moved imc_test/imv_test plugins to libimcv
[strongswan.git] / src / libimcv / plugins / imv_test / imv_test.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "imv_test_state.h"
16
17 #include <imv/imv_agent.h>
18 #include <pa_tnc/pa_tnc_msg.h>
19 #include <ita/ita_attr_command.h>
20 #include <tnc/pen/pen.h>
21 #include <debug.h>
22
23 /* IMV definitions */
24
25 static const char imv_name[] = "Test";
26
27 #define IMV_VENDOR_ID PEN_ITA
28 #define IMV_SUBTYPE 0x01
29
30 static imv_agent_t *imv_test;
31
32 /**
33 * see section 3.7.1 of TCG TNC IF-IMV Specification 1.2
34 */
35 TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
36 TNC_Version min_version,
37 TNC_Version max_version,
38 TNC_Version *actual_version)
39 {
40 if (imv_test)
41 {
42 DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
43 return TNC_RESULT_ALREADY_INITIALIZED;
44 }
45 if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
46 {
47 DBG1(DBG_IMV, "no common IF-IMV version");
48 return TNC_RESULT_NO_COMMON_VERSION;
49 }
50 imv_test = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
51 imv_id, actual_version);
52 return TNC_RESULT_SUCCESS;
53 }
54
55 /**
56 * see section 3.7.2 of TCG TNC IF-IMV Specification 1.2
57 */
58 TNC_Result TNC_IMV_NotifyConnectionChange(TNC_IMVID imv_id,
59 TNC_ConnectionID connection_id,
60 TNC_ConnectionState new_state)
61 {
62 imv_state_t *state;
63 int rounds;
64
65 if (!imv_test)
66 {
67 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
68 return TNC_RESULT_NOT_INITIALIZED;
69 }
70 switch (new_state)
71 {
72 case TNC_CONNECTION_STATE_CREATE:
73 rounds = lib->settings->get_int(lib->settings, "imv-test.rounds", 0);
74 state = imv_test_state_create(connection_id, rounds);
75 return imv_test->create_state(imv_test, state);
76 case TNC_CONNECTION_STATE_DELETE:
77 return imv_test->delete_state(imv_test, connection_id);
78 default:
79 return imv_test->change_state(imv_test, connection_id, new_state);
80 }
81 }
82
83 static TNC_Result send_message(TNC_ConnectionID connection_id)
84 {
85 pa_tnc_msg_t *msg;
86 pa_tnc_attr_t *attr;
87 TNC_Result result;
88
89 attr = ita_attr_command_create("repeat");
90 msg = pa_tnc_msg_create();
91 msg->add_attribute(msg, attr);
92 msg->build(msg);
93 result = imv_test->send_message(imv_test, connection_id,
94 msg->get_encoding(msg));
95 msg->destroy(msg);
96
97 return result;
98 }
99
100 /**
101 * see section 3.7.3 of TCG TNC IF-IMV Specification 1.2
102 */
103 TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
104 TNC_ConnectionID connection_id,
105 TNC_BufferReference msg,
106 TNC_UInt32 msg_len,
107 TNC_MessageType msg_type)
108 {
109 pa_tnc_msg_t *pa_tnc_msg;
110 pa_tnc_attr_t *attr;
111 imv_state_t *state;
112 imv_test_state_t *imv_test_state;
113 TNC_Result result = TNC_RESULT_SUCCESS;
114 enumerator_t *enumerator;
115
116 if (!imv_test)
117 {
118 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
119 return TNC_RESULT_NOT_INITIALIZED;
120 }
121
122 /* process received message */
123 DBG2(DBG_IMV, "IMV %u \"%s\" received message type 0x%08x for Connection ID %u",
124 imv_id, imv_name, msg_type, connection_id);
125 pa_tnc_msg = pa_tnc_msg_create_from_data(chunk_create(msg, msg_len));
126
127 if (pa_tnc_msg->process(pa_tnc_msg) != SUCCESS)
128 {
129 pa_tnc_msg->destroy(pa_tnc_msg);
130 return TNC_RESULT_FATAL;
131 }
132
133 /* get current IMV state */
134 if (!imv_test->get_state(imv_test, connection_id, &state))
135 {
136 pa_tnc_msg->destroy(pa_tnc_msg);
137 return TNC_RESULT_FATAL;
138 }
139
140 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
141 while (enumerator->enumerate(enumerator, &attr))
142 {
143 if (attr->get_vendor_id(attr) == PEN_ITA &&
144 attr->get_type(attr) == ITA_ATTR_COMMAND)
145 {
146 ita_attr_command_t *ita_attr;
147 char *command;
148
149 ita_attr = (ita_attr_command_t*)attr;
150 command = ita_attr->get_command(ita_attr);
151
152 if (streq(command, "allow"))
153 {
154 state->set_recommendation(state,
155 TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
156 TNC_IMV_EVALUATION_RESULT_COMPLIANT);
157 }
158 else if (streq(command, "isolate"))
159 {
160 state->set_recommendation(state,
161 TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
162 TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR);
163 }
164 else if (streq(command, "none"))
165 {
166 state->set_recommendation(state,
167 TNC_IMV_ACTION_RECOMMENDATION_NO_ACCESS,
168 TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MAJOR);
169 }
170 else
171 {
172 result = TNC_RESULT_FATAL;
173 }
174 break;
175 }
176 }
177 enumerator->destroy(enumerator);
178 pa_tnc_msg->destroy(pa_tnc_msg);
179
180 if (result != TNC_RESULT_SUCCESS)
181 {
182 return result;
183 }
184
185 /* repeat the measurement ? */
186 imv_test_state = (imv_test_state_t*)state;
187 if (imv_test_state->another_round(imv_test_state))
188 {
189 return send_message(connection_id);
190 }
191
192 return imv_test->provide_recommendation(imv_test, connection_id);
193 }
194
195 /**
196 * see section 3.7.4 of TCG TNC IF-IMV Specification 1.2
197 */
198 TNC_Result TNC_IMV_SolicitRecommendation(TNC_IMVID imv_id,
199 TNC_ConnectionID connection_id)
200 {
201 if (!imv_test)
202 {
203 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
204 return TNC_RESULT_NOT_INITIALIZED;
205 }
206 return imv_test->provide_recommendation(imv_test, connection_id);
207 }
208
209 /**
210 * see section 3.7.5 of TCG TNC IF-IMV Specification 1.2
211 */
212 TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
213 TNC_ConnectionID connection_id)
214 {
215 if (!imv_test)
216 {
217 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
218 return TNC_RESULT_NOT_INITIALIZED;
219 }
220 return TNC_RESULT_SUCCESS;
221 }
222
223 /**
224 * see section 3.7.6 of TCG TNC IF-IMV Specification 1.2
225 */
226 TNC_Result TNC_IMV_Terminate(TNC_IMVID imv_id)
227 {
228 if (!imv_test)
229 {
230 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
231 return TNC_RESULT_NOT_INITIALIZED;
232 }
233 imv_test->destroy(imv_test);
234 imv_test = NULL;
235
236 return TNC_RESULT_SUCCESS;
237 }
238
239 /**
240 * see section 4.2.8.1 of TCG TNC IF-IMV Specification 1.2
241 */
242 TNC_Result TNC_IMV_ProvideBindFunction(TNC_IMVID imv_id,
243 TNC_TNCS_BindFunctionPointer bind_function)
244 {
245 if (!imv_test)
246 {
247 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
248 return TNC_RESULT_NOT_INITIALIZED;
249 }
250 return imv_test->bind_functions(imv_test, bind_function);
251 }