projects / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 350f855)
aborting after fatal imv_attestation error
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 9 Oct 2011 08:18:24 +0000 (10:18 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 13:39:50 +0000 (14:39 +0100)
src/libimcv/plugins/imv_attestation/imv_attestation.c patch | blob | history
src/libimcv/plugins/imv_attestation/imv_attestation_process.h patch | blob | history

diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c
index e496b79..0c1150f 100644 (file)
--- a/src/libimcv/plugins/imv_attestation/imv_attestation.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c
@@ -417,13 +417,12 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
 {
        pa_tnc_msg_t *pa_tnc_msg;
        pa_tnc_attr_t *attr;
+       linked_list_t *attr_list;
        imv_state_t *state;
        imv_attestation_state_t *attestation_state;
        pts_t *pts;
        enumerator_t *enumerator;
        TNC_Result result;
-       bool fatal_error = FALSE;
-       linked_list_t *attr_list;
 
        if (!imv_attestation)
        {
@@ -451,6 +450,7 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
        }
 
        attr_list = linked_list_create();
+       result = TNC_RESULT_SUCCESS;
 
        /* analyze PA-TNC attributes */
        enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
@@ -499,7 +499,7 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
                                                 pts_error_code_names, error_code);
                                        DBG1(DBG_IMV, "error information: %B", &msg_info);
                                }
-                               fatal_error = TRUE;
+                               result = TNC_RESULT_FATAL;
                        }
                        else if (attr->get_type(attr) == IETF_ATTR_PRODUCT_INFORMATION)
                        {
@@ -516,15 +516,17 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
                        if (!imv_attestation_process(attr, attr_list, attestation_state,
                                supported_algorithms, supported_dh_groups, pts_db, pts_credmgr))
                        {
-                               return TNC_RESULT_FATAL;
+                               result = TNC_RESULT_FATAL;
+                               break;
                        }
                }
        }
        enumerator->destroy(enumerator);
        pa_tnc_msg->destroy(pa_tnc_msg);
 
-       if (fatal_error)
+       if (result != TNC_RESULT_SUCCESS)
        {
+               attr_list->destroy(attr_list);
                state->set_recommendation(state,
                                                                TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
                                                                TNC_IMV_EVALUATION_RESULT_ERROR);
@@ -552,7 +554,7 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
                
                return result;
        }
-       DESTROY_IF(attr_list);
+       attr_list->destroy(attr_list);
 
        if (attestation_state->get_handshake_state(attestation_state) &
                IMV_ATTESTATION_STATE_END)
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.h b/src/libimcv/plugins/imv_attestation/imv_attestation_process.h
index 506ecfd..078337f 100644 (file)
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.h
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.h
@@ -37,9 +37,14 @@
 /**
  * Process a TCG PTS attribute
  *
- * @param attr                         PA-TNC attribute to be processed
- * @param attr_list                    list with PA-TNC error attributes
- * @return                                     TRUE if successful
+ * @param attr                                 PA-TNC attribute to be processed
+ * @param attr_list                            list with PA-TNC error attributes
+ * @param attestation_state            attestation state of a given connection
+ * @param supported_algorithms supported PTS measurement algorithms
+ * @param supported_dh_groups  supported DH groups
+ * @param pts_db                               PTS configuration database
+ * @param pts_credmgr                  PTS credential manager
+ * @return                                             TRUE if successful
  */
 bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
                                                         imv_attestation_state_t *attestation_state,
strongSwan - IPsec VPN