Annotation of embedaddon/strongswan/src/libimcv/plugins/imv_hcd/imv_hcd_state.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2015 Andreas Steffen
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "imv_hcd_state.h"
17: #include "imv/imv_lang_string.h"
18: #include "imv/imv_reason_string.h"
19:
20: #include <tncif_policy.h>
21:
22: #include <utils/debug.h>
23:
24: typedef struct private_imv_hcd_state_t private_imv_hcd_state_t;
25: typedef struct subtype_action_flags_t subtype_action_flags_t;
26:
27: struct subtype_action_flags_t {
28: pa_subtype_pwg_t subtype;
29: uint32_t action_flags;
30: };
31:
32: /**
33: * Private data of an imv_hcd_state_t object.
34: */
35: struct private_imv_hcd_state_t {
36:
37: /**
38: * Public members of imv_hcd_state_t
39: */
40: imv_hcd_state_t public;
41:
42: /**
43: * TNCCS connection ID
44: */
45: TNC_ConnectionID connection_id;
46:
47: /**
48: * TNCCS connection state
49: */
50: TNC_ConnectionState state;
51:
52: /**
53: * Does the TNCCS connection support long message types?
54: */
55: bool has_long;
56:
57: /**
58: * Does the TNCCS connection support exclusive delivery?
59: */
60: bool has_excl;
61:
62: /**
63: * Maximum PA-TNC message size for this TNCCS connection
64: */
65: uint32_t max_msg_len;
66:
67: /**
68: * Current flags set for completed actions
69: */
70: uint32_t *action_flags;
71:
72: /**
73: * Action flags for all PA subtypes
74: */
75: subtype_action_flags_t subtype_action_flags[6];
76:
77: /**
78: * IMV database session associated with TNCCS connection
79: */
80: imv_session_t *session;
81:
82: /**
83: * PA-TNC attribute segmentation contracts associated with TNCCS connection
84: */
85: seg_contract_manager_t *contracts;
86:
87: /**
88: * IMV action recommendation
89: */
90: TNC_IMV_Action_Recommendation rec;
91:
92: /**
93: * IMV evaluation result
94: */
95: TNC_IMV_Evaluation_Result eval;
96:
97: /**
98: * IMV OS handshake state
99: */
100: imv_hcd_handshake_state_t handshake_state;
101:
102: /**
103: * TNC Reason String
104: */
105: imv_reason_string_t *reason_string;
106:
107: };
108:
109: /**
110: * Supported languages
111: */
112: static char* languages[] = { "en", "de", "fr", "pl" };
113:
114: /**
115: * Reason strings for "Port Filter"
116: */
117: static imv_lang_string_t reasons[] = {
118: { "en", "Mandatory HCD attributes are missing" },
119: { "de", "Obligatorische HCD Attribute fehlen" },
120: { "fr", "Il manque des attributes HCD obligatoires" },
121: { "pl", "Brakuje atrybutów obowiązkowych" },
122: { NULL, NULL }
123: };
124:
125: METHOD(imv_state_t, get_connection_id, TNC_ConnectionID,
126: private_imv_hcd_state_t *this)
127: {
128: return this->connection_id;
129: }
130:
131: METHOD(imv_state_t, has_long, bool,
132: private_imv_hcd_state_t *this)
133: {
134: return this->has_long;
135: }
136:
137: METHOD(imv_state_t, has_excl, bool,
138: private_imv_hcd_state_t *this)
139: {
140: return this->has_excl;
141: }
142:
143: METHOD(imv_state_t, set_flags, void,
144: private_imv_hcd_state_t *this, bool has_long, bool has_excl)
145: {
146: this->has_long = has_long;
147: this->has_excl = has_excl;
148: }
149:
150: METHOD(imv_state_t, set_max_msg_len, void,
151: private_imv_hcd_state_t *this, uint32_t max_msg_len)
152: {
153: this->max_msg_len = max_msg_len;
154: }
155:
156: METHOD(imv_state_t, get_max_msg_len, uint32_t,
157: private_imv_hcd_state_t *this)
158: {
159: return this->max_msg_len;
160: }
161:
162: METHOD(imv_state_t, set_action_flags, void,
163: private_imv_hcd_state_t *this, uint32_t flags)
164: {
165: *this->action_flags |= flags;
166: }
167:
168: METHOD(imv_state_t, get_action_flags, uint32_t,
169: private_imv_hcd_state_t *this)
170: {
171: return *this->action_flags;
172: }
173:
174: METHOD(imv_state_t, set_session, void,
175: private_imv_hcd_state_t *this, imv_session_t *session)
176: {
177: this->session = session;
178: }
179:
180: METHOD(imv_state_t, get_session, imv_session_t*,
181: private_imv_hcd_state_t *this)
182: {
183: return this->session;
184: }
185:
186: METHOD(imv_state_t, get_contracts, seg_contract_manager_t*,
187: private_imv_hcd_state_t *this)
188: {
189: return this->contracts;
190: }
191:
192: METHOD(imv_state_t, get_recommendation, void,
193: private_imv_hcd_state_t *this, TNC_IMV_Action_Recommendation *rec,
194: TNC_IMV_Evaluation_Result *eval)
195: {
196: *rec = this->rec;
197: *eval = this->eval;
198: }
199:
200: METHOD(imv_state_t, set_recommendation, void,
201: private_imv_hcd_state_t *this, TNC_IMV_Action_Recommendation rec,
202: TNC_IMV_Evaluation_Result eval)
203: {
204: this->rec = rec;
205: this->eval = eval;
206: }
207:
208: METHOD(imv_state_t, update_recommendation, void,
209: private_imv_hcd_state_t *this, TNC_IMV_Action_Recommendation rec,
210: TNC_IMV_Evaluation_Result eval)
211: {
212: this->rec = tncif_policy_update_recommendation(this->rec, rec);
213: this->eval = tncif_policy_update_evaluation(this->eval, eval);
214: }
215:
216: METHOD(imv_state_t, change_state, TNC_ConnectionState,
217: private_imv_hcd_state_t *this, TNC_ConnectionState new_state)
218: {
219: TNC_ConnectionState old_state;
220:
221: old_state = this->state;
222: this->state = new_state;
223: return old_state;
224: }
225:
226: METHOD(imv_state_t, get_reason_string, bool,
227: private_imv_hcd_state_t *this, enumerator_t *language_enumerator,
228: chunk_t *reason_string, char **reason_language)
229: {
230: if (this->rec == TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION)
231: {
232: return FALSE;
233: }
234: *reason_language = imv_lang_string_select_lang(language_enumerator,
235: languages, countof(languages));
236:
237: /* Instantiate a TNC Reason String object */
238: DESTROY_IF(this->reason_string);
239: this->reason_string = imv_reason_string_create(*reason_language, "\n");
240: this->reason_string->add_reason(this->reason_string, reasons);
241: *reason_string = this->reason_string->get_encoding(this->reason_string);
242:
243: return TRUE;
244: }
245:
246: METHOD(imv_state_t, get_remediation_instructions, bool,
247: private_imv_hcd_state_t *this, enumerator_t *language_enumerator,
248: chunk_t *string, char **lang_code, char **uri)
249: {
250: return FALSE;
251: }
252:
253: METHOD(imv_state_t, reset, void,
254: private_imv_hcd_state_t *this)
255: {
256: DESTROY_IF(this->reason_string);
257: this->reason_string = NULL;
258: this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION;
259: this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW;
260:
261: this->handshake_state = IMV_HCD_STATE_INIT;
262: this->subtype_action_flags[0].action_flags = IMV_HCD_ATTR_NONE;
263: this->subtype_action_flags[1].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY;
264: this->subtype_action_flags[2].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY;
265: this->subtype_action_flags[3].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY;
266: this->subtype_action_flags[4].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY;
267: this->subtype_action_flags[5].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY;
268: this->action_flags = &this->subtype_action_flags[0].action_flags;
269: }
270:
271: METHOD(imv_state_t, destroy, void,
272: private_imv_hcd_state_t *this)
273: {
274: DESTROY_IF(this->session);
275: DESTROY_IF(this->reason_string);
276: this->contracts->destroy(this->contracts);
277: free(this);
278: }
279:
280: METHOD(imv_hcd_state_t, set_handshake_state, void,
281: private_imv_hcd_state_t *this, imv_hcd_handshake_state_t new_state)
282: {
283: this->handshake_state = new_state;
284: }
285:
286: METHOD(imv_hcd_state_t, get_handshake_state, imv_hcd_handshake_state_t,
287: private_imv_hcd_state_t *this)
288: {
289: return this->handshake_state;
290: }
291:
292: METHOD(imv_hcd_state_t, set_subtype, void,
293: private_imv_hcd_state_t *this, pa_subtype_pwg_t subtype)
294: {
295: int i;
296:
297: for (i = 0; i < countof(this->subtype_action_flags); i++)
298: {
299: if (subtype == this->subtype_action_flags[i].subtype)
300: {
301: this->action_flags = &this->subtype_action_flags[i].action_flags;
302: break;
303: }
304: }
305: }
306:
307: METHOD(imv_hcd_state_t, set_user_app_disabled, void,
308: private_imv_hcd_state_t *this)
309: {
310: int i;
311:
312: for (i = 0; i < countof(this->subtype_action_flags); i++)
313: {
314: this->subtype_action_flags[i].action_flags |= IMV_HCD_ATTR_USER_APP_NAME;
315: }
316: }
317:
318: /**
319: * Described in header.
320: */
321: imv_state_t *imv_hcd_state_create(TNC_ConnectionID connection_id)
322: {
323: private_imv_hcd_state_t *this;
324:
325: INIT(this,
326: .public = {
327: .interface = {
328: .get_connection_id = _get_connection_id,
329: .has_long = _has_long,
330: .has_excl = _has_excl,
331: .set_flags = _set_flags,
332: .set_max_msg_len = _set_max_msg_len,
333: .get_max_msg_len = _get_max_msg_len,
334: .set_action_flags = _set_action_flags,
335: .get_action_flags = _get_action_flags,
336: .set_session = _set_session,
337: .get_session = _get_session,
338: .get_contracts = _get_contracts,
339: .change_state = _change_state,
340: .get_recommendation = _get_recommendation,
341: .set_recommendation = _set_recommendation,
342: .update_recommendation = _update_recommendation,
343: .get_reason_string = _get_reason_string,
344: .get_remediation_instructions = _get_remediation_instructions,
345: .reset = _reset,
346: .destroy = _destroy,
347: },
348: .set_handshake_state = _set_handshake_state,
349: .get_handshake_state = _get_handshake_state,
350: .set_subtype = _set_subtype,
351: .set_user_app_disabled = _set_user_app_disabled,
352: },
353: .state = TNC_CONNECTION_STATE_CREATE,
354: .rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
355: .eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW,
356: .connection_id = connection_id,
357: .contracts = seg_contract_manager_create(),
358: .subtype_action_flags = {
359: { PA_SUBTYPE_PWG_HCD_SYSTEM, IMV_HCD_ATTR_NONE },
360: { PA_SUBTYPE_PWG_HCD_CONSOLE, IMV_HCD_ATTR_SYSTEM_ONLY },
361: { PA_SUBTYPE_PWG_HCD_MARKER, IMV_HCD_ATTR_SYSTEM_ONLY },
362: { PA_SUBTYPE_PWG_HCD_FINISHER, IMV_HCD_ATTR_SYSTEM_ONLY },
363: { PA_SUBTYPE_PWG_HCD_INTERFACE, IMV_HCD_ATTR_SYSTEM_ONLY },
364: { PA_SUBTYPE_PWG_HCD_SCANNER, IMV_HCD_ATTR_SYSTEM_ONLY },
365: }
366: );
367:
368: this->action_flags = &this->subtype_action_flags[0].action_flags;
369:
370: return &this->public.interface;
371: }
372:
373:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to imv_hcd_state.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / plugins / imv_hcd