removed obsoleted tnc_ifmap plugin
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 31 Mar 2013 14:07:08 +0000 (16:07 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 31 Mar 2013 14:07:08 +0000 (16:07 +0200)
configure.in
src/libcharon/Makefile.am
src/libcharon/plugins/tnc_ifmap/Makefile.am [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.h [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.c [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.h [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c [deleted file]
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h [deleted file]

index 5ad0f7e..90d4b30 100644 (file)
@@ -168,7 +168,6 @@ ARG_DISBL_SET([xauth-generic],  [disable generic XAuth backend.])
 ARG_ENABL_SET([xauth-eap],      [enable XAuth backend using EAP methods to verify passwords.])
 ARG_ENABL_SET([xauth-pam],      [enable XAuth backend using PAM to verify passwords.])
 ARG_ENABL_SET([xauth-noauth],   [enable XAuth pseudo-backend that does not actually verify or even request any credentials.])
-ARG_ENABL_SET([tnc-ifmap],      [enable TNC IF-MAP module.])
 ARG_ENABL_SET([tnc-ifmap2],     [enable TNC IF-MAP v2 module. Requires libxml])
 ARG_ENABL_SET([tnc-pdp],        [enable TNC policy decision point module.])
 ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
@@ -343,10 +342,6 @@ if test x$smp = xtrue -o x$tnccs_11 = xtrue -o x$tnc_ifmap2 = xtrue; then
        xml=true
 fi
 
-if test x$tnc_ifmap = xtrue; then
-       axis2c=true
-fi
-
 if test x$manager = xtrue; then
        fast=true
 fi
@@ -675,12 +670,6 @@ if test x$xml = xtrue; then
        AC_SUBST(xml_LIBS)
 fi
 
-if test x$axis2c = xtrue; then
-       PKG_CHECK_MODULES(axis2c, [axis2c])
-       AC_SUBST(axis2c_CFLAGS)
-       AC_SUBST(axis2c_LIBS)
-fi
-
 if test x$tss = xtrousers; then
        AC_CHECK_LIB([tspi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])],[])
        AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
@@ -1017,7 +1006,6 @@ ADD_PLUGIN([xauth-generic],        [c charon])
 ADD_PLUGIN([xauth-eap],            [c charon])
 ADD_PLUGIN([xauth-pam],            [c charon])
 ADD_PLUGIN([xauth-noauth],         [c charon])
-ADD_PLUGIN([tnc-ifmap],            [c charon])
 ADD_PLUGIN([tnc-ifmap2],           [c charon])
 ADD_PLUGIN([tnc-pdp],              [c charon])
 ADD_PLUGIN([tnc-imc],              [c charon])
@@ -1159,7 +1147,6 @@ AM_CONDITIONAL(USE_XAUTH_GENERIC, test x$xauth_generic = xtrue)
 AM_CONDITIONAL(USE_XAUTH_EAP, test x$xauth_eap = xtrue)
 AM_CONDITIONAL(USE_XAUTH_PAM, test x$xauth_pam = xtrue)
 AM_CONDITIONAL(USE_XAUTH_NOAUTH, test x$xauth_noauth = xtrue)
-AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue)
 AM_CONDITIONAL(USE_TNC_IFMAP2, test x$tnc_ifmap2 = xtrue)
 AM_CONDITIONAL(USE_TNC_PDP, test x$tnc_pdp = xtrue)
 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
@@ -1356,7 +1343,6 @@ AC_CONFIG_FILES([
        src/libcharon/plugins/xauth_eap/Makefile
        src/libcharon/plugins/xauth_pam/Makefile
        src/libcharon/plugins/xauth_noauth/Makefile
-       src/libcharon/plugins/tnc_ifmap/Makefile
        src/libcharon/plugins/tnc_ifmap2/Makefile
        src/libcharon/plugins/tnc_pdp/Makefile
        src/libcharon/plugins/tnc_imc/Makefile
index a8ead50..b817bdb 100644 (file)
@@ -373,13 +373,6 @@ if MONOLITHIC
 endif
 endif
 
-if USE_TNC_IFMAP
-  SUBDIRS += plugins/tnc_ifmap
-if MONOLITHIC
-  libcharon_la_LIBADD += plugins/tnc_ifmap/libstrongswan-tnc-ifmap.la
-endif
-endif
-
 if USE_TNC_IFMAP2
   SUBDIRS += plugins/tnc_ifmap2
 if MONOLITHIC
diff --git a/src/libcharon/plugins/tnc_ifmap/Makefile.am b/src/libcharon/plugins/tnc_ifmap/Makefile.am
deleted file mode 100644 (file)
index b8a57b1..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-       -I$(top_srcdir)/src/libcharon ${axis2c_CFLAGS}
-
-AM_CFLAGS = -rdynamic
-
-libstrongswan_tnc_ifmap_la_LIBADD = ${axis2c_LIBS} -laxutil -laxis2_engine -laxis2_http_sender
-
-if MONOLITHIC
-noinst_LTLIBRARIES = libstrongswan-tnc-ifmap.la
-else
-plugin_LTLIBRARIES = libstrongswan-tnc-ifmap.la
-endif
-
-libstrongswan_tnc_ifmap_la_SOURCES = \
-       tnc_ifmap_plugin.h tnc_ifmap_plugin.c \
-       tnc_ifmap_listener.h tnc_ifmap_listener.c \
-       tnc_ifmap_soap.h tnc_ifmap_soap.c
-
-libstrongswan_tnc_ifmap_la_LDFLAGS = -module -avoid-version
-
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
deleted file mode 100644 (file)
index 9cd1ec3..0000000
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "tnc_ifmap_listener.h"
-#include "tnc_ifmap_soap.h"
-
-#include <daemon.h>
-#include <hydra.h>
-#include <utils/debug.h>
-
-typedef struct private_tnc_ifmap_listener_t private_tnc_ifmap_listener_t;
-
-/**
- * Private data of an tnc_ifmap_listener_t object.
- */
-struct private_tnc_ifmap_listener_t {
-
-       /**
-        * Public tnc_ifmap_listener_t interface.
-        */
-       tnc_ifmap_listener_t public;
-
-       /**
-        * TNC IF-MAP 2.0 SOAP interface
-        */
-       tnc_ifmap_soap_t *ifmap;
-
-};
-
-/**
- * Publish PEP device-ip metadata
- */
-static bool publish_device_ip_addresses(private_tnc_ifmap_listener_t *this)
-{
-       enumerator_t *enumerator;
-       host_t *host;
-       bool success = TRUE;
-
-       enumerator = hydra->kernel_interface->create_address_enumerator(
-                                                                       hydra->kernel_interface, ADDR_TYPE_REGULAR);
-       while (enumerator->enumerate(enumerator, &host))
-       {
-               if (!this->ifmap->publish_device_ip(this->ifmap, host))
-               {
-                       success = FALSE;
-                       break;
-               }
-       }
-       enumerator->destroy(enumerator);
-
-       return success;
-}
-
-/**
- * Publish all IKE_SA metadata
- */
-static bool reload_metadata(private_tnc_ifmap_listener_t *this)
-{
-       enumerator_t *enumerator;
-       ike_sa_t *ike_sa;
-       bool success = TRUE;
-
-       enumerator = charon->controller->create_ike_sa_enumerator(
-                                                                                               charon->controller, FALSE);
-       while (enumerator->enumerate(enumerator, &ike_sa))
-       {
-               if (ike_sa->get_state(ike_sa) != IKE_ESTABLISHED)
-               {
-                       continue;
-               }
-               if (!this->ifmap->publish_ike_sa(this->ifmap, ike_sa, TRUE))
-               {
-                       success = FALSE;
-                       break;
-               }
-       }
-       enumerator->destroy(enumerator);
-
-       return success;
-}
-
-METHOD(listener_t, ike_updown, bool,
-       private_tnc_ifmap_listener_t *this, ike_sa_t *ike_sa, bool up)
-{
-       if (ike_sa->get_state(ike_sa) != IKE_CONNECTING)
-       {
-               this->ifmap->publish_ike_sa(this->ifmap, ike_sa, up);
-       }
-       return TRUE;
-}
-
-METHOD(listener_t, alert, bool,
-       private_tnc_ifmap_listener_t *this, ike_sa_t *ike_sa, alert_t alert,
-       va_list args)
-{
-       if (alert == ALERT_PEER_AUTH_FAILED)
-       {
-               this->ifmap->publish_enforcement_report(this->ifmap,
-                                                       ike_sa->get_other_host(ike_sa),
-                                                       "block", "authentication failed");
-       }
-       return TRUE;
-}
-
-METHOD(tnc_ifmap_listener_t, destroy, void,
-       private_tnc_ifmap_listener_t *this)
-{
-       DESTROY_IF(this->ifmap);
-       free(this);
-}
-
-/**
- * See header
- */
-tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload)
-{
-       private_tnc_ifmap_listener_t *this;
-
-       INIT(this,
-               .public = {
-                       .listener = {
-                               .ike_updown = _ike_updown,
-                               .alert = _alert,
-                       },
-                       .destroy = _destroy,
-               },
-               .ifmap = tnc_ifmap_soap_create(),
-       );
-
-       if (!this->ifmap)
-       {
-               destroy(this);
-               return NULL;
-       }
-       if (!this->ifmap->newSession(this->ifmap))
-       {
-               destroy(this);
-               return NULL;
-       }
-       if (!this->ifmap->purgePublisher(this->ifmap))
-       {
-               destroy(this);
-               return NULL;
-       }
-       if (!publish_device_ip_addresses(this))
-       {
-               destroy(this);
-               return NULL;
-       }
-       if (reload)
-       {
-               if (!reload_metadata(this))
-               {
-                       destroy(this);
-                       return NULL;
-               }
-       }
-
-       return &this->public;
-}
-
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.h b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.h
deleted file mode 100644 (file)
index 878505b..0000000
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tnc_ifmap_listener tnc_ifmap_listener
- * @{ @ingroup tnc_ifmap 
- */
-
-#ifndef TNC_IFMAP_LISTENER_H_
-#define TNC_IFMAP_LISTENER_H_
-
-#include <bus/bus.h>
-
-typedef struct tnc_ifmap_listener_t tnc_ifmap_listener_t;
-
-/**
- * Listener which collects information on IKE_SAs
- */
-struct tnc_ifmap_listener_t {
-
-       /**
-        * Implements listener_t.
-        */
-       listener_t listener;
-
-       /**
-        * Destroy a tnc_ifmap_listener_t.
-        */
-       void (*destroy)(tnc_ifmap_listener_t *this);
-};
-
-/**
- * Create a tnc_ifmap_listener instance.
- *
- * @param reload       reload all IKE_SA metadata
- */
-tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload);
-
-#endif /** TNC_IFMAP_LISTENER_H_ @}*/
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.c
deleted file mode 100644 (file)
index de4d12e..0000000
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "tnc_ifmap_plugin.h"
-#include "tnc_ifmap_listener.h"
-
-#include <daemon.h>
-typedef struct private_tnc_ifmap_plugin_t private_tnc_ifmap_plugin_t;
-
-/**
- * private data of tnc_ifmap plugin
- */
-struct private_tnc_ifmap_plugin_t {
-
-       /**
-        * implements plugin interface
-        */
-       tnc_ifmap_plugin_t public;
-
-       /**
-        * Listener interface, listens to CHILD_SA state changes
-        */
-       tnc_ifmap_listener_t *listener;
-};
-
-METHOD(plugin_t, get_name, char*,
-       private_tnc_ifmap_plugin_t *this)
-{
-       return "tnc-ifmap";
-}
-
-METHOD(plugin_t, reload, bool,
-       private_tnc_ifmap_plugin_t *this)
-{
-       if (this->listener)
-       {
-               charon->bus->remove_listener(charon->bus, &this->listener->listener);
-               this->listener->destroy(this->listener);
-       }
-
-       this->listener = tnc_ifmap_listener_create(TRUE);
-       if (!this->listener)
-       {
-               return FALSE;
-       }
-
-       charon->bus->add_listener(charon->bus, &this->listener->listener);
-       return TRUE;
-}
-
-METHOD(plugin_t, destroy, void,
-       private_tnc_ifmap_plugin_t *this)
-{
-       if (this->listener)
-       {
-               charon->bus->remove_listener(charon->bus, &this->listener->listener);
-               this->listener->destroy(this->listener);
-       }
-       free(this);
-}
-
-/*
- * see header file
- */
-plugin_t *tnc_ifmap_plugin_create()
-{
-       private_tnc_ifmap_plugin_t *this;
-
-       INIT(this,
-               .public = {
-                       .plugin = {
-                               .get_name = _get_name,
-                               .reload = _reload,
-                               .destroy = _destroy,
-                       },
-               },
-               .listener = tnc_ifmap_listener_create(FALSE),
-       );
-
-       if (this->listener)
-       {
-               charon->bus->add_listener(charon->bus, &this->listener->listener);
-       }
-       return &this->public.plugin;
-}
-
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.h b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_plugin.h
deleted file mode 100644 (file)
index 8172be7..0000000
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tnc_ifmap tnc_ifmap
- * @ingroup cplugins
- *
- * @defgroup tnc_ifmap_plugin tnc_ifmap_plugin
- * @{ @ingroup tnc_ifmap
- */
-
-#ifndef TNC_IFMAP_PLUGIN_H_
-#define TNC_IFMAP_PLUGIN_H_
-
-#include <plugins/plugin.h>
-
-typedef struct tnc_ifmap_plugin_t tnc_ifmap_plugin_t;
-
-/**
- * TNC IF-MAP plugin
- */
-struct tnc_ifmap_plugin_t {
-
-       /**
-        * implements plugin interface
-        */
-       plugin_t plugin;
-};
-
-#endif /** TNC_IFMAP_PLUGIN_H_ @}*/
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
deleted file mode 100644 (file)
index 33480bb..0000000
+++ /dev/null
@@ -1,856 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "tnc_ifmap_soap.h"
-
-#include <utils/debug.h>
-#include <daemon.h>
-
-#include <axis2_util.h>
-#include <axis2_client.h>
-#include <axis2_http_transport.h>
-#include <axis2_http_transport_sender.h>
-#include <axiom_soap.h>
-
-#define IFMAP_NS         "http://www.trustedcomputinggroup.org/2010/IFMAP/2"
-#define IFMAP_META_NS "http://www.trustedcomputinggroup.org/2010/IFMAP-METADATA/2"
-#define IFMAP_LOGFILE "strongswan_ifmap.log"
-#define IFMAP_SERVER  "https://localhost:8443/"
-
-typedef struct private_tnc_ifmap_soap_t private_tnc_ifmap_soap_t;
-
-/**
- * Private data of an tnc_ifmap_soap_t object.
- */
-struct private_tnc_ifmap_soap_t {
-
-       /**
-        * Public tnc_ifmap_soap_t interface.
-        */
-       tnc_ifmap_soap_t public;
-
-       /**
-        * Axis2/C environment
-        */
-       axutil_env_t *env;
-
-       /**
-        * Axis2 service client
-        */
-       axis2_svc_client_t* svc_client;
-
-       /**
-        * SOAP Session ID
-        */
-       char *session_id;
-
-       /**
-        * IF-MAP Publisher ID
-        */
-       char *ifmap_publisher_id;
-
-       /**
-        * PEP and PDP device name
-        */
-       char *device_name;
-
-};
-
-/**
- * Send request and receive result via SOAP
- */
-static axiom_element_t* send_receive(private_tnc_ifmap_soap_t *this,
-                                                                        char *request_qname, axiom_node_t *request,
-                                                                        char *receipt_qname, axiom_node_t **result)
-
-{
-    axiom_node_t *parent, *node;
-    axiom_element_t *parent_el, *el;
-       axutil_qname_t *qname;
-
-       /* send request and receive result */
-       DBG2(DBG_TNC, "sending  ifmap %s", request_qname);
-
-       parent = axis2_svc_client_send_receive(this->svc_client, this->env, request);
-       if (!parent)
-       {
-               DBG1(DBG_TNC, "no ifmap %s received from MAP server", receipt_qname);
-               return NULL;
-       }
-       DBG2(DBG_TNC, "received ifmap %s", receipt_qname);
-
-       /* extract the parent element */
-       parent_el = (axiom_element_t*)axiom_node_get_data_element(parent, this->env);
-
-       /* look for a child node with the given receipt qname */
-       qname = axutil_qname_create_from_string(this->env, strdup(receipt_qname));
-       el = axiom_element_get_first_child_with_qname(parent_el, this->env, qname,
-                                                                                                 parent, &node);
-       axutil_qname_free(qname, this->env);
-
-       if (el)
-       {
-               if (result)
-               {
-                       *result = parent;
-               }
-               else
-               {
-                       /* no further processing requested */
-                       axiom_node_free_tree(parent, this->env);
-               }
-               return el;
-       }
-       DBG1(DBG_TNC, "child node with qname '%s' not found", receipt_qname);
-
-       /* free parent in the error case */
-       axiom_node_free_tree(parent, this->env);
-
-       return NULL;
-}
-
-METHOD(tnc_ifmap_soap_t, newSession, bool,
-       private_tnc_ifmap_soap_t *this)
-{
-    axiom_node_t *request, *result;
-    axiom_element_t *el;
-       axiom_namespace_t *ns;
-       axis2_char_t *value;
-
-
-       /* build newSession request */
-    ns = axiom_namespace_create(this->env, IFMAP_NS, "ifmap");
-    el = axiom_element_create(this->env, NULL, "newSession", ns, &request);
-
-       /* send newSession request and receive newSessionResult */
-       el = send_receive(this, "newSession", request, "newSessionResult", &result);
-       if (!el)
-       {
-               return FALSE;
-       }
-
-       /* get session-id */
-       value = axiom_element_get_attribute_value_by_name(el, this->env,
-                                                                "session-id");
-       this->session_id = strdup(value);
-
-       /* get ifmap-publisher-id */
-       value = axiom_element_get_attribute_value_by_name(el, this->env,
-                                                                "ifmap-publisher-id");
-       this->ifmap_publisher_id = strdup(value);
-
-       DBG1(DBG_TNC, "session-id: %s, ifmap-publisher-id: %s",
-                                  this->session_id, this->ifmap_publisher_id);
-
-       /* set PEP and PDP device name (defaults to IF-MAP Publisher ID) */
-       this->device_name = lib->settings->get_str(lib->settings,
-                                                                       "%s.plugins.tnc-ifmap.device_name",
-                                                                        this->ifmap_publisher_id, charon->name);
-       this->device_name = strdup(this->device_name);
-
-       /* free result */
-       axiom_node_free_tree(result, this->env);
-
-    return this->session_id && this->ifmap_publisher_id;
-}
-
-METHOD(tnc_ifmap_soap_t, purgePublisher, bool,
-       private_tnc_ifmap_soap_t *this)
-{
-       axiom_node_t *request;
-       axiom_element_t *el;
-       axiom_namespace_t *ns;
-       axiom_attribute_t *attr;
-
-       /* build purgePublisher request */
-       ns = axiom_namespace_create(this->env, IFMAP_NS, "ifmap");
-       el = axiom_element_create(this->env, NULL, "purgePublisher", ns, &request);
-       attr = axiom_attribute_create(this->env, "session-id",
-                                                                 this->session_id, NULL);
-       axiom_element_add_attribute(el, this->env, attr, request);
-       attr = axiom_attribute_create(this->env, "ifmap-publisher-id",
-                                                                 this->ifmap_publisher_id, NULL);
-       axiom_element_add_attribute(el, this->env, attr, request);
-
-       /* send purgePublisher request and receive purgePublisherReceived */
-       return send_receive(this, "purgePublisher", request,
-                                                         "purgePublisherReceived", NULL);
-}
-
-/**
- * Create an access-request based on device_name and ike_sa_id
- */
-static axiom_node_t* create_access_request(private_tnc_ifmap_soap_t *this,
-                                                                                  u_int32_t id)
-{
-       axiom_element_t *el;
-       axiom_node_t *node;
-       axiom_attribute_t *attr;
-       char buf[BUF_LEN];
-
-       el = axiom_element_create(this->env, NULL, "access-request", NULL, &node);
-
-       snprintf(buf, BUF_LEN, "%s:%d", this->device_name, id);
-       attr = axiom_attribute_create(this->env, "name", buf, NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       return node;
-}
-
-/**
- * Create an identity
- */
-static axiom_node_t* create_identity(private_tnc_ifmap_soap_t *this,
-                                                                        identification_t *id, bool is_user)
-{
-       axiom_element_t *el;
-       axiom_node_t *node;
-       axiom_attribute_t *attr;
-       char buf[BUF_LEN], *id_type;
-
-       el = axiom_element_create(this->env, NULL, "identity", NULL, &node);
-
-       snprintf(buf, BUF_LEN, "%Y", id);
-       attr = axiom_attribute_create(this->env, "name", buf, NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       switch (id->get_type(id))
-       {
-               case ID_IPV4_ADDR:
-                       id_type = "other";
-                       attr = axiom_attribute_create(this->env, "other-type-definition",
-                                                                                 "36906:ipv4-address", NULL);
-                       axiom_element_add_attribute(el, this->env, attr, node);
-                       break;
-               case ID_FQDN:
-                       id_type = is_user ? "username" : "dns-name";
-                       break;
-               case ID_RFC822_ADDR:
-                       id_type = "email-address";
-                       break;
-               case ID_IPV6_ADDR:
-                       id_type = "other";
-                       attr = axiom_attribute_create(this->env, "other-type-definition",
-                                                                                 "36906:ipv6-address", NULL);
-                       axiom_element_add_attribute(el, this->env, attr, node);
-                       break;
-               case ID_DER_ASN1_DN:
-                       id_type = "distinguished-name";
-                       break;
-               case ID_KEY_ID:
-                       id_type = "other";
-                       attr = axiom_attribute_create(this->env, "other-type-definition",
-                                                                                 "36906:key-id", NULL);
-                       axiom_element_add_attribute(el, this->env, attr, node);
-                       break;
-               default:
-                       id_type = "other";
-                       attr = axiom_attribute_create(this->env, "other-type-definition",
-                                                                                 "36906:other", NULL);
-                       axiom_element_add_attribute(el, this->env, attr, node);
-       }
-       attr = axiom_attribute_create(this->env, "type", id_type, NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       return node;
-}
-
-/**
- * Create an ip-address
- */
-static axiom_node_t* create_ip_address(private_tnc_ifmap_soap_t *this,
-                                                                          host_t *host)
-{
-       axiom_element_t *el;
-       axiom_node_t *node;
-       axiom_attribute_t *attr;
-       char buf[BUF_LEN];
-
-       el = axiom_element_create(this->env, NULL, "ip-address", NULL, &node);
-
-       if (host->get_family(host) == AF_INET6)
-       {
-               chunk_t address;
-               int len, written, i;
-               char *pos;
-               bool first = TRUE;
-
-               /* output IPv6 address in canonical IF-MAP 2.0 format */
-               address = host->get_address(host);
-               pos = buf;
-               len = sizeof(buf);
-
-               for (i = 0; i < address.len; i = i + 2)
-               {
-                       written = snprintf(pos, len, "%s%x", first ? "" : ":",
-                                                          256*address.ptr[i] +  address.ptr[i+1]);
-                       if (written < 0 || written >= len)
-                       {
-                               break;
-                       }
-                       pos += written;
-                       len -= written;
-                       first = FALSE;
-               }
-       }
-       else
-       {
-               snprintf(buf, BUF_LEN, "%H", host);
-       }
-       attr = axiom_attribute_create(this->env, "value", buf, NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       attr = axiom_attribute_create(this->env, "type",
-                                host->get_family(host) == AF_INET ? "IPv4" : "IPv6", NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       return node;
-}
-
-/**
- * Create a device
- */
-static axiom_node_t* create_device(private_tnc_ifmap_soap_t *this)
-{
-       axiom_element_t *el;
-       axiom_node_t *node, *node2, *node3;
-       axiom_text_t *text;
-
-       el = axiom_element_create(this->env, NULL, "device", NULL, &node);
-       el = axiom_element_create(this->env, NULL, "name", NULL, &node2);
-       axiom_node_add_child(node, this->env, node2);
-       text = axiom_text_create(this->env, node2, this->device_name, &node3);
-
-       return node;
-}
-
-/**
- * Create metadata
- */
-static axiom_node_t* create_metadata(private_tnc_ifmap_soap_t *this,
-                                                                        char *metadata)
-{
-       axiom_element_t *el;
-       axiom_node_t *node, *node2;
-       axiom_attribute_t *attr;
-       axiom_namespace_t *ns_meta;
-
-       el = axiom_element_create(this->env, NULL, "metadata", NULL, &node);
-       ns_meta = axiom_namespace_create(this->env, IFMAP_META_NS, "meta");
-
-       el = axiom_element_create(this->env, NULL, metadata, ns_meta, &node2);
-       axiom_node_add_child(node, this->env, node2);
-       attr = axiom_attribute_create(this->env, "ifmap-cardinality", "singleValue",
-                                                                 NULL);
-       axiom_element_add_attribute(el, this->env, attr, node2);
-
-       return node;
-}
-
-/**
- * Create capability metadata
- */
-static axiom_node_t* create_capability(private_tnc_ifmap_soap_t *this,
-                                                                          identification_t *name)
-{
-       axiom_element_t *el;
-       axiom_node_t *node, *node2, *node3;
-       axiom_namespace_t *ns_meta;
-       axiom_attribute_t *attr;
-       axiom_text_t *text;
-       char buf[BUF_LEN];
-
-       ns_meta = axiom_namespace_create(this->env, IFMAP_META_NS, "meta");
-       el = axiom_element_create(this->env, NULL, "capability", ns_meta, &node);
-       attr = axiom_attribute_create(this->env, "ifmap-cardinality", "multiValue",
-                                                                 NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       el = axiom_element_create(this->env, NULL, "name", NULL, &node2);
-       axiom_node_add_child(node, this->env, node2);
-       snprintf(buf, BUF_LEN, "%Y", name);
-       text = axiom_text_create(this->env, node2, buf, &node3);
-
-       el = axiom_element_create(this->env, NULL, "administrative-domain", NULL, &node2);
-       axiom_node_add_child(node, this->env, node2);
-       text = axiom_text_create(this->env, node2, "strongswan", &node3);
-
-       return node;
-}
-
-/**
- * Create enforcement-report metadata
- */
-static axiom_node_t* create_enforcement_report(private_tnc_ifmap_soap_t *this,
-                                                                                          char *action, char *reason)
-{
-       axiom_element_t *el;
-       axiom_node_t *node, *node2, *node3, *node4;
-       axiom_namespace_t *ns_meta;
-       axiom_attribute_t *attr;
-       axiom_text_t *text;
-
-       el = axiom_element_create(this->env, NULL, "metadata", NULL, &node);
-
-       ns_meta = axiom_namespace_create(this->env, IFMAP_META_NS, "meta");
-       el = axiom_element_create(this->env, NULL, "enforcement-report", ns_meta,
-                                                         &node2);
-       attr = axiom_attribute_create(this->env, "ifmap-cardinality",
-                                                                 "multiValue", NULL);
-       axiom_element_add_attribute(el, this->env, attr, node2);
-       axiom_node_add_child(node, this->env, node2);
-
-       el = axiom_element_create(this->env, NULL, "enforcement-action", NULL,
-                                                         &node3);
-       axiom_node_add_child(node2, this->env, node3);
-       text = axiom_text_create(this->env, node3, action, &node4);
-
-       el = axiom_element_create(this->env, NULL, "enforcement-reason", NULL,
-                                                         &node3);
-       axiom_node_add_child(node2, this->env, node3);
-       text = axiom_text_create(this->env, node3, reason, &node4);
-
-    return node;
-}
-
-/**
- * Create delete filter
- */
-static axiom_node_t* create_delete_filter(private_tnc_ifmap_soap_t *this,
-                                                                                 char *metadata)
-{
-       axiom_element_t *el;
-       axiom_node_t *node;
-       axiom_attribute_t *attr;
-       char buf[BUF_LEN];
-
-       el = axiom_element_create(this->env, NULL, "delete", NULL, &node);
-
-       snprintf(buf, BUF_LEN, "meta:%s[@ifmap-publisher-id='%s']",
-                        metadata, this->ifmap_publisher_id);
-       attr = axiom_attribute_create(this->env, "filter", buf, NULL);
-       axiom_element_add_attribute(el, this->env, attr, node);
-
-       return node;
-}
-
-/**
- * Create a publish request
- */
-static axiom_node_t* create_publish_request(private_tnc_ifmap_soap_t *this)
-{
-       axiom_element_t *el;
-       axiom_node_t *request;
-       axiom_namespace_t *ns, *ns_meta;
-       axiom_attribute_t *attr;
-
-       ns = axiom_namespace_create(this->env, IFMAP_NS, "ifmap");
-       el = axiom_element_create(this->env, NULL, "publish", ns, &request);
-       ns_meta = axiom_namespace_create(this->env, IFMAP_META_NS, "meta");
-       axiom_element_declare_namespace(el, this->env, request, ns_meta);
-       attr = axiom_attribute_create(this->env, "session-id", this->session_id,
-                                                                 NULL);
-       axiom_element_add_attribute(el, this->env, attr, request);
-
-       return request;
-}
-
-METHOD(tnc_ifmap_soap_t, publish_ike_sa, bool,
-       private_tnc_ifmap_soap_t *this, ike_sa_t *ike_sa, bool up)
-{
-       axiom_node_t *request, *node, *node2;
-       axiom_element_t *el;
-
-       enumerator_t *e1, *e2;
-       auth_rule_t type;
-       identification_t *id, *eap_id, *group;
-       host_t *host;
-       auth_cfg_t *auth;
-       u_int32_t ike_sa_id;
-       bool is_user = FALSE, first = TRUE;
-
-       /* extract relevant data from IKE_SA*/
-       ike_sa_id = ike_sa->get_unique_id(ike_sa);
-       id = ike_sa->get_other_id(ike_sa);
-       eap_id = ike_sa->get_other_eap_id(ike_sa);
-       host = ike_sa->get_other_host(ike_sa);
-
-       /* in the presence of an EAP Identity, treat it as a username */
-       if (!id->equals(id, eap_id))
-       {
-               is_user = TRUE;
-               id = eap_id;
-       }
-
-       /* build publish request */
-       request = create_publish_request(this);
-
-       /* delete any existing enforcement reports */
-       if (up)
-       {
-               node = create_delete_filter(this, "enforcement-report");
-               axiom_node_add_child(request, this->env, node);
-               axiom_node_add_child(node, this->env,
-                                                        create_ip_address(this, host));
-               axiom_node_add_child(node, this->env,
-                                                        create_device(this));
-       }
-
-       /**
-        * update or delete authenticated-as metadata
-        */
-       if (up)
-       {
-               el = axiom_element_create(this->env, NULL, "update", NULL, &node);
-       }
-       else
-       {
-               node = create_delete_filter(this, "authenticated-as");
-       }
-       axiom_node_add_child(request, this->env, node);
-
-       /* add access-request, identity and [if up] metadata */
-       axiom_node_add_child(node, this->env,
-                                                        create_access_request(this, ike_sa_id));
-       axiom_node_add_child(node, this->env,
-                                                        create_identity(this, id, is_user));
-       if (up)
-       {
-               axiom_node_add_child(node, this->env,
-                                                        create_metadata(this, "authenticated-as"));
-       }
-
-       /**
-        * update or delete access-request-ip metadata
-        */
-       if (up)
-       {
-               el = axiom_element_create(this->env, NULL, "update", NULL, &node);
-       }
-       else
-       {
-               node = create_delete_filter(this, "access-request-ip");
-       }
-       axiom_node_add_child(request, this->env, node);
-
-       /* add access-request, ip-address and [if up] metadata */
-       axiom_node_add_child(node, this->env,
-                                                        create_access_request(this, ike_sa_id));
-       axiom_node_add_child(node, this->env,
-                                                        create_ip_address(this, host));
-       if (up)
-       {
-               axiom_node_add_child(node, this->env,
-                                                        create_metadata(this, "access-request-ip"));
-       }
-
-       /**
-        * update or delete authenticated-by metadata
-        */
-       if (up)
-       {
-               el = axiom_element_create(this->env, NULL, "update", NULL, &node);
-       }
-       else
-       {
-               node = create_delete_filter(this, "authenticated-by");
-       }
-       axiom_node_add_child(request, this->env, node);
-
-       /* add access-request, device and [if up] metadata */
-       axiom_node_add_child(node, this->env,
-                                                        create_access_request(this, ike_sa_id));
-       axiom_node_add_child(node, this->env,
-                                                        create_device(this));
-       if (up)
-       {
-               axiom_node_add_child(node, this->env,
-                                                        create_metadata(this, "authenticated-by"));
-       }
-
-       /**
-        * update or delete capability metadata
-        */
-       e1 = ike_sa->create_auth_cfg_enumerator(ike_sa, FALSE);
-       while (e1->enumerate(e1, &auth) && (first || up))
-       {
-               e2 = auth->create_enumerator(auth);
-               while (e2->enumerate(e2, &type, &group))
-               {
-                       /* look for group memberships */
-                       if (type == AUTH_RULE_GROUP)
-                       {
-                               if (first)
-                               {
-                                       first = FALSE;
-
-                                       if (up)
-                                       {
-                                               el = axiom_element_create(this->env, NULL, "update",
-                                                                                                 NULL, &node);
-                                       }
-                                       else
-                                       {
-                                               node = create_delete_filter(this, "capability");
-                                       }
-                                       axiom_node_add_child(request, this->env, node);
-
-                                       /* add access-request */
-                                       axiom_node_add_child(node, this->env,
-                                                                        create_access_request(this, ike_sa_id));
-                                       if (!up)
-                                       {
-                                               break;
-                                       }
-                                       el = axiom_element_create(this->env, NULL, "metadata", NULL,
-                                                                                         &node2);
-                                       axiom_node_add_child(node, this->env, node2);
-                               }
-                               axiom_node_add_child(node2, this->env,
-                                                                        create_capability(this, group));
-                       }
-               }
-               e2->destroy(e2);
-       }
-       e1->destroy(e1);
-
-       /* send publish request and receive publishReceived */
-       return send_receive(this, "publish", request, "publishReceived", NULL);
-}
-
-METHOD(tnc_ifmap_soap_t, publish_device_ip, bool,
-       private_tnc_ifmap_soap_t *this, host_t *host)
-{
-       axiom_node_t *request, *node;
-       axiom_element_t *el;
-
-       /* build publish update request */
-       request = create_publish_request(this);
-       el = axiom_element_create(this->env, NULL, "update", NULL, &node);
-       axiom_node_add_child(request, this->env, node);
-
-       /* add device, ip-address and metadata */
-       axiom_node_add_child(node, this->env,
-                                                create_device(this));
-       axiom_node_add_child(node, this->env,
-                                                create_ip_address(this, host));
-       axiom_node_add_child(node, this->env,
-                                                create_metadata(this, "device-ip"));
-
-       /* send publish request and receive publishReceived */
-       return send_receive(this, "publish", request, "publishReceived", NULL);
-}
-
-METHOD(tnc_ifmap_soap_t, publish_enforcement_report, bool,
-       private_tnc_ifmap_soap_t *this, host_t *host, char *action, char *reason)
-{
-       axiom_node_t *request, *node;
-       axiom_element_t *el;
-
-       /* build publish update request */
-       request = create_publish_request(this);
-       el = axiom_element_create(this->env, NULL, "update", NULL, &node);
-       axiom_node_add_child(request, this->env, node);
-
-       /* add ip-address and metadata */
-       axiom_node_add_child(node, this->env,
-                                                create_ip_address(this, host));
-       axiom_node_add_child(node, this->env,
-                                                create_device(this));
-       axiom_node_add_child(node, this->env,
-                                                create_enforcement_report(this, action, reason));
-
-       /* send publish request and receive publishReceived */
-       return send_receive(this, "publish", request, "publishReceived", NULL);
-}
-
-METHOD(tnc_ifmap_soap_t, endSession, bool,
-       private_tnc_ifmap_soap_t *this)
-{
-       axiom_node_t *request;
-       axiom_element_t *el;
-       axiom_namespace_t *ns;
-       axiom_attribute_t *attr;
-
-       /* build endSession request */
-       ns = axiom_namespace_create(this->env, IFMAP_NS, "ifmap");
-       el = axiom_element_create(this->env, NULL, "endSession", ns, &request);
-       attr = axiom_attribute_create(this->env, "session-id", this->session_id, NULL);
-       axiom_element_add_attribute(el, this->env, attr, request);
-
-       /* send endSession request and receive end SessionResult */
-       return send_receive(this, "endSession", request, "endSessionResult", NULL);
-}
-
-METHOD(tnc_ifmap_soap_t, destroy, void,
-       private_tnc_ifmap_soap_t *this)
-{
-       if (this->session_id)
-       {
-               endSession(this);
-               free(this->session_id);
-               free(this->ifmap_publisher_id);
-               free(this->device_name);
-       }
-       if (this->svc_client)
-       {
-               axis2_svc_client_free(this->svc_client, this->env);
-       }
-       if (this->env)
-       {
-               axutil_env_free(this->env);
-       }
-       free(this);
-}
-
-static bool axis2c_init(private_tnc_ifmap_soap_t *this)
-{
-       axis2_char_t *server, *server_cert, *key_file, *client_home;
-       axis2_char_t *ssl_passphrase, *username, *password;
-       axis2_endpoint_ref_t* endpoint_ref = NULL;
-       axis2_options_t *options = NULL;
-       axis2_transport_in_desc_t *transport_in;
-       axis2_transport_out_desc_t *transport_out;
-       axis2_transport_sender_t *transport_sender;
-       axutil_property_t* property;
-
-       /* Getting configuration parameters from strongswan.conf */
-       client_home = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.client_home",
-                                       AXIS2_GETENV("AXIS2C_HOME"), charon->name);
-       server = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.server", IFMAP_SERVER, charon->name);
-       server_cert = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.server_cert", NULL, charon->name);
-       key_file = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.key_file", NULL, charon->name);
-       ssl_passphrase = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.ssl_passphrase", NULL, charon->name);
-       username = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.username", NULL, charon->name);
-       password = lib->settings->get_str(lib->settings,
-                                       "%s.plugins.tnc-ifmap.password", NULL, charon->name);
-
-       if (!server_cert)
-       {
-               DBG1(DBG_TNC, "MAP server certificate not defined");
-               return FALSE;
-       }
-
-       if (!key_file && (!username || !password))
-       {
-               DBG1(DBG_TNC, "MAP client keyfile or %s%s%s not defined",
-                       (!username) ? "username" : "",
-                       (!username && ! password) ? " and " : "",
-                       (!password) ? "password" : "");
-               return FALSE;
-       }
-
-       /* Create Axis2/C environment and options */
-       this->env = axutil_env_create_all(IFMAP_LOGFILE, AXIS2_LOG_LEVEL_TRACE);
-       options = axis2_options_create(this->env);
-
-       /* Set path to the MAP server certificate */
-       property =axutil_property_create_with_args(this->env, 0, 0, 0,
-                                                                                          server_cert);
-       axis2_options_set_property(options, this->env,
-                                                          AXIS2_SSL_SERVER_CERT, property);
-
-       if (key_file)
-       {
-               /* Set path to the MAP client certificate */
-               property =axutil_property_create_with_args(this->env, 0, 0, 0,
-                                                                                                  key_file);
-               axis2_options_set_property(options, this->env,
-                                                                  AXIS2_SSL_KEY_FILE, property);
-               if (ssl_passphrase)
-               {
-                       /* Provide SSL passphrase */
-                       property =axutil_property_create_with_args(this->env, 0, 0, 0,
-                                                   ssl_passphrase);
-                       axis2_options_set_property(options, this->env,
-                                                                          AXIS2_SSL_PASSPHRASE, property);
-               }
-       }
-       else
-       {
-               /* Set up HTTP Basic MAP client authentication */
-               axis2_options_set_http_auth_info(options, this->env,
-                                                                                username, password, "Basic");
-       }
-
-       /* Define the MAP server as the to endpoint reference */
-       endpoint_ref = axis2_endpoint_ref_create(this->env, server);
-       axis2_options_set_to(options, this->env, endpoint_ref);
-
-       /* Set up https transport */
-       transport_in = axis2_transport_in_desc_create(this->env,
-                                                                                                 AXIS2_TRANSPORT_ENUM_HTTPS);
-       transport_out = axis2_transport_out_desc_create(this->env,
-                                                                                                 AXIS2_TRANSPORT_ENUM_HTTPS);
-       transport_sender = axis2_http_transport_sender_create(this->env);
-       axis2_transport_out_desc_set_sender(transport_out, this->env,
-                                                                               transport_sender);
-       axis2_options_set_transport_in(options, this->env, transport_in);
-       axis2_options_set_transport_out(options, this->env, transport_out);
-
-       /* Create the axis2 service client */
-       this->svc_client = axis2_svc_client_create(this->env, client_home);
-       if (!this->svc_client)
-       {
-               DBG1(DBG_TNC, "could not create axis2 service client");
-               AXIS2_LOG_ERROR(this->env->log, AXIS2_LOG_SI,
-                                           "Stub invoke FAILED: Error code: %d :: %s",
-                                               this->env->error->error_number,
-                                               AXIS2_ERROR_GET_MESSAGE(this->env->error));
-               destroy(this);
-               return FALSE;
-       }
-
-       axis2_svc_client_set_options(this->svc_client, this->env, options);
-       DBG1(DBG_TNC, "connecting as MAP client '%s' to MAP server at '%s'",
-                                  username, server);
-
-       return TRUE;
-}
-
-/**
- * See header
- */
-tnc_ifmap_soap_t *tnc_ifmap_soap_create()
-{
-       private_tnc_ifmap_soap_t *this;
-
-       INIT(this,
-               .public = {
-                       .newSession = _newSession,
-                       .purgePublisher = _purgePublisher,
-                       .publish_ike_sa = _publish_ike_sa,
-                       .publish_device_ip = _publish_device_ip,
-                       .publish_enforcement_report = _publish_enforcement_report,
-                       .endSession = _endSession,
-                       .destroy = _destroy,
-               },
-       );
-
-       if (!axis2c_init(this))
-       {
-               destroy(this);
-               return NULL;
-       }
-
-       return &this->public;
-}
-
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h
deleted file mode 100644 (file)
index 4efdc77..0000000
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tnc_ifmap_soap tnc_ifmap_soap
- * @{ @ingroup tnc_ifmap
- */
-
-#ifndef TNC_IFMAP_SOAP_H_
-#define TNC_IFMAP_SOAP_H_
-
-#include <library.h>
-#include <networking/host.h>
-#include <sa/ike_sa.h>
-
-typedef struct tnc_ifmap_soap_t tnc_ifmap_soap_t;
-
-/**
- * Implements the TNC IF-MAP 2.0 SOAP Binding
- */
-struct tnc_ifmap_soap_t {
-
-       /**
-        * Creates a new IF-MAP session
-        *
-        * @return                              TRUE if command was successful
-        */
-       bool (*newSession)(tnc_ifmap_soap_t *this);
-
-       /**
-        * Purges all metadata published by this publisher
-        *
-        * @return                              TRUE if command was successful
-        */
-       bool (*purgePublisher)(tnc_ifmap_soap_t *this);
-
-       /**
-        * Publish metadata about established/deleted IKE_SAs
-        *
-        * @param ike_sa                IKE_SA for which metadate is published
-        * @param up                    TRUE if IKE_SEA is up, FALSE if down
-        * @return                              TRUE if command was successful
-        */
-       bool (*publish_ike_sa)(tnc_ifmap_soap_t *this, ike_sa_t *ike_sa, bool up);
-
-       /**
-        * Publish PEP device-ip metadata
-        *
-        * @param host                  IP address of local endpoint
-        * @return                              TRUE if command was successful
-        */
-       bool (*publish_device_ip)(tnc_ifmap_soap_t *this, host_t *host);
-
-       /**
-        * Publish enforcement-report metadata
-        *
-        * @param host                  Host to be enforced
-        * @param action                Enforcement action ("block" or "quarantine")
-        * @param reason                Enforcement reason
-        * @return                              TRUE if command was successful
-        */
-       bool (*publish_enforcement_report)(tnc_ifmap_soap_t *this, host_t *host,
-                                                                          char *action, char *reason);
-
-       /**
-        * Ends an IF-MAP session
-        *
-        * @return                              TRUE if command was successful
-        */
-       bool (*endSession)(tnc_ifmap_soap_t *this);
-
-       /**
-        * Destroy a tnc_ifmap_soap_t.
-        */
-       void (*destroy)(tnc_ifmap_soap_t *this);
-};
-
-/**
- * Create a tnc_ifmap_soap instance.
- */
-tnc_ifmap_soap_t *tnc_ifmap_soap_create();
-
-#endif /** TNC_IFMAP_SOAP_H_ @}*/