accumulate package counts over multiple attributes

4 files changed, 93 insertions, 32 deletions

diff --git a/src/libimcv/plugins/imv_os/imv_os.c b/src/libimcv/plugins/imv_os/imv_os.c
index 4d28fc67c..6d71678ff 100644
--- a/src/libimcv/plugins/imv_os/imv_os.c
+++ b/src/libimcv/plugins/imv_os/imv_os.c
@@ -150,6 +150,7 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 	chunk_t os_name = chunk_empty;
 	chunk_t os_version = chunk_empty;
 	bool fatal_error = FALSE, assessment = FALSE;
+	int count, count_bad, count_ok;
 
 	os_state = (imv_os_state_t*)state;
 
@@ -273,22 +274,12 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 					status = os_db->check_packages(os_db, os_state, e);
 					e->destroy(e);
 
-					switch (status)
+					if (status == FAILED)
 					{
-						case VERIFY_ERROR:
-							state->set_recommendation(state,
-								TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
-								TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR);
-							assessment = TRUE;
-							break;
-						case FAILED:
-							state->set_recommendation(state,
+						state->set_recommendation(state,
 								TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
 								TNC_IMV_EVALUATION_RESULT_ERROR);
-							assessment = TRUE;
-							break;
-						default:
-							break;
+						assessment = TRUE;
 					}
 					break;
 				}
@@ -401,8 +392,22 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 		!os_state->get_package_request(os_state) &&
 		!os_state->get_angel_count(os_state))
 	{
-		state->set_recommendation(state, TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
-										 TNC_IMV_EVALUATION_RESULT_COMPLIANT);
+		os_state->get_count(os_state, &count, &count_bad, &count_ok);
+		DBG1(DBG_IMV, "processed %d packages: %d bad, %d ok, %d not found",
+			count, count_bad, count_ok, count - count_bad - count_ok);
+
+		if (count_bad)
+		{
+			state->set_recommendation(state,
+								TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
+								TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR);
+		}
+		else
+		{
+			state->set_recommendation(state,
+								TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
+								TNC_IMV_EVALUATION_RESULT_COMPLIANT);
+		}
 		assessment = TRUE;
 	}
 
diff --git a/src/libimcv/plugins/imv_os/imv_os_database.c b/src/libimcv/plugins/imv_os/imv_os_database.c
index 93cd5ec64..1a34b16f9 100644
--- a/src/libimcv/plugins/imv_os/imv_os_database.c
+++ b/src/libimcv/plugins/imv_os/imv_os_database.c
@@ -47,7 +47,7 @@ METHOD(imv_os_database_t, check_packages, status_t,
 	os_type_t os_type;
 	size_t os_version_len;
 	int pid, gid, security;
-	int count = 0, count_ok = 0, count_no_match = 0, count_not_found = 0;
+	int count = 0, count_ok = 0, count_no_match = 0;
 	enumerator_t *e;
 	status_t status = SUCCESS;
 	bool found, match;
@@ -113,7 +113,6 @@ METHOD(imv_os_database_t, check_packages, status_t,
 				DBG2(DBG_IMV, "package '%s' (%.*s) not found",
 					 package, version.len, version.ptr);
 			}
-			count_not_found++;
 			e->destroy(e);
 			continue;
 		}
@@ -162,21 +161,17 @@ METHOD(imv_os_database_t, check_packages, status_t,
 			{
 				DBG1(DBG_IMV, "package '%s' (%s) no match", package, release);
 				count_no_match++;
-				status = VERIFY_ERROR;
 			}
 		}
 		else
 		{
 			/* package not present in database for this product - skip */
-			count_not_found++;
 		}
 		free(package);
 		free(release);
 	}
 	free(product);
-
-	DBG1(DBG_IMV, "processed %d packages: %d no match, %d ok, %d not found",
-		 count, count_no_match, count_ok, count_not_found);
+	state->set_count(state, count, count_no_match, count_ok);
 
 	return status;
 }
diff --git a/src/libimcv/plugins/imv_os/imv_os_state.c b/src/libimcv/plugins/imv_os/imv_os_state.c
index 49d2e5653..d4721038d 100644
--- a/src/libimcv/plugins/imv_os/imv_os_state.c
+++ b/src/libimcv/plugins/imv_os/imv_os_state.c
@@ -85,6 +85,21 @@ struct private_imv_os_state_t {
 	chunk_t version;
 
 	/**
+	 * Number of processed packages
+	 */
+	int count;
+
+	/**
+	 * Number of blacklisted or not updated packages
+	 */
+	int count_bad;
+
+	/**
+	 * Number of whitelisted packages
+	 */
+	int count_ok;
+
+	/**
 	 * OS Installed Package request sent - mandatory response expected
 	 */
 	bool package_request;
@@ -225,6 +240,31 @@ METHOD(imv_os_state_t, get_info, char*,
 	return this->info;
 }
 
+METHOD(imv_os_state_t, set_count, void,
+	private_imv_os_state_t *this, int count, int count_bad, int count_ok)
+{
+	this->count     += count;
+	this->count_bad += count_bad;
+	this->count_ok  += count_ok;
+}
+
+METHOD(imv_os_state_t, get_count, void,
+	private_imv_os_state_t *this, int *count, int *count_bad, int *count_ok)
+{
+	if (count)
+	{
+		*count = this->count;
+	}
+	if (count_bad)
+	{
+		*count_bad = this->count_bad;
+	}
+	if (count_ok)
+	{
+		*count_ok = this->count_ok;
+	}
+}
+
 METHOD(imv_os_state_t, get_type, os_type_t,
 	private_imv_os_state_t *this)
 {
@@ -279,6 +319,8 @@ imv_state_t *imv_os_state_create(TNC_ConnectionID connection_id)
 			},
 			.set_info = _set_info,
 			.get_info = _get_info,
+			.set_count = _set_count,
+			.get_count = _get_count,
 			.set_package_request = _set_package_request,
 			.get_package_request = _get_package_request,
 			.set_angel_count = _set_angel_count,
diff --git a/src/libimcv/plugins/imv_os/imv_os_state.h b/src/libimcv/plugins/imv_os/imv_os_state.h
index bde5c235b..65bbee0bc 100644
--- a/src/libimcv/plugins/imv_os/imv_os_state.h
+++ b/src/libimcv/plugins/imv_os/imv_os_state.h
@@ -41,9 +41,9 @@ struct imv_os_state_t {
 	/**
 	 * Set OS Product Information
 	 *
-	 * @param type		OS type (enumerated)
-	 * @param name		OS name (string)
-	 * @param version	OS version
+	 * @param type			OS type (enumerated)
+	 * @param name			OS name (string)
+	 * @param version		OS version
 	 */
 	void (*set_info)(imv_os_state_t *this, os_type_t os_type,
 					 chunk_t name, chunk_t version);
@@ -51,25 +51,44 @@ struct imv_os_state_t {
 	/**
 	 * Get OS Product Information
 	 *
-	 * @param type		OS type (enumerated)
-	 * @param name		OS name (string)
-	 * @param version	OS version
-	 * @result			OS name & version as a concatenated string 
+	 * @param type			OS type (enumerated)
+	 * @param name			OS name (string)
+	 * @param version		OS version
+	 * @return				OS name & version as a concatenated string 
 	 */
 	char* (*get_info)(imv_os_state_t *this, os_type_t *os_type,
 					  chunk_t *name, chunk_t *version);
 
 	/**
+	 * Set [or with multiple attributes increment] package counters
+	 *
+	 * @param count			Number of processed packages
+	 * @param count_bad		Number of blacklisted or not updated packages
+	 * @param count_ok		Number of whitelisted packages
+	 */
+	void (*set_count)(imv_os_state_t *this, int count, int count_bad,
+					  int count_ok);
+
+	/**
+	 * Set [or with multiple attributes increment] package counters
+	 *
+	 * @param count			Number of processed packages
+	 * @param count_bad		Number of blacklisted or not updated packages
+	 * @param count_ok		Number of whitelisted packages
+	 */
+	void (*get_count)(imv_os_state_t *this, int *count, int *count_bad,
+					  int *count_ok);
+	/**
 	 * Set/reset OS Installed Packages request status
 	 *
-	 * @param set		TRUE to set, FALSE to clear
+	 * @param set			TRUE to set, FALSE to clear
 	 */
 	void (*set_package_request)(imv_os_state_t *this, bool set);
 
 	/**
 	 * Get OS Installed Packages request status
 	 *
-	 * @result			TRUE if set, FALSE if unset
+	 * @return				TRUE if set, FALSE if unset
 	 */
 	bool (*get_package_request)(imv_os_state_t *this);
 
@@ -83,7 +102,7 @@ struct imv_os_state_t {
 	/**
 	 * Get the ITA Angel count
 	 *
-	 * @result			ITA Angel count
+	 * @return				ITA Angel count
 	 */
 	int (*get_angel_count)(imv_os_state_t *this);