Annotation of embedaddon/strongswan/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2011-2015 Andreas Steffen
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include "tnccs_dynamic.h"
! 17:
! 18: #include <tnc/tnc.h>
! 19:
! 20: #include <utils/debug.h>
! 21:
! 22: typedef struct private_tnccs_dynamic_t private_tnccs_dynamic_t;
! 23:
! 24: /**
! 25: * Private data of a tnccs_dynamic_t object.
! 26: */
! 27: struct private_tnccs_dynamic_t {
! 28:
! 29: /**
! 30: * Public tnccs_t interface.
! 31: */
! 32: tnccs_t public;
! 33:
! 34: /**
! 35: * Server identity
! 36: */
! 37: identification_t *server_id;
! 38:
! 39: /**
! 40: * Client identity
! 41: */
! 42: identification_t *peer_id;
! 43:
! 44: /**
! 45: * Server IP address
! 46: */
! 47: host_t *server_ip;
! 48:
! 49: /**
! 50: * Client IP address
! 51: */
! 52: host_t *peer_ip;
! 53:
! 54: /**
! 55: * Detected TNC IF-TNCCS stack
! 56: */
! 57: tls_t *tls;
! 58:
! 59: /**
! 60: * Underlying TNC IF-T transport protocol
! 61: */
! 62: tnc_ift_type_t transport;
! 63:
! 64: /**
! 65: * Type of TNC client authentication
! 66: */
! 67: uint32_t auth_type;
! 68:
! 69: /**
! 70: * Callback function to communicate recommendation (TNC Server only)
! 71: */
! 72: tnccs_cb_t callback;
! 73:
! 74: /**
! 75: * reference count
! 76: */
! 77: refcount_t ref;
! 78:
! 79: };
! 80:
! 81: /**
! 82: * Determine the version of the IF-TNCCS protocol used by analyzing the first
! 83: * byte of the TNCCS batch received from a TNC Client according to the rules
! 84: * defined by section 3.5 "Interoperability with older IF-TNCCS versions" of
! 85: * the TCG TNC IF-TNCCS TLV Bindings Version 2.0 standard.
! 86: */
! 87: tnccs_type_t determine_tnccs_protocol(char version)
! 88: {
! 89: switch (version)
! 90: {
! 91: case '\t':
! 92: case '\n':
! 93: case '\r':
! 94: case ' ':
! 95: case '<':
! 96: return TNCCS_1_1;
! 97: case 0x00:
! 98: return TNCCS_SOH;
! 99: case 0x02:
! 100: return TNCCS_2_0;
! 101: default:
! 102: return TNCCS_UNKNOWN;
! 103: }
! 104: }
! 105:
! 106: METHOD(tls_t, process, status_t,
! 107: private_tnccs_dynamic_t *this, void *buf, size_t buflen)
! 108: {
! 109: tnccs_type_t type;
! 110: tnccs_t *tnccs;
! 111:
! 112: if (!this->tls)
! 113: {
! 114: if (buflen == 0)
! 115: {
! 116: return FAILED;
! 117: }
! 118: type = determine_tnccs_protocol(*(char*)buf);
! 119: DBG1(DBG_TNC, "%N protocol detected dynamically",
! 120: tnccs_type_names, type);
! 121: tnccs = tnc->tnccs->create_instance(tnc->tnccs, type, TRUE,
! 122: this->server_id, this->peer_id, this->server_ip,
! 123: this->peer_ip, this->transport, this->callback);
! 124: if (!tnccs)
! 125: {
! 126: DBG1(DBG_TNC, "N% protocol not supported", tnccs_type_names, type);
! 127: return FAILED;
! 128: }
! 129: tnccs->set_auth_type(tnccs, this->auth_type);
! 130: this->tls = &tnccs->tls;
! 131: }
! 132: return this->tls->process(this->tls, buf, buflen);
! 133: }
! 134:
! 135: METHOD(tls_t, build, status_t,
! 136: private_tnccs_dynamic_t *this, void *buf, size_t *buflen, size_t *msglen)
! 137: {
! 138: return this->tls->build(this->tls, buf, buflen, msglen);
! 139: }
! 140:
! 141: METHOD(tls_t, is_server, bool,
! 142: private_tnccs_dynamic_t *this)
! 143: {
! 144: return TRUE;
! 145: }
! 146:
! 147: METHOD(tls_t, get_server_id, identification_t*,
! 148: private_tnccs_dynamic_t *this)
! 149: {
! 150: return this->server_id;
! 151: }
! 152:
! 153: METHOD(tls_t, set_peer_id, void,
! 154: private_tnccs_dynamic_t *this, identification_t *id)
! 155: {
! 156: DESTROY_IF(this->peer_id);
! 157: this->peer_id = id->clone(id);
! 158: if (this->tls)
! 159: {
! 160: this->tls->set_peer_id(this->tls, id);
! 161: }
! 162: }
! 163:
! 164: METHOD(tls_t, get_peer_id, identification_t*,
! 165: private_tnccs_dynamic_t *this)
! 166: {
! 167: return this->peer_id;
! 168: }
! 169:
! 170: METHOD(tls_t, get_purpose, tls_purpose_t,
! 171: private_tnccs_dynamic_t *this)
! 172: {
! 173: return TLS_PURPOSE_EAP_TNC;
! 174: }
! 175:
! 176: METHOD(tls_t, is_complete, bool,
! 177: private_tnccs_dynamic_t *this)
! 178: {
! 179: return this->tls ? this->tls->is_complete(this->tls) : FALSE;
! 180: }
! 181:
! 182: METHOD(tls_t, get_eap_msk, chunk_t,
! 183: private_tnccs_dynamic_t *this)
! 184: {
! 185: return chunk_empty;
! 186: }
! 187:
! 188: METHOD(tls_t, destroy, void,
! 189: private_tnccs_dynamic_t *this)
! 190: {
! 191: if (ref_put(&this->ref))
! 192: {
! 193: DESTROY_IF(this->tls);
! 194: this->server_id->destroy(this->server_id);
! 195: this->peer_id->destroy(this->peer_id);
! 196: this->server_ip->destroy(this->server_ip);
! 197: this->peer_ip->destroy(this->peer_ip);
! 198: free(this);
! 199: }
! 200: }
! 201:
! 202: METHOD(tnccs_t, get_server_ip, host_t*,
! 203: private_tnccs_dynamic_t *this)
! 204: {
! 205: return this->server_ip;
! 206: }
! 207:
! 208: METHOD(tnccs_t, get_peer_ip, host_t*,
! 209: private_tnccs_dynamic_t *this)
! 210: {
! 211: return this->peer_ip;
! 212: }
! 213:
! 214: METHOD(tnccs_t, get_transport, tnc_ift_type_t,
! 215: private_tnccs_dynamic_t *this)
! 216: {
! 217: return this->transport;
! 218: }
! 219:
! 220: METHOD(tnccs_t, set_transport, void,
! 221: private_tnccs_dynamic_t *this, tnc_ift_type_t transport)
! 222: {
! 223: this->transport = transport;
! 224: }
! 225:
! 226: METHOD(tnccs_t, get_auth_type, uint32_t,
! 227: private_tnccs_dynamic_t *this)
! 228: {
! 229: return this->auth_type;
! 230: }
! 231:
! 232: METHOD(tnccs_t, set_auth_type, void,
! 233: private_tnccs_dynamic_t *this, uint32_t auth_type)
! 234: {
! 235: this->auth_type = auth_type;
! 236: }
! 237:
! 238: METHOD(tnccs_t, get_pdp_server, chunk_t,
! 239: private_tnccs_dynamic_t *this, uint16_t *port)
! 240: {
! 241: tnccs_t *tnccs = (tnccs_t*)this->tls;
! 242:
! 243: return tnccs->get_pdp_server(tnccs, port);
! 244: }
! 245:
! 246: METHOD(tnccs_t, get_ref, tnccs_t*,
! 247: private_tnccs_dynamic_t *this)
! 248: {
! 249: ref_get(&this->ref);
! 250: return &this->public;
! 251: }
! 252:
! 253: /**
! 254: * See header
! 255: */
! 256: tnccs_t* tnccs_dynamic_create(bool is_server, identification_t *server_id,
! 257: identification_t *peer_id, host_t *server_ip,
! 258: host_t *peer_ip, tnc_ift_type_t transport,
! 259: tnccs_cb_t cb)
! 260: {
! 261: private_tnccs_dynamic_t *this;
! 262:
! 263: INIT(this,
! 264: .public = {
! 265: .tls = {
! 266: .process = _process,
! 267: .build = _build,
! 268: .is_server = _is_server,
! 269: .get_server_id = _get_server_id,
! 270: .set_peer_id = _set_peer_id,
! 271: .get_peer_id = _get_peer_id,
! 272: .get_purpose = _get_purpose,
! 273: .is_complete = _is_complete,
! 274: .get_eap_msk = _get_eap_msk,
! 275: .destroy = _destroy,
! 276: },
! 277: .get_server_ip = _get_server_ip,
! 278: .get_peer_ip = _get_peer_ip,
! 279: .get_transport = _get_transport,
! 280: .set_transport = _set_transport,
! 281: .get_auth_type = _get_auth_type,
! 282: .set_auth_type = _set_auth_type,
! 283: .get_pdp_server = _get_pdp_server,
! 284: .get_ref = _get_ref,
! 285: },
! 286: .server_id = server_id->clone(server_id),
! 287: .peer_id = peer_id->clone(peer_id),
! 288: .server_ip = server_ip->clone(server_ip),
! 289: .peer_ip = peer_ip->clone(peer_ip),
! 290: .transport = transport,
! 291: .callback = cb,
! 292: .ref = 1,
! 293: );
! 294:
! 295: return &this->public;
! 296: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to tnccs_dynamic.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libtnccs / plugins / tnccs_dynamic