Some IMV policy managers expect a TEXT string
authorAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 25 Jun 2013 10:47:07 +0000 (12:47 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 25 Jun 2013 10:47:07 +0000 (12:47 +0200)
src/libimcv/imv/imv_database.c
src/libimcv/imv/tables.sql
src/libpts/plugins/imv_attestation/attest_db.c

index 2acb7f2..dc7edd7 100644 (file)
@@ -180,6 +180,7 @@ METHOD(imv_database_t, add_device, int,
        private_imv_database_t *this, imv_session_t *session, chunk_t device)
 {
        enumerator_t *e;
+       char *device_str;
        int pid = 0, did = 0;
 
        /* get primary key of product from session */
@@ -192,10 +193,13 @@ METHOD(imv_database_t, add_device, int,
                e->destroy(e);
        }
 
+       /* some IMV policy manager expect a text string */
+       device_str = strndup(device.ptr, device.len);
+
        /* get primary key of device identification if it exists */
        e = this->db->query(this->db,
                        "SELECT id FROM devices WHERE value = ? AND product = ?",
-                        DB_BLOB, device, DB_INT, pid, DB_INT);
+                        DB_TEXT, device_str, DB_INT, pid, DB_INT);
        if (e)
        {
                e->enumerate(e, &did);
@@ -207,8 +211,9 @@ METHOD(imv_database_t, add_device, int,
        {
                this->db->execute(this->db, &did,
                        "INSERT INTO devices (value, product) VALUES (?, ?)",
-                        DB_BLOB, device, DB_INT, pid);
+                        DB_TEXT, device_str, DB_INT, pid);
        }
+       free(device_str);
        
        /* add device reference to session */
        if (did)
index 29d99ca..4cc959e 100644 (file)
@@ -215,7 +215,7 @@ DROP TABLE IF EXISTS devices;
 CREATE TABLE devices (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
   description TEXT DEFAULT '',
-  value BLOB NOT NULL,
+  value TEXT NOT NULL,
   product INTEGER REFERENCES products(id),
   created INTEGER
 );
index 005857f..3bbf499 100644 (file)
@@ -27,7 +27,9 @@
 #include "pts/pts_meas_algo.h"
 #include "pts/pts_file_meas.h"
 #include "pts/components/pts_comp_func_name.h"
+
 #define IMA_MAX_NAME_LEN       255
+#define DEVICE_MAX_LEN          20
 
 typedef struct private_attest_db_t private_attest_db_t;
 
@@ -810,8 +812,8 @@ METHOD(attest_db_t, list_devices, void,
        private_attest_db_t *this)
 {
        enumerator_t *e, *e_ar;
-       chunk_t value, ar_id_value = chunk_empty;
-       char *product;
+       chunk_t ar_id_value = chunk_empty;
+       char *product, *device;
        time_t timestamp;
        int id, last_id = 0, ar_id = 0, last_ar_id = 0, device_count = 0;
        int session_id, rec;
@@ -823,18 +825,17 @@ METHOD(attest_db_t, list_devices, void,
                        "FROM devices AS d "
                        "JOIN sessions AS s ON d.id = s.device "
                        "JOIN products AS p ON p.id = s.product "
-                       "ORDER BY d.value, s.time DESC", DB_INT, DB_BLOB, DB_INT, DB_UINT,
+                       "ORDER BY d.value, s.time DESC", DB_INT, DB_TEXT, DB_INT, DB_UINT,
                         DB_INT, DB_INT, DB_TEXT);
 
        if (e)
        {
-               while (e->enumerate(e, &id, &value, &session_id, &tstamp, &ar_id, &rec,
+               while (e->enumerate(e, &id, &device, &session_id, &tstamp, &ar_id, &rec,
                                                           &product))
                {
                        if (id != last_id)
                        {
-                               printf("%4d: %.*s - %s\n", id, (int)value.len, value.ptr,
-                                                                                 product);
+                               printf("%4d: %s - %s\n", id, device, product);
                                device_count++;
                                last_id = id;
                        }
@@ -1517,9 +1518,9 @@ METHOD(attest_db_t, list_sessions, void,
        private_attest_db_t *this)
 {
        enumerator_t *e;
-       chunk_t device, identity;
-       char *product;
-       int session_id, conn_id, rec;
+       chunk_t identity;
+       char *product, *device;
+       int session_id, conn_id, rec, device_len;
        time_t created;
        u_int t;
 
@@ -1530,7 +1531,7 @@ METHOD(attest_db_t, list_sessions, void,
                        "LEFT JOIN devices AS d ON s.device = d.id "
                        "LEFT JOIN identities AS i ON s.identity = i.id "
                        "ORDER BY s.time DESC",
-                        DB_INT, DB_UINT, DB_INT, DB_INT, DB_TEXT, DB_BLOB, DB_BLOB);
+                        DB_INT, DB_UINT, DB_INT, DB_INT, DB_TEXT, DB_TEXT, DB_BLOB);
        if (e)
        {
                while (e->enumerate(e, &session_id, &t, &conn_id, &rec, &product,
@@ -1538,12 +1539,12 @@ METHOD(attest_db_t, list_sessions, void,
                {
                        created = t;
                        product = product ? product : "-";
-                       device = device.len ? device : chunk_from_str("-");
-                       device.len = min(device.len, 20);
+                       device = strlen(device) ? device : "-";
+                       device_len = min(strlen(device), DEVICE_MAX_LEN);
                        identity = identity.len ? identity : chunk_from_str("-");
                        printf("%4d: %T %2d %-20s %.*s%*s %.*s - %N\n", session_id, &created,
-                                  FALSE, conn_id, product, device.len, device.ptr,
-                                  20-device.len, " ", identity.len, identity.ptr,
+                                  FALSE, conn_id, product, device_len, device,
+                                  DEVICE_MAX_LEN - device_len, " ", identity.len, identity.ptr,
                                   TNC_IMV_Action_Recommendation_names, rec);
                }
                e->destroy(e);