diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-05-14 13:31:16 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-05-14 13:31:16 +0200 |
| commit | cc546c3ce6a12165f4e73bd19d2cf4c0c192547c (patch) | |
| tree | 280196f0aa94d38a69395f5aac37d3fc315afe9f /src/libcharon/plugins/tnccs_11 | |
| parent | 0e080d9b64d819236f604d605d2fa9b0f43d3863 (diff) | |
| download | strongswan-cc546c3ce6a12165f4e73bd19d2cf4c0c192547c.tar.bz2 strongswan-cc546c3ce6a12165f4e73bd19d2cf4c0c192547c.tar.xz | |
Restrict IMCs and IMVs to call SendMessage()
Diffstat (limited to 'src/libcharon/plugins/tnccs_11')
| -rw-r--r-- | src/libcharon/plugins/tnccs_11/tnccs_11.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/src/libcharon/plugins/tnccs_11/tnccs_11.c b/src/libcharon/plugins/tnccs_11/tnccs_11.c index 033b73253..cd8cd3a43 100644 --- a/src/libcharon/plugins/tnccs_11/tnccs_11.c +++ b/src/libcharon/plugins/tnccs_11/tnccs_11.c @@ -77,6 +77,11 @@ struct private_tnccs_11_t { bool delete_state; /** + * SendMessage() by IMC/IMV only allowed if flag is set + */ + bool send_msg; + + /** * Flag set by IMC/IMV RequestHandshakeRetry() function */ bool request_handshake_retry; @@ -87,7 +92,7 @@ struct private_tnccs_11_t { recommendations_t *recs; }; -METHOD(tnccs_t, send_msg, void, +METHOD(tnccs_t, send_msg, TNC_Result, private_tnccs_11_t* this, TNC_IMCID imc_id, TNC_IMVID imv_id, TNC_BufferReference msg, TNC_UInt32 msg_len, @@ -95,6 +100,13 @@ METHOD(tnccs_t, send_msg, void, { tnccs_msg_t *tnccs_msg; + if (!this->send_msg) + { + DBG1(DBG_TNC, "%s %u not allowed to call SendMessage()", + this->is_server ? "IMV" : "IMC", + this->is_server ? imv_id : imc_id); + return TNC_RESULT_ILLEGAL_OPERATION; + } tnccs_msg = imc_imv_msg_create(msg_type, chunk_create(msg, msg_len)); /* adding an IMC-IMV Message to TNCCS batch */ @@ -105,6 +117,7 @@ METHOD(tnccs_t, send_msg, void, } this->batch->add_msg(this->batch, tnccs_msg); this->mutex->unlock(this->mutex); + return TNC_RESULT_SUCCESS; } /** @@ -126,6 +139,7 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg) DBG2(DBG_TNC, "handling IMC_IMV message type 0x%08x", msg_type); + this->send_msg = TRUE; if (this->is_server) { charon->imvs->receive_message(charon->imvs, @@ -136,6 +150,7 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg) charon->imcs->receive_message(charon->imcs, this->connection_id, msg_body.ptr, msg_body.len,msg_type); } + this->send_msg = FALSE; break; } case TNCCS_MSG_RECOMMENDATION: @@ -286,6 +301,7 @@ METHOD(tls_t, process, status_t, return FAILED; } + this->send_msg = TRUE; if (this->is_server) { charon->imvs->batch_ending(charon->imvs, this->connection_id); @@ -294,6 +310,7 @@ METHOD(tls_t, process, status_t, { charon->imcs->batch_ending(charon->imcs, this->connection_id); } + this->send_msg = FALSE; } batch->destroy(batch); @@ -371,7 +388,9 @@ METHOD(tls_t, build, status_t, this->connection_id, TNC_CONNECTION_STATE_CREATE); charon->imcs->notify_connection_change(charon->imcs, this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE); + this->send_msg = TRUE; charon->imcs->begin_handshake(charon->imcs, this->connection_id); + this->send_msg = FALSE; } /* Do not allow any asynchronous IMCs or IMVs to add additional messages */ |