implemented IMC/IMV ReceiveMessageLong functions
[strongswan.git] / src / libimcv / plugins / imc_test / imc_test.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imc_test_state.h"
16
17 #include <imc/imc_agent.h>
18 #include <pa_tnc/pa_tnc_msg.h>
19 #include <ietf/ietf_attr.h>
20 #include <ietf/ietf_attr_pa_tnc_error.h>
21 #include <ita/ita_attr.h>
22 #include <ita/ita_attr_command.h>
23
24 #include <tncif_names.h>
25 #include <tncif_pa_subtypes.h>
26
27 #include <pen/pen.h>
28 #include <debug.h>
29
30 /* IMC definitions */
31
32 static const char imc_name[] = "Test";
33
34 #define IMC_VENDOR_ID PEN_ITA
35 #define IMC_SUBTYPE PA_SUBTYPE_ITA_TEST
36
37 static imc_agent_t *imc_test;
38
39 /**
40 * see section 3.8.1 of TCG TNC IF-IMC Specification 1.3
41 */
42 TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
43 TNC_Version min_version,
44 TNC_Version max_version,
45 TNC_Version *actual_version)
46 {
47 if (imc_test)
48 {
49 DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
50 return TNC_RESULT_ALREADY_INITIALIZED;
51 }
52 imc_test = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE,
53 imc_id, actual_version);
54 if (!imc_test)
55 {
56 return TNC_RESULT_FATAL;
57 }
58 if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
59 {
60 DBG1(DBG_IMC, "no common IF-IMC version");
61 return TNC_RESULT_NO_COMMON_VERSION;
62 }
63 return TNC_RESULT_SUCCESS;
64 }
65
66 /**
67 * see section 3.8.2 of TCG TNC IF-IMC Specification 1.3
68 */
69 TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id,
70 TNC_ConnectionID connection_id,
71 TNC_ConnectionState new_state)
72 {
73 imc_state_t *state;
74 imc_test_state_t *test_state;
75 TNC_Result result;
76 TNC_UInt32 new_imc_id;
77 char *command;
78 bool retry;
79 int additional_ids;
80
81 if (!imc_test)
82 {
83 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
84 return TNC_RESULT_NOT_INITIALIZED;
85 }
86 switch (new_state)
87 {
88 case TNC_CONNECTION_STATE_CREATE:
89 command = lib->settings->get_str(lib->settings,
90 "libimcv.plugins.imc-test.command", "none");
91 retry = lib->settings->get_bool(lib->settings,
92 "libimcv.plugins.imc-test.retry", FALSE);
93 state = imc_test_state_create(connection_id, command, retry);
94
95 result = imc_test->create_state(imc_test, state);
96 if (result != TNC_RESULT_SUCCESS)
97 {
98 return result;
99 }
100
101 /* Do we want to reserve additional IMC IDs? */
102 additional_ids = lib->settings->get_int(lib->settings,
103 "libimcv.plugins.imc-test.additional_ids", 0);
104 if (additional_ids < 1)
105 {
106 return TNC_RESULT_SUCCESS;
107 }
108
109 if (!state->has_long(state))
110 {
111 DBG1(DBG_IMC, "IMC %u \"%s\" did not detect support of "
112 "multiple IMC IDs", imc_id, imc_name);
113 return TNC_RESULT_SUCCESS;
114 }
115 test_state = (imc_test_state_t*)state;
116
117 while (additional_ids-- > 0)
118 {
119 if (imc_test->reserve_additional_id(imc_test, &new_imc_id) !=
120 TNC_RESULT_SUCCESS)
121 {
122 DBG1(DBG_IMC, "IMC %u \"%s\" failed to reserve "
123 "%d additional IMC IDs",
124 imc_id, imc_name, additional_ids);
125 break;
126 }
127 DBG2(DBG_IMC, "IMC %u \"%s\" reserved additional ID %u",
128 imc_id, imc_name, new_imc_id);
129 test_state->add_id(test_state, new_imc_id);
130 }
131 return TNC_RESULT_SUCCESS;
132
133 case TNC_CONNECTION_STATE_HANDSHAKE:
134 /* get updated IMC state */
135 result = imc_test->change_state(imc_test, connection_id,
136 new_state, &state);
137 if (result != TNC_RESULT_SUCCESS)
138 {
139 return TNC_RESULT_FATAL;
140 }
141 test_state = (imc_test_state_t*)state;
142
143 /* is it the first handshake or a retry ? */
144 if (!test_state->is_first_handshake(test_state))
145 {
146 command = lib->settings->get_str(lib->settings,
147 "libimcv.plugins.imc-test.retry_command",
148 test_state->get_command(test_state));
149 test_state->set_command(test_state, command);
150 }
151 return TNC_RESULT_SUCCESS;
152
153 case TNC_CONNECTION_STATE_DELETE:
154 return imc_test->delete_state(imc_test, connection_id);
155
156 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
157 case TNC_CONNECTION_STATE_ACCESS_NONE:
158 /* get updated IMC state */
159 result = imc_test->change_state(imc_test, connection_id,
160 new_state, &state);
161 if (result != TNC_RESULT_SUCCESS)
162 {
163 return TNC_RESULT_FATAL;
164 }
165 test_state = (imc_test_state_t*)state;
166
167 /* do a handshake retry? */
168 if (test_state->do_handshake_retry(test_state))
169 {
170 return imc_test->request_handshake_retry(imc_id, connection_id,
171 TNC_RETRY_REASON_IMC_REMEDIATION_COMPLETE);
172 }
173 return TNC_RESULT_SUCCESS;
174
175 default:
176 return imc_test->change_state(imc_test, connection_id,
177 new_state, NULL);
178 }
179 }
180
181 static TNC_Result send_message(TNC_ConnectionID connection_id)
182 {
183 pa_tnc_msg_t *msg;
184 pa_tnc_attr_t *attr;
185 imc_state_t *state;
186 imc_test_state_t *test_state;
187 enumerator_t *enumerator;
188 void *pointer;
189 TNC_UInt32 imc_id;
190 TNC_Result result;
191
192 if (!imc_test->get_state(imc_test, connection_id, &state))
193 {
194 return TNC_RESULT_FATAL;
195 }
196 test_state = (imc_test_state_t*)state;
197
198 /* send PA message for primary IMC ID */
199 attr = ita_attr_command_create(test_state->get_command(test_state));
200 attr->set_noskip_flag(attr, TRUE);
201 msg = pa_tnc_msg_create();
202 msg->add_attribute(msg, attr);
203 msg->build(msg);
204 result = imc_test->send_message(imc_test, connection_id, FALSE, 0,
205 TNC_IMVID_ANY, msg->get_encoding(msg));
206 msg->destroy(msg);
207
208 /* send PA messages for additional IMC IDs */
209 enumerator = test_state->create_id_enumerator(test_state);
210 while (result == TNC_RESULT_SUCCESS &&
211 enumerator->enumerate(enumerator, &pointer))
212 {
213 /* interpret pointer as scalar value */
214 imc_id = (TNC_UInt32)pointer;
215
216 attr = ita_attr_command_create(test_state->get_command(test_state));
217 attr->set_noskip_flag(attr, TRUE);
218 msg = pa_tnc_msg_create();
219 msg->add_attribute(msg, attr);
220 msg->build(msg);
221 result = imc_test->send_message(imc_test, connection_id, FALSE, imc_id,
222 TNC_IMVID_ANY, msg->get_encoding(msg));
223 msg->destroy(msg);
224 }
225 enumerator->destroy(enumerator);
226
227 return result;
228 }
229
230 /**
231 * see section 3.8.3 of TCG TNC IF-IMC Specification 1.3
232 */
233 TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id,
234 TNC_ConnectionID connection_id)
235 {
236 if (!imc_test)
237 {
238 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
239 return TNC_RESULT_NOT_INITIALIZED;
240 }
241 return send_message(connection_id);
242 }
243
244 static TNC_Result receive_message(TNC_IMCID imc_id,
245 TNC_ConnectionID connection_id,
246 TNC_UInt32 msg_flags,
247 chunk_t msg,
248 TNC_VendorID msg_vid,
249 TNC_MessageSubtype msg_subtype,
250 TNC_UInt32 src_imv_id,
251 TNC_UInt32 dst_imc_id)
252 {
253 pa_tnc_msg_t *pa_tnc_msg;
254 pa_tnc_attr_t *attr;
255 imc_state_t *state;
256 enumerator_t *enumerator;
257 TNC_Result result;
258 bool fatal_error = FALSE;
259
260 if (!imc_test)
261 {
262 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
263 return TNC_RESULT_NOT_INITIALIZED;
264 }
265
266 /* get current IMC state */
267 if (!imc_test->get_state(imc_test, connection_id, &state))
268 {
269 return TNC_RESULT_FATAL;
270 }
271
272 /* parse received PA-TNC message and automatically handle any errors */
273 result = imc_test->receive_message(imc_test, state, msg, msg_vid,
274 msg_subtype, src_imv_id, dst_imc_id, &pa_tnc_msg);
275
276 /* no parsed PA-TNC attributes available if an error occurred */
277 if (!pa_tnc_msg)
278 {
279 return result;
280 }
281
282 /* analyze PA-TNC attributes */
283 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
284 while (enumerator->enumerate(enumerator, &attr))
285 {
286 if (attr->get_vendor_id(attr) == PEN_IETF &&
287 attr->get_type(attr) == IETF_ATTR_PA_TNC_ERROR)
288 {
289 ietf_attr_pa_tnc_error_t *error_attr;
290 pa_tnc_error_code_t error_code;
291 chunk_t msg_info, attr_info;
292 u_int32_t offset;
293
294 error_attr = (ietf_attr_pa_tnc_error_t*)attr;
295 error_code = error_attr->get_error_code(error_attr);
296 msg_info = error_attr->get_msg_info(error_attr);
297
298 DBG1(DBG_IMC, "received PA-TNC error '%N' concerning message %#B",
299 pa_tnc_error_code_names, error_code, &msg_info);
300 switch (error_code)
301 {
302 case PA_ERROR_INVALID_PARAMETER:
303 offset = error_attr->get_offset(error_attr);
304 DBG1(DBG_IMC, " occurred at offset of %u bytes", offset);
305 break;
306 case PA_ERROR_ATTR_TYPE_NOT_SUPPORTED:
307 attr_info = error_attr->get_attr_info(error_attr);
308 DBG1(DBG_IMC, " unsupported attribute %#B", &attr_info);
309 break;
310 default:
311 break;
312 }
313 fatal_error = TRUE;
314 }
315 else if (attr->get_vendor_id(attr) == PEN_ITA &&
316 attr->get_type(attr) == ITA_ATTR_COMMAND)
317 {
318 ita_attr_command_t *ita_attr;
319 char *command;
320
321 ita_attr = (ita_attr_command_t*)attr;
322 command = ita_attr->get_command(ita_attr);
323 }
324 }
325 enumerator->destroy(enumerator);
326 pa_tnc_msg->destroy(pa_tnc_msg);
327
328 /* if no error occurred then always return the same response */
329 return fatal_error ? TNC_RESULT_FATAL : send_message(connection_id);
330 }
331
332 /**
333 * see section 3.8.4 of TCG TNC IF-IMC Specification 1.3
334 */
335 TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
336 TNC_ConnectionID connection_id,
337 TNC_BufferReference msg,
338 TNC_UInt32 msg_len,
339 TNC_MessageType msg_type)
340 {
341 TNC_VendorID msg_vid;
342 TNC_MessageSubtype msg_subtype;
343
344 msg_vid = msg_type >> 8;
345 msg_subtype = msg_type & TNC_SUBTYPE_ANY;
346
347 return receive_message(imc_id, connection_id, 0, chunk_create(msg, msg_len),
348 msg_vid, msg_subtype, 0, TNC_IMCID_ANY);
349 }
350
351 /**
352 * see section 3.8.6 of TCG TNC IF-IMV Specification 1.3
353 */
354 TNC_Result TNC_IMC_ReceiveMessageLong(TNC_IMCID imc_id,
355 TNC_ConnectionID connection_id,
356 TNC_UInt32 msg_flags,
357 TNC_BufferReference msg,
358 TNC_UInt32 msg_len,
359 TNC_VendorID msg_vid,
360 TNC_MessageSubtype msg_subtype,
361 TNC_UInt32 src_imv_id,
362 TNC_UInt32 dst_imc_id)
363 {
364 return receive_message(imc_id, connection_id, msg_flags,
365 chunk_create(msg, msg_len), msg_vid, msg_subtype,
366 src_imv_id, dst_imc_id);
367 }
368
369 /**
370 * see section 3.8.7 of TCG TNC IF-IMC Specification 1.3
371 */
372 TNC_Result TNC_IMC_BatchEnding(TNC_IMCID imc_id,
373 TNC_ConnectionID connection_id)
374 {
375 if (!imc_test)
376 {
377 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
378 return TNC_RESULT_NOT_INITIALIZED;
379 }
380 return TNC_RESULT_SUCCESS;
381 }
382
383 /**
384 * see section 3.8.8 of TCG TNC IF-IMC Specification 1.3
385 */
386 TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id)
387 {
388 if (!imc_test)
389 {
390 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
391 return TNC_RESULT_NOT_INITIALIZED;
392 }
393 imc_test->destroy(imc_test);
394 imc_test = NULL;
395
396 return TNC_RESULT_SUCCESS;
397 }
398
399 /**
400 * see section 4.2.8.1 of TCG TNC IF-IMC Specification 1.3
401 */
402 TNC_Result TNC_IMC_ProvideBindFunction(TNC_IMCID imc_id,
403 TNC_TNCC_BindFunctionPointer bind_function)
404 {
405 if (!imc_test)
406 {
407 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
408 return TNC_RESULT_NOT_INITIALIZED;
409 }
410 return imc_test->bind_functions(imc_test, bind_function);
411 }