projects / strongswan.git / blob
? search:


3053b26433c2f7d35ffb313af91ec5ad9feaeee7
[strongswan.git] / src / libpts / plugins / imv_swid / imv_swid_agent.c
1 /*
2 * Copyright (C) 2013-2014 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #define _GNU_SOURCE
17 #include <stdio.h>
18
19 #include "imv_swid_agent.h"
20 #include "imv_swid_state.h"
21 #include "imv_swid_rest.h"
22
23 #include "libpts.h"
24 #include "swid/swid_error.h"
25 #include "swid/swid_inventory.h"
26 #include "tcg/swid/tcg_swid_attr_req.h"
27 #include "tcg/swid/tcg_swid_attr_tag_inv.h"
28 #include "tcg/swid/tcg_swid_attr_tag_id_inv.h"
29
30 #include <imcv.h>
31 #include <ietf/ietf_attr_pa_tnc_error.h>
32 #include <imv/imv_agent.h>
33 #include <imv/imv_msg.h>
34 #include <ita/ita_attr.h>
35 #include <ita/ita_attr_angel.h>
36
37 #include <tncif_names.h>
38 #include <tncif_pa_subtypes.h>
39
40 #include <pen/pen.h>
41 #include <utils/debug.h>
42 #include <bio/bio_reader.h>
43
44 typedef struct private_imv_swid_agent_t private_imv_swid_agent_t;
45
46 /* Subscribed PA-TNC message subtypes */
47 static pen_type_t msg_types[] = {
48 { PEN_TCG, PA_SUBTYPE_TCG_SWID }
49 };
50
51 /**
52 * Flag set when corresponding attribute has been received
53 */
54 enum imv_swid_attr_t {
55 IMV_SWID_ATTR_TAG_INV = (1<<0),
56 IMV_SWID_ATTR_TAG_ID_INV = (1<<1)
57 };
58
59 /**
60 * Private data of an imv_swid_agent_t object.
61 */
62 struct private_imv_swid_agent_t {
63
64 /**
65 * Public members of imv_swid_agent_t
66 */
67 imv_agent_if_t public;
68
69 /**
70 * IMV agent responsible for generic functions
71 */
72 imv_agent_t *agent;
73
74 /**
75 * REST API to strongTNC manager
76 */
77 imv_swid_rest_t *rest_api;
78
79 };
80
81 METHOD(imv_agent_if_t, bind_functions, TNC_Result,
82 private_imv_swid_agent_t *this, TNC_TNCS_BindFunctionPointer bind_function)
83 {
84 return this->agent->bind_functions(this->agent, bind_function);
85 }
86
87 METHOD(imv_agent_if_t, notify_connection_change, TNC_Result,
88 private_imv_swid_agent_t *this, TNC_ConnectionID id,
89 TNC_ConnectionState new_state)
90 {
91 imv_state_t *state;
92
93 switch (new_state)
94 {
95 case TNC_CONNECTION_STATE_CREATE:
96 state = imv_swid_state_create(id);
97 return this->agent->create_state(this->agent, state);
98 case TNC_CONNECTION_STATE_DELETE:
99 return this->agent->delete_state(this->agent, id);
100 default:
101 return this->agent->change_state(this->agent, id, new_state, NULL);
102 }
103 }
104
105 /**
106 * Process a received message
107 */
108 static TNC_Result receive_msg(private_imv_swid_agent_t *this,
109 imv_state_t *state, imv_msg_t *in_msg)
110 {
111 imv_swid_state_t *swid_state;
112 imv_msg_t *out_msg;
113 enumerator_t *enumerator;
114 pa_tnc_attr_t *attr;
115 TNC_Result result;
116 bool fatal_error = FALSE;
117
118 /* parse received PA-TNC message and handle local and remote errors */
119 result = in_msg->receive(in_msg, &fatal_error);
120 if (result != TNC_RESULT_SUCCESS)
121 {
122 return result;
123 }
124
125 swid_state = (imv_swid_state_t*)state;
126
127 /* analyze PA-TNC attributes */
128 enumerator = in_msg->create_attribute_enumerator(in_msg);
129 while (enumerator->enumerate(enumerator, &attr))
130 {
131 uint32_t request_id = 0, last_eid, eid_epoch;
132 swid_inventory_t *inventory;
133 pen_type_t type;
134
135 type = attr->get_type(attr);
136
137 if (type.vendor_id == PEN_IETF && type.type == IETF_ATTR_PA_TNC_ERROR)
138 {
139 ietf_attr_pa_tnc_error_t *error_attr;
140 pen_type_t error_code;
141 chunk_t msg_info, description;
142 bio_reader_t *reader;
143 uint32_t max_attr_size;
144 bool success;
145
146 error_attr = (ietf_attr_pa_tnc_error_t*)attr;
147 error_code = error_attr->get_error_code(error_attr);
148
149 if (error_code.vendor_id == PEN_TCG)
150 {
151 fatal_error = TRUE;
152 msg_info = error_attr->get_msg_info(error_attr);
153 reader = bio_reader_create(msg_info);
154 success = reader->read_uint32(reader, &request_id);
155
156 DBG1(DBG_IMV, "received TCG error '%N' for request %d",
157 swid_error_code_names, error_code.type, request_id);
158 if (!success)
159 {
160 reader->destroy(reader);
161 continue;
162 }
163 if (error_code.type == TCG_SWID_RESPONSE_TOO_LARGE)
164 {
165 if (!reader->read_uint32(reader, &max_attr_size))
166 {
167 reader->destroy(reader);
168 continue;
169 }
170 DBG1(DBG_IMV, " maximum PA-TNC attribute size is %u bytes",
171 max_attr_size);
172 }
173 description = reader->peek(reader);
174 if (description.len)
175 {
176 DBG1(DBG_IMV, " description: %.*s", description.len,
177 description.ptr);
178 }
179 reader->destroy(reader);
180 }
181 }
182 else if (type.vendor_id == PEN_ITA)
183 {
184 switch (type.type)
185 {
186 case ITA_ATTR_START_ANGEL:
187 swid_state->set_angel_count(swid_state, TRUE);
188 continue;
189 case ITA_ATTR_STOP_ANGEL:
190 swid_state->set_angel_count(swid_state, FALSE);
191 continue;
192 default:
193 continue;
194 }
195 }
196 else if (type.vendor_id != PEN_TCG)
197 {
198 continue;
199 }
200
201 switch (type.type)
202 {
203 case TCG_SWID_TAG_ID_INVENTORY:
204 {
205 tcg_swid_attr_tag_id_inv_t *attr_cast;
206 int tag_id_count;
207
208 state->set_action_flags(state, IMV_SWID_ATTR_TAG_ID_INV);
209
210 attr_cast = (tcg_swid_attr_tag_id_inv_t*)attr;
211 request_id = attr_cast->get_request_id(attr_cast);
212 last_eid = attr_cast->get_last_eid(attr_cast, &eid_epoch);
213 inventory = attr_cast->get_inventory(attr_cast);
214 tag_id_count = inventory->get_count(inventory);
215
216 DBG2(DBG_IMV, "received SWID tag ID inventory with %d item%s "
217 "for request %d at eid %d of epoch 0x%08x",
218 tag_id_count, (tag_id_count == 1) ? "" : "s",
219 request_id, last_eid, eid_epoch);
220
221 if (request_id == swid_state->get_request_id(swid_state))
222 {
223 swid_state->set_swid_inventory(swid_state, inventory);
224 swid_state->set_count(swid_state, tag_id_count, 0);
225 }
226 else
227 {
228 DBG1(DBG_IMV, "no workitem found for SWID tag ID inventory "
229 "with request ID %d", request_id);
230 }
231 break;
232 }
233 case TCG_SWID_TAG_INVENTORY:
234 {
235 tcg_swid_attr_tag_inv_t *attr_cast;
236 swid_tag_t *tag;
237 chunk_t tag_encoding;
238 json_object *jobj, *jarray, *jstring;
239 char *tag_str;
240 int tag_count;
241 enumerator_t *e;
242
243 state->set_action_flags(state, IMV_SWID_ATTR_TAG_INV);
244
245 attr_cast = (tcg_swid_attr_tag_inv_t*)attr;
246 request_id = attr_cast->get_request_id(attr_cast);
247 last_eid = attr_cast->get_last_eid(attr_cast, &eid_epoch);
248 inventory = attr_cast->get_inventory(attr_cast);
249 tag_count = inventory->get_count(inventory);
250
251 DBG2(DBG_IMV, "received SWID tag inventory with %d item%s for "
252 "request %d at eid %d of epoch 0x%08x",
253 tag_count, (tag_count == 1) ? "" : "s",
254 request_id, last_eid, eid_epoch);
255
256
257 if (request_id == swid_state->get_request_id(swid_state))
258 {
259 swid_state->set_count(swid_state, 0, tag_count);
260
261 if (this->rest_api)
262 {
263 jobj = json_object_new_object();
264 jarray = json_object_new_array();
265 json_object_object_add(jobj, "data", jarray);
266
267 e = inventory->create_enumerator(inventory);
268 while (e->enumerate(e, &tag))
269 {
270 tag_encoding = tag->get_encoding(tag);
271 tag_str = strndup(tag_encoding.ptr, tag_encoding.len);
272 DBG3(DBG_IMV, "%s", tag_str);
273 jstring = json_object_new_string(tag_str);
274 json_object_array_add(jarray, jstring);
275 free(tag_str);
276 }
277 e->destroy(e);
278
279 if (this->rest_api->post(this->rest_api,
280 "swid/add-tags/", jobj, NULL) != SUCCESS)
281 {
282 DBG1(DBG_IMV, "error in REST API add-tags request");
283 }
284 json_object_put(jobj);
285 }
286 }
287 else
288 {
289 DBG1(DBG_IMV, "no workitem found for SWID tag inventory "
290 "with request ID %d", request_id);
291 }
292 }
293 default:
294 continue;
295 }
296 }
297 enumerator->destroy(enumerator);
298
299 if (fatal_error)
300 {
301 state->set_recommendation(state,
302 TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
303 TNC_IMV_EVALUATION_RESULT_ERROR);
304 out_msg = imv_msg_create_as_reply(in_msg);
305 result = out_msg->send_assessment(out_msg);
306 out_msg->destroy(out_msg);
307 if (result != TNC_RESULT_SUCCESS)
308 {
309 return result;
310 }
311 return this->agent->provide_recommendation(this->agent, state);
312 }
313
314 return TNC_RESULT_SUCCESS;
315 }
316
317 METHOD(imv_agent_if_t, receive_message, TNC_Result,
318 private_imv_swid_agent_t *this, TNC_ConnectionID id,
319 TNC_MessageType msg_type, chunk_t msg)
320 {
321 imv_state_t *state;
322 imv_msg_t *in_msg;
323 TNC_Result result;
324
325 if (!this->agent->get_state(this->agent, id, &state))
326 {
327 return TNC_RESULT_FATAL;
328 }
329 in_msg = imv_msg_create_from_data(this->agent, state, id, msg_type, msg);
330 result = receive_msg(this, state, in_msg);
331 in_msg->destroy(in_msg);
332
333 return result;
334 }
335
336 METHOD(imv_agent_if_t, receive_message_long, TNC_Result,
337 private_imv_swid_agent_t *this, TNC_ConnectionID id,
338 TNC_UInt32 src_imc_id, TNC_UInt32 dst_imv_id,
339 TNC_VendorID msg_vid, TNC_MessageSubtype msg_subtype, chunk_t msg)
340 {
341 imv_state_t *state;
342 imv_msg_t *in_msg;
343 TNC_Result result;
344
345 if (!this->agent->get_state(this->agent, id, &state))
346 {
347 return TNC_RESULT_FATAL;
348 }
349 in_msg = imv_msg_create_from_long_data(this->agent, state, id,
350 src_imc_id, dst_imv_id, msg_vid, msg_subtype, msg);
351 result = receive_msg(this, state, in_msg);
352 in_msg->destroy(in_msg);
353
354 return result;
355
356 }
357
358 METHOD(imv_agent_if_t, batch_ending, TNC_Result,
359 private_imv_swid_agent_t *this, TNC_ConnectionID id)
360 {
361 imv_msg_t *out_msg;
362 imv_state_t *state;
363 imv_session_t *session;
364 imv_workitem_t *workitem;
365 imv_swid_state_t *swid_state;
366 imv_swid_handshake_state_t handshake_state;
367 pa_tnc_attr_t *attr;
368 TNC_IMVID imv_id;
369 TNC_Result result = TNC_RESULT_SUCCESS;
370 bool no_workitems = TRUE;
371 uint32_t request_id, received;
372 uint8_t flags;
373 enumerator_t *enumerator;
374
375 if (!this->agent->get_state(this->agent, id, &state))
376 {
377 return TNC_RESULT_FATAL;
378 }
379 swid_state = (imv_swid_state_t*)state;
380 handshake_state = swid_state->get_handshake_state(swid_state);
381 session = state->get_session(state);
382 imv_id = this->agent->get_id(this->agent);
383
384 if (handshake_state == IMV_SWID_STATE_END)
385 {
386 return TNC_RESULT_SUCCESS;
387 }
388
389 /* Create an empty out message - we might need it */
390 out_msg = imv_msg_create(this->agent, state, id, imv_id, TNC_IMCID_ANY,
391 msg_types[0]);
392
393 if (!imcv_db)
394 {
395 DBG2(DBG_IMV, "no workitems available - no evaluation possible");
396 state->set_recommendation(state,
397 TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
398 TNC_IMV_EVALUATION_RESULT_DONT_KNOW);
399 result = out_msg->send_assessment(out_msg);
400 out_msg->destroy(out_msg);
401 swid_state->set_handshake_state(swid_state, IMV_SWID_STATE_END);
402
403 if (result != TNC_RESULT_SUCCESS)
404 {
405 return result;
406 }
407 return this->agent->provide_recommendation(this->agent, state);
408 }
409
410 /* Look for SWID tag workitem and create SWID tag request */
411 if (handshake_state == IMV_SWID_STATE_INIT &&
412 session->get_policy_started(session))
413 {
414 enumerator = session->create_workitem_enumerator(session);
415 if (enumerator)
416 {
417 while (enumerator->enumerate(enumerator, &workitem))
418 {
419 if (workitem->get_imv_id(workitem) != TNC_IMVID_ANY ||
420 workitem->get_type(workitem) != IMV_WORKITEM_SWID_TAGS)
421 {
422 continue;
423 }
424
425 flags = TCG_SWID_ATTR_REQ_FLAG_NONE;
426 if (strchr(workitem->get_arg_str(workitem), 'R'))
427 {
428 flags |= TCG_SWID_ATTR_REQ_FLAG_R;
429 }
430 if (strchr(workitem->get_arg_str(workitem), 'S'))
431 {
432 flags |= TCG_SWID_ATTR_REQ_FLAG_S;
433 }
434 if (strchr(workitem->get_arg_str(workitem), 'C'))
435 {
436 flags |= TCG_SWID_ATTR_REQ_FLAG_C;
437 }
438 request_id = workitem->get_id(workitem);
439 swid_state->set_request_id(swid_state, request_id);
440 attr = tcg_swid_attr_req_create(flags, request_id, 0);
441 out_msg->add_attribute(out_msg, attr);
442 workitem->set_imv_id(workitem, imv_id);
443 no_workitems = FALSE;
444 DBG2(DBG_IMV, "IMV %d issues SWID request %d",
445 imv_id, request_id);
446 break;
447 }
448 enumerator->destroy(enumerator);
449
450 if (no_workitems)
451 {
452 DBG2(DBG_IMV, "IMV %d has no workitems - "
453 "no evaluation requested", imv_id);
454 state->set_recommendation(state,
455 TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
456 TNC_IMV_EVALUATION_RESULT_DONT_KNOW);
457 }
458 handshake_state = IMV_SWID_STATE_WORKITEMS;
459 swid_state->set_handshake_state(swid_state, handshake_state);
460 }
461 }
462
463 received = state->get_action_flags(state);
464
465 if (handshake_state == IMV_SWID_STATE_WORKITEMS &&
466 (received & (IMV_SWID_ATTR_TAG_INV|IMV_SWID_ATTR_TAG_ID_INV)) &&
467 swid_state->get_angel_count(swid_state) <= 0)
468 {
469 TNC_IMV_Evaluation_Result eval;
470 TNC_IMV_Action_Recommendation rec;
471 char result_str[BUF_LEN], *error_str = "", *command;
472 char *target, *separator;
473 int tag_id_count, tag_count, i;
474 size_t max_attr_size, attr_size, entry_size;
475 chunk_t tag_creator, unique_sw_id;
476 json_object *jrequest, *jresponse, *jvalue;
477 tcg_swid_attr_req_t *cast_attr;
478 swid_tag_id_t *tag_id;
479 status_t status = SUCCESS;
480
481 if (this->rest_api && (received & IMV_SWID_ATTR_TAG_ID_INV))
482 {
483 if (asprintf(&command, "sessions/%d/swid-measurement/",
484 session->get_session_id(session, NULL, NULL)) < 0)
485 {
486 error_str = "allocation of command string failed";
487 status = FAILED;
488 }
489 else
490 {
491 jrequest = swid_state->get_swid_inventory(swid_state);
492 status = this->rest_api->post(this->rest_api, command,
493 jrequest, &jresponse);
494 if (status == FAILED)
495 {
496 error_str = "error in REST API swid-measurement request";
497 }
498 free(command);
499 }
500 }
501
502 switch (status)
503 {
504 case SUCCESS:
505 enumerator = session->create_workitem_enumerator(session);
506 while (enumerator->enumerate(enumerator, &workitem))
507 {
508 if (workitem->get_type(workitem) == IMV_WORKITEM_SWID_TAGS)
509 {
510 swid_state->get_count(swid_state, &tag_id_count,
511 &tag_count);
512 snprintf(result_str, BUF_LEN, "received inventory of "
513 "%d SWID tag ID%s and %d SWID tag%s",
514 tag_id_count, (tag_id_count == 1) ? "" : "s",
515 tag_count, (tag_count == 1) ? "" : "s");
516 session->remove_workitem(session, enumerator);
517
518 eval = TNC_IMV_EVALUATION_RESULT_COMPLIANT;
519 rec = workitem->set_result(workitem, result_str, eval);
520 state->update_recommendation(state, rec, eval);
521 imcv_db->finalize_workitem(imcv_db, workitem);
522 workitem->destroy(workitem);
523 break;
524 }
525 }
526 enumerator->destroy(enumerator);
527 break;
528 case NEED_MORE:
529 if (received & IMV_SWID_ATTR_TAG_INV)
530 {
531 error_str = "not all requested SWID tags were received";
532 status = FAILED;
533 json_object_put(jresponse);
534 break;
535 }
536 if (json_object_get_type(jresponse) != json_type_array)
537 {
538 error_str = "response was not a json_array";
539 status = FAILED;
540 json_object_put(jresponse);
541 break;
542 }
543
544 /* Compute the maximum TCG SWID Request attribute size */
545 max_attr_size = state->get_max_msg_len(state) -
546 PA_TNC_HEADER_SIZE;
547
548 /* Create the [first] TCG SWID Request attribute */
549 attr_size = PA_TNC_ATTR_HEADER_SIZE + TCG_SWID_REQ_MIN_SIZE;
550 attr = tcg_swid_attr_req_create(TCG_SWID_ATTR_REQ_FLAG_NONE,
551 swid_state->get_request_id(swid_state), 0);
552
553 tag_id_count = json_object_array_length(jresponse);
554 DBG1(DBG_IMV, "%d SWID tag target%s", tag_id_count,
555 (tag_id_count == 1) ? "" : "s");
556
557 for (i = 0; i < tag_id_count; i++)
558 {
559 jvalue = json_object_array_get_idx(jresponse, i);
560 if (json_object_get_type(jvalue) != json_type_string)
561 {
562 error_str = "json_string element expected in json_array";
563 status = FAILED;
564 json_object_put(jresponse);
565 break;
566 }
567 target = (char*)json_object_get_string(jvalue);
568 DBG1(DBG_IMV, " %s", target);
569
570 /* Separate target into tag_creator and unique_sw_id */
571 separator = strchr(target, '_');
572 if (!separator)
573 {
574 error_str = "separation of regid from "
575 "unique software ID failed";
576 break;
577 }
578 tag_creator = chunk_create(target, separator - target);
579 separator++;
580 unique_sw_id = chunk_create(separator, strlen(target) -
581 tag_creator.len - 1);
582 tag_id = swid_tag_id_create(tag_creator, unique_sw_id,
583 chunk_empty);
584 entry_size = 2 + tag_creator.len + 2 + unique_sw_id.len;
585
586 /* Have we reached the maximum attribute size? */
587 if (attr_size + entry_size > max_attr_size)
588 {
589 out_msg->add_attribute(out_msg, attr);
590 attr_size = PA_TNC_ATTR_HEADER_SIZE +
591 TCG_SWID_REQ_MIN_SIZE;
592 attr = tcg_swid_attr_req_create(
593 TCG_SWID_ATTR_REQ_FLAG_NONE,
594 swid_state->get_request_id(swid_state), 0);
595 }
596 cast_attr = (tcg_swid_attr_req_t*)attr;
597 cast_attr->add_target(cast_attr, tag_id);
598 }
599 json_object_put(jresponse);
600
601 out_msg->add_attribute(out_msg, attr);
602 break;
603 case FAILED:
604 default:
605 break;
606 }
607
608 if (status == FAILED)
609 {
610 enumerator = session->create_workitem_enumerator(session);
611 while (enumerator->enumerate(enumerator, &workitem))
612 {
613 if (workitem->get_type(workitem) == IMV_WORKITEM_SWID_TAGS)
614 {
615 session->remove_workitem(session, enumerator);
616 eval = TNC_IMV_EVALUATION_RESULT_ERROR;
617 rec = workitem->set_result(workitem, error_str, eval);
618 state->update_recommendation(state, rec, eval);
619 imcv_db->finalize_workitem(imcv_db, workitem);
620 workitem->destroy(workitem);
621 break;
622 }
623 }
624 enumerator->destroy(enumerator);
625 }
626 }
627
628 /* finalized all workitems ? */
629 if (handshake_state == IMV_SWID_STATE_WORKITEMS &&
630 session->get_workitem_count(session, imv_id) == 0)
631 {
632 result = out_msg->send_assessment(out_msg);
633 out_msg->destroy(out_msg);
634 swid_state->set_handshake_state(swid_state, IMV_SWID_STATE_END);
635
636 if (result != TNC_RESULT_SUCCESS)
637 {
638 return result;
639 }
640 return this->agent->provide_recommendation(this->agent, state);
641 }
642
643 /* send non-empty PA-TNC message with excl flag not set */
644 if (out_msg->get_attribute_count(out_msg))
645 {
646 result = out_msg->send(out_msg, FALSE);
647 }
648 out_msg->destroy(out_msg);
649
650 return result;
651 }
652
653 METHOD(imv_agent_if_t, solicit_recommendation, TNC_Result,
654 private_imv_swid_agent_t *this, TNC_ConnectionID id)
655 {
656 imv_state_t *state;
657
658 if (!this->agent->get_state(this->agent, id, &state))
659 {
660 return TNC_RESULT_FATAL;
661 }
662 return this->agent->provide_recommendation(this->agent, state);
663 }
664
665 METHOD(imv_agent_if_t, destroy, void,
666 private_imv_swid_agent_t *this)
667 {
668 DESTROY_IF(this->rest_api);
669 this->agent->destroy(this->agent);
670 free(this);
671 libpts_deinit();
672 }
673
674 /**
675 * Described in header.
676 */
677 imv_agent_if_t *imv_swid_agent_create(const char *name, TNC_IMVID id,
678 TNC_Version *actual_version)
679 {
680 private_imv_swid_agent_t *this;
681 imv_agent_t *agent;
682 char *rest_api_uri;
683 u_int rest_api_timeout;
684
685 agent = imv_agent_create(name, msg_types, countof(msg_types), id,
686 actual_version);
687 if (!agent)
688 {
689 return NULL;
690 }
691
692 INIT(this,
693 .public = {
694 .bind_functions = _bind_functions,
695 .notify_connection_change = _notify_connection_change,
696 .receive_message = _receive_message,
697 .receive_message_long = _receive_message_long,
698 .batch_ending = _batch_ending,
699 .solicit_recommendation = _solicit_recommendation,
700 .destroy = _destroy,
701 },
702 .agent = agent,
703 );
704
705 rest_api_uri = lib->settings->get_str(lib->settings,
706 "%s.plugins.imv-swid.rest_api_uri", NULL, lib->ns);
707 rest_api_timeout = lib->settings->get_int(lib->settings,
708 "%s.plugins.imv-swid.rest_api_timeout", 120, lib->ns);
709 if (rest_api_uri)
710 {
711 this->rest_api = imv_swid_rest_create(rest_api_uri, rest_api_timeout);
712 }
713 libpts_init();
714
715 return &this->public;
716 }
717
strongSwan - IPsec VPN