created tnc-imc and tnc-imv plugins
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 7 Oct 2010 21:31:23 +0000 (23:31 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 7 Oct 2010 21:31:23 +0000 (23:31 +0200)
16 files changed:
configure.in
src/libcharon/Makefile.am
src/libcharon/plugins/eap_tnc/eap_tnc.c
src/libcharon/plugins/tnc_imc/Makefile.am [new file with mode: 0644]
src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c [new file with mode: 0644]
src/libcharon/plugins/tnc_imc/tnc_imc_plugin.h [new file with mode: 0644]
src/libcharon/plugins/tnc_imv/Makefile.am [new file with mode: 0644]
src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c [new file with mode: 0644]
src/libcharon/plugins/tnc_imv/tnc_imv_plugin.h [new file with mode: 0644]
src/libcharon/plugins/tnccs_11/tnccs_11.c
testing/scripts/build-umlrootfs
testing/testing.conf
testing/tests/ikev2/rw-eap-tnc-radius-block/hosts/carol/etc/strongswan.conf
testing/tests/ikev2/rw-eap-tnc-radius-block/hosts/dave/etc/strongswan.conf
testing/tests/ikev2/rw-eap-tnc-radius/hosts/carol/etc/strongswan.conf
testing/tests/ikev2/rw-eap-tnc-radius/hosts/dave/etc/strongswan.conf

index 4c923e1..24febf5 100644 (file)
@@ -115,6 +115,8 @@ ARG_ENABL_SET([eap-tls],        [enable EAP TLS authentication module.])
 ARG_ENABL_SET([eap-ttls],       [enable EAP TTLS authentication module.])
 ARG_ENABL_SET([eap-tnc],        [enable EAP TNC trusted network connect module.])
 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authentication module.])
+ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
+ARG_ENABL_SET([tnc-imv],        [enable TNC IMV module.])
 ARG_ENABL_SET([tnccs-11],       [enable TNCCS 1.1 protocol module.])
 ARG_ENABL_SET([tnccs-20],       [enable TNCCS 2.0 protocol module.])
 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
@@ -604,7 +606,7 @@ if test x$gcrypt = xtrue; then
        )
 fi
 
-if test x$tnccs_11 = xtrue; then
+if test x$tnccs_11 = xtrue -o x$tnc_imc = xtrue -o x$tnc_imv = xtrue; then
        AC_CHECK_HEADER([libtnc.h],,[AC_MSG_ERROR([libtnc header libtnc.h not found!])])
 fi
 
@@ -760,6 +762,8 @@ ADD_PLUGIN([eap-radius],           [c libcharon])
 ADD_PLUGIN([eap-tls],              [c libcharon])
 ADD_PLUGIN([eap-ttls],             [c libcharon])
 ADD_PLUGIN([eap-tnc],              [c libcharon])
+ADD_PLUGIN([tnc_imc],              [c libcharon])
+ADD_PLUGIN([tnc_imv],              [c libcharon])
 ADD_PLUGIN([tnccs-11],             [c libcharon])
 ADD_PLUGIN([tnccs-20],             [c libcharon])
 ADD_PLUGIN([medsrv],               [c libcharon])
@@ -858,6 +862,8 @@ AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
+AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
+AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
@@ -997,6 +1003,8 @@ AC_OUTPUT(
        src/libcharon/plugins/eap_ttls/Makefile
        src/libcharon/plugins/eap_tnc/Makefile
        src/libcharon/plugins/eap_radius/Makefile
+       src/libcharon/plugins/tnc_imc/Makefile
+       src/libcharon/plugins/tnc_imv/Makefile
        src/libcharon/plugins/tnccs_11/Makefile
        src/libcharon/plugins/tnccs_20/Makefile
        src/libcharon/plugins/socket_default/Makefile
index b84886c..6898449 100644 (file)
@@ -314,17 +314,31 @@ if MONOLITHIC
 endif
 endif
 
+if USE_TNC_IMC
+  SUBDIRS += plugins/tnc_imc
+if MONOLITHIC
+  libcharon_la_LIBADD += plugins/tnc_imc/libstrongswan-tnc_imc.la
+endif
+endif
+
+if USE_TNC_IMV
+  SUBDIRS += plugins/tnc_imv
+if MONOLITHIC
+  libcharon_la_LIBADD += plugins/tnc_imv/libstrongswan-tnc_imv.la
+endif
+endif
+
 if USE_TNCCS_11
   SUBDIRS += plugins/tnccs_11
 if MONOLITHIC
-  libcharon_la_LIBADD += plugins/eap_tnc/libstrongswan-tnccs-11.la
+  libcharon_la_LIBADD += plugins/tnccs_11/libstrongswan-tnccs-11.la
 endif
 endif
 
 if USE_TNCCS_20
   SUBDIRS += plugins/tnccs_20
 if MONOLITHIC
-  libcharon_la_LIBADD += plugins/eap_tnc/libstrongswan-tnccs-20.la
+  libcharon_la_LIBADD += plugins/tnccs_20/libstrongswan-tnccs-20.la
 endif
 endif
 
index dc50e12..f0bff0e 100644 (file)
@@ -40,7 +40,7 @@ struct private_eap_tnc_t {
 
 
 /** Maximum number of EAP-TNC messages/fragments allowed */
-#define MAX_MESSAGE_COUNT 2 
+#define MAX_MESSAGE_COUNT 10 
 /** Default size of a EAP-TNC fragment */
 #define MAX_FRAGMENT_LEN 50000
 
diff --git a/src/libcharon/plugins/tnc_imc/Makefile.am b/src/libcharon/plugins/tnc_imc/Makefile.am
new file mode 100644 (file)
index 0000000..ca88694
--- /dev/null
@@ -0,0 +1,19 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
+       -I$(top_srcdir)/src/libcharon `xml2-config --cflags`
+
+AM_CFLAGS = -rdynamic
+
+libstrongswan_tnc_imc_la_LIBADD = -ltnc
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-tnc-imc.la
+else
+plugin_LTLIBRARIES = libstrongswan-tnc-imc.la
+endif
+
+libstrongswan_tnc_imc_la_SOURCES = \
+       tnc_imc_plugin.h tnc_imc_plugin.c
+
+libstrongswan_tnc_imc_la_LDFLAGS = -module -avoid-version
+
diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c b/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c
new file mode 100644 (file)
index 0000000..a21478e
--- /dev/null
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tnc_imc_plugin.h"
+
+#include <libtnctncc.h>
+
+#include <daemon.h>
+
+METHOD(plugin_t, destroy, void,
+       tnc_imc_plugin_t *this)
+{
+       libtnc_tncc_Terminate();
+       free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *tnc_imc_plugin_create()
+{
+       char *tnc_config, *pref_lang;
+       int imc_count;
+       tnc_imc_plugin_t *this;
+
+       INIT(this,
+               .plugin = {
+                       .destroy = _destroy,
+               },
+       );
+
+       tnc_config = lib->settings->get_str(lib->settings,
+                                       "charon.plugins.tnc-imc.tnc_config", "/etc/tnc_config");
+       pref_lang = lib->settings->get_str(lib->settings,
+                                       "charon.plugins.tnc-imc.preferred_language", "en");
+       imc_count = libtnc_imc_load_config(tnc_config);
+       if (imc_count < 0)
+       {
+               free(this);
+               DBG1(DBG_IKE, "TNC IMC initialization failed");
+               return NULL;
+       }
+       else
+       {
+               DBG1(DBG_IKE, "loaded %d TNC IMC%s", imc_count, (imc_count > 1)? "s":"");
+               libtnc_tncc_PreferredLanguage(pref_lang);
+       }
+
+       return &this->plugin;
+}
+
diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.h b/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.h
new file mode 100644 (file)
index 0000000..8c5521c
--- /dev/null
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tnc_imc tnc_imc
+ * @ingroup cplugins
+ *
+ * @defgroup tnc_imc_plugin tnc_imc_plugin
+ * @{ @ingroup tnc_imc
+ */
+
+#ifndef TNC_IMC_PLUGIN_H_
+#define TNC_IMC_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct tnc_imc_plugin_t tnc_imc_plugin_t;
+
+/**
+ * TNC IMC plugin
+ */
+struct tnc_imc_plugin_t {
+
+       /**
+        * implements plugin interface
+        */
+       plugin_t plugin;
+};
+
+#endif /** TNC_IMC_PLUGIN_H_ @}*/
diff --git a/src/libcharon/plugins/tnc_imv/Makefile.am b/src/libcharon/plugins/tnc_imv/Makefile.am
new file mode 100644 (file)
index 0000000..9c3b473
--- /dev/null
@@ -0,0 +1,19 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
+       -I$(top_srcdir)/src/libcharon `xml2-config --cflags`
+
+AM_CFLAGS = -rdynamic
+
+libstrongswan_tnc_imv_la_LIBADD = -ltnc
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-tnc-imv.la
+else
+plugin_LTLIBRARIES = libstrongswan-tnc-imv.la
+endif
+
+libstrongswan_tnc_imv_la_SOURCES = \
+       tnc_imv_plugin.h tnc_imv_plugin.c
+
+libstrongswan_tnc_imv_la_LDFLAGS = -module -avoid-version
+
diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c b/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c
new file mode 100644 (file)
index 0000000..09101a4
--- /dev/null
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tnc_imv_plugin.h"
+
+#include <libtnctncs.h>
+
+#include <daemon.h>
+
+METHOD(plugin_t, destroy, void,
+       tnc_imv_plugin_t *this)
+{
+       libtnc_tncs_Terminate();
+       free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *tnc_imv_plugin_create()
+{
+       char *tnc_config;
+       int imv_count;
+       tnc_imv_plugin_t *this;
+
+       INIT(this,
+               .plugin = {
+                       .destroy = _destroy,
+               },
+       );
+
+       tnc_config = lib->settings->get_str(lib->settings,
+                                       "charon.plugins.tnc-imv.tnc_config", "/etc/tnc_config");
+       imv_count = libtnc_imv_load_config(tnc_config);
+       if (imv_count < 0)
+       {
+               free(this);
+               DBG1(DBG_IKE, "TNC IMV initialization failed");
+               return NULL;
+       }
+       else
+       {
+               DBG1(DBG_IKE, "loaded %d TNC IMV%s", imv_count, (imv_count > 1)? "s":"");
+       }
+
+       return &this->plugin;
+}
+
diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.h b/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.h
new file mode 100644 (file)
index 0000000..afeee2e
--- /dev/null
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tnc_imv tnc_imv
+ * @ingroup cplugins
+ *
+ * @defgroup tnc_imv_plugin tnc_imv_plugin
+ * @{ @ingroup tnc_imv
+ */
+
+#ifndef TNC_IMV_PLUGIN_H_
+#define TNC_IMV_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct tnc_imv_plugin_t tnc_imv_plugin_t;
+
+/**
+ * TNC IMV plugin
+ */
+struct tnc_imv_plugin_t {
+
+       /**
+        * implements plugin interface
+        */
+       plugin_t plugin;
+};
+
+#endif /** TNC_IMV_PLUGIN_H_ @}*/
index e0ef5a2..18e06d4 100644 (file)
 #include "tnccs_11.h"
 
 #include <libtnctncc.h>
+#include <libtnctncs.h>
 
 #include <debug.h>
 
-static chunk_t tncc_output;
+static chunk_t output;
 
 /**
- * Define callback function called by the libtnc library
+ * Define callback functions called by the libtnc library
  */
 TNC_Result TNC_TNCC_SendBatch(libtnc_tncc_connection* conn, 
                                                          const char* messageBuffer, size_t messageLength)
 {
-       chunk_free(&tncc_output);
-       tncc_output = chunk_alloc(messageLength);
-       memcpy(tncc_output.ptr, messageBuffer, messageLength);
+       chunk_free(&output);
+       output = chunk_alloc(messageLength);
+       memcpy(output.ptr, messageBuffer, messageLength);
+
+       return TNC_RESULT_SUCCESS;
+}
+
+TNC_Result TNC_TNCS_SendBatch(libtnc_tncs_connection* conn, 
+                                                         const char* messageBuffer, size_t messageLength)
+{
+       chunk_free(&output);
+       output = chunk_alloc(messageLength);
+       memcpy(output.ptr, messageBuffer, messageLength);
 
        return TNC_RESULT_SUCCESS;
 }
@@ -55,16 +66,46 @@ struct private_tnccs_11_t {
         * TNCC Connection to IMCs
         */
        libtnc_tncc_connection* tncc_connection;
+
+       /**
+        * TNCS Connection to IMVs
+        */
+       libtnc_tncs_connection* tncs_connection;
 };
 
 METHOD(tls_t, process, status_t,
        private_tnccs_11_t *this, void *buf, size_t buflen)
 {
-       /* TODO */
+       if (this->is_server && !this->tncs_connection)
+       {
+               this->tncs_connection = libtnc_tncs_CreateConnection(NULL);
+               if (!this->tncs_connection)
+               {
+                       DBG1(DBG_IKE, "TNCS CreateConnection failed");
+                       return FAILED;
+               }
+               DBG1(DBG_IKE, "assigned TNCS Connection ID: %d",
+                        this->tncs_connection->connectionID);
+               if (libtnc_tncs_BeginSession(this->tncs_connection) != TNC_RESULT_SUCCESS)
+               {
+                       DBG1(DBG_IKE, "TNCS BeginSession failed");
+                       return FAILED;
+               }
+       }
+
        DBG1(DBG_IKE, "received TNCCS Batch with %u bytes:", buflen);
        DBG1(DBG_IKE, "%.*s", buflen, buf);
 
-       if (!this->is_server)
+       if (this->is_server)
+       {
+               if (libtnc_tncs_ReceiveBatch(this->tncs_connection, buf, buflen) !=
+                       TNC_RESULT_SUCCESS)
+               {
+                       DBG1(DBG_IKE, "TNCS ReceiveBatch failed");
+                       return FAILED;
+               }
+       }
+       else
        {
                if (libtnc_tncc_ReceiveBatch(this->tncc_connection, buf, buflen) !=
                        TNC_RESULT_SUCCESS)
@@ -89,7 +130,7 @@ METHOD(tls_t, build, status_t,
                        DBG1(DBG_IKE, "TNCC CreateConnection failed");
                        return FAILED;
                }
-               DBG1(DBG_IKE, "assigned TNC ConnectionID: %d",
+               DBG1(DBG_IKE, "assigned TNCC Connection ID: %d",
                         this->tncc_connection->connectionID);
                if (libtnc_tncc_BeginSession(this->tncc_connection) != TNC_RESULT_SUCCESS)
                {
@@ -99,19 +140,19 @@ METHOD(tls_t, build, status_t,
        }
                
        len = *buflen;
-       len = min(len, tncc_output.len);
+       len = min(len, output.len);
        *buflen = len;
        if (msglen)
        {
-               *msglen = tncc_output.len;
+               *msglen = output.len;
        }
 
-       if (tncc_output.len)
+       if (output.len)
        {
-               DBG1(DBG_IKE, "sending TNCCS Batch with %d bytes:", tncc_output.len);
-               DBG1(DBG_IKE, "%.*s", tncc_output.len, tncc_output.ptr);
-               memcpy(buf, tncc_output.ptr, len);
-               chunk_free(&tncc_output);
+               DBG1(DBG_IKE, "sending TNCCS Batch with %d bytes:", output.len);
+               DBG1(DBG_IKE, "%.*s", output.len, output.ptr);
+               memcpy(buf, output.ptr, len);
+               chunk_free(&output);
                return ALREADY_DONE;
        }
        else
@@ -135,7 +176,20 @@ METHOD(tls_t, get_purpose, tls_purpose_t,
 METHOD(tls_t, is_complete, bool,
        private_tnccs_11_t *this)
 {
-       return FALSE;
+       TNC_IMV_Action_Recommendation* rec = NULL;
+       TNC_IMV_Evaluation_Result* eval = NULL;
+       
+       if (libtnc_tncs_HaveRecommendation(this->tncs_connection, rec, eval) ==
+               TNC_RESULT_SUCCESS)
+       {
+               DBG1(DBG_IKE, "have recommendation");
+               return TRUE;
+       }
+       else
+       {
+               DBG1(DBG_IKE, "no recommendation");
+               return FALSE;
+       }
 }
 
 METHOD(tls_t, get_eap_msk, chunk_t,
@@ -147,7 +201,14 @@ METHOD(tls_t, get_eap_msk, chunk_t,
 METHOD(tls_t, destroy, void,
        private_tnccs_11_t *this)
 {
-       if (!this->is_server)
+       if (this->is_server)
+       {
+               if (this->tncs_connection)
+               {
+                       /* libtnc_tncs_DeleteConnection(this->tncs_connection); */
+               }
+       }
+       else
        {
                if (this->tncc_connection)
                {
@@ -179,27 +240,5 @@ tls_t *tnccs_11_create(bool is_server)
                .is_server = is_server,
        );
 
-       tnc_config = lib->settings->get_str(lib->settings,
-                                       "charon.plugins.tnccs-11.tnc_config", "/etc/tnc_config");
-       pref_lang = lib->settings->get_str(lib->settings,
-                                       "charon.plugins.tnccs-11.preferred_language", "en");
-
-       if (!is_server)
-       {
-               int imc_count;
-
-               imc_count = libtnc_imc_load_config(tnc_config);
-               if (imc_count < 0)
-               {
-                       free(this);
-                       DBG1(DBG_IKE, "TNC IMC initialization failed");
-                       return NULL;
-               }
-               else
-               {
-                       DBG1(DBG_IKE, "loaded %d TNC IMC instances", imc_count);
-               }
-               libtnc_tncc_PreferredLanguage(pref_lang);
-       }
        return &this->public;
 }
index d77852e..e22b65c 100755 (executable)
@@ -187,6 +187,16 @@ then
     echo -n " --enable-eap-tnc" >> $INSTALLSHELL
 fi
 
+if [ "$USE_TNC_IMC" = "yes" ]
+then
+    echo -n " --enable-tnc-imc" >> $INSTALLSHELL
+fi
+
+if [ "$USE_TNC_IMV" = "yes" ]
+then
+    echo -n " --enable-tnc-imv" >> $INSTALLSHELL
+fi
+
 if [ "$USE_TNCCS_11" = "yes" ]
 then
     echo -n " --enable-tnccs-11" >> $INSTALLSHELL
index bfe66e9..fd1d5e9 100755 (executable)
@@ -45,6 +45,8 @@ USE_EAP_RADIUS="yes"
 USE_EAP_TLS="yes"
 USE_EAP_TTLS="yes"
 USE_EAP_TNC="yes"
+USE_TNC_IMC="yes"
+USE_TNC_IMV="yes"
 USE_TNCCS_11="yes"
 USE_SQL="yes"
 USE_MEDIATION="yes"
index 8692c0e..c12143c 100644 (file)
@@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnccs-11 updown
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnccs-11 updown
   multiple_authentication=no
 }
index 8692c0e..c12143c 100644 (file)
@@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnccs-11 updown
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnccs-11 updown
   multiple_authentication=no
 }
index 8692c0e..c12143c 100644 (file)
@@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnccs-11 updown
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnccs-11 updown
   multiple_authentication=no
 }
index 8692c0e..c12143c 100644 (file)
@@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnccs-11 updown
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnccs-11 updown
   multiple_authentication=no
 }