diff options
Diffstat (limited to 'src/libpts/plugins/imv_attestation')
4 files changed, 45 insertions, 32 deletions
diff --git a/src/libpts/plugins/imv_attestation/build-database.sh b/src/libpts/plugins/imv_attestation/build-database.sh index a89258e1d..be1024de0 100755 --- a/src/libpts/plugins/imv_attestation/build-database.sh +++ b/src/libpts/plugins/imv_attestation/build-database.sh @@ -1,6 +1,6 @@ #!/bin/sh -p="Ubuntu 12.04.1 LTS i686" +p="Ubuntu 12.04 i686" ipsec attest --add --product "$p" --sha1-ima --dir /sbin ipsec attest --add --product "$p" --sha1-ima --dir /usr/sbin diff --git a/src/libpts/plugins/imv_attestation/data.sql b/src/libpts/plugins/imv_attestation/data.sql index b1646b724..60c312e30 100644 --- a/src/libpts/plugins/imv_attestation/data.sql +++ b/src/libpts/plugins/imv_attestation/data.sql @@ -51,7 +51,7 @@ INSERT INTO products ( INSERT INTO products ( name ) VALUES ( - 'Ubuntu 12.04.1 LTS i686' + 'Ubuntu 12.04 i686' ); /* Files */ diff --git a/src/libpts/plugins/imv_attestation/imv_attestation.c b/src/libpts/plugins/imv_attestation/imv_attestation.c index 201496e8a..6cfff7f5f 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation.c @@ -22,6 +22,7 @@ #include <ietf/ietf_attr.h> #include <ietf/ietf_attr_pa_tnc_error.h> #include <ietf/ietf_attr_product_info.h> +#include <ietf/ietf_attr_string_version.h> #include <libpts.h> @@ -219,6 +220,8 @@ static TNC_Result receive_message(TNC_IMVID imv_id, imv_state_t *state; imv_attestation_state_t *attestation_state; pts_t *pts; + chunk_t os_name = chunk_empty; + chunk_t os_version = chunk_empty; enumerator_t *enumerator; TNC_Result result; @@ -228,7 +231,7 @@ static TNC_Result receive_message(TNC_IMVID imv_id, return TNC_RESULT_NOT_INITIALIZED; } - /* get current IMV state */ + /* get current IMV state */ if (!imv_attestation->get_state(imv_attestation, connection_id, &state)) { return TNC_RESULT_FATAL; @@ -260,34 +263,47 @@ static TNC_Result receive_message(TNC_IMVID imv_id, if (type.vendor_id == PEN_IETF) { - if (type.type == IETF_ATTR_PA_TNC_ERROR) + switch (type.type) { - ietf_attr_pa_tnc_error_t *error_attr; - pen_type_t error_code; - chunk_t msg_info; + case IETF_ATTR_PA_TNC_ERROR: + { + ietf_attr_pa_tnc_error_t *error_attr; + pen_type_t error_code; + chunk_t msg_info; - error_attr = (ietf_attr_pa_tnc_error_t*)attr; - error_code = error_attr->get_error_code(error_attr); + error_attr = (ietf_attr_pa_tnc_error_t*)attr; + error_code = error_attr->get_error_code(error_attr); - if (error_code.vendor_id == PEN_TCG) - { - msg_info = error_attr->get_msg_info(error_attr); + if (error_code.vendor_id == PEN_TCG) + { + msg_info = error_attr->get_msg_info(error_attr); - DBG1(DBG_IMV, "received TCG-PTS error '%N'", - pts_error_code_names, error_code.type); - DBG1(DBG_IMV, "error information: %B", &msg_info); + DBG1(DBG_IMV, "received TCG-PTS error '%N'", + pts_error_code_names, error_code.type); + DBG1(DBG_IMV, "error information: %B", &msg_info); - result = TNC_RESULT_FATAL; + result = TNC_RESULT_FATAL; + } + break; } - } - else if (type.type == IETF_ATTR_PRODUCT_INFORMATION) - { - ietf_attr_product_info_t *attr_cast; - char *platform_info; + case IETF_ATTR_PRODUCT_INFORMATION: + { + ietf_attr_product_info_t *attr_cast; - attr_cast = (ietf_attr_product_info_t*)attr; - platform_info = attr_cast->get_info(attr_cast, NULL, NULL); - pts->set_platform_info(pts, platform_info); + attr_cast = (ietf_attr_product_info_t*)attr; + os_name = attr_cast->get_info(attr_cast, NULL, NULL); + break; + } + case IETF_ATTR_STRING_VERSION: + { + ietf_attr_string_version_t *attr_cast; + + attr_cast = (ietf_attr_string_version_t*)attr; + os_version = attr_cast->get_version(attr_cast, NULL, NULL); + break; + } + default: + break; } } else if (type.vendor_id == PEN_TCG) @@ -301,6 +317,11 @@ static TNC_Result receive_message(TNC_IMVID imv_id, } } enumerator->destroy(enumerator); + + if (os_name.len && os_version.len) + { + pts->set_platform_info(pts, os_name, os_version); + } pa_tnc_msg->destroy(pa_tnc_msg); if (result != TNC_RESULT_SUCCESS) diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_state.c b/src/libpts/plugins/imv_attestation/imv_attestation_state.c index 1dbc88309..aa91bf215 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_state.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation_state.c @@ -436,7 +436,6 @@ METHOD(imv_attestation_state_t, components_finalized, bool, imv_state_t *imv_attestation_state_create(TNC_ConnectionID connection_id) { private_imv_attestation_state_t *this; - char *platform_info; INIT(this, .public = { @@ -476,12 +475,5 @@ imv_state_t *imv_attestation_state_create(TNC_ConnectionID connection_id) .pts = pts_create(FALSE), ); - platform_info = lib->settings->get_str(lib->settings, - "libimcv.plugins.imv-attestation.platform_info", NULL); - if (platform_info) - { - this->pts->set_platform_info(this->pts, platform_info); - } - return &this->public.interface; } |