diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-10-25 01:10:02 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-10-25 01:10:16 +0200 |
| commit | f0a8bf47f7d01ded310e60b3ec1e7204284dd7f7 (patch) | |
| tree | f0d3b416d4a0db79f38c75e632f0a62475d3bf5c | |
| parent | c008d2cc4618ff5afcb8ea8b8ff7e756545e4c47 (diff) | |
| download | strongswan-f0a8bf47f7d01ded310e60b3ec1e7204284dd7f7.tar.bz2 strongswan-f0a8bf47f7d01ded310e60b3ec1e7204284dd7f7.tar.xz | |
refactored TNC framework
52 files changed, 971 insertions, 605 deletions
diff --git a/configure.in b/configure.in index c0369623f..06b8f51cb 100644 --- a/configure.in +++ b/configure.in @@ -841,12 +841,13 @@ ADD_PLUGIN([eap-tls], [c libcharon]) ADD_PLUGIN([eap-ttls], [c libcharon]) ADD_PLUGIN([eap-peap], [c libcharon]) ADD_PLUGIN([eap-tnc], [c libcharon]) -ADD_PLUGIN([tnccs-20], [c libcharon]) -ADD_PLUGIN([tnccs-11], [c libcharon]) -ADD_PLUGIN([tnccs-dynamic], [c libcharon]) ADD_PLUGIN([tnc-ifmap], [c libcharon]) ADD_PLUGIN([tnc-imc], [c libcharon]) ADD_PLUGIN([tnc-imv], [c libcharon]) +ADD_PLUGIN([tnc-tnccs], [c libcharon]) +ADD_PLUGIN([tnccs-20], [c libcharon]) +ADD_PLUGIN([tnccs-11], [c libcharon]) +ADD_PLUGIN([tnccs-dynamic], [c libcharon]) ADD_PLUGIN([medsrv], [c libcharon]) ADD_PLUGIN([medcli], [c libcharon]) ADD_PLUGIN([nm], [c libcharon]) @@ -962,6 +963,7 @@ AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue) AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue) AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue) AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue) +AM_CONDITIONAL(USE_TNC_TNCCS, test x$tnccs = xtrue) AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue) AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue) AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue) @@ -1017,13 +1019,13 @@ AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$ AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$pluto = xtrue) AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue) AM_CONDITIONAL(USE_LIBTNCIF, test x$charon = xtrue -o x$conftest = xtrue -o x$imcv = xtrue) +AM_CONDITIONAL(USE_LIBTNCCS, test x$tnccs = xtrue) AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue) AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$pluto = xtrue -o x$stroke = xtrue -o x$tools = xtrue -o x$conftest = xtrue) AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap) AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue) AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue) AM_CONDITIONAL(USE_TLS, test x$tls = xtrue) -AM_CONDITIONAL(USE_TNCCS, test x$tnccs = xtrue) AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue) AM_CONDITIONAL(USE_PTS, test x$pts = xtrue) AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue) @@ -1136,6 +1138,7 @@ AC_OUTPUT( src/libcharon/plugins/tnc_ifmap/Makefile src/libcharon/plugins/tnc_imc/Makefile src/libcharon/plugins/tnc_imv/Makefile + src/libcharon/plugins/tnc_tnccs/Makefile src/libcharon/plugins/tnccs_11/Makefile src/libcharon/plugins/tnccs_20/Makefile src/libcharon/plugins/tnccs_dynamic/Makefile diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in index 8d39ea5ba..608c970b6 100644 --- a/man/strongswan.conf.5.in +++ b/man/strongswan.conf.5.in @@ -487,12 +487,6 @@ Authentication username of strongSwan MAP client .BR charon.plugins.tnc-imc.preferred_language " [en]" Preferred language for TNC recommendations .TP -.BR charon.plugins.tnc-imc.tnc_config " [/etc/tnc_config]" -TNC IMC configuration directory -.TP -.BR charon.plugins.tnc-imv.tnc_config " [/etc/tnc_config]" -TNC IMV configuration directory -.TP .BR charon.plugins.whitelist.enable " [yes]" enable loaded whitelist plugin .SS libstrongswan section @@ -556,6 +550,10 @@ List of available PKCS#11 modules .TP .BR libstrongswan.plugins.pkcs11.use_hasher " [no]" Whether the PKCS#11 modules should be used to hash data +.SS libtnccs section +.TP +.BR libtnccs.tnc_config " [/etc/tnc_config]" +TNC IMC/IMV configuration directory .SS libimcv section .TP .BR libimcv.debug_level " [1]" diff --git a/src/Makefile.am b/src/Makefile.am index 7f4651dcd..5e85a5f88 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -20,7 +20,7 @@ if USE_LIBTNCIF SUBDIRS += libtncif endif -if USE_TNCCS +if USE_LIBTNCCS SUBDIRS += libtnccs endif diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am index b51027ab4..d34a3ea9d 100644 --- a/src/libcharon/Makefile.am +++ b/src/libcharon/Makefile.am @@ -86,9 +86,7 @@ sa/tasks/ike_rekey.c sa/tasks/ike_rekey.h \ sa/tasks/ike_reauth.c sa/tasks/ike_reauth.h \ sa/tasks/ike_auth_lifetime.c sa/tasks/ike_auth_lifetime.h \ sa/tasks/ike_vendor.c sa/tasks/ike_vendor.h \ -sa/tasks/task.c sa/tasks/task.h \ -tnc/tnccs/tnccs.c tnc/tnccs/tnccs.h \ -tnc/tnccs/tnccs_manager.c tnc/tnccs/tnccs_manager.h +sa/tasks/task.c sa/tasks/task.h daemon.lo : $(top_builddir)/config.status @@ -96,9 +94,7 @@ INCLUDES = \ -I${linux_headers} \ -I$(top_srcdir)/src/libstrongswan \ -I$(top_srcdir)/src/libhydra \ - -I$(top_srcdir)/src/libcharon \ - -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libtnccs + -I$(top_srcdir)/src/libcharon AM_CFLAGS = \ -DIPSEC_DIR=\"${ipsecdir}\" \ @@ -351,6 +347,13 @@ if MONOLITHIC endif endif +if USE_TNC_TNCCS + SUBDIRS += plugins/tnc_tnccs +if MONOLITHIC + libcharon_la_LIBADD += plugins/tnc_tnccs/libstrongswan-tnc_tnccs.la +endif +endif + if USE_TNCCS_11 SUBDIRS += plugins/tnccs_11 if MONOLITHIC diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c index 9412fee7c..9b6af22bb 100644 --- a/src/libcharon/daemon.c +++ b/src/libcharon/daemon.c @@ -29,8 +29,6 @@ # endif /* CAPABILITIES_NATIVE */ #endif /* CAPABILITIES */ -#define USE_TNC /* for tnccs_manager */ - #include "daemon.h" #include <library.h> @@ -124,7 +122,6 @@ static void destroy(private_daemon_t *this) DESTROY_IF(this->public.ike_sa_manager); DESTROY_IF(this->public.controller); DESTROY_IF(this->public.eap); - DESTROY_IF(this->public.tnccs); #ifdef ME DESTROY_IF(this->public.connect_manager); DESTROY_IF(this->public.mediation_manager); @@ -294,7 +291,6 @@ private_daemon_t *daemon_create() charon = &this->public; this->public.controller = controller_create(); this->public.eap = eap_manager_create(); - this->public.tnccs = tnccs_manager_create(); this->public.backends = backend_manager_create(); this->public.socket = socket_manager_create(); this->public.traps = trap_manager_create(); diff --git a/src/libcharon/daemon.h b/src/libcharon/daemon.h index 6bbaa4f58..2e01c8d9b 100644 --- a/src/libcharon/daemon.h +++ b/src/libcharon/daemon.h @@ -64,9 +64,6 @@ * @defgroup tasks tasks * @ingroup sa * - * @defgroup tnc tnc - * @ingroup libcharon - * * @addtogroup libcharon * @{ * @@ -152,7 +149,6 @@ typedef struct daemon_t daemon_t; #include <sa/shunt_manager.h> #include <config/backend_manager.h> #include <sa/authenticators/eap/eap_manager.h> -#include <tnc/tnccs/tnccs_manager.h> #ifdef ME #include <sa/connect_manager.h> @@ -239,11 +235,6 @@ struct daemon_t { */ eap_manager_t *eap; - /** - * TNCCS manager to maintain registered TNCCS protocols - */ - tnccs_manager_t *tnccs; - #ifdef ME /** * Connect manager diff --git a/src/libcharon/plugins/eap_tnc/Makefile.am b/src/libcharon/plugins/eap_tnc/Makefile.am index 8d5dddbeb..0e10f7d9c 100644 --- a/src/libcharon/plugins/eap_tnc/Makefile.am +++ b/src/libcharon/plugins/eap_tnc/Makefile.am @@ -1,7 +1,11 @@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \ - -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls \ - -I$(top_srcdir)/src/libtncif +INCLUDES = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libhydra \ + -I$(top_srcdir)/src/libcharon \ + -I$(top_srcdir)/src/libtls \ + -I$(top_srcdir)/src/libtncif \ + -I$(top_srcdir)/src/libtnccs AM_CFLAGS = -rdynamic @@ -9,7 +13,9 @@ if MONOLITHIC noinst_LTLIBRARIES = libstrongswan-eap-tnc.la else plugin_LTLIBRARIES = libstrongswan-eap-tnc.la -libstrongswan_eap_tnc_la_LIBADD = $(top_builddir)/src/libtls/libtls.la +libstrongswan_eap_tnc_la_LIBADD = \ + $(top_builddir)/src/libtls/libtls.la \ + $(top_builddir)/src/libtnccs/libtnccs.la endif libstrongswan_eap_tnc_la_SOURCES = \ diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc.c b/src/libcharon/plugins/eap_tnc/eap_tnc.c index 3d3a51a30..33a83ba18 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc.c @@ -15,13 +15,11 @@ #include "eap_tnc.h" +#include <tnc/tnc.h> +#include <tnc/tnccs/tnccs_manager.h> #include <tls_eap.h> #include <debug.h> -#define USE_TNC - -#include <daemon.h> - typedef struct private_eap_tnc_t private_eap_tnc_t; /** @@ -174,7 +172,7 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, free(this); return NULL; } - tnccs = charon->tnccs->create_instance(charon->tnccs, type, is_server); + tnccs = tnc->tnccs->create_instance(tnc->tnccs, type, is_server); this->tls_eap = tls_eap_create(EAP_TNC, (tls_t*)tnccs, frag_size, max_msg_count, include_length); if (!this->tls_eap) diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c index 2b567c3e0..813a75f48 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c @@ -31,9 +31,11 @@ METHOD(plugin_t, get_features, int, PLUGIN_CALLBACK(eap_method_register, eap_tnc_create_server), PLUGIN_PROVIDE(EAP_SERVER, EAP_TNC), PLUGIN_DEPENDS(EAP_SERVER, EAP_TTLS), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), PLUGIN_CALLBACK(eap_method_register, eap_tnc_create_peer), PLUGIN_PROVIDE(EAP_PEER, EAP_TNC), PLUGIN_DEPENDS(EAP_PEER, EAP_TTLS), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), }; *features = f; return countof(f); diff --git a/src/libcharon/plugins/tnc_imc/Makefile.am b/src/libcharon/plugins/tnc_imc/Makefile.am index 65c878172..5e2c30df9 100644 --- a/src/libcharon/plugins/tnc_imc/Makefile.am +++ b/src/libcharon/plugins/tnc_imc/Makefile.am @@ -6,12 +6,15 @@ INCLUDES = \ -I$(top_srcdir)/src/libtncif \ -I$(top_srcdir)/src/libtnccs -AM_CFLAGS = -DUSE_TNC -rdynamic +AM_CFLAGS = -rdynamic if MONOLITHIC noinst_LTLIBRARIES = libstrongswan-tnc-imc.la else plugin_LTLIBRARIES = libstrongswan-tnc-imc.la +libstrongswan_tnc_imc_la_LIBADD = \ + $(top_builddir)/src/libtncif/libtncif.la \ + $(top_builddir)/src/libtnccs/libtnccs.la endif libstrongswan_tnc_imc_la_SOURCES = \ diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc.h b/src/libcharon/plugins/tnc_imc/tnc_imc.h index 2c5c67b43..10a67f90b 100644 --- a/src/libcharon/plugins/tnc_imc/tnc_imc.h +++ b/src/libcharon/plugins/tnc_imc/tnc_imc.h @@ -22,7 +22,7 @@ #ifndef TNC_IMC_H_ #define TNC_IMC_H_ -#include <imc/imc.h> +#include <tnc/imc/imc.h> /** * Create an Integrity Measurement Collector. diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_bind_function.c b/src/libcharon/plugins/tnc_imc/tnc_imc_bind_function.c index 9c023e615..46c131b44 100644 --- a/src/libcharon/plugins/tnc_imc/tnc_imc_bind_function.c +++ b/src/libcharon/plugins/tnc_imc/tnc_imc_bind_function.c @@ -13,10 +13,11 @@ * for more details. */ -#include <imc/imc_manager.h> +#include <tnc/tnc.h> +#include <tnc/imc/imc_manager.h> +#include <tnc/tnccs/tnccs_manager.h> #include <debug.h> -#include <daemon.h> #define TNC_IMVID_ANY 0xffff @@ -28,15 +29,14 @@ TNC_Result TNC_TNCC_ReportMessageTypes(TNC_IMCID imc_id, TNC_MessageTypeList supported_types, TNC_UInt32 type_count) { - imc_manager_t *imcs = lib->get(lib, "imc-manager"); - - if (!imcs->is_registered(imcs, imc_id)) + if (!tnc->imcs->is_registered(tnc->imcs, imc_id)) { DBG1(DBG_TNC, "ignoring ReportMessageTypes() from unregistered IMC %u", imc_id); return TNC_RESULT_INVALID_PARAMETER; } - return imcs->set_message_types(imcs, imc_id, supported_types, type_count); + return tnc->imcs->set_message_types(tnc->imcs, imc_id, supported_types, + type_count); } /** @@ -46,16 +46,14 @@ TNC_Result TNC_TNCC_RequestHandshakeRetry(TNC_IMCID imc_id, TNC_ConnectionID connection_id, TNC_RetryReason reason) { - imc_manager_t *imcs = lib->get(lib, "imc-manager"); - - if (!imcs->is_registered(imcs, imc_id)) + if (!tnc->imcs->is_registered(tnc->imcs, imc_id)) { DBG1(DBG_TNC, "ignoring RequestHandshakeRetry() from unregistered IMC %u", imc_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->request_handshake_retry(charon->tnccs, TRUE, imc_id, - connection_id, reason); + return tnc->tnccs->request_handshake_retry(tnc->tnccs, TRUE, imc_id, + connection_id, reason); } /** @@ -67,16 +65,14 @@ TNC_Result TNC_TNCC_SendMessage(TNC_IMCID imc_id, TNC_UInt32 msg_len, TNC_MessageType msg_type) { - imc_manager_t *imcs = lib->get(lib, "imc-manager"); - - if (!imcs->is_registered(imcs, imc_id)) + if (!tnc->imcs->is_registered(tnc->imcs, imc_id)) { DBG1(DBG_TNC, "ignoring SendMessage() from unregistered IMC %u", imc_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->send_message(charon->tnccs, imc_id, TNC_IMVID_ANY, - connection_id, msg, msg_len, msg_type); + return tnc->tnccs->send_message(tnc->tnccs, imc_id, TNC_IMVID_ANY, + connection_id, msg, msg_len, msg_type); } /** diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_manager.c b/src/libcharon/plugins/tnc_imc/tnc_imc_manager.c index 0d0737ccb..f43d5ae44 100644 --- a/src/libcharon/plugins/tnc_imc/tnc_imc_manager.c +++ b/src/libcharon/plugins/tnc_imc/tnc_imc_manager.c @@ -14,12 +14,20 @@ */ #include "tnc_imc_manager.h" +#include "tnc_imc.h" #include <tncifimc.h> -#include <debug.h> -#include <library.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/mman.h> +#include <unistd.h> +#include <errno.h> +#include <fcntl.h> + #include <utils/linked_list.h> +#include <utils/lexparser.h> +#include <debug.h> typedef struct private_tnc_imc_manager_t private_tnc_imc_manager_t; @@ -93,6 +101,124 @@ METHOD(imc_manager_t, remove_, imc_t*, return removed_imc; } +METHOD(imc_manager_t, load_all, bool, + private_tnc_imc_manager_t *this, char *filename) +{ + int fd, line_nr = 0; + chunk_t src, line; + struct stat sb; + void *addr; + + DBG1(DBG_TNC, "loading IMCs from '%s'", filename); + fd = open(filename, O_RDONLY); + if (fd == -1) + { + DBG1(DBG_TNC, "opening configuration file '%s' failed: %s", filename, + strerror(errno)); + return FALSE; + } + if (fstat(fd, &sb) == -1) + { + DBG1(DBG_LIB, "getting file size of '%s' failed: %s", filename, + strerror(errno)); + close(fd); + return FALSE; + } + addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + if (addr == MAP_FAILED) + { + DBG1(DBG_LIB, "mapping '%s' failed: %s", filename, strerror(errno)); + close(fd); + return FALSE; + } + src = chunk_create(addr, sb.st_size); + + while (fetchline(&src, &line)) + { + char *name, *path; + chunk_t token; + imc_t *imc; + + line_nr++; + + /* skip comments or empty lines */ + if (*line.ptr == '#' || !eat_whitespace(&line)) + { + continue; + } + + /* determine keyword */ + if (!extract_token(&token, ' ', &line)) + { + DBG1(DBG_TNC, "line %d: keyword must be followed by a space", + line_nr); + return FALSE; + } + + /* only interested in IMCs */ + if (!match("IMC", &token)) + { + continue; + } + + /* advance to the IMC name and extract it */ + if (!extract_token(&token, '"', &line) || + !extract_token(&token, '"', &line)) + { + DBG1(DBG_TNC, "line %d: IMC name must be set in double quotes", + line_nr); + return FALSE; + } + + /* copy the IMC name */ + name = malloc(token.len + 1); + memcpy(name, token.ptr, token.len); + name[token.len] = '\0'; + + /* advance to the IMC path and extract it */ + if (!eat_whitespace(&line)) + { + DBG1(DBG_TNC, "line %d: IMC path is missing", line_nr); + free(name); + return FALSE; + } + if (!extract_token(&token, ' ', &line)) + { + token = line; + } + + /* copy the IMC path */ + path = malloc(token.len + 1); + memcpy(path, token.ptr, token.len); + path[token.len] = '\0'; + + /* load and register IMC instance */ + imc = tnc_imc_create(name, path); + if (!imc) + { + free(name); + free(path); + return FALSE; + } + if (!add(this, imc)) + { + if (imc->terminate && + imc->terminate(imc->get_id(imc)) != TNC_RESULT_SUCCESS) + { + DBG1(DBG_TNC, "IMC \"%s\" not terminated successfully", + imc->get_name(imc)); + } + imc->destroy(imc); + return FALSE; + } + DBG1(DBG_TNC, "IMC %u \"%s\" loaded from '%s'", imc->get_id(imc), + name, path); + } + munmap(addr, sb.st_size); + close(fd); + return TRUE; +} + METHOD(imc_manager_t, is_registered, bool, private_tnc_imc_manager_t *this, TNC_IMCID id) { @@ -250,6 +376,7 @@ imc_manager_t* tnc_imc_manager_create(void) .public = { .add = _add, .remove = _remove_, /* avoid name conflict with stdio.h */ + .load_all = _load_all, .is_registered = _is_registered, .get_preferred_language = _get_preferred_language, .notify_connection_change = _notify_connection_change, diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_manager.h b/src/libcharon/plugins/tnc_imc/tnc_imc_manager.h index 800ee39e1..ed490293b 100644 --- a/src/libcharon/plugins/tnc_imc/tnc_imc_manager.h +++ b/src/libcharon/plugins/tnc_imc/tnc_imc_manager.h @@ -22,7 +22,7 @@ #ifndef TNC_IMC_MANAGER_H_ #define TNC_IMC_MANAGER_H_ -#include <imc/imc_manager.h> +#include <tnc/imc/imc_manager.h> /** * Create an IMC manager instance. diff --git a/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c b/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c index e78529936..a25b1843c 100644 --- a/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c +++ b/src/libcharon/plugins/tnc_imc/tnc_imc_plugin.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010 Andreas Steffen + * Copyright (C) 2010-2011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -15,17 +15,8 @@ #include "tnc_imc_plugin.h" #include "tnc_imc_manager.h" -#include "tnc_imc.h" -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/mman.h> -#include <unistd.h> -#include <errno.h> -#include <fcntl.h> - -#include <utils/lexparser.h> -#include <debug.h> +#include <tnc/tnc.h> typedef struct private_tnc_imc_plugin_t private_tnc_imc_plugin_t; @@ -38,133 +29,8 @@ struct private_tnc_imc_plugin_t { * Public interface. */ tnc_imc_plugin_t public; - - /** - * TNC IMC manager controlling Integrity Measurement Collectors - */ - imc_manager_t *imcs; }; -/** - * load IMCs from a configuration file - */ -static bool load_imcs(private_tnc_imc_plugin_t *this, char *filename) -{ - int fd, line_nr = 0; - chunk_t src, line; - struct stat sb; - void *addr; - - DBG1(DBG_TNC, "loading IMCs from '%s'", filename); - fd = open(filename, O_RDONLY); - if (fd == -1) - { - DBG1(DBG_TNC, "opening configuration file '%s' failed: %s", filename, - strerror(errno)); - return FALSE; - } - if (fstat(fd, &sb) == -1) - { - DBG1(DBG_LIB, "getting file size of '%s' failed: %s", filename, - strerror(errno)); - close(fd); - return FALSE; - } - addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); - if (addr == MAP_FAILED) - { - DBG1(DBG_LIB, "mapping '%s' failed: %s", filename, strerror(errno)); - close(fd); - return FALSE; - } - src = chunk_create(addr, sb.st_size); - - while (fetchline(&src, &line)) - { - char *name, *path; - chunk_t token; - imc_t *imc; - - line_nr++; - - /* skip comments or empty lines */ - if (*line.ptr == '#' || !eat_whitespace(&line)) - { - continue; - } - - /* determine keyword */ - if (!extract_token(&token, ' ', &line)) - { - DBG1(DBG_TNC, "line %d: keyword must be followed by a space", - line_nr); - return FALSE; - } - - /* only interested in IMCs */ - if (!match("IMC", &token)) - { - continue; - } - - /* advance to the IMC name and extract it */ - if (!extract_token(&token, '"', &line) || - !extract_token(&token, '"', &line)) - { - DBG1(DBG_TNC, "line %d: IMC name must be set in double quotes", - line_nr); - return FALSE; - } - - /* copy the IMC name */ - name = malloc(token.len + 1); - memcpy(name, token.ptr, token.len); - name[token.len] = '\0'; - - /* advance to the IMC path and extract it */ - if (!eat_whitespace(&line)) - { - DBG1(DBG_TNC, "line %d: IMC path is missing", line_nr); - free(name); - return FALSE; - } - if (!extract_token(&token, ' ', &line)) - { - token = line; - } - - /* copy the IMC path */ - path = malloc(token.len + 1); - memcpy(path, token.ptr, token.len); - path[token.len] = '\0'; - - /* load and register IMC instance */ - imc = tnc_imc_create(name, path); - if (!imc) - { - free(name); - free(path); - return FALSE; - } - if (!this->imcs->add(this->imcs, imc)) - { - if (imc->terminate && - imc->terminate(imc->get_id(imc)) != TNC_RESULT_SUCCESS) - { - DBG1(DBG_TNC, "IMC \"%s\" not terminated successfully", - imc->get_name(imc)); - } - imc->destroy(imc); - return FALSE; - } - DBG1(DBG_TNC, "IMC %u \"%s\" loaded from '%s'", imc->get_id(imc), - name, path); - } - munmap(addr, sb.st_size); - close(fd); - return TRUE; -} - METHOD(plugin_t, get_name, char*, private_tnc_imc_plugin_t *this) { @@ -175,7 +41,9 @@ METHOD(plugin_t, get_features, int, private_tnc_imc_plugin_t *this, plugin_feature_t *features[]) { static plugin_feature_t f[] = { - PLUGIN_PROVIDE(CUSTOM, "imc-manager"), + PLUGIN_CALLBACK(tnc_manager_register, tnc_imc_manager_create), + PLUGIN_PROVIDE(CUSTOM, "imc-manager"), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), }; *features = f; return countof(f); @@ -184,8 +52,6 @@ METHOD(plugin_t, get_features, int, METHOD(plugin_t, destroy, void, private_tnc_imc_plugin_t *this) { - lib->set(lib, "imc-manager", NULL); - this->imcs->destroy(this->imcs); free(this); } @@ -195,7 +61,6 @@ METHOD(plugin_t, destroy, void, plugin_t *tnc_imc_plugin_create(void) { private_tnc_imc_plugin_t *this; - char *tnc_config; INIT(this, .public = { @@ -205,20 +70,8 @@ plugin_t *tnc_imc_plugin_create(void) .destroy = _destroy, }, }, - .imcs = tnc_imc_manager_create(), ); - lib->set(lib, "imc-manager", this->imcs); - - /* Load IMCs and abort if not all instances initalize successfully */ - tnc_config = lib->settings->get_str(lib->settings, - "charon.plugins.tnc-imc.tnc_config", "/etc/tnc_config"); - if (!load_imcs(this, tnc_config)) - { - destroy(this); - return NULL; - } - return &this->public.plugin; } diff --git a/src/libcharon/plugins/tnc_imv/Makefile.am b/src/libcharon/plugins/tnc_imv/Makefile.am index 355c07ef2..eca3b377b 100644 --- a/src/libcharon/plugins/tnc_imv/Makefile.am +++ b/src/libcharon/plugins/tnc_imv/Makefile.am @@ -1,14 +1,20 @@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \ - -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtncif +INCLUDES = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libhydra \ + -I$(top_srcdir)/src/libcharon \ + -I$(top_srcdir)/src/libtncif \ + -I$(top_srcdir)/src/libtnccs -AM_CFLAGS = -DUSE_TNC -rdynamic +AM_CFLAGS = -rdynamic if MONOLITHIC noinst_LTLIBRARIES = libstrongswan-tnc-imv.la else plugin_LTLIBRARIES = libstrongswan-tnc-imv.la -libstrongswan_tnc_imv_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la +libstrongswan_tnc_imv_la_LIBADD = \ + $(top_builddir)/src/libtncif/libtncif.la \ + $(top_builddir)/src/libtnccs/libtnccs.la endif libstrongswan_tnc_imv_la_SOURCES = \ diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_bind_function.c b/src/libcharon/plugins/tnc_imv/tnc_imv_bind_function.c index 0ed00b001..cde1e4fe1 100644 --- a/src/libcharon/plugins/tnc_imv/tnc_imv_bind_function.c +++ b/src/libcharon/plugins/tnc_imv/tnc_imv_bind_function.c @@ -13,10 +13,11 @@ * for more details. */ -#include "tnc_imv.h" +#include <tnc/tnc.h> +#include <tnc/imv/imv_manager.h> +#include <tnc/tnccs/tnccs_manager.h> #include <debug.h> -#include <daemon.h> #define TNC_IMCID_ANY 0xffff @@ -28,14 +29,14 @@ TNC_Result TNC_TNCS_ReportMessageTypes(TNC_IMVID imv_id, TNC_MessageTypeList supported_types, TNC_UInt32 type_count) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring ReportMessageTypes() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->imvs->set_message_types(charon->imvs, imv_id, - supported_types, type_count); + return tnc->imvs->set_message_types(tnc->imvs, imv_id, supported_types, + type_count); } /** @@ -45,14 +46,14 @@ TNC_Result TNC_TNCS_RequestHandshakeRetry(TNC_IMVID imv_id, TNC_ConnectionID connection_id, TNC_RetryReason reason) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring RequestHandshakeRetry() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->request_handshake_retry(charon->tnccs, FALSE, imv_id, - connection_id, reason); + return tnc->tnccs->request_handshake_retry(tnc->tnccs, FALSE, imv_id, + connection_id, reason); } /** @@ -64,14 +65,14 @@ TNC_Result TNC_TNCS_SendMessage(TNC_IMVID imv_id, TNC_UInt32 msg_len, TNC_MessageType msg_type) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring SendMessage() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->send_message(charon->tnccs, TNC_IMCID_ANY, imv_id, - connection_id, msg, msg_len, msg_type); + return tnc->tnccs->send_message(tnc->tnccs, TNC_IMCID_ANY, imv_id, + connection_id, msg, msg_len, msg_type); } /** @@ -83,14 +84,14 @@ TNC_Result TNC_TNCS_ProvideRecommendation(TNC_IMVID imv_id, TNC_IMV_Action_Recommendation recommendation, TNC_IMV_Evaluation_Result evaluation) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring ProvideRecommendation() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->provide_recommendation(charon->tnccs, imv_id, - connection_id, recommendation, evaluation); + return tnc->tnccs->provide_recommendation(tnc->tnccs, imv_id, connection_id, + recommendation, evaluation); } /** @@ -104,13 +105,13 @@ TNC_Result TNC_TNCS_GetAttribute(TNC_IMVID imv_id, TNC_BufferReference buffer, TNC_UInt32 *out_value_len) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring GetAttribute() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->get_attribute(charon->tnccs, imv_id, connection_id, + return tnc->tnccs->get_attribute(tnc->tnccs, imv_id, connection_id, attribute_id, buffer_len, buffer, out_value_len); } @@ -124,14 +125,14 @@ TNC_Result TNC_TNCS_SetAttribute(TNC_IMVID imv_id, TNC_UInt32 buffer_len, TNC_BufferReference buffer) { - if (!charon->imvs->is_registered(charon->imvs, imv_id)) + if (!tnc->imvs->is_registered(tnc->imvs, imv_id)) { DBG1(DBG_TNC, "ignoring SetAttribute() from unregistered IMV %u", imv_id); return TNC_RESULT_INVALID_PARAMETER; } - return charon->tnccs->set_attribute(charon->tnccs, imv_id, connection_id, - attribute_id, buffer_len, buffer); + return tnc->tnccs->set_attribute(tnc->tnccs, imv_id, connection_id, + attribute_id, buffer_len, buffer); } /** diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_manager.c b/src/libcharon/plugins/tnc_imv/tnc_imv_manager.c index 971e80a93..6c0c117d6 100644 --- a/src/libcharon/plugins/tnc_imv/tnc_imv_manager.c +++ b/src/libcharon/plugins/tnc_imv/tnc_imv_manager.c @@ -14,15 +14,22 @@ */ #include "tnc_imv_manager.h" +#include "tnc_imv.h" #include "tnc_imv_recommendations.h" -#include <tnc/imv/imv_manager.h> - #include <tncifimv.h> #include <tncif_names.h> -#include <debug.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/mman.h> +#include <unistd.h> +#include <errno.h> +#include <fcntl.h> + #include <daemon.h> +#include <utils/lexparser.h> +#include <debug.h> #include <threading/mutex.h> typedef struct private_tnc_imv_manager_t private_tnc_imv_manager_t; @@ -103,6 +110,124 @@ METHOD(imv_manager_t, remove_, imv_t*, return removed_imv; } +METHOD(imv_manager_t, load_all, bool, + private_tnc_imv_manager_t *this, char *filename) +{ + int fd, line_nr = 0; + chunk_t src, line; + struct stat sb; + void *addr; + + DBG1(DBG_TNC, "loading IMVs from '%s'", filename); + fd = open(filename, O_RDONLY); + if (fd == -1) + { + DBG1(DBG_TNC, "opening configuration file '%s' failed: %s", filename, + strerror(errno)); + return FALSE; + } + if (fstat(fd, &sb) == -1) + { + DBG1(DBG_LIB, "getting file size of '%s' failed: %s", filename, + strerror(errno)); + close(fd); + return FALSE; + } + addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + if (addr == MAP_FAILED) + { + DBG1(DBG_LIB, "mapping '%s' failed: %s", filename, strerror(errno)); + close(fd); + return FALSE; + } + src = chunk_create(addr, sb.st_size); + + while (fetchline(&src, &line)) + { + char *name, *path; + chunk_t token; + imv_t *imv; + + line_nr++; + + /* skip comments or empty lines */ + if (*line.ptr == '#' || !eat_whitespace(&line)) + { + continue; + } + + /* determine keyword */ + if (!extract_token(&token, ' ', &line)) + { + DBG1(DBG_TNC, "line %d: keyword must be followed by a space", + line_nr); + return FALSE; + } + + /* only interested in IMVs */ + if (!match("IMV", &token)) + { + continue; + } + + /* advance to the IMV name and extract it */ + if (!extract_token(&token, '"', &line) || + !extract_token(&token, '"', &line)) + { + DBG1(DBG_TNC, "line %d: IMV name must be set in double quotes", + line_nr); + return FALSE; + } + + /* copy the IMV name */ + name = malloc(token.len + 1); + memcpy(name, token.ptr, token.len); + name[token.len] = '\0'; + + /* advance to the IMV path and extract it */ + if (!eat_whitespace(&line)) + { + DBG1(DBG_TNC, "line %d: IMV path is missing", line_nr); + free(name); + return FALSE; + } + if (!extract_token(&token, ' ', &line)) + { + token = line; + } + + /* copy the IMV path */ + path = malloc(token.len + 1); + memcpy(path, token.ptr, token.len); + path[token.len] = '\0'; + + /* load and register IMV instance */ + imv = tnc_imv_create(name, path); + if (!imv) + { + free(name); + free(path); + return FALSE; + } + if (!add(this, imv)) + { + if (imv->terminate && + imv->terminate(imv->get_id(imv)) != TNC_RESULT_SUCCESS) + { + DBG1(DBG_TNC, "IMV \"%s\" not terminated successfully", + imv->get_name(imv)); + } + imv->destroy(imv); + return FALSE; + } + DBG1(DBG_TNC, "IMV %u \"%s\" loaded from '%s'", imv->get_id(imv), + name, path); + } + munmap(addr, sb.st_size); + close(fd); + return TRUE; +} + METHOD(imv_manager_t, is_registered, bool, private_tnc_imv_manager_t *this, TNC_IMVID id) { @@ -291,6 +416,7 @@ METHOD(imv_manager_t, batch_ending, void, enumerator->destroy(enumerator); } + METHOD(imv_manager_t, destroy, void, private_tnc_imv_manager_t *this) { @@ -322,6 +448,7 @@ imv_manager_t* tnc_imv_manager_create(void) .public = { .add = _add, .remove = _remove_, /* avoid name conflict with stdio.h */ + .load_all = _load_all, .is_registered = _is_registered, .get_recommendation_policy = _get_recommendation_policy, .create_recommendations = _create_recommendations, @@ -336,6 +463,7 @@ imv_manager_t* tnc_imv_manager_create(void) .imvs = linked_list_create(), .next_imv_id = 1, ); + policy = enum_from_name(recommendation_policy_names, lib->settings->get_str(lib->settings, "charon.plugins.tnc-imv.recommendation_policy", "default")); diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c b/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c index bec151047..c16f6b9e1 100644 --- a/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c +++ b/src/libcharon/plugins/tnc_imv/tnc_imv_plugin.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010 Andreas Steffen + * Copyright (C) 2010-2011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -15,17 +15,9 @@ #include "tnc_imv_plugin.h" #include "tnc_imv_manager.h" -#include "tnc_imv.h" -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/mman.h> -#include <unistd.h> -#include <errno.h> -#include <fcntl.h> +#include <tnc/tnc.h> -#include <utils/lexparser.h> -#include <debug.h> typedef struct private_tnc_imv_plugin_t private_tnc_imv_plugin_t; @@ -39,131 +31,8 @@ struct private_tnc_imv_plugin_t { */ tnc_imv_plugin_t public; - /** - * TNC IMV manager controlling Integrity Measurement Verifiers - */ - imv_manager_t *imvs; }; -/** - * load IMVs from a configuration file - */ -static bool load_imvs(private_tnc_imv_plugin_t *this, char *filename) -{ - int fd, line_nr = 0; - chunk_t src, line; - struct stat sb; - void *addr; - - DBG1(DBG_TNC, "loading IMVs from '%s'", filename); - fd = open(filename, O_RDONLY); - if (fd == -1) - { - DBG1(DBG_TNC, "opening configuration file '%s' failed: %s", filename, - strerror(errno)); - return FALSE; - } - if (fstat(fd, &sb) == -1) - { - DBG1(DBG_LIB, "getting file size of '%s' failed: %s", filename, - strerror(errno)); - close(fd); - return FALSE; - } - addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); - if (addr == MAP_FAILED) - { - DBG1(DBG_LIB, "mapping '%s' failed: %s", filename, strerror(errno)); - close(fd); - return FALSE; - } - src = chunk_create(addr, sb.st_size); - - while (fetchline(&src, &line)) - { - char *name, *path; - chunk_t token; - imv_t *imv; - - line_nr++; - - /* skip comments or empty lines */ - if (*line.ptr == '#' || !eat_whitespace(&line)) - { - continue; - } - - /* determine keyword */ - if (!extract_token(&token, ' ', &line)) - { - DBG1(DBG_TNC, "line %d: keyword must be followed by a space", - line_nr); - return FALSE; - } - - /* only interested in IMVs */ - if (!match("IMV", &token)) - { - continue; - } - - /* advance to the IMV name and extract it */ - if (!extract_token(&token, '"', &line) || - !extract_token(&token, '"', &line)) - { - DBG1(DBG_TNC, "line %d: IMV name must be set in double quotes", - line_nr); - return FALSE; - } - - /* copy the IMV name */ - name = malloc(token.len + 1); - memcpy(name, token.ptr, token.len); - name[token.len] = '\0'; - - /* advance to the IMV path and extract it */ - if (!eat_whitespace(&line)) - { - DBG1(DBG_TNC, "line %d: IMV path is missing", line_nr); - free(name); - return FALSE; - } - if (!extract_token(&token, ' ', &line)) - { - token = line; - } - - /* copy the IMV path */ - path = malloc(token.len + 1); - memcpy(path, token.ptr, token.len); - path[token.len] = '\0'; - - /* load and register IMV instance */ - imv = tnc_imv_create(name, path); - if (!imv) - { - free(name); - free(path); - return FALSE; - } - if (!this->imvs->add(this->imvs, imv)) - { - if (imv->terminate && - imv->terminate(imv->get_id(imv)) != TNC_RESULT_SUCCESS) - { - DBG1(DBG_TNC, "IMV \"%s\" not terminated successfully", - imv->get_name(imv)); - } - imv->destroy(imv); - return FALSE; - } - DBG1(DBG_TNC, "IMV %u \"%s\" loaded from '%s'", imv->get_id(imv), - name, path); - } - munmap(addr, sb.st_size); - close(fd); - return TRUE; -} METHOD(plugin_t, get_name, char*, tnc_imv_plugin_t *this) @@ -175,17 +44,17 @@ METHOD(plugin_t, get_features, int, private_tnc_imv_plugin_t *this, plugin_feature_t *features[]) { static plugin_feature_t f[] = { - PLUGIN_PROVIDE(CUSTOM, "imv-manager"), + PLUGIN_CALLBACK(tnc_manager_register, tnc_imv_manager_create), + PLUGIN_PROVIDE(CUSTOM, "imv-manager"), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), }; *features = f; return countof(f); } METHOD(plugin_t, destroy, void, - tnc_imv_plugin_t *this) + private_tnc_imv_plugin_t *this) { - lib->set(lib, "imv-manager", NULL); - this->imvs->destroy(this->imvs); free(this); } @@ -194,8 +63,7 @@ METHOD(plugin_t, destroy, void, */ plugin_t *tnc_imv_plugin_create() { - char *tnc_config; - tnc_imv_plugin_t *this; + private_tnc_imv_plugin_t *this; INIT(this, .public = { @@ -205,19 +73,8 @@ plugin_t *tnc_imv_plugin_create() .destroy = _destroy, }, }, - .imvs = tnc_imv_manager_create(), ); - lib->set(lib, "imv-manager", this->imvs); - - /* Load IMVs and abort if not all instances initalize successfully */ - tnc_config = lib->settings->get_str(lib->settings, - "charon.plugins.tnc-imv.tnc_config", "/etc/tnc_config"); - if (!load_imvs(this, tnc_config)) - { - destroy(this); - return NULL; - } return &this->public.plugin; } diff --git a/src/libcharon/plugins/tnc_imv/tnc_imv_recommendations.c b/src/libcharon/plugins/tnc_imv/tnc_imv_recommendations.c index 531169625..7843293a1 100644 --- a/src/libcharon/plugins/tnc_imv/tnc_imv_recommendations.c +++ b/src/libcharon/plugins/tnc_imv/tnc_imv_recommendations.c @@ -12,15 +12,17 @@ * for more details. */ -#include <debug.h> -#include <daemon.h> - #include <tncifimv.h> #include <tncif_names.h> +#include <tnc/tnc.h> #include <tnc/imv/imv.h> +#include <tnc/imv/imv_manager.h> #include <tnc/imv/imv_recommendations.h> +#include <debug.h> +#include <utils/linked_list.h> + typedef struct private_tnc_imv_recommendations_t private_tnc_imv_recommendations_t; typedef struct recommendation_entry_t recommendation_entry_t; @@ -129,7 +131,7 @@ METHOD(recommendations_t, have_recommendation, bool, DBG1(DBG_TNC, "there are no IMVs to make a recommendation"); return TRUE; } - policy = charon->imvs->get_recommendation_policy(charon->imvs); + policy = tnc->imvs->get_recommendation_policy(tnc->imvs); enumerator = this->recs->create_enumerator(this->recs); while (enumerator->enumerate(enumerator, &entry)) diff --git a/src/libcharon/plugins/tnc_tnccs/Makefile.am b/src/libcharon/plugins/tnc_tnccs/Makefile.am new file mode 100644 index 000000000..c7fc02f7c --- /dev/null +++ b/src/libcharon/plugins/tnc_tnccs/Makefile.am @@ -0,0 +1,22 @@ + +INCLUDES = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libtncif \ + -I$(top_srcdir)/src/libtnccs + +AM_CFLAGS = -rdynamic + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-tnc-tnccs.la +else +plugin_LTLIBRARIES = libstrongswan-tnc-tnccs.la +libstrongswan_tnc_tnccs_la_LIBADD = \ + $(top_builddir)/src/libtncif/libtncif.la \ + $(top_builddir)/src/libtnccs/libtnccs.la +endif + +libstrongswan_tnc_tnccs_la_SOURCES = \ + tnc_tnccs_plugin.h tnc_tnccs_plugin.c \ + tnc_tnccs_manager.h tnc_tnccs_manager.c + +libstrongswan_tnc_tnccs_la_LDFLAGS = -module -avoid-version diff --git a/src/libcharon/tnc/tnccs/tnccs_manager.c b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_manager.c index d23076509..f007ce19f 100644 --- a/src/libcharon/tnc/tnccs/tnccs_manager.c +++ b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_manager.c @@ -13,19 +13,18 @@ * for more details. */ -#define USE_TNC +#include "tnc_tnccs_manager.h" -#include "tnccs_manager.h" - -#include <imc/imc_manager.h> -#include <imv/imv_manager.h> +#include <tnc/tnc.h> +#include <tnc/imv/imv_manager.h> +#include <tnc/imc/imc_manager.h> +#include <tnc/imv/imv_manager.h> #include <debug.h> -#include <daemon.h> #include <utils/linked_list.h> #include <threading/rwlock.h> -typedef struct private_tnccs_manager_t private_tnccs_manager_t; +typedef struct private_tnc_tnccs_manager_t private_tnc_tnccs_manager_t; typedef struct tnccs_entry_t tnccs_entry_t; typedef struct tnccs_connection_entry_t tnccs_connection_entry_t; @@ -77,9 +76,9 @@ struct tnccs_connection_entry_t { }; /** - * private data of tnccs_manager + * private data of tnc_tnccs_manager */ -struct private_tnccs_manager_t { +struct private_tnc_tnccs_manager_t { /** * public functions @@ -111,20 +110,10 @@ struct private_tnccs_manager_t { */ rwlock_t *connection_lock; - /** - * TNC IMC manager controlling Integrity Measurement Collectors - */ - imc_manager_t *imcs; - - /** - * TNC IMV manager controlling Integrity Measurement Verifiers - */ - imv_manager_t *imvs; - }; METHOD(tnccs_manager_t, add_method, void, - private_tnccs_manager_t *this, tnccs_type_t type, + private_tnc_tnccs_manager_t *this, tnccs_type_t type, tnccs_constructor_t constructor) { tnccs_entry_t *entry; @@ -139,7 +128,7 @@ METHOD(tnccs_manager_t, add_method, void, } METHOD(tnccs_manager_t, remove_method, void, - private_tnccs_manager_t *this, tnccs_constructor_t constructor) + private_tnc_tnccs_manager_t *this, tnccs_constructor_t constructor) { enumerator_t *enumerator; tnccs_entry_t *entry; @@ -159,7 +148,7 @@ METHOD(tnccs_manager_t, remove_method, void, } METHOD(tnccs_manager_t, create_instance, tnccs_t*, - private_tnccs_manager_t *this, tnccs_type_t type, bool is_server) + private_tnc_tnccs_manager_t *this, tnccs_type_t type, bool is_server) { enumerator_t *enumerator; tnccs_entry_t *entry; @@ -185,7 +174,7 @@ METHOD(tnccs_manager_t, create_instance, tnccs_t*, } METHOD(tnccs_manager_t, create_connection, TNC_ConnectionID, - private_tnccs_manager_t *this, tnccs_t *tnccs, + private_tnc_tnccs_manager_t *this, tnccs_t *tnccs, tnccs_send_message_t send_message, bool* request_handshake_retry, recommendations_t **recs) { @@ -198,27 +187,19 @@ METHOD(tnccs_manager_t, create_connection, TNC_ConnectionID, if (recs) { /* we assume a TNC Server needing recommendations from IMVs */ - if (!this->imvs) - { - this->imvs = lib->get(lib, "imv-manager"); - } - if (!this->imvs) + if (!tnc->imvs) { DBG1(DBG_TNC, "no IMV manager available!"); free(entry); return 0; } - entry->recs = this->imvs->create_recommendations(this->imvs); + entry->recs = tnc->imvs->create_recommendations(tnc->imvs); *recs = entry->recs; } else { /* we assume a TNC Client */ - if (!this->imcs) - { - this->imcs = lib->get(lib, "imc-manager"); - } - if (!this->imcs) + if (!tnc->imcs) { DBG1(DBG_TNC, "no IMC manager available!"); free(entry); @@ -236,24 +217,24 @@ METHOD(tnccs_manager_t, create_connection, TNC_ConnectionID, } METHOD(tnccs_manager_t, remove_connection, void, - private_tnccs_manager_t *this, TNC_ConnectionID id, bool is_server) + private_tnc_tnccs_manager_t *this, TNC_ConnectionID id, bool is_server) { enumerator_t *enumerator; tnccs_connection_entry_t *entry; if (is_server) { - if (this->imvs) + if (tnc->imvs) { - this->imvs->notify_connection_change(this->imvs, id, + tnc->imvs->notify_connection_change(tnc->imvs, id, TNC_CONNECTION_STATE_DELETE); } } else { - if (this->imcs) + if (tnc->imcs) { - this->imcs->notify_connection_change(this->imcs, id, + tnc->imcs->notify_connection_change(tnc->imcs, id, TNC_CONNECTION_STATE_DELETE); } } @@ -278,9 +259,9 @@ METHOD(tnccs_manager_t, remove_connection, void, } METHOD(tnccs_manager_t, request_handshake_retry, TNC_Result, - private_tnccs_manager_t *this, bool is_imc, TNC_UInt32 imcv_id, - TNC_ConnectionID id, - TNC_RetryReason reason) + private_tnc_tnccs_manager_t *this, bool is_imc, TNC_UInt32 imcv_id, + TNC_ConnectionID id, + TNC_RetryReason reason) { enumerator_t *enumerator; tnccs_connection_entry_t *entry; @@ -312,11 +293,11 @@ METHOD(tnccs_manager_t, request_handshake_retry, TNC_Result, } METHOD(tnccs_manager_t, send_message, TNC_Result, - private_tnccs_manager_t *this, TNC_IMCID imc_id, TNC_IMVID imv_id, - TNC_ConnectionID id, - TNC_BufferReference msg, - TNC_UInt32 msg_len, - TNC_MessageType msg_type) + private_tnc_tnccs_manager_t *this, TNC_IMCID imc_id, TNC_IMVID imv_id, + TNC_ConnectionID id, + TNC_BufferReference msg, + TNC_UInt32 msg_len, + TNC_MessageType msg_type) { enumerator_t *enumerator; @@ -357,10 +338,10 @@ METHOD(tnccs_manager_t, send_message, TNC_Result, } METHOD(tnccs_manager_t, provide_recommendation, TNC_Result, - private_tnccs_manager_t *this, TNC_IMVID imv_id, - TNC_ConnectionID id, - TNC_IMV_Action_Recommendation rec, - TNC_IMV_Evaluation_Result eval) + private_tnc_tnccs_manager_t *this, TNC_IMVID imv_id, + TNC_ConnectionID id, + TNC_IMV_Action_Recommendation rec, + TNC_IMV_Evaluation_Result eval) { enumerator_t *enumerator; tnccs_connection_entry_t *entry; @@ -388,12 +369,12 @@ METHOD(tnccs_manager_t, provide_recommendation, TNC_Result, } METHOD(tnccs_manager_t, get_attribute, TNC_Result, - private_tnccs_manager_t *this, TNC_IMVID imv_id, - TNC_ConnectionID id, - TNC_AttributeID attribute_id, - TNC_UInt32 buffer_len, - TNC_BufferReference buffer, - TNC_UInt32 *out_value_len) + private_tnc_tnccs_manager_t *this, TNC_IMVID imv_id, + TNC_ConnectionID id, + TNC_AttributeID attribute_id, + TNC_UInt32 buffer_len, + TNC_BufferReference buffer, + TNC_UInt32 *out_value_len) { enumerator_t *enumerator; tnccs_connection_entry_t *entry; @@ -438,11 +419,11 @@ METHOD(tnccs_manager_t, get_attribute, TNC_Result, } METHOD(tnccs_manager_t, set_attribute, TNC_Result, - private_tnccs_manager_t *this, TNC_IMVID imv_id, - TNC_ConnectionID id, - TNC_AttributeID attribute_id, - TNC_UInt32 buffer_len, - TNC_BufferReference buffer) + private_tnc_tnccs_manager_t *this, TNC_IMVID imv_id, + TNC_ConnectionID id, + TNC_AttributeID attribute_id, + TNC_UInt32 buffer_len, + TNC_BufferReference buffer) { enumerator_t *enumerator; tnccs_connection_entry_t *entry; @@ -485,7 +466,7 @@ METHOD(tnccs_manager_t, set_attribute, TNC_Result, } METHOD(tnccs_manager_t, destroy, void, - private_tnccs_manager_t *this) + private_tnc_tnccs_manager_t *this) { this->protocols->destroy_function(this->protocols, free); this->protocol_lock->destroy(this->protocol_lock); @@ -497,9 +478,9 @@ METHOD(tnccs_manager_t, destroy, void, /* * See header */ -tnccs_manager_t *tnccs_manager_create() +tnccs_manager_t *tnc_tnccs_manager_create() { - private_tnccs_manager_t *this; + private_tnc_tnccs_manager_t *this; INIT(this, .public = { @@ -519,8 +500,6 @@ tnccs_manager_t *tnccs_manager_create() .connections = linked_list_create(), .protocol_lock = rwlock_create(RWLOCK_TYPE_DEFAULT), .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT), - .imcs = lib->get(lib, "imc-manager"), - .imvs = lib->get(lib, "imv-manager"), ); return &this->public; diff --git a/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_manager.h b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_manager.h new file mode 100644 index 000000000..603973de9 --- /dev/null +++ b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_manager.h @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * + * @defgroup tnc_tnccs_manager tnc_tnccs_manager + * @{ @ingroup tnc_tnccs + */ + +#ifndef TNC_TNCCS_MANAGER_H_ +#define TNC_TNCCS_MANAGER_H_ + +#include <tnc/tnccs/tnccs_manager.h> + +/** + * Create a TNCCS manager instance. + */ +tnccs_manager_t *tnc_tnccs_manager_create(); + +#endif /** TNC_TNCCS_MANAGER_H_ @}*/ diff --git a/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.c b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.c new file mode 100644 index 000000000..777c33c51 --- /dev/null +++ b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.c @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "tnc_tnccs_plugin.h" +#include "tnc_tnccs_manager.h" + +#include <tnc/tnc.h> + +typedef struct private_tnc_tnccs_plugin_t private_tnc_tnccs_plugin_t; + +/** + * Private data of a tnc_tnccs_plugin_t object. + */ +struct private_tnc_tnccs_plugin_t { + + /** + * Public interface. + */ + tnc_tnccs_plugin_t public; + +}; + + +METHOD(plugin_t, get_name, char*, + private_tnc_tnccs_plugin_t *this) +{ + return "tnc-tnccs"; +} + +METHOD(plugin_t, get_features, int, + private_tnc_tnccs_plugin_t *this, plugin_feature_t *features[]) +{ + static plugin_feature_t f[] = { + PLUGIN_CALLBACK(tnc_manager_register, tnc_tnccs_manager_create), + PLUGIN_PROVIDE(CUSTOM, "tnccs-manager"), + }; + *features = f; + return countof(f); +} + +METHOD(plugin_t, destroy, void, + private_tnc_tnccs_plugin_t *this) +{ + libtnccs_deinit(); + free(this); +} + +/* + * see header file + */ +plugin_t *tnc_tnccs_plugin_create(void) +{ + private_tnc_tnccs_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, + }, + ); + + libtnccs_init(); + + return &this->public.plugin; +} + diff --git a/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.h b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.h new file mode 100644 index 000000000..9afff7c97 --- /dev/null +++ b/src/libcharon/plugins/tnc_tnccs/tnc_tnccs_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup tnccs tnccs + * @ingroup cplugins + * + * @defgroup tnc_tnccs_plugin tnc_tnccs_plugin + * @{ @ingroup tnccs + */ + +#ifndef TNC_TNCCS_PLUGIN_H_ +#define TNC_TNCCS_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct tnc_tnccs_plugin_t tnc_tnccs_plugin_t; + +/** + * TNCCS manager plugin + */ +struct tnc_tnccs_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +#endif /** TNC_TNCCS_PLUGIN_H_ @}*/ diff --git a/src/libcharon/plugins/tnccs_11/Makefile.am b/src/libcharon/plugins/tnccs_11/Makefile.am index 782aeb047..c517e36fc 100644 --- a/src/libcharon/plugins/tnccs_11/Makefile.am +++ b/src/libcharon/plugins/tnccs_11/Makefile.am @@ -8,7 +8,7 @@ INCLUDES = \ -I$(top_srcdir)/src/libtnccs \ ${xml_CFLAGS} -AM_CFLAGS = -DUSE_TNC -rdynamic +AM_CFLAGS = -rdynamic libstrongswan_tnccs_11_la_LIBADD = ${xml_LIBS} diff --git a/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c b/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c index 0f6f3a675..c9397722b 100644 --- a/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c +++ b/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c @@ -16,10 +16,11 @@ #include "tnccs_batch.h" #include "messages/tnccs_error_msg.h" -#include <debug.h> -#include <utils/linked_list.h> #include <tnc/tnccs/tnccs.h> +#include <utils/linked_list.h> +#include <debug.h> + #include <libxml/parser.h> typedef struct private_tnccs_batch_t private_tnccs_batch_t; diff --git a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c index f24c0dac9..fa570aae9 100644 --- a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c +++ b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c @@ -16,8 +16,9 @@ #include "imc_imv_msg.h" #include <tnc/tnccs/tnccs.h> -#include <debug.h> + #include <utils/lexparser.h> +#include <debug.h> typedef struct private_imc_imv_msg_t private_imc_imv_msg_t; diff --git a/src/libcharon/plugins/tnccs_11/tnccs_11.c b/src/libcharon/plugins/tnccs_11/tnccs_11.c index 4000ae2be..88a2c8474 100644 --- a/src/libcharon/plugins/tnccs_11/tnccs_11.c +++ b/src/libcharon/plugins/tnccs_11/tnccs_11.c @@ -25,12 +25,14 @@ #include <tncif_names.h> #include <tncif_pa_subtypes.h> -#include <imc/imc_manager.h> +#include <tnc/tnc.h> +#include <tnc/imc/imc_manager.h> +#include <tnc/imv/imv_manager.h> +#include <tnc/tnccs/tnccs.h> +#include <tnc/tnccs/tnccs_manager.h> -#include <daemon.h> #include <debug.h> #include <threading/mutex.h> -#include <tnc/tnccs/tnccs.h> typedef struct private_tnccs_11_t private_tnccs_11_t; @@ -94,16 +96,6 @@ struct private_tnccs_11_t { */ recommendations_t *recs; - /** - * TNC IMC manager controlling Integrity Measurement Collectors - */ - imc_manager_t *imcs; - - /** - * TNC IMV manager controlling Integrity Measurement Verifiers - */ - imc_manager_t *imvs; - }; METHOD(tnccs_t, send_msg, TNC_Result, @@ -186,12 +178,12 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg) this->send_msg = TRUE; if (this->is_server) { - this->imvs->receive_message(this->imvs, + tnc->imvs->receive_message(tnc->imvs, this->connection_id, msg_body.ptr, msg_body.len, msg_type); } else { - this->imcs->receive_message(this->imcs, + tnc->imcs->receive_message(tnc->imcs, this->connection_id, msg_body.ptr, msg_body.len,msg_type); } this->send_msg = FALSE; @@ -225,8 +217,8 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg) default: state = TNC_CONNECTION_STATE_ACCESS_NONE; } - this->imcs->notify_connection_change(this->imcs, - this->connection_id, state); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + state); this->delete_state = TRUE; break; } @@ -287,17 +279,17 @@ METHOD(tls_t, process, status_t, if (this->is_server && !this->connection_id) { - this->connection_id = charon->tnccs->create_connection(charon->tnccs, + this->connection_id = tnc->tnccs->create_connection(tnc->tnccs, (tnccs_t*)this, _send_msg, &this->request_handshake_retry, &this->recs); if (!this->connection_id) { return FAILED; } - charon->imvs->notify_connection_change(charon->imvs, - this->connection_id, TNC_CONNECTION_STATE_CREATE); - charon->imvs->notify_connection_change(charon->imvs, - this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id, + TNC_CONNECTION_STATE_CREATE); + tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id, + TNC_CONNECTION_STATE_HANDSHAKE); } data = chunk_create(buf, buflen); @@ -348,11 +340,11 @@ METHOD(tls_t, process, status_t, this->send_msg = TRUE; if (this->is_server) { - this->imvs->batch_ending(this->imvs, this->connection_id); + tnc->imvs->batch_ending(tnc->imvs, this->connection_id); } else { - this->imcs->batch_ending(this->imcs, this->connection_id); + tnc->imcs->batch_ending(tnc->imcs, this->connection_id); } this->send_msg = FALSE; } @@ -375,7 +367,7 @@ static void check_and_build_recommendation(private_tnccs_11_t *this) if (!this->recs->have_recommendation(this->recs, &rec, &eval)) { - charon->imvs->solicit_recommendation(charon->imvs, this->connection_id); + tnc->imvs->solicit_recommendation(tnc->imvs, this->connection_id); } if (this->recs->have_recommendation(this->recs, &rec, &eval)) { @@ -413,7 +405,7 @@ METHOD(tls_t, build, status_t, tnccs_msg_t *msg; char *pref_lang; - this->connection_id = charon->tnccs->create_connection(charon->tnccs, + this->connection_id = tnc->tnccs->create_connection(tnc->tnccs, (tnccs_t*)this, _send_msg, &this->request_handshake_retry, NULL); if (!this->connection_id) @@ -422,19 +414,19 @@ METHOD(tls_t, build, status_t, } /* Create TNCCS-PreferredLanguage message */ - pref_lang = this->imcs->get_preferred_language(this->imcs); + pref_lang = tnc->imcs->get_preferred_language(tnc->imcs); msg = tnccs_preferred_language_msg_create(pref_lang); this->mutex->lock(this->mutex); this->batch = tnccs_batch_create(this->is_server, ++this->batch_id); this->batch->add_msg(this->batch, msg); this->mutex->unlock(this->mutex); - this->imcs->notify_connection_change(this->imcs, - this->connection_id, TNC_CONNECTION_STATE_CREATE); - this->imcs->notify_connection_change(this->imcs, - this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + TNC_CONNECTION_STATE_CREATE); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + TNC_CONNECTION_STATE_HANDSHAKE); this->send_msg = TRUE; - this->imcs->begin_handshake(this->imcs, this->connection_id); + tnc->imcs->begin_handshake(tnc->imcs, this->connection_id); this->send_msg = FALSE; } @@ -501,7 +493,7 @@ METHOD(tls_t, is_complete, bool, if (this->recs && this->recs->have_recommendation(this->recs, &rec, &eval)) { - return charon->imvs->enforce_recommendation(charon->imvs, rec, eval); + return tnc->imvs->enforce_recommendation(tnc->imvs, rec, eval); } else { @@ -518,8 +510,8 @@ METHOD(tls_t, get_eap_msk, chunk_t, METHOD(tls_t, destroy, void, private_tnccs_11_t *this) { - charon->tnccs->remove_connection(charon->tnccs, this->connection_id, - this->is_server); + tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, + this->is_server); this->mutex->destroy(this->mutex); DESTROY_IF(this->batch); free(this); @@ -544,8 +536,6 @@ tls_t *tnccs_11_create(bool is_server) }, .is_server = is_server, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), - .imcs = lib->get(lib, "imc-manager"), - .imvs = lib->get(lib, "imv-manager"), ); return &this->public; diff --git a/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c b/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c index c2c173eea..cd95afb1e 100644 --- a/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c +++ b/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c @@ -16,7 +16,7 @@ #include "tnccs_11_plugin.h" #include "tnccs_11.h" -#include <daemon.h> +#include <tnc/tnccs/tnccs_manager.h> METHOD(plugin_t, get_name, char*, tnccs_11_plugin_t *this) @@ -32,8 +32,7 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(CUSTOM, "tnccs-1.1"), PLUGIN_DEPENDS(EAP_SERVER, EAP_TNC), PLUGIN_DEPENDS(EAP_PEER, EAP_TNC), - PLUGIN_SDEPEND(CUSTOM, "imc-manager"), - PLUGIN_SDEPEND(CUSTOM, "imv-manager"), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), }; *features = f; return countof(f); diff --git a/src/libcharon/plugins/tnccs_20/Makefile.am b/src/libcharon/plugins/tnccs_20/Makefile.am index 6e16485fd..ec17e6412 100644 --- a/src/libcharon/plugins/tnccs_20/Makefile.am +++ b/src/libcharon/plugins/tnccs_20/Makefile.am @@ -1,13 +1,11 @@ INCLUDES = \ -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libhydra \ - -I$(top_srcdir)/src/libcharon \ -I$(top_srcdir)/src/libtls \ -I$(top_srcdir)/src/libtncif \ -I$(top_srcdir)/src/libtnccs -AM_CFLAGS = -DUSE_TNC -rdynamic +AM_CFLAGS = -rdynamic if MONOLITHIC noinst_LTLIBRARIES = libstrongswan-tnccs-20.la diff --git a/src/libcharon/plugins/tnccs_20/batch/pb_tnc_batch.c b/src/libcharon/plugins/tnccs_20/batch/pb_tnc_batch.c index 8d9968c97..c6a4bb599 100644 --- a/src/libcharon/plugins/tnccs_20/batch/pb_tnc_batch.c +++ b/src/libcharon/plugins/tnccs_20/batch/pb_tnc_batch.c @@ -18,12 +18,13 @@ #include "messages/pb_error_msg.h" #include "state_machine/pb_tnc_state_machine.h" -#include <debug.h> +#include <tnc/tnccs/tnccs.h> + #include <utils/linked_list.h> #include <bio/bio_writer.h> #include <bio/bio_reader.h> -#include <tnc/tnccs/tnccs.h> #include <pen/pen.h> +#include <debug.h> ENUM(pb_tnc_batch_type_names, PB_BATCH_CDATA, PB_BATCH_CLOSE, "CDATA", diff --git a/src/libcharon/plugins/tnccs_20/messages/pb_error_msg.c b/src/libcharon/plugins/tnccs_20/messages/pb_error_msg.c index 09240408a..03e3cec92 100644 --- a/src/libcharon/plugins/tnccs_20/messages/pb_error_msg.c +++ b/src/libcharon/plugins/tnccs_20/messages/pb_error_msg.c @@ -15,11 +15,12 @@ #include "pb_error_msg.h" -#include <debug.h> +#include <tnc/tnccs/tnccs.h> + #include <bio/bio_writer.h> #include <bio/bio_reader.h> -#include <tnc/tnccs/tnccs.h> #include <pen/pen.h> +#include <debug.h> ENUM(pb_tnc_error_code_names, PB_ERROR_UNEXPECTED_BATCH_TYPE, PB_ERROR_VERSION_NOT_SUPPORTED, diff --git a/src/libcharon/plugins/tnccs_20/messages/pb_pa_msg.c b/src/libcharon/plugins/tnccs_20/messages/pb_pa_msg.c index 8a5a031e1..b9bbf6bd1 100644 --- a/src/libcharon/plugins/tnccs_20/messages/pb_pa_msg.c +++ b/src/libcharon/plugins/tnccs_20/messages/pb_pa_msg.c @@ -17,9 +17,10 @@ #include "pb_pa_msg.h" +#include <tnc/tnccs/tnccs.h> + #include <bio/bio_writer.h> #include <bio/bio_reader.h> -#include <tnc/tnccs/tnccs.h> #include <pen/pen.h> #include <debug.h> diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20.c b/src/libcharon/plugins/tnccs_20/tnccs_20.c index d3a560f6f..d37510880 100644 --- a/src/libcharon/plugins/tnccs_20/tnccs_20.c +++ b/src/libcharon/plugins/tnccs_20/tnccs_20.c @@ -29,12 +29,13 @@ #include <tncif_names.h> #include <tncif_pa_subtypes.h> -#include <imc/imc_manager.h> +#include <tnc/tnc.h> +#include <tnc/tnccs/tnccs_manager.h> +#include <tnc/imc/imc_manager.h> +#include <tnc/imv/imv_manager.h> #include <debug.h> -#include <daemon.h> #include <threading/mutex.h> -#include <tnc/tnccs/tnccs.h> #include <pen/pen.h> typedef struct private_tnccs_20_t private_tnccs_20_t; @@ -94,16 +95,6 @@ struct private_tnccs_20_t { */ recommendations_t *recs; - /** - * TNC IMC manager controlling Integrity Measurement Collectors - */ - imc_manager_t *imcs; - - /** - * TNC IMV manager controlling Integrity Measurement Verifiers - */ - imv_manager_t *imvs; - }; METHOD(tnccs_t, send_msg, TNC_Result, @@ -203,12 +194,12 @@ static void handle_message(private_tnccs_20_t *this, pb_tnc_msg_t *msg) this->send_msg = TRUE; if (this->is_server) { - this->imvs->receive_message(this->imvs, + tnc->imvs->receive_message(tnc->imvs, this->connection_id, msg_body.ptr, msg_body.len, msg_type); } else { - this->imcs->receive_message(this->imcs, + tnc->imcs->receive_message(tnc->imcs, this->connection_id, msg_body.ptr, msg_body.len,msg_type); } this->send_msg = FALSE; @@ -246,8 +237,8 @@ static void handle_message(private_tnccs_20_t *this, pb_tnc_msg_t *msg) case PB_REC_QUARANTINED: state = TNC_CONNECTION_STATE_ACCESS_ISOLATED; } - this->imcs->notify_connection_change(this->imcs, - this->connection_id, state); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + state); break; } case PB_MSG_REMEDIATION_PARAMETERS: @@ -362,8 +353,8 @@ static void build_retry_batch(private_tnccs_20_t *this) } if (this->is_server) { - charon->imvs->notify_connection_change(charon->imvs, - this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id, + TNC_CONNECTION_STATE_HANDSHAKE); } this->batch = pb_tnc_batch_create(this->is_server, batch_retry_type); } @@ -379,17 +370,17 @@ METHOD(tls_t, process, status_t, if (this->is_server && !this->connection_id) { - this->connection_id = charon->tnccs->create_connection(charon->tnccs, + this->connection_id = tnc->tnccs->create_connection(tnc->tnccs, (tnccs_t*)this, _send_msg, &this->request_handshake_retry, &this->recs); if (!this->connection_id) { return FAILED; } - charon->imvs->notify_connection_change(charon->imvs, - this->connection_id, TNC_CONNECTION_STATE_CREATE); - charon->imvs->notify_connection_change(charon->imvs, - this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id, + TNC_CONNECTION_STATE_CREATE); + tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id, + TNC_CONNECTION_STATE_HANDSHAKE); } data = chunk_create(buf, buflen); @@ -418,10 +409,10 @@ METHOD(tls_t, process, status_t, else if (batch_type == PB_BATCH_SRETRY) { /* Restart the measurements */ - this->imcs->notify_connection_change(this->imcs, + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); this->send_msg = TRUE; - this->imcs->begin_handshake(this->imcs, this->connection_id); + tnc->imcs->begin_handshake(tnc->imcs, this->connection_id); this->send_msg = FALSE; } @@ -452,11 +443,11 @@ METHOD(tls_t, process, status_t, this->send_msg = TRUE; if (this->is_server) { - this->imvs->batch_ending(this->imvs, this->connection_id); + tnc->imvs->batch_ending(tnc->imvs, this->connection_id); } else { - this->imcs->batch_ending(this->imcs, this->connection_id); + tnc->imcs->batch_ending(tnc->imcs, this->connection_id); } this->send_msg = FALSE; } @@ -509,7 +500,7 @@ static void check_and_build_recommendation(private_tnccs_20_t *this) if (!this->recs->have_recommendation(this->recs, &rec, &eval)) { - charon->imvs->solicit_recommendation(charon->imvs, this->connection_id); + tnc->imvs->solicit_recommendation(tnc->imvs, this->connection_id); } if (this->recs->have_recommendation(this->recs, &rec, &eval)) { @@ -560,7 +551,7 @@ METHOD(tls_t, build, status_t, pb_tnc_msg_t *msg; char *pref_lang; - this->connection_id = charon->tnccs->create_connection(charon->tnccs, + this->connection_id = tnc->tnccs->create_connection(tnc->tnccs, (tnccs_t*)this, _send_msg, &this->request_handshake_retry, NULL); if (!this->connection_id) @@ -569,7 +560,7 @@ METHOD(tls_t, build, status_t, } /* Create PB-TNC Language Preference message */ - pref_lang = this->imcs->get_preferred_language(this->imcs); + pref_lang = tnc->imcs->get_preferred_language(tnc->imcs); msg = pb_language_preference_msg_create(chunk_create(pref_lang, strlen(pref_lang))); this->mutex->lock(this->mutex); @@ -577,12 +568,12 @@ METHOD(tls_t, build, status_t, this->batch->add_msg(this->batch, msg); this->mutex->unlock(this->mutex); - this->imcs->notify_connection_change(this->imcs, - this->connection_id, TNC_CONNECTION_STATE_CREATE); - this->imcs->notify_connection_change(this->imcs, - this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + TNC_CONNECTION_STATE_CREATE); + tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id, + TNC_CONNECTION_STATE_HANDSHAKE); this->send_msg = TRUE; - this->imcs->begin_handshake(this->imcs, this->connection_id); + tnc->imcs->begin_handshake(tnc->imcs, this->connection_id); this->send_msg = FALSE; } @@ -699,7 +690,7 @@ METHOD(tls_t, is_complete, bool, if (this->recs && this->recs->have_recommendation(this->recs, &rec, &eval)) { - return charon->imvs->enforce_recommendation(charon->imvs, rec, eval); + return tnc->imvs->enforce_recommendation(tnc->imvs, rec, eval); } else { @@ -716,8 +707,8 @@ METHOD(tls_t, get_eap_msk, chunk_t, METHOD(tls_t, destroy, void, private_tnccs_20_t *this) { - charon->tnccs->remove_connection(charon->tnccs, this->connection_id, - this->is_server); + tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, + this->is_server); this->state_machine->destroy(this->state_machine); this->mutex->destroy(this->mutex); DESTROY_IF(this->batch); @@ -744,8 +735,6 @@ tls_t *tnccs_20_create(bool is_server) .is_server = is_server, .state_machine = pb_tnc_state_machine_create(is_server), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), - .imcs = lib->get(lib, "imc-manager"), - .imvs = lib->get(lib, "imv-manager"), ); return &this->public; diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c index e06b41dd2..4f419ecf0 100644 --- a/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c +++ b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c @@ -16,7 +16,7 @@ #include "tnccs_20_plugin.h" #include "tnccs_20.h" -#include <daemon.h> +#include <tnc/tnccs/tnccs_manager.h> METHOD(plugin_t, get_name, char*, tnccs_20_plugin_t *this) @@ -32,8 +32,7 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(CUSTOM, "tnccs-2.0"), PLUGIN_DEPENDS(EAP_SERVER, EAP_TNC), PLUGIN_DEPENDS(EAP_PEER, EAP_TNC), - PLUGIN_SDEPEND(CUSTOM, "imc-manager"), - PLUGIN_SDEPEND(CUSTOM, "imv-manager"), + PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"), }; *features = f; return countof(f); diff --git a/src/libcharon/plugins/tnccs_dynamic/Makefile.am b/src/libcharon/plugins/tnccs_dynamic/Makefile.am index 4a84ef124..57c2baaf0 100644 --- a/src/libcharon/plugins/tnccs_dynamic/Makefile.am +++ b/src/libcharon/plugins/tnccs_dynamic/Makefile.am @@ -1,14 +1,19 @@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \ - -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls \ - -I$(top_srcdir)/src/libtncif +INCLUDES = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libtls \ + -I$(top_srcdir)/src/libtncif \ + -I$(top_srcdir)/src/libtnccs -AM_CFLAGS = -DUSE_TNC -rdynamic +AM_CFLAGS = -rdynamic if MONOLITHIC noinst_LTLIBRARIES = libstrongswan-tnccs-dynamic.la else plugin_LTLIBRARIES = libstrongswan-tnccs-dynamic.la +libstrongswan_tnccs_dynamic_la_LIBADD = \ + $(top_builddir)/src/libtncif/libtncif.la \ + $(top_builddir)/src/libtnccs/libtnccs.la endif libstrongswan_tnccs_dynamic_la_SOURCES = \ diff --git a/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic.c b/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic.c index b7985fa51..b68d2dd6b 100644 --- a/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic.c +++ b/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic.c @@ -15,8 +15,9 @@ #include "tnccs_dynamic.h" -#include <tnc/tnccs/tnccs.h> -#include <daemon.h> +#include <tnc/tnc.h> + +#include <debug.h> typedef struct private_tnccs_dynamic_t private_tnccs_dynamic_t; @@ -75,8 +76,7 @@ METHOD(tls_t, process, status_t, type = determine_tnccs_protocol(*(char*)buf); DBG1(DBG_TNC, "%N protocol detected dynamically", tnccs_type_names, type); - this->tls = (tls_t*)charon->tnccs->create_instance(charon->tnccs, - type, TRUE); + this->tls = (tls_t*)tnc->tnccs->create_instance(tnc->tnccs, type, TRUE); if (!this->tls) { DBG1(DBG_TNC, "N% protocol not supported", tnccs_type_names, type); diff --git a/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic_plugin.c b/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic_plugin.c index 8a6298a57..6f581c543 100644 --- a/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic_plugin.c +++ b/src/libcharon/plugins/tnccs_dynamic/tnccs_dynamic_plugin.c @@ -16,7 +16,7 @@ #include "tnccs_dynamic_plugin.h" #include "tnccs_dynamic.h" -#include <daemon.h> +#include <tnc/tnccs/tnccs_manager.h> METHOD(plugin_t, get_name, char*, tnccs_dynamic_plugin_t *this) diff --git a/src/libtnccs/Makefile.am b/src/libtnccs/Makefile.am index e75d1bdbc..5c730d172 100644 --- a/src/libtnccs/Makefile.am +++ b/src/libtnccs/Makefile.am @@ -6,7 +6,11 @@ ipseclib_LTLIBRARIES = libtnccs.la libtnccs_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la libtnccs_la_SOURCES = \ - imc/imc.h imc/imc_manager.h \ - imv/imv.h imv/imv_manager.h \ - imv/imv_recommendations.h imv/imv_recommendations.c + tnc/tnc.h tnc/tnc.c \ + tnc/imc/imc.h tnc/imc/imc_manager.h \ + tnc/imv/imv.h tnc/imv/imv_manager.h \ + tnc/imv/imv_recommendations.h tnc/imv/imv_recommendations.c \ + tnc/tnccs/tnccs.h tnc/tnccs/tnccs.c \ + tnc/tnccs/tnccs_manager.h tnc/tnccs/tnccs_manager.c + diff --git a/src/libtnccs/imc/imc.h b/src/libtnccs/tnc/imc/imc.h index ddedf714c..ddedf714c 100644 --- a/src/libtnccs/imc/imc.h +++ b/src/libtnccs/tnc/imc/imc.h diff --git a/src/libtnccs/imc/imc_manager.h b/src/libtnccs/tnc/imc/imc_manager.h index b475e0eaf..750a1418a 100644 --- a/src/libtnccs/imc/imc_manager.h +++ b/src/libtnccs/tnc/imc/imc_manager.h @@ -49,6 +49,14 @@ struct imc_manager_t { imc_t* (*remove)(imc_manager_t *this, TNC_IMCID id); /** + * Load all IMC instances + * + * @param filename configuration file containt IMC paths + * @return TRUE if initialization of all IMCs succeeded + */ + bool (*load_all)(imc_manager_t *this, char *filename); + + /** * Check if an IMC with a given ID is registered with the IMC manager * * @param id ID of IMC instance diff --git a/src/libtnccs/imv/imv.h b/src/libtnccs/tnc/imv/imv.h index df338d40a..df338d40a 100644 --- a/src/libtnccs/imv/imv.h +++ b/src/libtnccs/tnc/imv/imv.h diff --git a/src/libtnccs/imv/imv_manager.h b/src/libtnccs/tnc/imv/imv_manager.h index bd10a6920..9c88f16ef 100644 --- a/src/libtnccs/imv/imv_manager.h +++ b/src/libtnccs/tnc/imv/imv_manager.h @@ -50,6 +50,14 @@ struct imv_manager_t { imv_t* (*remove)(imv_manager_t *this, TNC_IMVID id); /** + * Load all IMV instances + * + * @param filename configuration file containing IMV paths + * @return TRUE if initialization of all IMVs succeeded + */ + bool (*load_all)(imv_manager_t *this, char *filename); + + /** * Check if an IMV with a given ID is registered with the IMV manager * * @param id ID of IMV instance diff --git a/src/libtnccs/imv/imv_recommendations.c b/src/libtnccs/tnc/imv/imv_recommendations.c index 9daaca16c..9daaca16c 100644 --- a/src/libtnccs/imv/imv_recommendations.c +++ b/src/libtnccs/tnc/imv/imv_recommendations.c diff --git a/src/libtnccs/imv/imv_recommendations.h b/src/libtnccs/tnc/imv/imv_recommendations.h index d694e16ae..d694e16ae 100644 --- a/src/libtnccs/imv/imv_recommendations.h +++ b/src/libtnccs/tnc/imv/imv_recommendations.h diff --git a/src/libtnccs/tnc/tnc.c b/src/libtnccs/tnc/tnc.c new file mode 100644 index 000000000..7eb493398 --- /dev/null +++ b/src/libtnccs/tnc/tnc.c @@ -0,0 +1,137 @@ +/* + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "tnc.h" + +typedef struct private_tnc_t private_tnc_t; + +typedef tnccs_manager_t *(*tnc_create_tnccs_manager_t)(void); +typedef imc_manager_t *(*tnc_create_imc_manager_t)(void); +typedef imv_manager_t *(*tnc_create_imv_manager_t)(void); + +/** + * Private additions to tnc_t. + */ +struct private_tnc_t { + + /** + * Public members of tnc_t. + */ + tnc_t public; +}; + +/** + * Single instance of tnc_t. + */ +tnc_t *tnc; + +/** + * Described in header. + */ +void libtnccs_init(void) +{ + private_tnc_t *this; + + INIT(this, + .public = { + }, + ); + + tnc = &this->public; +} + +/** + * Described in header. + */ +void libtnccs_deinit(void) +{ + private_tnc_t *this = (private_tnc_t*)tnc; + + free(this); + tnc = NULL; +} + +/** + * Described in header. + */ +bool tnc_manager_register(plugin_t *plugin, plugin_feature_t *feature, + bool reg, void *data) +{ + char *tnc_config; + + tnc_config = lib->settings->get_str(lib->settings, + "libtnccs.tnc_config", "/etc/tnc_config"); + + if (feature->type == FEATURE_CUSTOM) + { + if (streq(feature->arg.custom, "tnccs-manager")) + { + if (reg) + { + tnc->tnccs = ((tnc_create_tnccs_manager_t)data)(); + } + else + { + tnc->tnccs->destroy(tnc->tnccs); + tnc->tnccs = NULL; + } + } + else if (streq(feature->arg.custom, "imc-manager")) + { + if (reg) + { + tnc->imcs = ((tnc_create_imc_manager_t)data)(); + + + if (!tnc->imcs->load_all(tnc->imcs, tnc_config)) + { + tnc->imcs->destroy(tnc->imcs); + tnc->imcs = NULL; + return FALSE; + } + } + else + { + tnc->imcs->destroy(tnc->imcs); + tnc->imcs = NULL; + } + } + else if (streq(feature->arg.custom, "imv-manager")) + { + if (reg) + { + tnc->imvs = ((tnc_create_imv_manager_t)data)(); + + if (!tnc->imvs->load_all(tnc->imvs, tnc_config)) + { + tnc->imvs->destroy(tnc->imvs); + tnc->imvs = NULL; + return FALSE; + } + } + else + { + tnc->imvs->destroy(tnc->imvs); + tnc->imvs = NULL; + } + } + else + { + return FALSE; + } + } + return TRUE; +} + diff --git a/src/libtnccs/tnc/tnc.h b/src/libtnccs/tnc/tnc.h new file mode 100644 index 000000000..d360a2728 --- /dev/null +++ b/src/libtnccs/tnc/tnc.h @@ -0,0 +1,88 @@ +/* + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup tnc tnc + * @ingroup tnc + * + * @defgroup tnc tnc + * @{ @ingroup tnc + */ + +#ifndef TNC_H_ +#define TNC_H_ + +typedef struct tnc_t tnc_t; + +#include "tnc/imc/imc_manager.h" +#include "tnc/imv/imv_manager.h" +#include "tnc/tnccs/tnccs_manager.h" + +#include <library.h> + +/** + * TNC management support object. + */ +struct tnc_t { + + /** + * TNC-IMC manager controlling Integrity Measurement Collectors + */ + imc_manager_t *imcs; + + /** + * TNC-IMV manager controlling Integrity Measurement Verifiers + */ + imv_manager_t *imvs; + + /** + * TNC-TNCCS manager controlling the TNC Server and Client protocols + */ + tnccs_manager_t *tnccs; + +}; + +/** + * The single instance of tnc_t. + * + * Exists between calls to libtnccs_init() and libtnccs_deinit(). + */ +extern tnc_t *tnc; + +/** + * Initialize libtnccs. + */ +void libtnccs_init(void); + +/** + * Deinitialize libtnccs + */ +void libtnccs_deinit(void); + +/** + * Helper function to (un-)register TNC managers from plugin features. + * + * This function is a plugin_feature_callback_t and can be used with the + * PLUGIN_CALLBACK macro to register a TNC manager constructor. + * + * @param plugin plugin registering the TNC manager + * @param feature associated plugin feature + * @param reg TRUE to register, FALSE to unregister. + * @param data data passed to callback, a TNC manager constructor + */ +bool tnc_manager_register(plugin_t *plugin, plugin_feature_t *feature, + bool reg, void *data); + +#endif /** TNC_H_ @}*/ diff --git a/src/libtnccs/tnc/tnccs/tnccs.c b/src/libtnccs/tnc/tnccs/tnccs.c new file mode 100644 index 000000000..80d0f497c --- /dev/null +++ b/src/libtnccs/tnc/tnccs/tnccs.c @@ -0,0 +1,24 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "tnccs.h" + +ENUM(tnccs_type_names, TNCCS_UNKNOWN, TNCCS_2_0, + "unknown TNCCS", + "TNCCS 1.1", + "TNCCS SOH", + "TNCCS 2.0", +); + diff --git a/src/libcharon/tnc/tnccs/tnccs.h b/src/libtnccs/tnc/tnccs/tnccs.h index 7145c6ad3..f9923f196 100644 --- a/src/libcharon/tnc/tnccs/tnccs.h +++ b/src/libtnccs/tnc/tnccs/tnccs.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010 Andreas Steffen + * Copyright (C) 2010-1011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -59,20 +59,6 @@ extern enum_name_t *tnccs_type_names; typedef tnccs_t *(*tnccs_constructor_t)(bool is_server); /** - * Helper function to (un-)register TNCCS methods from plugin features. - * - * This function is a plugin_feature_callback_t and can be used with the - * PLUGIN_CALLBACK macro to register a TNCCS method constructor. - * - * @param plugin plugin registering the TNCCS method constructor - * @param feature associated plugin feature - * @param reg TRUE to register, FALSE to unregister. - * @param data data passed to callback, a tnccs_constructor_t - */ -bool tnccs_method_register(plugin_t *plugin, plugin_feature_t *feature, - bool reg, void *data); - -/** * Callback function adding a message to a TNCCS batch * * @param imc_id ID of IMC or TNC_IMCID_ANY diff --git a/src/libcharon/tnc/tnccs/tnccs.c b/src/libtnccs/tnc/tnccs/tnccs_manager.c index 5a6d5a4b8..fa91bfb21 100644 --- a/src/libcharon/tnc/tnccs/tnccs.c +++ b/src/libtnccs/tnc/tnccs/tnccs_manager.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010 Andreas Steffen + * Copyright (C) 2011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -13,19 +13,11 @@ * for more details. */ -#define USE_TNC +#include "tnccs_manager.h" -#include "tnccs.h" +#include "tnc/tnc.h" -#include <daemon.h> - - -ENUM(tnccs_type_names, TNCCS_UNKNOWN, TNCCS_2_0, - "unknown TNCCS", - "TNCCS 1.1", - "TNCCS SOH", - "TNCCS 2.0", -); +#include <debug.h> /** * See header @@ -33,6 +25,11 @@ ENUM(tnccs_type_names, TNCCS_UNKNOWN, TNCCS_2_0, bool tnccs_method_register(plugin_t *plugin, plugin_feature_t *feature, bool reg, void *data) { + if (!tnc || !tnc->tnccs) + { + DBG1(DBG_TNC, "TNC TNCCS manager does not exist"); + return FALSE; + } if (reg) { if (feature->type == FEATURE_CUSTOM) @@ -55,13 +52,12 @@ bool tnccs_method_register(plugin_t *plugin, plugin_feature_t *feature, { return FALSE; } - charon->tnccs->add_method(charon->tnccs, type, - (tnccs_constructor_t)data); + tnc->tnccs->add_method(tnc->tnccs, type, (tnccs_constructor_t)data); } } else { - charon->tnccs->remove_method(charon->tnccs, (tnccs_constructor_t)data); + tnc->tnccs->remove_method(tnc->tnccs, (tnccs_constructor_t)data); } return TRUE; } diff --git a/src/libcharon/tnc/tnccs/tnccs_manager.h b/src/libtnccs/tnc/tnccs/tnccs_manager.h index 3282192c5..26b0fa17c 100644 --- a/src/libcharon/tnc/tnccs/tnccs_manager.h +++ b/src/libtnccs/tnc/tnccs/tnccs_manager.h @@ -23,11 +23,8 @@ typedef struct tnccs_manager_t tnccs_manager_t; -#ifdef USE_TNC - #include "tnccs.h" - -#include <imv/imv_recommendations.h> +#include "tnc/imv/imv_recommendations.h" /** * The TNCCS manager manages all TNCCS implementations and creates instances. @@ -181,10 +178,17 @@ struct tnccs_manager_t { }; /** - * Create a tnccs_manager instance. + * Helper function to (un-)register TNCCS methods from plugin features. + * + * This function is a plugin_feature_callback_t and can be used with the + * PLUGIN_CALLBACK macro to register a TNCCS method constructor. + * + * @param plugin plugin registering the TNCCS method constructor + * @param feature associated plugin feature + * @param reg TRUE to register, FALSE to unregister. + * @param data data passed to callback, a tnccs_constructor_t */ -tnccs_manager_t *tnccs_manager_create(); - -#endif /* USE_TNC */ +bool tnccs_method_register(plugin_t *plugin, plugin_feature_t *feature, + bool reg, void *data); #endif /** TNCCS_MANAGER_H_ @}*/ |