moved management of additional IMC/IMV IDs to agent
[strongswan.git] / src / libimcv / plugins / imc_test / imc_test.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imc_test_state.h"
16
17 #include <imc/imc_agent.h>
18 #include <pa_tnc/pa_tnc_msg.h>
19 #include <ietf/ietf_attr.h>
20 #include <ietf/ietf_attr_pa_tnc_error.h>
21 #include <ita/ita_attr.h>
22 #include <ita/ita_attr_command.h>
23
24 #include <tncif_names.h>
25 #include <tncif_pa_subtypes.h>
26
27 #include <pen/pen.h>
28 #include <debug.h>
29
30 /* IMC definitions */
31
32 static const char imc_name[] = "Test";
33
34 #define IMC_VENDOR_ID PEN_ITA
35 #define IMC_SUBTYPE PA_SUBTYPE_ITA_TEST
36
37 static imc_agent_t *imc_test;
38
39 /**
40 * see section 3.8.1 of TCG TNC IF-IMC Specification 1.3
41 */
42 TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
43 TNC_Version min_version,
44 TNC_Version max_version,
45 TNC_Version *actual_version)
46 {
47 if (imc_test)
48 {
49 DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
50 return TNC_RESULT_ALREADY_INITIALIZED;
51 }
52 imc_test = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE,
53 imc_id, actual_version);
54 if (!imc_test)
55 {
56 return TNC_RESULT_FATAL;
57 }
58 if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
59 {
60 DBG1(DBG_IMC, "no common IF-IMC version");
61 return TNC_RESULT_NO_COMMON_VERSION;
62 }
63 return TNC_RESULT_SUCCESS;
64 }
65
66 /**
67 * see section 3.8.2 of TCG TNC IF-IMC Specification 1.3
68 */
69 TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id,
70 TNC_ConnectionID connection_id,
71 TNC_ConnectionState new_state)
72 {
73 imc_state_t *state;
74 imc_test_state_t *test_state;
75 TNC_Result result;
76 char *command;
77 bool retry;
78 int additional_ids;
79
80 if (!imc_test)
81 {
82 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
83 return TNC_RESULT_NOT_INITIALIZED;
84 }
85
86 switch (new_state)
87 {
88 case TNC_CONNECTION_STATE_CREATE:
89 command = lib->settings->get_str(lib->settings,
90 "libimcv.plugins.imc-test.command", "none");
91 retry = lib->settings->get_bool(lib->settings,
92 "libimcv.plugins.imc-test.retry", FALSE);
93 state = imc_test_state_create(connection_id, command, retry);
94
95 result = imc_test->create_state(imc_test, state);
96 if (result != TNC_RESULT_SUCCESS)
97 {
98 return result;
99 }
100
101 /* Optionally reserve additional IMC IDs */
102 additional_ids = lib->settings->get_int(lib->settings,
103 "libimcv.plugins.imc-test.additional_ids", 0);
104 imc_test->reserve_additional_ids(imc_test, additional_ids -
105 imc_test->count_additional_ids(imc_test));
106
107 return TNC_RESULT_SUCCESS;
108
109 case TNC_CONNECTION_STATE_HANDSHAKE:
110 /* get updated IMC state */
111 result = imc_test->change_state(imc_test, connection_id,
112 new_state, &state);
113 if (result != TNC_RESULT_SUCCESS)
114 {
115 return TNC_RESULT_FATAL;
116 }
117 test_state = (imc_test_state_t*)state;
118
119 /* is it the first handshake or a retry ? */
120 if (!test_state->is_first_handshake(test_state))
121 {
122 command = lib->settings->get_str(lib->settings,
123 "libimcv.plugins.imc-test.retry_command",
124 test_state->get_command(test_state));
125 test_state->set_command(test_state, command);
126 }
127 return TNC_RESULT_SUCCESS;
128
129 case TNC_CONNECTION_STATE_DELETE:
130 return imc_test->delete_state(imc_test, connection_id);
131
132 case TNC_CONNECTION_STATE_ACCESS_ISOLATED:
133 case TNC_CONNECTION_STATE_ACCESS_NONE:
134 /* get updated IMC state */
135 result = imc_test->change_state(imc_test, connection_id,
136 new_state, &state);
137 if (result != TNC_RESULT_SUCCESS)
138 {
139 return TNC_RESULT_FATAL;
140 }
141 test_state = (imc_test_state_t*)state;
142
143 /* do a handshake retry? */
144 if (test_state->do_handshake_retry(test_state))
145 {
146 return imc_test->request_handshake_retry(imc_id, connection_id,
147 TNC_RETRY_REASON_IMC_REMEDIATION_COMPLETE);
148 }
149 return TNC_RESULT_SUCCESS;
150
151 default:
152 return imc_test->change_state(imc_test, connection_id,
153 new_state, NULL);
154 }
155 }
156
157 static TNC_Result send_message(imc_state_t *state, TNC_UInt32 src_imc_id,
158 TNC_UInt32 dst_imv_id)
159 {
160 imc_test_state_t *test_state;
161 pa_tnc_msg_t *msg;
162 pa_tnc_attr_t *attr;
163 bool excl;
164 TNC_ConnectionID connection_id;
165 TNC_Result result;
166
167 connection_id = state->get_connection_id(state);
168 test_state = (imc_test_state_t*)state;
169 attr = ita_attr_command_create(test_state->get_command(test_state));
170 attr->set_noskip_flag(attr, TRUE);
171 msg = pa_tnc_msg_create();
172 msg->add_attribute(msg, attr);
173 msg->build(msg);
174 excl = dst_imv_id != TNC_IMVID_ANY;
175 result = imc_test->send_message(imc_test, connection_id, excl, src_imc_id,
176 dst_imv_id, msg->get_encoding(msg));
177 msg->destroy(msg);
178
179 return result;
180 }
181
182 /**
183 * see section 3.8.3 of TCG TNC IF-IMC Specification 1.3
184 */
185 TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id,
186 TNC_ConnectionID connection_id)
187 {
188 imc_state_t *state;
189 enumerator_t *enumerator;
190 void *pointer;
191 TNC_UInt32 additional_id;
192 TNC_Result result;
193
194 if (!imc_test)
195 {
196 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
197 return TNC_RESULT_NOT_INITIALIZED;
198 }
199
200 /* get current IMC state */
201 if (!imc_test->get_state(imc_test, connection_id, &state))
202 {
203 return TNC_RESULT_FATAL;
204 }
205
206 /* send PA message for primary IMC ID */
207 result = send_message(state, imc_id, TNC_IMVID_ANY);
208
209 /* Exit if there are no additional IMC IDs */
210 if (!imc_test->count_additional_ids(imc_test))
211 {
212 return result;
213 }
214
215 /* Do we have support for transporting multiple IMC IDs? */
216 if (!state->has_long(state))
217 {
218 DBG1(DBG_IMC, "IMC %u \"%s\" did not detect support for transporting "
219 "multiple IMC IDs", imc_id, imc_name);
220 return result;
221 }
222
223 /* send PA messages for additional IMC IDs */
224 enumerator = imc_test->create_id_enumerator(imc_test);
225 while (result == TNC_RESULT_SUCCESS &&
226 enumerator->enumerate(enumerator, &pointer))
227 {
228 /* interpret pointer as scalar value */
229 additional_id = (TNC_UInt32)pointer;
230 result = send_message(state, additional_id, TNC_IMVID_ANY);
231 }
232 enumerator->destroy(enumerator);
233
234 return result;
235 }
236
237 static TNC_Result receive_message(TNC_IMCID imc_id,
238 TNC_ConnectionID connection_id,
239 TNC_UInt32 msg_flags,
240 chunk_t msg,
241 TNC_VendorID msg_vid,
242 TNC_MessageSubtype msg_subtype,
243 TNC_UInt32 src_imv_id,
244 TNC_UInt32 dst_imc_id)
245 {
246 pa_tnc_msg_t *pa_tnc_msg;
247 pa_tnc_attr_t *attr;
248 imc_state_t *state;
249 enumerator_t *enumerator;
250 TNC_Result result;
251 bool fatal_error = FALSE;
252
253 if (!imc_test)
254 {
255 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
256 return TNC_RESULT_NOT_INITIALIZED;
257 }
258
259 /* get current IMC state */
260 if (!imc_test->get_state(imc_test, connection_id, &state))
261 {
262 return TNC_RESULT_FATAL;
263 }
264
265 /* parse received PA-TNC message and automatically handle any errors */
266 result = imc_test->receive_message(imc_test, state, msg, msg_vid,
267 msg_subtype, src_imv_id, dst_imc_id, &pa_tnc_msg);
268
269 /* no parsed PA-TNC attributes available if an error occurred */
270 if (!pa_tnc_msg)
271 {
272 return result;
273 }
274
275 /* preprocess any IETF standard error attributes */
276 fatal_error = pa_tnc_msg->process_ietf_std_errors(pa_tnc_msg);
277
278 /* analyze PA-TNC attributes */
279 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
280 while (enumerator->enumerate(enumerator, &attr))
281 {
282 if (attr->get_vendor_id(attr) == PEN_ITA &&
283 attr->get_type(attr) == ITA_ATTR_COMMAND)
284 {
285 ita_attr_command_t *ita_attr;
286 char *command;
287
288 ita_attr = (ita_attr_command_t*)attr;
289 command = ita_attr->get_command(ita_attr);
290 }
291 }
292 enumerator->destroy(enumerator);
293 pa_tnc_msg->destroy(pa_tnc_msg);
294
295 /* if no error occurred then always return the same response */
296 return fatal_error ? TNC_RESULT_FATAL :
297 send_message(state, dst_imc_id, src_imv_id);
298 }
299
300 /**
301 * see section 3.8.4 of TCG TNC IF-IMC Specification 1.3
302 */
303 TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
304 TNC_ConnectionID connection_id,
305 TNC_BufferReference msg,
306 TNC_UInt32 msg_len,
307 TNC_MessageType msg_type)
308 {
309 TNC_VendorID msg_vid;
310 TNC_MessageSubtype msg_subtype;
311
312 msg_vid = msg_type >> 8;
313 msg_subtype = msg_type & TNC_SUBTYPE_ANY;
314
315 return receive_message(imc_id, connection_id, 0, chunk_create(msg, msg_len),
316 msg_vid, msg_subtype, 0, TNC_IMCID_ANY);
317 }
318
319 /**
320 * see section 3.8.6 of TCG TNC IF-IMV Specification 1.3
321 */
322 TNC_Result TNC_IMC_ReceiveMessageLong(TNC_IMCID imc_id,
323 TNC_ConnectionID connection_id,
324 TNC_UInt32 msg_flags,
325 TNC_BufferReference msg,
326 TNC_UInt32 msg_len,
327 TNC_VendorID msg_vid,
328 TNC_MessageSubtype msg_subtype,
329 TNC_UInt32 src_imv_id,
330 TNC_UInt32 dst_imc_id)
331 {
332 return receive_message(imc_id, connection_id, msg_flags,
333 chunk_create(msg, msg_len), msg_vid, msg_subtype,
334 src_imv_id, dst_imc_id);
335 }
336
337 /**
338 * see section 3.8.7 of TCG TNC IF-IMC Specification 1.3
339 */
340 TNC_Result TNC_IMC_BatchEnding(TNC_IMCID imc_id,
341 TNC_ConnectionID connection_id)
342 {
343 if (!imc_test)
344 {
345 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
346 return TNC_RESULT_NOT_INITIALIZED;
347 }
348 return TNC_RESULT_SUCCESS;
349 }
350
351 /**
352 * see section 3.8.8 of TCG TNC IF-IMC Specification 1.3
353 */
354 TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id)
355 {
356 if (!imc_test)
357 {
358 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
359 return TNC_RESULT_NOT_INITIALIZED;
360 }
361 imc_test->destroy(imc_test);
362 imc_test = NULL;
363
364 return TNC_RESULT_SUCCESS;
365 }
366
367 /**
368 * see section 4.2.8.1 of TCG TNC IF-IMC Specification 1.3
369 */
370 TNC_Result TNC_IMC_ProvideBindFunction(TNC_IMCID imc_id,
371 TNC_TNCC_BindFunctionPointer bind_function)
372 {
373 if (!imc_test)
374 {
375 DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
376 return TNC_RESULT_NOT_INITIALIZED;
377 }
378 return imc_test->bind_functions(imc_test, bind_function);
379 }