa_tnc_msg);
497
498 if (state->has_long(state) && this->send_message_long)
499 {
500 if (!src_imv_id)
501 {
502 src_imv_id = this->id;
503 }
504 msg_flags = excl ? TNC_MESSAGE_FLAGS_EXCLUSIVE : 0;
505
506 return this->send_message_long(src_imv_id, connection_id, msg_flags,
507 msg.ptr, msg.len, this->vendor_id,
508 this->subtype, dst_imc_id);
509 }
510 if (this->send_message)
511 {
512 type = (this->vendor_id << 8) | this->subtype;
513
514 return this->send_message(this->id, connection_id, msg.ptr, msg.len,
515 type);
516 }
517 return TNC_RESULT_FATAL;
518 }
519
520 METHOD(imv_agent_t, set_recommendation, TNC_Result,
521 private_imv_agent_t *this, TNC_ConnectionID connection_id,
522 TNC_IMV_Action_Recommendation rec,
523 TNC_IMV_Evaluation_Result eval)
524 {
525 imv_state_t *state;
526
527 state = find_connection(this, connection_id);
528 if (!state)
529 {
530 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
531 this->id, this->name, connection_id);
532 return TNC_RESULT_FATAL;
533 }
534
535 state->set_recommendation(state, rec, eval);
536 return this->provide_recommendation(this->id, connection_id, rec, eval);
537 }
538
539 METHOD(imv_agent_t, receive_message, TNC_Result,
540 private_imv_agent_t *this, imv_state_t *state, chunk_t msg,
541 TNC_VendorID msg_vid, TNC_MessageSubtype msg_subtype,
542 TNC_UInt32 src_imc_id, TNC_UInt32 dst_imv_id, pa_tnc_msg_t **pa_tnc_msg)
543 {
544 pa_tnc_msg_t *pa_msg, *error_msg;
545 pa_tnc_attr_t *error_attr;
546 enumerator_t *enumerator;
547 TNC_MessageType msg_type;
548 TNC_UInt32 msg_flags, src_imv_id, dst_imc_id;
549 TNC_ConnectionID connection_id;
550 TNC_Result result;
551
552 connection_id = state->get_connection_id(state);
553
554 if (state->has_long(state))
555 {
556 if (dst_imv_id != TNC_IMVID_ANY)
557 {
558 DBG2(DBG_IMV, "IMV %u \"%s\" received message for Connection ID %u "
559 "from IMC %u to IMV %u", this->id, this->name,
560 connection_id, src_imc_id, dst_imv_id);
561 }
562 else
563 {
564 DBG2(DBG_IMV, "IMV %u \"%s\" received message for Connection ID %u "
565 "from IMC %u", this->id, this->name, connection_id,
566 src_imc_id);
567 }
568 }
569 else
570 {
571 DBG2(DBG_IMV, "IMV %u \"%s\" received message for Connection ID %u",
572 this->id, this->name, connection_id);
573 }
574
575 *pa_tnc_msg = NULL;
576 pa_msg = pa_tnc_msg_create_from_data(msg);
577
578 switch (pa_msg->process(pa_msg))
579 {
580 case SUCCESS:
581 *pa_tnc_msg = pa_msg;
582 break;
583 case VERIFY_ERROR:
584 /* build error message */
585 error_msg = pa_tnc_msg_create();
586 enumerator = pa_msg->create_error_enumerator(pa_msg);
587 while (enumerator->enumerate(enumerator, &error_attr))
588 {
589 error_msg->add_attribute(error_msg,
590 error_attr->get_ref(error_attr));
591 }
592 enumerator->destroy(enumerator);
593 error_msg->build(error_msg);
594
595 /* send error message */
596 msg = error_msg->get_encoding(error_msg);
597
598 if (state->has_long(state) && this->send_message_long)
599 {
600 if (state->has_excl(state))
601 {
602 msg_flags = TNC_MESSAGE_FLAGS_EXCLUSIVE;
603 dst_imc_id = src_imc_id;
604 }
605 else
606 {
607 msg_flags = 0;
608 dst_imc_id = TNC_IMCID_ANY;
609 }
610 src_imv_id = (dst_imv_id == TNC_IMVID_ANY) ? this->id
611 : dst_imv_id;
612
613 result = this->send_message_long(src_imv_id, connection_id,
614 msg_flags, msg.ptr, msg.len, msg_vid,
615 msg_subtype, dst_imc_id);
616 }
617 else if (this->send_message)
618 {
619 msg_type = (msg_vid << 8) | msg_subtype;
620
621 result = this->send_message(this->id, connection_id,
622 msg.ptr, msg.len, msg_type);
623 }
624 else
625 {
626 result = TNC_RESULT_FATAL;
627 }
628
629 /* clean up */
630 error_msg->destroy(error_msg);
631 pa_msg->destroy(pa_msg);
632 return result;
633 case FAILED:
634 default:
635 pa_msg->destroy(pa_msg);
636 state->set_recommendation(state,
637 TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
638 TNC_IMV_EVALUATION_RESULT_ERROR);
639 return this->provide_recommendation(this->id, connection_id,
640 TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
641 TNC_IMV_EVALUATION_RESULT_ERROR);
642 }
643 return TNC_RESULT_SUCCESS;
644 }
645
646 METHOD(imv_agent_t, provide_recommendation, TNC_Result,
647 private_imv_agent_t *this, TNC_ConnectionID connection_id)
648 {
649 imv_state_t *state;
650 TNC_IMV_Action_Recommendation rec;
651 TNC_IMV_Evaluation_Result eval;
652 TNC_UInt32 lang_len;
653 char buf[BUF_LEN];
654 chunk_t pref_lang = { buf, 0 }, reason_string, reason_lang;
655
656 state = find_connection(this, connection_id);
657 if (!state)
658 {
659 DBG1(DBG_IMV, "IMV %u \"%s\" has no state for Connection ID %u",
660 this->id, this->name, connection_id);
661 return TNC_RESULT_FATAL;
662 }
663 state->get_recommendation(state, &rec, &eval);
664
665
666 /* send a reason string if action recommendation is not allow */
667 if (rec != TNC_IMV_ACTION_RECOMMENDATION_ALLOW)
668 {
669 /* check if there a preferred language has been requested */
670 if (this->get_attribute &&
671 this->get_attribute(this->id, connection_id,
672 TNC_ATTRIBUTEID_PREFERRED_LANGUAGE, BUF_LEN,
673 buf, &lang_len) == TNC_RESULT_SUCCESS &&
674 lang_len <= BUF_LEN)
675 {
676 pref_lang.len = lang_len;
677 DBG2(DBG_IMV, "preferred language is '%.*s'",
678 pref_lang.len, pref_lang.ptr);
679 }
680
681 /* find a reason string for the preferred or default language and set it */
682 if (this->set_attribute &&
683 state->get_reason_string(state, pref_lang, &reason_string,
684 &reason_lang))
685 {
686 this->set_attribute(this->id, connection_id,
687 TNC_ATTRIBUTEID_REASON_STRING,
688 reason_string.len, reason_string.ptr);
689 this->set_attribute(this->id, connection_id,
690 TNC_ATTRIBUTEID_REASON_LANGUAGE,
691 reason_lang.len, reason_lang.ptr);
692 }
693 }
694
695 return this->provide_recommendation(this->id, connection_id, rec, eval);
696 }
697
698 METHOD(imv_agent_t, reserve_additional_ids, TNC_Result,
699 private_imv_agent_t *this, int count)
700 {
701 TNC_Result result;
702 TNC_UInt32 id;
703 void *pointer;
704
705 if (!this->reserve_additional_id)
706 {
707 DBG1(DBG_IMV, "IMV %u \"%s\" did not detect the capability to reserve "
708 "additional IMV IDs from the TNCS", this->id, this->name);
709 return TNC_RESULT_ILLEGAL_OPERATION;
710 }
711 while (count > 0)
712 {
713 result = this->reserve_additional_id(this->id, &id);
714 if (result != TNC_RESULT_SUCCESS)
715 {
716 DBG1(DBG_IMV, "IMV %u \"%s\" failed to reserve %d additional IMV IDs",
717 this->id, this->name, count);
718 return result;
719 }
720 count--;
721
722 /* store the scalar value in the pointer */
723 pointer = (void*)id;
724 this->additional_ids->insert_last(this->additional_ids, pointer);
725 DBG2(DBG_IMV, "IMV %u \"%s\" reserved additional ID %u",
726 this->id, this->name, id);
727 }
728 return TNC_RESULT_SUCCESS;
729 }
730
731 METHOD(imv_agent_t, count_additional_ids, int,
732 private_imv_agent_t *this)
733 {
734 return this->additional_ids->get_count(this->additional_ids);
735 }
736
737 METHOD(imv_agent_t, create_id_enumerator, enumerator_t*,
738 private_imv_agent_t *this)
739 {
740 return this->additional_ids->create_enumerator(this->additional_ids);
741 }
742
743 METHOD(imv_agent_t, destroy, void,
744 private_imv_agent_t *this)
745 {
746 DBG1(DBG_IMV, "IMV %u \"%s\" terminated", this->id, this->name);
747 this->additional_ids->destroy(this->additional_ids);
748 this->connections->destroy_offset(this->connections,
749 offsetof(imv_state_t, destroy));
750 this->connection_lock->destroy(this->connection_lock);
751 free(this);
752
753 /* decrease the reference count or terminate */
754 libimcv_deinit();
755 }
756
757 /**
758 * Described in header.
759 */
760 imv_agent_t *imv_agent_create(const char *name,
761 pen_t vendor_id, u_int32_t subtype,
762 TNC_IMVID id, TNC_Version *actual_version)
763 {
764 private_imv_agent_t *this;
765
766 /* initialize or increase the reference count */
767 if (!libimcv_init())
768 {
769 return NULL;
770 }
771
772 INIT(this,
773 .public = {
774 .bind_functions = _bind_functions,
775 .create_state = _create_state,
776 .delete_state = _delete_state,
777 .change_state = _change_state,
778 .get_state = _get_state,
779 .send_message = _send_message,
780 .receive_message = _receive_message,
781 .set_recommendation = _set_recommendation,
782 .provide_recommendation = _provide_recommendation,
783 .reserve_additional_ids = _reserve_additional_ids,
784 .count_additional_ids = _count_additional_ids,
785 .create_id_enumerator = _create_id_enumerator,
786 .destroy = _destroy,
787 },
788 .name = name,
789 .vendor_id = vendor_id,
790 .subtype = subtype,
791 .id = id,
792 .additional_ids = linked_list_create(),
793 .connections = linked_list_create(),
794 .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
795 );
796
797 *actual_version = TNC_IFIMV_VERSION_1;
798 DBG1(DBG_IMV, "IMV %u \"%s\" initialized", this->id, this->name);
799
800 return &this->public;
801 }
802
803
strongSwan - IPsec VPN