aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libimcv/imv/imv_database.c9
-rw-r--r--src/libimcv/imv/tables.sql2
-rw-r--r--src/libpts/plugins/imv_attestation/attest_db.c29
3 files changed, 23 insertions, 17 deletions
diff --git a/src/libimcv/imv/imv_database.c b/src/libimcv/imv/imv_database.c
index 2acb7f26d..dc7edd7aa 100644
--- a/src/libimcv/imv/imv_database.c
+++ b/src/libimcv/imv/imv_database.c
@@ -180,6 +180,7 @@ METHOD(imv_database_t, add_device, int,
private_imv_database_t *this, imv_session_t *session, chunk_t device)
{
enumerator_t *e;
+ char *device_str;
int pid = 0, did = 0;
/* get primary key of product from session */
@@ -192,10 +193,13 @@ METHOD(imv_database_t, add_device, int,
e->destroy(e);
}
+ /* some IMV policy manager expect a text string */
+ device_str = strndup(device.ptr, device.len);
+
/* get primary key of device identification if it exists */
e = this->db->query(this->db,
"SELECT id FROM devices WHERE value = ? AND product = ?",
- DB_BLOB, device, DB_INT, pid, DB_INT);
+ DB_TEXT, device_str, DB_INT, pid, DB_INT);
if (e)
{
e->enumerate(e, &did);
@@ -207,8 +211,9 @@ METHOD(imv_database_t, add_device, int,
{
this->db->execute(this->db, &did,
"INSERT INTO devices (value, product) VALUES (?, ?)",
- DB_BLOB, device, DB_INT, pid);
+ DB_TEXT, device_str, DB_INT, pid);
}
+ free(device_str);
/* add device reference to session */
if (did)
diff --git a/src/libimcv/imv/tables.sql b/src/libimcv/imv/tables.sql
index 29d99cabe..4cc959e09 100644
--- a/src/libimcv/imv/tables.sql
+++ b/src/libimcv/imv/tables.sql
@@ -215,7 +215,7 @@ DROP TABLE IF EXISTS devices;
CREATE TABLE devices (
id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
description TEXT DEFAULT '',
- value BLOB NOT NULL,
+ value TEXT NOT NULL,
product INTEGER REFERENCES products(id),
created INTEGER
);
diff --git a/src/libpts/plugins/imv_attestation/attest_db.c b/src/libpts/plugins/imv_attestation/attest_db.c
index 005857fd4..3bbf499a2 100644
--- a/src/libpts/plugins/imv_attestation/attest_db.c
+++ b/src/libpts/plugins/imv_attestation/attest_db.c
@@ -27,7 +27,9 @@
#include "pts/pts_meas_algo.h"
#include "pts/pts_file_meas.h"
#include "pts/components/pts_comp_func_name.h"
+
#define IMA_MAX_NAME_LEN 255
+#define DEVICE_MAX_LEN 20
typedef struct private_attest_db_t private_attest_db_t;
@@ -810,8 +812,8 @@ METHOD(attest_db_t, list_devices, void,
private_attest_db_t *this)
{
enumerator_t *e, *e_ar;
- chunk_t value, ar_id_value = chunk_empty;
- char *product;
+ chunk_t ar_id_value = chunk_empty;
+ char *product, *device;
time_t timestamp;
int id, last_id = 0, ar_id = 0, last_ar_id = 0, device_count = 0;
int session_id, rec;
@@ -823,18 +825,17 @@ METHOD(attest_db_t, list_devices, void,
"FROM devices AS d "
"JOIN sessions AS s ON d.id = s.device "
"JOIN products AS p ON p.id = s.product "
- "ORDER BY d.value, s.time DESC", DB_INT, DB_BLOB, DB_INT, DB_UINT,
+ "ORDER BY d.value, s.time DESC", DB_INT, DB_TEXT, DB_INT, DB_UINT,
DB_INT, DB_INT, DB_TEXT);
if (e)
{
- while (e->enumerate(e, &id, &value, &session_id, &tstamp, &ar_id, &rec,
+ while (e->enumerate(e, &id, &device, &session_id, &tstamp, &ar_id, &rec,
&product))
{
if (id != last_id)
{
- printf("%4d: %.*s - %s\n", id, (int)value.len, value.ptr,
- product);
+ printf("%4d: %s - %s\n", id, device, product);
device_count++;
last_id = id;
}
@@ -1517,9 +1518,9 @@ METHOD(attest_db_t, list_sessions, void,
private_attest_db_t *this)
{
enumerator_t *e;
- chunk_t device, identity;
- char *product;
- int session_id, conn_id, rec;
+ chunk_t identity;
+ char *product, *device;
+ int session_id, conn_id, rec, device_len;
time_t created;
u_int t;
@@ -1530,7 +1531,7 @@ METHOD(attest_db_t, list_sessions, void,
"LEFT JOIN devices AS d ON s.device = d.id "
"LEFT JOIN identities AS i ON s.identity = i.id "
"ORDER BY s.time DESC",
- DB_INT, DB_UINT, DB_INT, DB_INT, DB_TEXT, DB_BLOB, DB_BLOB);
+ DB_INT, DB_UINT, DB_INT, DB_INT, DB_TEXT, DB_TEXT, DB_BLOB);
if (e)
{
while (e->enumerate(e, &session_id, &t, &conn_id, &rec, &product,
@@ -1538,12 +1539,12 @@ METHOD(attest_db_t, list_sessions, void,
{
created = t;
product = product ? product : "-";
- device = device.len ? device : chunk_from_str("-");
- device.len = min(device.len, 20);
+ device = strlen(device) ? device : "-";
+ device_len = min(strlen(device), DEVICE_MAX_LEN);
identity = identity.len ? identity : chunk_from_str("-");
printf("%4d: %T %2d %-20s %.*s%*s %.*s - %N\n", session_id, &created,
- FALSE, conn_id, product, device.len, device.ptr,
- 20-device.len, " ", identity.len, identity.ptr,
+ FALSE, conn_id, product, device_len, device,
+ DEVICE_MAX_LEN - device_len, " ", identity.len, identity.ptr,
TNC_IMV_Action_Recommendation_names, rec);
}
e->destroy(e);