projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Corrected typo on product_file table
[strongswan.git] / src / libimcv / plugins / imc_test / imc_test.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imc_test_state.h"
16
17 #include <imc/imc_agent.h>
18 #include <pa_tnc/pa_tnc_msg.h>
19 #include <ietf/ietf_attr.h>
20 #include <ietf/ietf_attr_pa_tnc_error.h>
21 #include <ita/ita_attr.h>
22 #include <ita/ita_attr_command.h>
23
24 #include <tncif_names.h>
25 #include <tncif_pa_subtypes.h>
26
27 #include <pen/pen.h>
28 #include <debug.h>
29
30 /* IMC definitions */
31
32 static const char imc_name[] = "Test";
33
34 #define IMC_VENDOR_ID PEN_ITA
35 #define IMC_SUBTYPE PA_SUBTYPE_ITA_TEST
36
37 static imc_agent_t *imc_test;
38
39 /**
40 * see section 3.7.1 of TCG TNC IF-IMC Specification 1.2
41 */
42 TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
43 TNC_Version min_version,
44 TNC_Version max_version,
45 TNC_Version *actual_version)
46 {
47 if (imc_test)
48 {
49 DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
50 return TNC_RESULT_ALREADY_INITIALIZED;
51 }
52 imc_test = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE,
53 imc_id, actual_version);
54 if (!imc_test)
55 {
56 return TNC_RESULT_FATAL;
57 }
58 if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
59 {
60 DBG1(DBG_IMC, "no common IF-IMC version");
61 return TNC_RESULT_NO_COMMON_VERSION;
62 }
63 return TNC_RESULT_SUCCESS;
64 }
65
66 /**
67 * see section 3.7.2 of TCG TNC IF-IMC Specification 1.2
68 */
69 TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id,
70 TNC_ConnectionID connection_id,
71 TNC_ConnectionState new_state)
72 {
73 imc_state_t *state;
74 imc_test_state_t *test_state;
75 TNC_Result result;
76 char *command;
77 bool retry;
78
79 if (!imc_test)
80 {
81 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
82 return TNC_RESULT_NOT_INITIALIZED;
83 }
84 switch (new_state)
85 {
86 case TNC_CONNECTION_STATE_CREATE:
87 command = lib->settings->get_str(lib->settings,
88 "libimcv.plugins.imc-test.command", "none");
89 retry = lib->settings->get_bool(lib->settings,
90 "libimcv.plugins.imc-test.retry", FALSE);
91 state = imc_test_state_create(connection_id, command, retry);
92 return imc_test->create_state(imc_test, state);
93
94 case TNC_CONNECTION_STATE_HANDSHAKE:
95 /* get updated IMC state */
96 result = imc_test->change_state(imc_test, connection_id,
97 new_state, &state);
98 if (result != TNC_RESULT_SUCCESS)
99 {
100 return TNC_RESULT_FATAL;
101 }
102 test_state = (imc_test_state_t*)state;
103
104 /* is it the first handshake or a retry ? */
105 if (!test_state->is_first_handshake(test_state))
106 {
107 command = lib->settings->get_str(lib->settings,
108 "libimcv.plugins.imc-test.retry_command",
109 test_state->get_command(test_state));
110 test_state->set_command(test_state, command);
111 }
112 return TNC_RESULT_SUCCESS;
113
114 case TNC_CONNECTION_STATE_DELETE:
115 return imc_test->delete_state(imc_test, connection_id);
116
117 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
118 case TNC_CONNECTION_STATE_ACCESS_NONE:
119 /* get updated IMC state */
120 result = imc_test->change_state(imc_test, connection_id,
121 new_state, &state);
122 if (result != TNC_RESULT_SUCCESS)
123 {
124 return TNC_RESULT_FATAL;
125 }
126 test_state = (imc_test_state_t*)state;
127
128 /* do a handshake retry? */
129 if (test_state->do_handshake_retry(test_state))
130 {
131 return imc_test->request_handshake_retry(imc_id, connection_id,
132 TNC_RETRY_REASON_IMC_REMEDIATION_COMPLETE);
133 }
134 return TNC_RESULT_SUCCESS;
135
136 default:
137 return imc_test->change_state(imc_test, connection_id,
138 new_state, NULL);
139 }
140 }
141
142 static TNC_Result send_message(TNC_ConnectionID connection_id)
143 {
144 pa_tnc_msg_t *msg;
145 pa_tnc_attr_t *attr;
146 imc_state_t *state;
147 imc_test_state_t *test_state;
148 TNC_Result result;
149
150 if (!imc_test->get_state(imc_test, connection_id, &state))
151 {
152 return TNC_RESULT_FATAL;
153 }
154 test_state = (imc_test_state_t*)state;
155 attr = ita_attr_command_create(test_state->get_command(test_state));
156 attr->set_noskip_flag(attr, TRUE);
157 msg = pa_tnc_msg_create();
158 msg->add_attribute(msg, attr);
159 msg->build(msg);
160 result = imc_test->send_message(imc_test, connection_id,
161 msg->get_encoding(msg));
162 msg->destroy(msg);
163
164 return result;
165 }
166
167 /**
168 * see section 3.7.3 of TCG TNC IF-IMC Specification 1.2
169 */
170 TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id,
171 TNC_ConnectionID connection_id)
172 {
173 if (!imc_test)
174 {
175 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
176 return TNC_RESULT_NOT_INITIALIZED;
177 }
178 return send_message(connection_id);
179 }
180
181 /**
182 * see section 3.7.4 of TCG TNC IF-IMC Specification 1.2
183 */
184 TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
185 TNC_ConnectionID connection_id,
186 TNC_BufferReference msg,
187 TNC_UInt32 msg_len,
188 TNC_MessageType msg_type)
189 {
190 pa_tnc_msg_t *pa_tnc_msg;
191 pa_tnc_attr_t *attr;
192 enumerator_t *enumerator;
193 TNC_Result result;
194 bool fatal_error = FALSE;
195
196 if (!imc_test)
197 {
198 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
199 return TNC_RESULT_NOT_INITIALIZED;
200 }
201
202 /* parse received PA-TNC message and automatically handle any errors */
203 result = imc_test->receive_message(imc_test, connection_id,
204 chunk_create(msg, msg_len), msg_type,
205 &pa_tnc_msg);
206
207 /* no parsed PA-TNC attributes available if an error occurred */
208 if (!pa_tnc_msg)
209 {
210 return result;
211 }
212
213 /* analyze PA-TNC attributes */
214 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
215 while (enumerator->enumerate(enumerator, &attr))
216 {
217 if (attr->get_vendor_id(attr) == PEN_IETF &&
218 attr->get_type(attr) == IETF_ATTR_PA_TNC_ERROR)
219 {
220 ietf_attr_pa_tnc_error_t *error_attr;
221 pa_tnc_error_code_t error_code;
222 chunk_t msg_info, attr_info;
223 u_int32_t offset;
224
225 error_attr = (ietf_attr_pa_tnc_error_t*)attr;
226 error_code = error_attr->get_error_code(error_attr);
227 msg_info = error_attr->get_msg_info(error_attr);
228
229 DBG1(DBG_IMC, "received PA-TNC error '%N' concerning message %#B",
230 pa_tnc_error_code_names, error_code, &msg_info);
231 switch (error_code)
232 {
233 case PA_ERROR_INVALID_PARAMETER:
234 offset = error_attr->get_offset(error_attr);
235 DBG1(DBG_IMC, " occurred at offset of %u bytes", offset);
236 break;
237 case PA_ERROR_ATTR_TYPE_NOT_SUPPORTED:
238 attr_info = error_attr->get_attr_info(error_attr);
239 DBG1(DBG_IMC, " unsupported attribute %#B", &attr_info);
240 break;
241 default:
242 break;
243 }
244 fatal_error = TRUE;
245 }
246 else if (attr->get_vendor_id(attr) == PEN_ITA &&
247 attr->get_type(attr) == ITA_ATTR_COMMAND)
248 {
249 ita_attr_command_t *ita_attr;
250 char *command;
251
252 ita_attr = (ita_attr_command_t*)attr;
253 command = ita_attr->get_command(ita_attr);
254 }
255 }
256 enumerator->destroy(enumerator);
257 pa_tnc_msg->destroy(pa_tnc_msg);
258
259 /* if no error occurred then always return the same response */
260 return fatal_error ? TNC_RESULT_FATAL : send_message(connection_id);
261 }
262
263 /**
264 * see section 3.7.5 of TCG TNC IF-IMC Specification 1.2
265 */
266 TNC_Result TNC_IMC_BatchEnding(TNC_IMCID imc_id,
267 TNC_ConnectionID connection_id)
268 {
269 if (!imc_test)
270 {
271 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
272 return TNC_RESULT_NOT_INITIALIZED;
273 }
274 return TNC_RESULT_SUCCESS;
275 }
276
277 /**
278 * see section 3.7.6 of TCG TNC IF-IMC Specification 1.2
279 */
280 TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id)
281 {
282 if (!imc_test)
283 {
284 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
285 return TNC_RESULT_NOT_INITIALIZED;
286 }
287 imc_test->destroy(imc_test);
288 imc_test = NULL;
289
290 return TNC_RESULT_SUCCESS;
291 }
292
293 /**
294 * see section 4.2.8.1 of TCG TNC IF-IMC Specification 1.2
295 */
296 TNC_Result TNC_IMC_ProvideBindFunction(TNC_IMCID imc_id,
297 TNC_TNCC_BindFunctionPointer bind_function)
298 {
299 if (!imc_test)
300 {
301 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
302 return TNC_RESULT_NOT_INITIALIZED;
303 }
304 return imc_test->bind_functions(imc_test, bind_function);
305 }
strongSwan - IPsec VPN