diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2013-10-09 19:03:07 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2013-10-09 19:03:07 +0200 |
commit | 3588299fb8a14c4b260c30fc4dd6419cb74a8159 (patch) | |
tree | 883517ce462f43189973df8e181a5e3e49967a54 /src/libtnccs/plugins | |
parent | 3e3db3743e1c11200f58a91f2b6745364cb42c5c (diff) | |
download | strongswan-3588299fb8a14c4b260c30fc4dd6419cb74a8159.tar.bz2 strongswan-3588299fb8a14c4b260c30fc4dd6419cb74a8159.tar.xz |
Keep a copy of the tnccs instance for PT-TLS handover
Diffstat (limited to 'src/libtnccs/plugins')
-rw-r--r-- | src/libtnccs/plugins/tnccs_11/tnccs_11.c | 40 | ||||
-rw-r--r-- | src/libtnccs/plugins/tnccs_20/tnccs_20.c | 64 | ||||
-rw-r--r-- | src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c | 34 |
3 files changed, 113 insertions, 25 deletions
diff --git a/src/libtnccs/plugins/tnccs_11/tnccs_11.c b/src/libtnccs/plugins/tnccs_11/tnccs_11.c index 7fc7e6d76..91854b587 100644 --- a/src/libtnccs/plugins/tnccs_11/tnccs_11.c +++ b/src/libtnccs/plugins/tnccs_11/tnccs_11.c @@ -126,6 +126,11 @@ struct private_tnccs_11_t { */ tnccs_cb_t callback; + /** + * reference count + */ + refcount_t ref; + }; METHOD(tnccs_t, send_msg, TNC_Result, @@ -569,13 +574,16 @@ METHOD(tls_t, get_eap_msk, chunk_t, METHOD(tls_t, destroy, void, private_tnccs_11_t *this) { - tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, - this->is_server); - this->server->destroy(this->server); - this->peer->destroy(this->peer); - this->mutex->destroy(this->mutex); - DESTROY_IF(this->batch); - free(this); + if (ref_put(&this->ref)) + { + tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, + this->is_server); + this->server->destroy(this->server); + this->peer->destroy(this->peer); + this->mutex->destroy(this->mutex); + DESTROY_IF(this->batch); + free(this); + } } METHOD(tnccs_t, get_transport, tnc_ift_type_t, @@ -602,6 +610,21 @@ METHOD(tnccs_t, set_auth_type, void, this->auth_type = auth_type; } +METHOD(tnccs_t, get_pdp_server, chunk_t, + private_tnccs_11_t *this, u_int16_t *port) +{ + *port = 0; + + return chunk_empty; +} + +METHOD(tnccs_t, get_ref, tnccs_t*, + private_tnccs_11_t *this) +{ + ref_get(&this->ref); + return &this->public; +} + /** * See header */ @@ -629,6 +652,8 @@ tnccs_t* tnccs_11_create(bool is_server, .set_transport = _set_transport, .get_auth_type = _get_auth_type, .set_auth_type = _set_auth_type, + .get_pdp_server = _get_pdp_server, + .get_ref = _get_ref, }, .is_server = is_server, .server = server->clone(server), @@ -638,6 +663,7 @@ tnccs_t* tnccs_11_create(bool is_server, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .max_msg_len = lib->settings->get_int(lib->settings, "libtnccs.plugins.tnccs-11.max_message_size", 45000), + .ref = 1, ); return &this->public; diff --git a/src/libtnccs/plugins/tnccs_20/tnccs_20.c b/src/libtnccs/plugins/tnccs_20/tnccs_20.c index b5b1cebd9..b631ef579 100644 --- a/src/libtnccs/plugins/tnccs_20/tnccs_20.c +++ b/src/libtnccs/plugins/tnccs_20/tnccs_20.c @@ -142,6 +142,21 @@ struct private_tnccs_20_t { */ void *cb_data; + /** + * PDP server FQDN + */ + chunk_t pdp_server; + + /** + * PDP server port + */ + u_int16_t pdp_port; + + /** + * reference count + */ + refcount_t ref; + }; /** @@ -456,9 +471,7 @@ static void handle_tcg_message(private_tnccs_20_t *this, pb_tnc_msg_t *msg) { pb_pdp_referral_msg_t *pdp_msg; pen_type_t pdp_id_type; - chunk_t pdp_server; u_int8_t pdp_protocol; - u_int16_t pdp_port; pdp_msg = (pb_pdp_referral_msg_t*)msg; pdp_id_type = pdp_msg->get_identifier_type(pdp_msg); @@ -466,15 +479,16 @@ static void handle_tcg_message(private_tnccs_20_t *this, pb_tnc_msg_t *msg) if (pdp_id_type.vendor_id == PEN_TCG && pdp_id_type.type == PB_PDP_ID_FQDN) { - pdp_server = pdp_msg->get_fqdn(pdp_msg, &pdp_protocol, - &pdp_port); + this->pdp_server = chunk_clone(pdp_msg->get_fqdn(pdp_msg, + &pdp_protocol, &this->pdp_port)); if (pdp_protocol != 0) { DBG1(DBG_TNC, "unsupported PDP transport protocol"); break; } DBG1(DBG_TNC, "PDP server '%.*s' is listening on port %u", - pdp_server.len, pdp_server.ptr, pdp_port); + this->pdp_server.len, this->pdp_server.ptr, + this->pdp_port); } break; } @@ -956,15 +970,19 @@ METHOD(tls_t, get_eap_msk, chunk_t, METHOD(tls_t, destroy, void, private_tnccs_20_t *this) { - tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, - this->is_server); - this->server->destroy(this->server); - this->peer->destroy(this->peer); - this->state_machine->destroy(this->state_machine); - this->mutex->destroy(this->mutex); - this->messages->destroy_offset(this->messages, - offsetof(pb_tnc_msg_t, destroy)); - free(this); + if (ref_put(&this->ref)) + { + tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id, + this->is_server); + this->server->destroy(this->server); + this->peer->destroy(this->peer); + this->state_machine->destroy(this->state_machine); + this->mutex->destroy(this->mutex); + this->messages->destroy_offset(this->messages, + offsetof(pb_tnc_msg_t, destroy)); + free(this->pdp_server.ptr); + free(this); + } } METHOD(tnccs_t, get_transport, tnc_ift_type_t, @@ -991,6 +1009,21 @@ METHOD(tnccs_t, set_auth_type, void, this->auth_type = auth_type; } +METHOD(tnccs_t, get_pdp_server, chunk_t, + private_tnccs_20_t *this, u_int16_t *port) +{ + *port = this->pdp_port; + + return this->pdp_server; +} + +METHOD(tnccs_t, get_ref, tnccs_t*, + private_tnccs_20_t *this) +{ + ref_get(&this->ref); + return &this->public; +} + /** * See header */ @@ -1018,6 +1051,8 @@ tnccs_t* tnccs_20_create(bool is_server, .set_transport = _set_transport, .get_auth_type = _get_auth_type, .set_auth_type = _set_auth_type, + .get_pdp_server = _get_pdp_server, + .get_ref = _get_ref, }, .is_server = is_server, .server = server->clone(server), @@ -1031,6 +1066,7 @@ tnccs_t* tnccs_20_create(bool is_server, "libtnccs.plugins.tnccs-20.max_batch_size", 65522), .max_msg_len = lib->settings->get_int(lib->settings, "libtnccs.plugins.tnccs-20.max_message_size", 65490), + .ref = 1, ); return &this->public; diff --git a/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c b/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c index a52ffedbb..e08236eb7 100644 --- a/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c +++ b/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c @@ -61,6 +61,11 @@ struct private_tnccs_dynamic_t { */ tnccs_cb_t callback; + /** + * reference count + */ + refcount_t ref; + }; /** @@ -173,10 +178,13 @@ METHOD(tls_t, get_eap_msk, chunk_t, METHOD(tls_t, destroy, void, private_tnccs_dynamic_t *this) { - DESTROY_IF(this->tls); - this->server->destroy(this->server); - this->peer->destroy(this->peer); - free(this); + if (ref_put(&this->ref)) + { + DESTROY_IF(this->tls); + this->server->destroy(this->server); + this->peer->destroy(this->peer); + free(this); + } } METHOD(tnccs_t, get_transport, tnc_ift_type_t, @@ -203,6 +211,21 @@ METHOD(tnccs_t, set_auth_type, void, this->auth_type = auth_type; } +METHOD(tnccs_t, get_pdp_server, chunk_t, + private_tnccs_dynamic_t *this, u_int16_t *port) +{ + tnccs_t *tnccs = (tnccs_t*)this->tls; + + return tnccs->get_pdp_server(tnccs, port); +} + +METHOD(tnccs_t, get_ref, tnccs_t*, + private_tnccs_dynamic_t *this) +{ + ref_get(&this->ref); + return &this->public; +} + /** * See header */ @@ -230,11 +253,14 @@ tnccs_t* tnccs_dynamic_create(bool is_server, .set_transport = _set_transport, .get_auth_type = _get_auth_type, .set_auth_type = _set_auth_type, + .get_pdp_server = _get_pdp_server, + .get_ref = _get_ref, }, .server = server->clone(server), .peer = peer->clone(peer), .transport = transport, .callback = cb, + .ref = 1, ); return &this->public; |