sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity

Use PWG HCD PA-TNC subtypes to transport HCD attributes

Browse Source
This commit is contained in:
Andreas Steffen 2015-07-26 11:41:08 +02:00
parent 6b68719dd3
commit 18472ac21c
5 changed files with 276 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
src/libimcv/plugins/imc_hcd/imc_hcd.c
View File

@ -23,6 +23,7 @@
#include <generic/generic_attr_string.h>
#include <ietf/ietf_attr.h>
#include <ietf/ietf_attr_attr_request.h>
#include "ietf/ietf_attr_fwd_enabled.h"
#include <pwg/pwg_attr.h>
#include <pwg/pwg_attr_vendor_smi_code.h>
@ -47,6 +48,22 @@ static pen_type_t msg_types[] = {
static imc_agent_t *imc_hcd;
static imc_os_info_t *os;
typedef struct section_subtype_t section_subtype_t;
struct section_subtype_t {
char *section;
pa_subtype_pwg_t subtype;
};
static section_subtype_t section_subtypes[] = {
{ "system", PA_SUBTYPE_PWG_HCD_SYSTEM },
{ "console", PA_SUBTYPE_PWG_HCD_CONSOLE },
{ "marker", PA_SUBTYPE_PWG_HCD_MARKER },
{ "finisher", PA_SUBTYPE_PWG_HCD_FINISHER },
{ "interface", PA_SUBTYPE_PWG_HCD_INTERFACE },
{ "scanner" , PA_SUBTYPE_PWG_HCD_SCANNER }
};
typedef struct quadruple_t quadruple_t;
struct quadruple_t {
@ -167,9 +184,7 @@ static void add_default_pwd_enabled(imc_msg_t *msg)
pa_tnc_attr_t *attr;
bool status;
status = lib->settings->get_bool(lib->settings,
"%s.plugins.imc-hcd.subtypes.system.default_password_enabled",
FALSE, lib->ns);
status = os->get_default_pwd_status(os);
DBG2(DBG_IMC, " %N: %s", pwg_attr_names, PWG_HCD_DEFAULT_PWD_ENABLED,
status ? "yes" : "no");
attr = generic_attr_bool_create(status,
@ -183,14 +198,12 @@ static void add_default_pwd_enabled(imc_msg_t *msg)
static void add_forwarding_enabled(imc_msg_t *msg)
{
pa_tnc_attr_t *attr;
bool status;
os_fwd_status_t fwd_status;
status = lib->settings->get_bool(lib->settings,
"%s.plugins.imc-hcd.subtypes.system.forwarding_enabled",
FALSE, lib->ns);
DBG2(DBG_IMC, " %N: %s", pwg_attr_names, PWG_HCD_FORWARDING_ENABLED,
status ? "yes" : "no");
attr = generic_attr_bool_create(status,
fwd_status = os->get_fwd_status(os);
DBG2(DBG_IMC, " %N: %N", pwg_attr_names, PWG_HCD_FORWARDING_ENABLED,
os_fwd_status_names, fwd_status);
attr = ietf_attr_fwd_enabled_create(fwd_status,
pen_type_create(PEN_PWG, PWG_HCD_FORWARDING_ENABLED));
msg->add_attribute(msg, attr);
}
@ -483,37 +496,24 @@ TNC_Result TNC_IMC_API TNC_IMC_BeginHandshake(TNC_IMCID imc_id,
while (enumerator->enumerate(enumerator, &section) &&
result == TNC_RESULT_SUCCESS)
{
if (streq(section, "system"))
subtype = PA_SUBTYPE_PWG_HCD_UNKNOWN;
for (i = 0; i < countof(section_subtypes); i++)
{
subtype = PA_SUBTYPE_PWG_HCD_SYSTEM;
if (streq(section, section_subtypes[i].section))
{
subtype = section_subtypes[i].subtype;
break;
}
}
else if (streq(section, "console"))
{
subtype = PA_SUBTYPE_PWG_HCD_CONSOLE;
}
else if (streq(section, "marker"))
{
subtype = PA_SUBTYPE_PWG_HCD_MARKER;
}
else if (streq(section, "finisher"))
{
subtype = PA_SUBTYPE_PWG_HCD_FINISHER;
}
else if (streq(section, "interface"))
{
subtype = PA_SUBTYPE_PWG_HCD_INTERFACE;
}
else if (streq(section, "scanner"))
{
subtype = PA_SUBTYPE_PWG_HCD_SCANNER;
}
else
if (subtype == PA_SUBTYPE_PWG_HCD_UNKNOWN)
{
DBG1(DBG_IMC, "HCD subtype '%s' not supported", section);
continue;
}
DBG2(DBG_IMC, "retrieving attributes for PA subtype %N/%N",
pen_names, PEN_PWG, pa_subtype_pwg_names, subtype);
msg_type = pen_type_create(PEN_PWG, subtype);
out_msg = imc_msg_create(imc_hcd, state, connection_id, imc_id,
TNC_IMVID_ANY, msg_type);
@ -556,8 +556,10 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
imc_msg_t *out_msg;
enumerator_t *enumerator;
pa_tnc_attr_t *attr;
pen_type_t type;
pen_type_t type, msg_type;
TNC_Result result;
char *section = NULL;
int i;
bool fatal_error = FALSE, pushed_info;
/* generate an outgoing PA-TNC message - we might need it */
@ -570,6 +572,16 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
out_msg->destroy(out_msg);
return result;
}
msg_type = in_msg->get_msg_type(in_msg);
for (i = 0; i < countof(section_subtypes); i++)
{
if (msg_type.type == section_subtypes[i].subtype)
{
section = section_subtypes[i].section;
break;
}
}
pushed_info = lib->settings->get_bool(lib->settings,
"%s.plugins.imc-hcd.push_info", FALSE, lib->ns);
@ -597,7 +609,7 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
switch (entry->type)
{
case PWG_HCD_ATTRS_NATURAL_LANG:
add_attrs_natural_lang(out_msg, "system");
add_attrs_natural_lang(out_msg, section);
break;
case PWG_HCD_DEFAULT_PWD_ENABLED:
add_default_pwd_enabled(out_msg);
@ -643,13 +655,13 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
switch (entry->type)
{
case PWG_HCD_FIRMWARE_NAME:
add_quadruple(out_msg, "system", &quadruples[0]);
add_quadruple(out_msg, section, &quadruples[0]);
break;
case PWG_HCD_RESIDENT_APP_NAME:
add_quadruple(out_msg, "system", &quadruples[1]);
add_quadruple(out_msg, section, &quadruples[1]);
break;
case PWG_HCD_USER_APP_NAME:
add_quadruple(out_msg, "system", &quadruples[2]);
add_quadruple(out_msg, section, &quadruples[2]);
break;
default:
break;

16
src/libimcv/plugins/imc_os/imc_os.c
View File

@ -22,6 +22,7 @@
#include <generic/generic_attr_string.h>
#include <ietf/ietf_attr.h>
#include <ietf/ietf_attr_attr_request.h>
#include "ietf/ietf_attr_fwd_enabled.h"
#include <ietf/ietf_attr_installed_packages.h>
#include <ietf/ietf_attr_numeric_version.h>
#include <ietf/ietf_attr_op_status.h>
@ -211,10 +212,9 @@ static void add_fwd_enabled(imc_msg_t *msg)
os_fwd_status_t fwd_status;
fwd_status = os->get_fwd_status(os);
DBG1(DBG_IMC, "IPv4 forwarding is %N",
os_fwd_status_names, fwd_status);
attr = generic_attr_bool_create(fwd_status, pen_type_create(PEN_IETF,
IETF_ATTR_FORWARDING_ENABLED));
DBG1(DBG_IMC, "IPv4 forwarding is %N", os_fwd_status_names, fwd_status);
attr = ietf_attr_fwd_enabled_create(fwd_status,
pen_type_create(PEN_IETF, IETF_ATTR_FORWARDING_ENABLED));
msg->add_attribute(msg, attr);
}
@ -224,10 +224,12 @@ static void add_fwd_enabled(imc_msg_t *msg)
static void add_default_pwd_enabled(imc_msg_t *msg)
{
pa_tnc_attr_t *attr;
bool status;
DBG1(DBG_IMC, "factory default password is disabled");
attr = generic_attr_bool_create(FALSE, pen_type_create(PEN_IETF,
IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED));
status = os->get_default_pwd_status(os);
DBG1(DBG_IMC, "factory default password is %sabled", status ? "en" : "dis");
attr = generic_attr_bool_create(status,
pen_type_create(PEN_IETF, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED));
msg->add_attribute(msg, attr);
}

190
src/libimcv/plugins/imv_hcd/imv_hcd_agent.c
View File

@ -27,6 +27,7 @@
#include <generic/generic_attr_string.h>
#include <ietf/ietf_attr.h>
#include <ietf/ietf_attr_attr_request.h>
#include <ietf/ietf_attr_fwd_enabled.h>
#include <pwg/pwg_attr.h>
#include <pwg/pwg_attr_vendor_smi_code.h>
#include "tcg/seg/tcg_seg_attr_max_size.h"
@ -41,7 +42,6 @@
#define HCD_MAX_ATTR_SIZE 10000000
typedef struct private_imv_hcd_agent_t private_imv_hcd_agent_t;
typedef enum imv_hcd_attr_t imv_hcd_attr_t;
/* Subscribed PA-TNC message subtypes */
static pen_type_t msg_types[] = {
@ -54,60 +54,42 @@ static pen_type_t msg_types[] = {
{ PEN_PWG, PA_SUBTYPE_PWG_HCD_SCANNER }
};
/**
* Flag set when corresponding attribute has been received
*/
enum imv_hcd_attr_t {
IMV_HCD_ATTR_NONE = 0,
IMV_HCD_ATTR_NATURAL_LANG = (1<<0),
IMV_HCD_ATTR_DEFAULT_PWD_ENABLED = (1<<1),
IMV_HCD_ATTR_FIREWALL_SETTING = (1<<2),
IMV_HCD_ATTR_FIRMWARE_NAME = (1<<3),
IMV_HCD_ATTR_FORWARDING_ENABLED = (1<<4),
IMV_HCD_ATTR_MACHINE_TYPE_MODEL = (1<<5),
IMV_HCD_ATTR_PSTN_FAX_ENABLED = (1<<6),
IMV_HCD_ATTR_RESIDENT_APP_NAME = (1<<7),
IMV_HCD_ATTR_TIME_SOURCE = (1<<8),
IMV_HCD_ATTR_USER_APP_ENABLED = (1<<9),
IMV_HCD_ATTR_USER_APP_PERSIST_ENABLED = (1<<10),
IMV_HCD_ATTR_USER_APP_NAME = (1<<11),
IMV_HCD_ATTR_VENDOR_NAME = (1<<12),
IMV_HCD_ATTR_VENDOR_SMI_CODE = (1<<13),
IMV_HCD_ATTR_MUST = (1<<14)-1
};
static imv_hcd_attr_t attr_type_to_flag(pwg_attr_t attr_type)
{
switch (attr_type)
{
case PWG_HCD_ATTRS_NATURAL_LANG:
return IMV_HCD_ATTR_NATURAL_LANG;
case PWG_HCD_DEFAULT_PWD_ENABLED:
return IMV_HCD_ATTR_DEFAULT_PWD_ENABLED;
case PWG_HCD_FIREWALL_SETTING:
return IMV_HCD_ATTR_FIREWALL_SETTING;
case PWG_HCD_FIRMWARE_NAME:
return IMV_HCD_ATTR_FIRMWARE_NAME;
case PWG_HCD_FORWARDING_ENABLED:
return IMV_HCD_ATTR_FORWARDING_ENABLED;
case PWG_HCD_MACHINE_TYPE_MODEL:
return IMV_HCD_ATTR_MACHINE_TYPE_MODEL;
case PWG_HCD_PSTN_FAX_ENABLED:
return IMV_HCD_ATTR_PSTN_FAX_ENABLED;
case PWG_HCD_RESIDENT_APP_NAME:
return IMV_HCD_ATTR_RESIDENT_APP_NAME;
case PWG_HCD_TIME_SOURCE:
return IMV_HCD_ATTR_TIME_SOURCE;
case PWG_HCD_USER_APP_ENABLED:
return IMV_HCD_ATTR_USER_APP_ENABLED;
case PWG_HCD_USER_APP_PERSIST_ENABLED:
return IMV_HCD_ATTR_USER_APP_PERSIST_ENABLED;
case PWG_HCD_USER_APP_NAME:
return IMV_HCD_ATTR_USER_APP_NAME;
case PWG_HCD_VENDOR_NAME:
return IMV_HCD_ATTR_VENDOR_NAME;
case PWG_HCD_VENDOR_SMI_CODE:
return IMV_HCD_ATTR_VENDOR_SMI_CODE;
case PWG_HCD_CERTIFICATION_STATE:
return IMV_HCD_ATTR_CERTIFICATION_STATE;
case PWG_HCD_CONFIGURATION_STATE:
return IMV_HCD_ATTR_CONFIGURATION_STATE;
case PWG_HCD_ATTRS_NATURAL_LANG:
return IMV_HCD_ATTR_NATURAL_LANG;
case PWG_HCD_FIRMWARE_NAME:
return IMV_HCD_ATTR_FIRMWARE_NAME;
case PWG_HCD_RESIDENT_APP_NAME:
return IMV_HCD_ATTR_RESIDENT_APP_NAME;
case PWG_HCD_USER_APP_NAME:
return IMV_HCD_ATTR_USER_APP_NAME;
default:
return IMV_HCD_ATTR_NONE;
}
@ -194,7 +176,8 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
imv_msg_t *out_msg;
imv_hcd_state_t *hcd_state;
pa_tnc_attr_t *attr;
pen_type_t type;
enum_name_t *pa_subtype_names;
pen_type_t type, msg_type;
TNC_Result result;
bool fatal_error = FALSE, assessment = FALSE;
enumerator_t *enumerator;
@ -211,6 +194,20 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
out_msg->destroy(out_msg);
return result;
}
msg_type = in_msg->get_msg_type(in_msg);
pa_subtype_names = get_pa_subtype_names(msg_type.vendor_id);
DBG2(DBG_IMV, "received attributes for PA subtype %N/%N",
pen_names, msg_type.vendor_id, pa_subtype_names, msg_type.type);
/* set current subtype */
if (msg_type.vendor_id == PEN_IETF)
{
hcd_state->set_subtype(hcd_state, PA_SUBTYPE_PWG_HCD_SYSTEM);
}
else
{
hcd_state->set_subtype(hcd_state, msg_type.type);
}
/* analyze PA-TNC attributes */
enumerator = in_msg->create_attribute_enumerator(in_msg);
@ -218,7 +215,41 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
{
type = attr->get_type(attr);
if (type.vendor_id == PEN_PWG)
if (type.vendor_id == PEN_IETF)
{
switch (type.type)
{
case IETF_ATTR_FORWARDING_ENABLED:
{
ietf_attr_fwd_enabled_t *attr_cast;
os_fwd_status_t fwd_status;
attr_cast = (ietf_attr_fwd_enabled_t*)attr;
fwd_status = attr_cast->get_status(attr_cast);
DBG2(DBG_IMV, " %N: %N", ietf_attr_names, type.type,
os_fwd_status_names, fwd_status);
state->set_action_flags(state,
IMV_HCD_ATTR_FORWARDING_ENABLED);
break;
}
case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
{
generic_attr_bool_t *attr_cast;
bool status;
attr_cast = (generic_attr_bool_t*)attr;
status = attr_cast->get_status(attr_cast);
DBG2(DBG_IMV, " %N: %s", ietf_attr_names, type.type,
status ? "yes" : "no");
state->set_action_flags(state,
IMV_HCD_ATTR_DEFAULT_PWD_ENABLED);
break;
}
default:
break;
}
}
else if (type.vendor_id == PEN_PWG)
{
state->set_action_flags(state, attr_type_to_flag(type.type));
@ -241,7 +272,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
chunk_t value;
value = attr->get_value(attr);
DBG2(DBG_IMV, "%N: %.*s", pwg_attr_names, type.type,
DBG2(DBG_IMV, " %N: %.*s", pwg_attr_names, type.type,
value.len, value.ptr);
break;
}
@ -252,7 +283,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
chunk_t value;
value = attr->get_value(attr);
DBG2(DBG_IMV, "%N: %#B", pwg_attr_names, type.type, &value);
DBG2(DBG_IMV, " %N: %#B", pwg_attr_names, type.type, &value);
break;
}
case PWG_HCD_CERTIFICATION_STATE:
@ -261,11 +292,10 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
chunk_t value;
value = attr->get_value(attr);
DBG2(DBG_IMV, "%N: %B", pwg_attr_names, type.type, &value);
DBG2(DBG_IMV, " %N: %B", pwg_attr_names, type.type, &value);
break;
}
case PWG_HCD_DEFAULT_PWD_ENABLED:
case PWG_HCD_FORWARDING_ENABLED:
case PWG_HCD_PSTN_FAX_ENABLED:
case PWG_HCD_USER_APP_ENABLED:
case PWG_HCD_USER_APP_PERSIST_ENABLED:
@ -275,17 +305,28 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
attr_cast = (generic_attr_bool_t*)attr;
status = attr_cast->get_status(attr_cast);
DBG2(DBG_IMV, "%N: %s", pwg_attr_names, type.type,
DBG2(DBG_IMV, " %N: %s", pwg_attr_names, type.type,
status ? "yes" : "no");
if (type.type == PWG_HCD_USER_APP_ENABLED && !status)
{
/* do not request user applications */
state->set_action_flags(state,
IMV_HCD_ATTR_USER_APP_NAME);
hcd_state->set_user_app_disabled(hcd_state);
}
break;
}
case PWG_HCD_FORWARDING_ENABLED:
{
ietf_attr_fwd_enabled_t *attr_cast;
os_fwd_status_t fwd_status;
attr_cast = (ietf_attr_fwd_enabled_t*)attr;
fwd_status = attr_cast->get_status(attr_cast);
DBG2(DBG_IMV, " %N: %N", pwg_attr_names, type.type,
os_fwd_status_names, fwd_status);
break;
}
case PWG_HCD_VENDOR_SMI_CODE:
{
pwg_attr_vendor_smi_code_t *attr_cast;
@ -293,7 +334,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
attr_cast = (pwg_attr_vendor_smi_code_t*)attr;
smi_code = attr_cast->get_vendor_smi_code(attr_cast);
DBG2(DBG_IMV, "%N: 0x%06x (%u)", pwg_attr_names, type.type,
DBG2(DBG_IMV, " %N: 0x%06x (%u)", pwg_attr_names, type.type,
smi_code, smi_code);
break;
}
@ -439,9 +480,14 @@ static pa_tnc_attr_t* build_attr_request(uint32_t received)
{
attr_cast->add(attr_cast, PEN_PWG, PWG_HCD_VENDOR_SMI_CODE);
}
attr_cast->add(attr_cast, PEN_PWG, PWG_HCD_CERTIFICATION_STATE);
attr_cast->add(attr_cast, PEN_PWG, PWG_HCD_CONFIGURATION_STATE);
if (!(received & IMV_HCD_ATTR_CERTIFICATION_STATE))
{
attr_cast->add(attr_cast, PEN_PWG, PWG_HCD_CERTIFICATION_STATE);
}
if (!(received & IMV_HCD_ATTR_CONFIGURATION_STATE))
{
attr_cast->add(attr_cast, PEN_PWG, PWG_HCD_CONFIGURATION_STATE);
}
return attr;
}
@ -455,7 +501,6 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
pa_tnc_attr_t *attr;
TNC_IMVID imv_id;
TNC_Result result = TNC_RESULT_SUCCESS;
uint32_t received;
if (!this->agent->get_state(this->agent, id, &state))
{
@ -463,7 +508,6 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
}
hcd_state = (imv_hcd_state_t*)state;
handshake_state = hcd_state->get_handshake_state(hcd_state);
received = state->get_action_flags(state);
imv_id = this->agent->get_id(this->agent);
if (handshake_state == IMV_HCD_STATE_END)
@ -471,10 +515,6 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
return TNC_RESULT_SUCCESS;
}
/* create an empty out message - we might need it */
out_msg = imv_msg_create(this->agent, state, id, imv_id, TNC_IMCID_ANY,
msg_types[0]);
if (handshake_state == IMV_HCD_STATE_INIT)
{
size_t max_attr_size = HCD_MAX_ATTR_SIZE;
@ -482,6 +522,8 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
seg_contract_t *contract;
seg_contract_manager_t *contracts;
char buf[BUF_LEN];
uint32_t received;
int i;
/* Determine maximum PA-TNC attribute segment size */
max_seg_size = state->get_max_msg_len(state)
@ -490,32 +532,42 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
- TCG_SEG_ATTR_SEG_ENV_HEADER
- PA_TNC_ATTR_HEADER_SIZE
- TCG_SEG_ATTR_MAX_SIZE_SIZE;
/* Announce support of PA-TNC segmentation to IMC */
contract = seg_contract_create(msg_types[0], max_attr_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts = state->get_contracts(state);
contracts->add_contract(contracts, contract);
attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE);
out_msg->add_attribute(out_msg, attr);
if ((received & IMV_HCD_ATTR_MUST) != IMV_HCD_ATTR_MUST)
for (i = 1; i < countof(msg_types); i++)
{
/* create attribute request for missing mandatory attributes */
out_msg->add_attribute(out_msg, build_attr_request(received));
out_msg = imv_msg_create(this->agent, state, id, imv_id,
TNC_IMCID_ANY, msg_types[i]);
/* Announce support of PA-TNC segmentation to IMC */
contract = seg_contract_create(msg_types[i], max_attr_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts->add_contract(contracts, contract);
attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size,
TRUE);
out_msg->add_attribute(out_msg, attr);
hcd_state->set_subtype(hcd_state, msg_types[i].type);
received = state->get_action_flags(state);
if ((received & IMV_HCD_ATTR_MUST) != IMV_HCD_ATTR_MUST)
{
/* create attribute request for missing mandatory attributes */
out_msg->add_attribute(out_msg, build_attr_request(received));
}
result = out_msg->send(out_msg, FALSE);
out_msg->destroy(out_msg);
if (result != TNC_RESULT_SUCCESS)
{
break;
}
}
hcd_state->set_handshake_state(hcd_state, IMV_HCD_STATE_ATTR_REQ);
}
/* send non-empty PA-TNC message with excl flag not set */
if (out_msg->get_attribute_count(out_msg))
{
result = out_msg->send(out_msg, FALSE);
}
out_msg->destroy(out_msg);
return result;
}

57
src/libimcv/plugins/imv_hcd/imv_hcd_state.c
View File

@ -20,6 +20,12 @@
#include <utils/debug.h>
typedef struct private_imv_hcd_state_t private_imv_hcd_state_t;
typedef struct subtype_action_flags_t subtype_action_flags_t;
struct subtype_action_flags_t {
pa_subtype_pwg_t subtype;
uint32_t action_flags;
};
/**
* Private data of an imv_hcd_state_t object.
@ -57,9 +63,14 @@ struct private_imv_hcd_state_t {
uint32_t max_msg_len;
/**
* Flags set for completed actions
* Current flags set for completed actions
*/
uint32_t action_flags;
uint32_t *action_flags;
/**
* Action flags for all PA subtypes
*/
subtype_action_flags_t subtype_action_flags[6];
/**
* IMV database session associated with TNCCS connection
@ -128,13 +139,13 @@ METHOD(imv_state_t, get_max_msg_len, uint32_t,
METHOD(imv_state_t, set_action_flags, void,
private_imv_hcd_state_t *this, uint32_t flags)
{
this->action_flags |= flags;
*this->action_flags |= flags;
}
METHOD(imv_state_t, get_action_flags, uint32_t,
private_imv_hcd_state_t *this)
{
return this->action_flags;
return *this->action_flags;
}
METHOD(imv_state_t, set_session, void,
@ -219,6 +230,32 @@ METHOD(imv_hcd_state_t, get_handshake_state, imv_hcd_handshake_state_t,
return this->handshake_state;
}
METHOD(imv_hcd_state_t, set_subtype, void,
private_imv_hcd_state_t *this, pa_subtype_pwg_t subtype)
{
int i;
for (i = 0; i < countof(this->subtype_action_flags); i++)
{
if (subtype == this->subtype_action_flags[i].subtype)
{
this->action_flags = &this->subtype_action_flags[i].action_flags;
break;
}
}
}
METHOD(imv_hcd_state_t, set_user_app_disabled, void,
private_imv_hcd_state_t *this)
{
int i;
for (i = 0; i < countof(this->subtype_action_flags); i++)
{
this->subtype_action_flags[i].action_flags |= IMV_HCD_ATTR_USER_APP_NAME;
}
}
/**
* Described in header.
*/
@ -250,14 +287,26 @@ imv_state_t *imv_hcd_state_create(TNC_ConnectionID connection_id)
},
.set_handshake_state = _set_handshake_state,
.get_handshake_state = _get_handshake_state,
.set_subtype = _set_subtype,
.set_user_app_disabled = _set_user_app_disabled,
},
.state = TNC_CONNECTION_STATE_CREATE,
.rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
.eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW,
.connection_id = connection_id,
.contracts = seg_contract_manager_create(),
.subtype_action_flags = {
{ PA_SUBTYPE_PWG_HCD_SYSTEM, IMV_HCD_ATTR_NONE },
{ PA_SUBTYPE_PWG_HCD_CONSOLE, IMV_HCD_ATTR_SYSTEM_ONLY },
{ PA_SUBTYPE_PWG_HCD_MARKER, IMV_HCD_ATTR_SYSTEM_ONLY },
{ PA_SUBTYPE_PWG_HCD_FINISHER, IMV_HCD_ATTR_SYSTEM_ONLY },
{ PA_SUBTYPE_PWG_HCD_INTERFACE, IMV_HCD_ATTR_SYSTEM_ONLY },
{ PA_SUBTYPE_PWG_HCD_SCANNER, IMV_HCD_ATTR_SYSTEM_ONLY },
}
);
this->action_flags = &this->subtype_action_flags[0].action_flags;
return &this->public.interface;
}

43
src/libimcv/plugins/imv_hcd/imv_hcd_state.h
View File

@ -27,10 +27,41 @@
#include <imv/imv_state.h>
#include <library.h>
#include <tncif_pa_subtypes.h>
typedef struct imv_hcd_state_t imv_hcd_state_t;
typedef enum imv_hcd_attr_t imv_hcd_attr_t;
typedef enum imv_hcd_handshake_state_t imv_hcd_handshake_state_t;
typedef enum os_settings_t os_settings_t;
/**
* Flag set when corresponding attribute has been received
*/
enum imv_hcd_attr_t {
IMV_HCD_ATTR_NONE = 0,
IMV_HCD_ATTR_DEFAULT_PWD_ENABLED = (1<<0),
IMV_HCD_ATTR_FIREWALL_SETTING = (1<<1),
IMV_HCD_ATTR_FORWARDING_ENABLED = (1<<2),
IMV_HCD_ATTR_MACHINE_TYPE_MODEL = (1<<3),
IMV_HCD_ATTR_PSTN_FAX_ENABLED = (1<<4),
IMV_HCD_ATTR_TIME_SOURCE = (1<<5),
IMV_HCD_ATTR_USER_APP_ENABLED = (1<<6),
IMV_HCD_ATTR_USER_APP_PERSIST_ENABLED = (1<<7),
IMV_HCD_ATTR_VENDOR_NAME = (1<<8),
IMV_HCD_ATTR_VENDOR_SMI_CODE = (1<<9),
IMV_HCD_ATTR_CERTIFICATION_STATE = (1<<10),
IMV_HCD_ATTR_CONFIGURATION_STATE = (1<<11),
IMV_HCD_ATTR_SYSTEM_ONLY = (1<<12)-1,
IMV_HCD_ATTR_NATURAL_LANG = (1<<12),
IMV_HCD_ATTR_FIRMWARE_NAME = (1<<13),
IMV_HCD_ATTR_RESIDENT_APP_NAME = (1<<14),
IMV_HCD_ATTR_USER_APP_NAME = (1<<15),
IMV_HCD_ATTR_MUST = (1<<16)-1
};
/**
* IMV OS Handshake States (state machine)
*/
@ -65,6 +96,18 @@ struct imv_hcd_state_t {
*/
imv_hcd_handshake_state_t (*get_handshake_state)(imv_hcd_state_t *this);
/**
* Set the PWG HCD PA subtype currently being handled
*
* @param subtype PWG HCD PA subtype
*/
void (*set_subtype)(imv_hcd_state_t *this, pa_subtype_pwg_t subtype);
/**
* Set User Application Disabled
*/
void (*set_user_app_disabled)(imv_hcd_state_t *this);
};
/**