projects / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6f93927)
make sending of IETF Assessment Result attributes configurable
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 9 Sep 2012 21:24:23 +0000 (23:24 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 9 Sep 2012 21:24:23 +0000 (23:24 +0200)
src/libimcv/imv/imv_agent.c patch | blob | history
testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/strongswan.conf patch | blob | history
testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/strongswan.conf patch | blob | history

diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c
index 1ec5ba0..d098595 100644 (file)
--- a/src/libimcv/imv/imv_agent.c
+++ b/src/libimcv/imv/imv_agent.c
@@ -734,18 +734,20 @@ METHOD(imv_agent_t, provide_recommendation, TNC_Result,
                }
        }
 
-       /* Send and IETF Assessment Result attribute */
-       attr = ietf_attr_assess_result_create(eval);
-       attr_list = linked_list_create();
-       attr_list->insert_last(attr_list, attr);
-       result = send_message(this, connection_id, FALSE, this->id, dst_imc_id,
-                                                 attr_list);
-       attr_list->destroy(attr_list);
-       if (result != TNC_RESULT_SUCCESS)
-       {
-               return result;
+       /* Send an IETF Assessment Result attribute if enabled */
+       if (lib->settings->get_bool(lib->settings, "libimcv.assessment_result", TRUE))
+       {
+               attr = ietf_attr_assess_result_create(eval);
+               attr_list = linked_list_create();
+               attr_list->insert_last(attr_list, attr);
+               result = send_message(this, connection_id, FALSE, this->id, dst_imc_id,
+                                                         attr_list);
+               attr_list->destroy(attr_list);
+               if (result != TNC_RESULT_SUCCESS)
+               {
+                       return result;
+               }
        }
-
        return this->provide_recommendation(this->id, connection_id, rec, eval);
 }
 
diff --git a/testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/strongswan.conf b/testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/strongswan.conf
index acd4630..06c34ed 100644 (file)
--- a/testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/strongswan.conf
@@ -2,6 +2,7 @@
 
 libimcv {
   debug_level = 3
+  assessment_result = no
   plugins {
     imv-scanner {
       closed_port_policy = no
diff --git a/testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/strongswan.conf b/testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/strongswan.conf
index 5d58606..3d7f6c6 100644 (file)
--- a/testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/strongswan.conf
@@ -2,6 +2,7 @@
 
 libimcv {
   debug_level = 3 
+  assessment_result = no
   plugins {
     imv-test {
       rounds = 1 
strongSwan - IPsec VPN