37178867dacd2136a1dd664b8a204734ae0e0d59
[strongswan.git] / src / libimcv / plugins / imv_test / imv_test.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imv_test_state.h"
16
17 #include <imv/imv_agent.h>
18 #include <pa_tnc/pa_tnc_msg.h>
19 #include <ita/ita_attr_command.h>
20
21 #include <pen/pen.h>
22
23 #include <debug.h>
24
25 /* IMV definitions */
26
27 static const char imv_name[] = "Test";
28
29 #define IMV_VENDOR_ID PEN_ITA
30 #define IMV_SUBTYPE 0x01
31
32 static imv_agent_t *imv_test;
33
34 /**
35 * see section 3.7.1 of TCG TNC IF-IMV Specification 1.2
36 */
37 TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
38 TNC_Version min_version,
39 TNC_Version max_version,
40 TNC_Version *actual_version)
41 {
42 if (imv_test)
43 {
44 DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
45 return TNC_RESULT_ALREADY_INITIALIZED;
46 }
47 imv_test = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
48 imv_id, actual_version);
49 if (!imv_test)
50 {
51 return TNC_RESULT_FATAL;
52 }
53 if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
54 {
55 DBG1(DBG_IMV, "no common IF-IMV version");
56 return TNC_RESULT_NO_COMMON_VERSION;
57 }
58 return TNC_RESULT_SUCCESS;
59 }
60
61 /**
62 * see section 3.7.2 of TCG TNC IF-IMV Specification 1.2
63 */
64 TNC_Result TNC_IMV_NotifyConnectionChange(TNC_IMVID imv_id,
65 TNC_ConnectionID connection_id,
66 TNC_ConnectionState new_state)
67 {
68 imv_state_t *state;
69 int rounds;
70
71 if (!imv_test)
72 {
73 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
74 return TNC_RESULT_NOT_INITIALIZED;
75 }
76 switch (new_state)
77 {
78 case TNC_CONNECTION_STATE_CREATE:
79 rounds = lib->settings->get_int(lib->settings,
80 "libimcv.plugins.imv-test.rounds", 0);
81 state = imv_test_state_create(connection_id, rounds);
82 return imv_test->create_state(imv_test, state);
83 case TNC_CONNECTION_STATE_DELETE:
84 return imv_test->delete_state(imv_test, connection_id);
85 default:
86 return imv_test->change_state(imv_test, connection_id, new_state);
87 }
88 }
89
90 static TNC_Result send_message(TNC_ConnectionID connection_id)
91 {
92 pa_tnc_msg_t *msg;
93 pa_tnc_attr_t *attr;
94 TNC_Result result;
95
96 attr = ita_attr_command_create("repeat");
97 msg = pa_tnc_msg_create();
98 msg->add_attribute(msg, attr);
99 msg->build(msg);
100 result = imv_test->send_message(imv_test, connection_id,
101 msg->get_encoding(msg));
102 msg->destroy(msg);
103
104 return result;
105 }
106
107 /**
108 * see section 3.7.3 of TCG TNC IF-IMV Specification 1.2
109 */
110 TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
111 TNC_ConnectionID connection_id,
112 TNC_BufferReference msg,
113 TNC_UInt32 msg_len,
114 TNC_MessageType msg_type)
115 {
116 pa_tnc_msg_t *pa_tnc_msg;
117 pa_tnc_attr_t *attr;
118 imv_state_t *state;
119 imv_test_state_t *imv_test_state;
120 TNC_Result result = TNC_RESULT_SUCCESS;
121 enumerator_t *enumerator;
122
123 if (!imv_test)
124 {
125 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
126 return TNC_RESULT_NOT_INITIALIZED;
127 }
128
129 /* process received message */
130 DBG2(DBG_IMV, "IMV %u \"%s\" received message type 0x%08x for Connection ID %u",
131 imv_id, imv_name, msg_type, connection_id);
132 pa_tnc_msg = pa_tnc_msg_create_from_data(chunk_create(msg, msg_len));
133
134 if (pa_tnc_msg->process(pa_tnc_msg) != SUCCESS)
135 {
136 pa_tnc_msg->destroy(pa_tnc_msg);
137 return TNC_RESULT_FATAL;
138 }
139
140 /* get current IMV state */
141 if (!imv_test->get_state(imv_test, connection_id, &state))
142 {
143 pa_tnc_msg->destroy(pa_tnc_msg);
144 return TNC_RESULT_FATAL;
145 }
146
147 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
148 while (enumerator->enumerate(enumerator, &attr))
149 {
150 if (attr->get_vendor_id(attr) == PEN_ITA &&
151 attr->get_type(attr) == ITA_ATTR_COMMAND)
152 {
153 ita_attr_command_t *ita_attr;
154 char *command;
155
156 ita_attr = (ita_attr_command_t*)attr;
157 command = ita_attr->get_command(ita_attr);
158
159 if (streq(command, "allow"))
160 {
161 state->set_recommendation(state,
162 TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
163 TNC_IMV_EVALUATION_RESULT_COMPLIANT);
164 }
165 else if (streq(command, "isolate"))
166 {
167 state->set_recommendation(state,
168 TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
169 TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR);
170 }
171 else if (streq(command, "none"))
172 {
173 state->set_recommendation(state,
174 TNC_IMV_ACTION_RECOMMENDATION_NO_ACCESS,
175 TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MAJOR);
176 }
177 else
178 {
179 result = TNC_RESULT_FATAL;
180 }
181 break;
182 }
183 }
184 enumerator->destroy(enumerator);
185 pa_tnc_msg->destroy(pa_tnc_msg);
186
187 if (result != TNC_RESULT_SUCCESS)
188 {
189 return result;
190 }
191
192 /* repeat the measurement ? */
193 imv_test_state = (imv_test_state_t*)state;
194 if (imv_test_state->another_round(imv_test_state))
195 {
196 return send_message(connection_id);
197 }
198
199 return imv_test->provide_recommendation(imv_test, connection_id);
200 }
201
202 /**
203 * see section 3.7.4 of TCG TNC IF-IMV Specification 1.2
204 */
205 TNC_Result TNC_IMV_SolicitRecommendation(TNC_IMVID imv_id,
206 TNC_ConnectionID connection_id)
207 {
208 if (!imv_test)
209 {
210 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
211 return TNC_RESULT_NOT_INITIALIZED;
212 }
213 return imv_test->provide_recommendation(imv_test, connection_id);
214 }
215
216 /**
217 * see section 3.7.5 of TCG TNC IF-IMV Specification 1.2
218 */
219 TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
220 TNC_ConnectionID connection_id)
221 {
222 if (!imv_test)
223 {
224 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
225 return TNC_RESULT_NOT_INITIALIZED;
226 }
227 return TNC_RESULT_SUCCESS;
228 }
229
230 /**
231 * see section 3.7.6 of TCG TNC IF-IMV Specification 1.2
232 */
233 TNC_Result TNC_IMV_Terminate(TNC_IMVID imv_id)
234 {
235 if (!imv_test)
236 {
237 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
238 return TNC_RESULT_NOT_INITIALIZED;
239 }
240 imv_test->destroy(imv_test);
241 imv_test = NULL;
242
243 return TNC_RESULT_SUCCESS;
244 }
245
246 /**
247 * see section 4.2.8.1 of TCG TNC IF-IMV Specification 1.2
248 */
249 TNC_Result TNC_IMV_ProvideBindFunction(TNC_IMVID imv_id,
250 TNC_TNCS_BindFunctionPointer bind_function)
251 {
252 if (!imv_test)
253 {
254 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
255 return TNC_RESULT_NOT_INITIALIZED;
256 }
257 return imv_test->bind_functions(imv_test, bind_function);
258 }