aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_http.c2
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c12
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c22
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c69
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h21
5 files changed, 102 insertions, 24 deletions
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_http.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_http.c
index e2a15828d..9105b7b4d 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_http.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_http.c
@@ -98,7 +98,7 @@ METHOD(tnc_ifmap_http_t, build, status_t,
return FAILED;
}
*out = chunk_create(request, len);
- DBG3(DBG_TLS, "sending HTML POST request %B", out);
+ DBG3(DBG_TLS, "sending HTTP POST request %B", out);
return SUCCESS;
}
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
index d20440553..4b2538e34 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
@@ -120,7 +120,14 @@ METHOD(listener_t, alert, bool,
METHOD(tnc_ifmap_listener_t, destroy, void,
private_tnc_ifmap_listener_t *this)
{
- DESTROY_IF(this->ifmap);
+ if (this->ifmap)
+ {
+ if (this->ifmap->get_session_id(this->ifmap))
+ {
+ this->ifmap->endSession(this->ifmap);
+ }
+ this->ifmap->destroy(this->ifmap);
+ }
free(this);
}
@@ -178,7 +185,8 @@ tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload)
"%s.plugins.tnc-ifmap.renew_session_interval",
IFMAP_RENEW_SESSION_INTERVAL, charon->name);
- job = (job_t*)tnc_ifmap_renew_session_job_create(this->ifmap, reschedule);
+ job = (job_t*)tnc_ifmap_renew_session_job_create(
+ this->ifmap->get_ref(this->ifmap), reschedule);
lib->scheduler->schedule_job(lib->scheduler, job, reschedule);
return &this->public;
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
index eb20bb641..370cb627c 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
@@ -52,9 +52,25 @@ METHOD(job_t, destroy, void,
METHOD(job_t, execute, job_requeue_t,
private_tnc_ifmap_renew_session_job_t *this)
{
- this->ifmap->renewSession(this->ifmap);
-
- return JOB_RESCHEDULE(this->reschedule);
+ char *session_id;
+
+ if (this->ifmap->orphaned(this->ifmap))
+ {
+ session_id = this->ifmap->get_session_id(this->ifmap);
+ DBG2(DBG_TNC, "removing orphaned ifmap renewSession job for '%s'",
+ session_id);
+ this->ifmap->destroy(this->ifmap);
+ return JOB_REQUEUE_NONE;
+ }
+ else
+ {
+ if (!this->ifmap->renewSession(this->ifmap))
+ {
+ DBG1(DBG_TNC, "sending ifmap renewSession failed");
+ /* TODO take some action */
+ }
+ return JOB_RESCHEDULE(this->reschedule);
+ }
}
METHOD(job_t, get_priority, job_priority_t,
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
index d189f6f3a..8d5da5812 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
@@ -99,6 +99,11 @@ struct private_tnc_ifmap_soap_t {
*/
mem_cred_t *creds;
+ /**
+ * reference count
+ */
+ refcount_t ref;
+
};
METHOD(tnc_ifmap_soap_t, newSession, bool,
@@ -124,7 +129,7 @@ METHOD(tnc_ifmap_soap_t, newSession, bool,
this->ifmap_publisher_id = xmlGetProp(result, "ifmap-publisher-id");
soap_msg->destroy(soap_msg);
- DBG1(DBG_TNC, "session-id: %s, ifmap-publisher-id: %s",
+ DBG1(DBG_TNC, "created ifmap session '%s' as publisher '%s'",
this->session_id, this->ifmap_publisher_id);
/* set PEP and PDP device name (defaults to IF-MAP Publisher ID) */
@@ -415,9 +420,9 @@ METHOD(tnc_ifmap_soap_t, publish_ike_sa, bool,
/* extract relevant data from IKE_SA*/
ike_sa_id = ike_sa->get_unique_id(ike_sa);
+ host = ike_sa->get_other_host(ike_sa);
id = ike_sa->get_other_id(ike_sa);
eap_id = ike_sa->get_other_eap_id(ike_sa);
- host = ike_sa->get_other_host(ike_sa);
/* in the presence of an EAP Identity, treat it as a username */
if (!id->equals(id, eap_id))
@@ -460,7 +465,7 @@ METHOD(tnc_ifmap_soap_t, publish_ike_sa, bool,
}
/**
- * update or delete access-request-ip metadata
+ * update or delete access-request-ip metadata for physical IP address
*/
if (up)
{
@@ -615,30 +620,54 @@ METHOD(tnc_ifmap_soap_t, endSession, bool,
success = soap_msg->post(soap_msg, request, "endSessionResult", NULL);
soap_msg->destroy(soap_msg);
+ DBG1(DBG_TNC, "ended ifmap session '%s' as publisher '%s'",
+ this->session_id, this->ifmap_publisher_id);
+
return success;
}
+METHOD(tnc_ifmap_soap_t, get_session_id, char*,
+ private_tnc_ifmap_soap_t *this)
+{
+ return this->session_id;
+}
+
+METHOD(tnc_ifmap_soap_t, orphaned, bool,
+ private_tnc_ifmap_soap_t *this)
+{
+ return this->ref == 1;
+}
+
+METHOD(tnc_ifmap_soap_t, get_ref, tnc_ifmap_soap_t*,
+ private_tnc_ifmap_soap_t *this)
+{
+ ref_get(&this->ref);
+ return &this->public;
+}
+
METHOD(tnc_ifmap_soap_t, destroy, void,
private_tnc_ifmap_soap_t *this)
{
- if (this->session_id)
+ if (ref_put(&this->ref))
{
- endSession(this);
- xmlFree(this->session_id);
- xmlFree(this->ifmap_publisher_id);
- free(this->device_name);
- }
- DESTROY_IF(this->tls);
- DESTROY_IF(this->host);
+ if (this->session_id)
+ {
+ xmlFree(this->session_id);
+ xmlFree(this->ifmap_publisher_id);
+ free(this->device_name);
+ }
+ DESTROY_IF(this->tls);
+ DESTROY_IF(this->host);
- if (this->fd != IFMAP_NO_FD)
- {
- close(this->fd);
+ if (this->fd != IFMAP_NO_FD)
+ {
+ close(this->fd);
+ }
+ lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
+ this->creds->destroy(this->creds);
+ free(this->user_pass.ptr);
+ free(this);
}
- lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
- this->creds->destroy(this->creds);
- free(this->user_pass.ptr);
- free(this);
}
static bool soap_init(private_tnc_ifmap_soap_t *this)
@@ -824,10 +853,14 @@ tnc_ifmap_soap_t *tnc_ifmap_soap_create()
.publish_device_ip = _publish_device_ip,
.publish_enforcement_report = _publish_enforcement_report,
.endSession = _endSession,
+ .get_session_id = _get_session_id,
+ .orphaned = _orphaned,
+ .get_ref = _get_ref,
.destroy = _destroy,
},
.fd = IFMAP_NO_FD,
.creds = mem_cred_create(),
+ .ref = 1,
);
lib->credmgr->add_set(lib->credmgr, &this->creds->set);
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h
index 9c5a53b29..4a0434a54 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.h
@@ -89,6 +89,27 @@ struct tnc_ifmap_soap_t {
bool (*endSession)(tnc_ifmap_soap_t *this);
/**
+ * Get ID of IF-MAP session
+ *
+ * @return IF-MAP session ID
+ */
+ char* (*get_session_id)(tnc_ifmap_soap_t *this);
+
+ /**
+ * Check for an orphaned IF-MAP session
+ *
+ * @return TRUE if IF-MAP session is orphaned
+ */
+ bool (*orphaned)(tnc_ifmap_soap_t *this);
+
+ /**
+ * Get a reference to an IF-MAP session
+ *
+ * @return referenced IF-MAP session
+ */
+ tnc_ifmap_soap_t* (*get_ref)(tnc_ifmap_soap_t *this);
+
+ /**
* Destroy a tnc_ifmap_soap_t.
*/
void (*destroy)(tnc_ifmap_soap_t *this);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 13:43:17 +0000