diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-07-11 09:23:45 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-07-11 17:09:05 +0200 |
| commit | d7dcbc95a9db12537a2b972087052afa95da41c2 (patch) | |
| tree | b6c9b4af2010d6e33378768b824502fbc894fb48 | |
| parent | 3a16bec8f9b2c32e503aca257337ce484ad5633f (diff) | |
| download | strongswan-d7dcbc95a9db12537a2b972087052afa95da41c2.tar.bz2 strongswan-d7dcbc95a9db12537a2b972087052afa95da41c2.tar.xz | |
make maximum PB-TNC batch size configurable
| -rw-r--r-- | man/strongswan.conf.5.in | 3 | ||||
| -rw-r--r-- | src/libcharon/plugins/tnccs_20/tnccs_20.c | 13 |
2 files changed, 14 insertions, 2 deletions
diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in index 08dda2583..4abd06540 100644 --- a/man/strongswan.conf.5.in +++ b/man/strongswan.conf.5.in @@ -500,6 +500,9 @@ certificates even if they don't contain a CA basic constraint. .BR charon.plugins.stroke.max_concurrent " [4]" Maximum number of stroke messages handled concurrently .TP +.BR charon.plugins.tnccs-20.max_batch_size " [65522]" +Maximum size of a PB-TNC batch (upper limit via PT-EAP = 65529) +.TP .BR charon.plugins.tnc-ifmap.device_name Unique name of strongSwan as a PEP and/or PDP device .TP diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20.c b/src/libcharon/plugins/tnccs_20/tnccs_20.c index 576cd825b..ea33d46ba 100644 --- a/src/libcharon/plugins/tnccs_20/tnccs_20.c +++ b/src/libcharon/plugins/tnccs_20/tnccs_20.c @@ -35,6 +35,7 @@ #include <tnc/imv/imv_manager.h> #include <debug.h> +#include <daemon.h> #include <threading/mutex.h> #include <utils/linked_list.h> #include <pen/pen.h> @@ -77,6 +78,11 @@ struct private_tnccs_20_t { pb_tnc_batch_type_t batch_type; /** + * Maximum PA-TNC batch size + */ + size_t max_batch_len; + + /** * Mutex locking the batch in construction */ mutex_t *mutex; @@ -649,7 +655,7 @@ METHOD(tls_t, build, status_t, msg->build(msg); msg_value = msg->get_encoding(msg); batch_len += PB_TNC_HEADER_SIZE + msg_value.len; - if (batch_len > *buflen) + if (batch_len > min(this->max_batch_len, *buflen)) { /* message does not fit into batch of maximum size */ break; @@ -674,7 +680,7 @@ METHOD(tls_t, build, status_t, msg_count = this->messages->get_count(this->messages); if (msg_count) { - DBG2(DBG_TNC, "%d PB-TNC message%s for %N batch queued", + DBG2(DBG_TNC, "queued %d PB-TNC message%s for next %N batch", msg_count, (msg_count == 1) ? "" : "s", pb_tnc_batch_type_names, this->batch_type); } @@ -768,6 +774,9 @@ tls_t *tnccs_20_create(bool is_server) .state_machine = pb_tnc_state_machine_create(is_server), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .messages = linked_list_create(), + .max_batch_len = lib->settings->get_int(lib->settings, + "%s.plugins.tnccs-20.max_batch_size", 65522, + charon->name), ); return &this->public; |