moved send_message() in front of recommendation evaluation

author: Andreas Steffen <andreas.steffen@strongswan.org> 2011-12-18 21:05:52 +0100
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2011-12-18 21:05:52 +0100
commit: d670adb34a2778ad0f215e19880e448c341e5b04 (patch)
tree: 40decf90af91fa6a26c5d59c3cba55581787e56d /src
parent: f994caf665e22d5e0d7d28316ed215d95cb53cff (diff)
download: strongswan-d670adb34a2778ad0f215e19880e448c341e5b04.tar.bz2
strongswan-d670adb34a2778ad0f215e19880e448c341e5b04.tar.xz
4 files changed, 21 insertions, 20 deletions
diff --git a/src/libpts/plugins/imv_attestation/imv_attestation.c b/src/libpts/plugins/imv_attestation/imv_attestation.c
index 4aa393678..010687011 100644
--- a/src/libpts/plugins/imv_attestation/imv_attestation.c
+++ b/src/libpts/plugins/imv_attestation/imv_attestation.c
@@ -352,6 +352,9 @@ static TNC_Result receive_message(TNC_IMVID imv_id,
 	}
 	attr_list->destroy(attr_list);
 
+	/* check the IMV state for the next PA-TNC attributes to send */
+	result = send_message(connection_id);
+
 	if (attestation_state->get_handshake_state(attestation_state) ==
 		IMV_ATTESTATION_STATE_END)
 	{
@@ -383,7 +386,7 @@ static TNC_Result receive_message(TNC_IMVID imv_id,
 													   connection_id);
 	}
 
-	return send_message(connection_id);
+	return result;
 }
 
 /**
diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_build.c b/src/libpts/plugins/imv_attestation/imv_attestation_build.c
index 1efe2e723..0186eb102 100644
--- a/src/libpts/plugins/imv_attestation/imv_attestation_build.c
+++ b/src/libpts/plugins/imv_attestation/imv_attestation_build.c
@@ -67,19 +67,6 @@ bool imv_attestation_build(linked_list_t *attr_list,
 		handshake_state = IMV_ATTESTATION_STATE_MEAS;
 	}
 
-	/**
-	 * Skip Component Measurements when
-	 *   neither DH Nonce Exchange nor a TPM are available on the PTS-IMC side
-	 */
-	if (handshake_state == IMV_ATTESTATION_STATE_COMP_EVID &&
-		(!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T) ||
-		!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_D)) )
-	{
-		DBG2(DBG_IMV, "PTS-IMC made no TPM available - "
-					  "skipping Component Measurements");
-		handshake_state = IMV_ATTESTATION_STATE_END;
-	}
-
 	switch (handshake_state)
 	{
 		case IMV_ATTESTATION_STATE_INIT:
@@ -223,11 +210,18 @@ bool imv_attestation_build(linked_list_t *attr_list,
 			int vid, name, qualifier;
 			u_int8_t flags;
 			u_int32_t depth;
-			bool first = TRUE;
+			bool first = TRUE, first_component = TRUE;
 
 			attestation_state->set_handshake_state(attestation_state,
 										IMV_ATTESTATION_STATE_END);
 
+			if (!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T) ||
+				!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_D))
+			{
+				DBG2(DBG_IMV, "PTS-IMC made no TPM available - "
+							  "skipping Component Measurements");
+				break;
+			}
 			if (!pts->get_aik_keyid(pts, &keyid))
 			{
 				break;
@@ -243,10 +237,14 @@ bool imv_attestation_build(linked_list_t *attr_list,
 			{
 				break;
 			}
-			DBG2(DBG_IMV, "evidence request by");
 			while (enumerator->enumerate(enumerator, &vid, &name,
 				&qualifier, &depth))
 			{
+				if (first)
+				{
+					DBG2(DBG_IMV, "evidence request by");
+					first = FALSE;
+				}
 				comp_name = pts_comp_func_name_create(vid, name, qualifier);
 				comp_name->log(comp_name, "  ");
 
@@ -259,11 +257,11 @@ bool imv_attestation_build(linked_list_t *attr_list,
 					continue;
 				}
 				attestation_state->add_component(attestation_state, comp);
-				if (first)
+				if (first_component)
 				{
 					attr = tcg_pts_attr_req_func_comp_evid_create();
 					attr->set_noskip_flag(attr, TRUE);
-					first = FALSE;
+					first_component = FALSE;
 				}
 				flags = comp->get_evidence_flags(comp);
 				/* TODO check flags against negotiated_caps */
diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_process.c b/src/libpts/plugins/imv_attestation/imv_attestation_process.c
index 805a08c25..660d08252 100644
--- a/src/libpts/plugins/imv_attestation/imv_attestation_process.c
+++ b/src/libpts/plugins/imv_attestation/imv_attestation_process.c
@@ -356,7 +356,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
 			if (attr_cast->get_evid_sig(attr_cast, &evid_sig))
 			{
 				/** TODO: What to do with Evidence Signature */
-				DBG1(DBG_IMV, "This version of the Attestation IMV can not "
+				DBG1(DBG_IMV, "this version of the Attestation IMV can not "
 							  "handle Evidence Signatures");
 			}
 			break;
diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c
index b31ab3dcf..6469f7cc4 100644
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@@ -1525,7 +1525,7 @@ pts_t *pts_create(bool is_imc)
 		{
 			this->has_tpm = TRUE;
 			this->pcr_len = PCR_LEN;
-			/* this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_D; */
+			this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_D;
 			load_aik(this);
 			load_aik_blob(this);
 		}
author	Andreas Steffen <andreas.steffen@strongswan.org>	2011-12-18 21:05:52 +0100
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2011-12-18 21:05:52 +0100
commit	d670adb34a2778ad0f215e19880e448c341e5b04 (patch)
tree	40decf90af91fa6a26c5d59c3cba55581787e56d /src
parent	f994caf665e22d5e0d7d28316ed215d95cb53cff (diff)
download	strongswan-d670adb34a2778ad0f215e19880e448c341e5b04.tar.bz2 strongswan-d670adb34a2778ad0f215e19880e448c341e5b04.tar.xz