Imported Upstream version 4.6.4

11 files changed, 179 insertions, 54 deletions

diff --git a/src/libcharon/plugins/tnccs_11/Makefile.am b/src/libcharon/plugins/tnccs_11/Makefile.am
index 1042c3514..c205692d4 100644
--- a/src/libcharon/plugins/tnccs_11/Makefile.am
+++ b/src/libcharon/plugins/tnccs_11/Makefile.am
@@ -1,6 +1,10 @@
 
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls ${xml_CFLAGS}
+INCLUDES = \
+	-I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libtls \
+	-I$(top_srcdir)/src/libtncif \
+	-I$(top_srcdir)/src/libtnccs \
+	${xml_CFLAGS}
 
 AM_CFLAGS = -rdynamic
 
@@ -10,6 +14,9 @@ if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-tnccs-11.la
 else
 plugin_LTLIBRARIES = libstrongswan-tnccs-11.la
+libstrongswan_tnccs_11_la_LIBADD += \
+	$(top_builddir)/src/libtncif/libtncif.la \
+	$(top_builddir)/src/libtnccs/libtnccs.la
 endif
 
 libstrongswan_tnccs_11_la_SOURCES = \
diff --git a/src/libcharon/plugins/tnccs_11/Makefile.in b/src/libcharon/plugins/tnccs_11/Makefile.in
index 308dd57ca..1902d1f93 100644
--- a/src/libcharon/plugins/tnccs_11/Makefile.in
+++ b/src/libcharon/plugins/tnccs_11/Makefile.in
@@ -34,6 +34,10 @@ PRE_UNINSTALL = :
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
+@MONOLITHIC_FALSE@am__append_1 = \
+@MONOLITHIC_FALSE@	$(top_builddir)/src/libtncif/libtncif.la \
+@MONOLITHIC_FALSE@	$(top_builddir)/src/libtnccs/libtnccs.la
+
 subdir = src/libcharon/plugins/tnccs_11
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -75,7 +79,8 @@ am__base_list = \
 am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
 am__DEPENDENCIES_1 =
-libstrongswan_tnccs_11_la_DEPENDENCIES = $(am__DEPENDENCIES_1)
+libstrongswan_tnccs_11_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+	$(am__append_1)
 am_libstrongswan_tnccs_11_la_OBJECTS = tnccs_11_plugin.lo tnccs_11.lo \
 	tnccs_batch.lo tnccs_msg.lo imc_imv_msg.lo tnccs_error_msg.lo \
 	tnccs_preferred_language_msg.lo tnccs_reason_strings_msg.lo \
@@ -198,6 +203,9 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@
@@ -206,6 +214,7 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
@@ -222,11 +231,13 @@ host_cpu = @host_cpu@
 host_os = @host_os@
 host_vendor = @host_vendor@
 htmldir = @htmldir@
+imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
 libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
@@ -270,6 +281,7 @@ sharedstatedir = @sharedstatedir@
 soup_CFLAGS = @soup_CFLAGS@
 soup_LIBS = @soup_LIBS@
 srcdir = @srcdir@
+starter_plugins = @starter_plugins@
 strongswan_conf = @strongswan_conf@
 sysconfdir = @sysconfdir@
 systemdsystemunitdir = @systemdsystemunitdir@
@@ -280,11 +292,15 @@ top_srcdir = @top_srcdir@
 urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls ${xml_CFLAGS}
+INCLUDES = \
+	-I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libtls \
+	-I$(top_srcdir)/src/libtncif \
+	-I$(top_srcdir)/src/libtnccs \
+	${xml_CFLAGS}
 
 AM_CFLAGS = -rdynamic
-libstrongswan_tnccs_11_la_LIBADD = ${xml_LIBS}
+libstrongswan_tnccs_11_la_LIBADD = ${xml_LIBS} $(am__append_1)
 @MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-tnccs-11.la
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-tnccs-11.la
 libstrongswan_tnccs_11_la_SOURCES = \
diff --git a/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c b/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c
index 0f6f3a675..c9397722b 100644
--- a/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c
+++ b/src/libcharon/plugins/tnccs_11/batch/tnccs_batch.c
@@ -16,10 +16,11 @@
 #include "tnccs_batch.h"
 #include "messages/tnccs_error_msg.h"
 
-#include <debug.h>
-#include <utils/linked_list.h>
 #include <tnc/tnccs/tnccs.h>
 
+#include <utils/linked_list.h>
+#include <debug.h>
+
 #include <libxml/parser.h>
 
 typedef struct private_tnccs_batch_t private_tnccs_batch_t;
diff --git a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c
index f24c0dac9..fa570aae9 100644
--- a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c
+++ b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.c
@@ -16,8 +16,9 @@
 #include "imc_imv_msg.h"
 
 #include <tnc/tnccs/tnccs.h>
-#include <debug.h>
+
 #include <utils/lexparser.h>
+#include <debug.h>
 
 typedef struct private_imc_imv_msg_t private_imc_imv_msg_t;
 
diff --git a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.h b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.h
index 02f07199f..3477fa74e 100644
--- a/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.h
+++ b/src/libcharon/plugins/tnccs_11/messages/imc_imv_msg.h
@@ -25,7 +25,7 @@ typedef struct imc_imv_msg_t imc_imv_msg_t;
 
 #include "tnccs_msg.h"
 
-#include <tnc/tncif.h>
+#include <tncif.h>
 
 /**
  * Classs representing the PB-PA message type.
diff --git a/src/libcharon/plugins/tnccs_11/messages/tnccs_preferred_language_msg.h b/src/libcharon/plugins/tnccs_11/messages/tnccs_preferred_language_msg.h
index d301ab2bb..c2de7fe4d 100644
--- a/src/libcharon/plugins/tnccs_11/messages/tnccs_preferred_language_msg.h
+++ b/src/libcharon/plugins/tnccs_11/messages/tnccs_preferred_language_msg.h
@@ -25,7 +25,7 @@ typedef struct tnccs_preferred_language_msg_t tnccs_preferred_language_msg_t;
 
 #include "tnccs_msg.h"
 
-#include <tnc/tncif.h>
+#include <tncif.h>
 
 /**
  * Class representing the TNCCS-PreferredLanguage message type
diff --git a/src/libcharon/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c b/src/libcharon/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c
index d4b5d9bf9..af60a4b3a 100644
--- a/src/libcharon/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c
+++ b/src/libcharon/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c
@@ -14,6 +14,7 @@
  */
 
 #include "tnccs_reason_strings_msg.h"
+#include "tnccs_error_msg.h"
 
 #include <debug.h>
 
@@ -85,6 +86,10 @@ tnccs_msg_t *tnccs_reason_strings_msg_create_from_node(xmlNodePtr node,
 													   linked_list_t *errors)
 {
 	private_tnccs_reason_strings_msg_t *this;
+	char *error_msg, *lang_string, *reason_string;
+	tnccs_error_type_t error_type = TNCCS_ERROR_MALFORMED_BATCH;
+	tnccs_msg_t *msg;
+	xmlNodePtr child;
 
 	INIT(this,
 		.public = {
@@ -99,7 +104,45 @@ tnccs_msg_t *tnccs_reason_strings_msg_create_from_node(xmlNodePtr node,
 		.node = node,
 	);
 
+	if (xmlStrcmp(node->name, (const xmlChar*)"TNCCS-ReasonStrings"))
+	{
+		error_msg = "TNCCS-ReasonStrings tag expected";
+		goto fatal;
+	}
+
+	child = node->xmlChildrenNode;
+	while (child)
+	{
+		if (xmlIsBlankNode(child))
+		{
+			child = child->next;
+			continue;
+		}
+		if (xmlStrcmp(child->name, (const xmlChar*)"ReasonString"))
+		{
+			error_msg = "ReasonString tag expected";
+			goto fatal;
+		}
+		break;
+	}
+
+	lang_string = (char*)xmlGetProp(child, (const xmlChar*)"lang");
+	if (!lang_string)
+	{
+		lang_string = "";
+	}
+	this->language = chunk_create(strdup(lang_string), strlen(lang_string));
+
+	reason_string = (char*)xmlNodeGetContent(child);
+	this->reason = chunk_create(strdup(reason_string), strlen(reason_string));
+
 	return &this->public.tnccs_msg_interface;
+
+fatal:
+	msg = tnccs_error_msg_create(error_type, error_msg);
+	errors->insert_last(errors, msg);
+	destroy(this);
+	return NULL;
 }
 
 /**
@@ -140,10 +183,12 @@ tnccs_msg_t *tnccs_reason_strings_msg_create(chunk_t reason, chunk_t language)
 	n2 = xmlNewNode(NULL, BAD_CAST enum_to_name(tnccs_msg_type_names, this->type));
 
 	/* could add multiple reasons here, if we had them */
+
 	n3 = xmlNewNode(NULL, BAD_CAST "ReasonString");
 	xmlNewProp(n3, BAD_CAST "xml:lang", BAD_CAST this->language.ptr);
 	xmlNodeSetContent(n3, BAD_CAST this->reason.ptr);
 	xmlAddChild(n2, n3);
+	xmlAddChild(n, n2);
 
 	return &this->public.tnccs_msg_interface;
 }
diff --git a/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.c b/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.c
index adc7b54b9..610224242 100644
--- a/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.c
+++ b/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.c
@@ -128,7 +128,7 @@ tnccs_msg_t *tnccs_recommendation_msg_create_from_node(xmlNodePtr node,
 fatal:
 	msg = tnccs_error_msg_create(error_type, error_msg);
 	errors->insert_last(errors, msg);
-	_destroy(this);
+	destroy(this);
 	return NULL;
 }
 
diff --git a/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.h b/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.h
index 685049e95..3a67a3b32 100644
--- a/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.h
+++ b/src/libcharon/plugins/tnccs_11/messages/tnccs_recommendation_msg.h
@@ -25,7 +25,7 @@ typedef struct tnccs_recommendation_msg_t tnccs_recommendation_msg_t;
 
 #include "tnccs_msg.h"
 
-#include <tnc/tncifimv.h>
+#include <tncifimv.h>
 
 /**
  * Class representing the TNCCS-Recommendation message type
diff --git a/src/libcharon/plugins/tnccs_11/tnccs_11.c b/src/libcharon/plugins/tnccs_11/tnccs_11.c
index 86f1c269f..3673221e5 100644
--- a/src/libcharon/plugins/tnccs_11/tnccs_11.c
+++ b/src/libcharon/plugins/tnccs_11/tnccs_11.c
@@ -22,12 +22,17 @@
 #include "messages/tnccs_reason_strings_msg.h"
 #include "messages/tnccs_recommendation_msg.h"
 
-#include <daemon.h>
+#include <tncif_names.h>
+#include <tncif_pa_subtypes.h>
+
+#include <tnc/tnc.h>
+#include <tnc/imc/imc_manager.h>
+#include <tnc/imv/imv_manager.h>
+#include <tnc/tnccs/tnccs.h>
+#include <tnc/tnccs/tnccs_manager.h>
+
 #include <debug.h>
 #include <threading/mutex.h>
-#include <tnc/tncif.h>
-#include <tnc/tncifimv.h>
-#include <tnc/tnccs/tnccs.h>
 
 typedef struct private_tnccs_11_t private_tnccs_11_t;
 
@@ -90,15 +95,20 @@ struct private_tnccs_11_t {
 	 * Set of IMV recommendations  (TNC Server only)
 	 */
 	recommendations_t *recs;
+
 };
 
 METHOD(tnccs_t, send_msg, TNC_Result,
 	private_tnccs_11_t* this, TNC_IMCID imc_id, TNC_IMVID imv_id,
+						      TNC_UInt32 msg_flags,
 							  TNC_BufferReference msg,
 							  TNC_UInt32 msg_len,
-							  TNC_MessageType msg_type)
+						      TNC_VendorID msg_vid,
+						      TNC_MessageSubtype msg_subtype)
 {
 	tnccs_msg_t *tnccs_msg;
+	TNC_MessageType msg_type;
+	enum_name_t *pa_subtype_names;
 
 	if (!this->send_msg)
 	{
@@ -107,6 +117,24 @@ METHOD(tnccs_t, send_msg, TNC_Result,
 			this->is_server ? imv_id : imc_id);
 		return TNC_RESULT_ILLEGAL_OPERATION;
 	}
+	if (msg_vid > TNC_VENDORID_ANY || msg_subtype > TNC_SUBTYPE_ANY)
+	{
+		return TNC_RESULT_NO_LONG_MESSAGE_TYPES;
+	}
+	msg_type = (msg_vid << 8) | msg_subtype;
+ 
+	pa_subtype_names = get_pa_subtype_names(msg_vid);
+	if (pa_subtype_names)
+	{
+		DBG2(DBG_TNC, "creating IMC-IMV message type '%N/%N' 0x%06x/0x%02x",
+					   pen_names, msg_vid, pa_subtype_names, msg_subtype,
+					   msg_vid, msg_subtype);
+	}
+	else
+	{
+		DBG2(DBG_TNC, "creating IMC-IMV message type '%N' 0x%06x/0x%02x",
+			 		   pen_names, msg_vid, msg_vid, msg_subtype);
+	}
 	tnccs_msg = imc_imv_msg_create(msg_type, chunk_create(msg, msg_len));
 
 	/* adding an IMC-IMV Message to TNCCS batch */
@@ -132,23 +160,40 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg)
 			imc_imv_msg_t *imc_imv_msg;
 			TNC_MessageType msg_type;
 			chunk_t msg_body;
+			u_int32_t msg_vid, msg_subtype;
+			enum_name_t *pa_subtype_names;
 
 			imc_imv_msg = (imc_imv_msg_t*)msg;
 			msg_type = imc_imv_msg->get_msg_type(imc_imv_msg);
 			msg_body = imc_imv_msg->get_msg_body(imc_imv_msg);
+			msg_vid = (msg_type >> 8) & TNC_VENDORID_ANY;
+			msg_subtype = msg_type & TNC_SUBTYPE_ANY;
 
-			DBG2(DBG_TNC, "handling IMC_IMV message type 0x%08x", msg_type);
+			pa_subtype_names = get_pa_subtype_names(msg_vid);
+			if (pa_subtype_names)
+			{
+				DBG2(DBG_TNC, "handling IMC-IMV message type '%N/%N' 0x%06x/0x%02x",
+					 pen_names, msg_vid, pa_subtype_names, msg_subtype,
+					 msg_vid, msg_subtype);
+			}
+			else
+			{
+				DBG2(DBG_TNC, "handling IMC-IMV message type '%N' 0x%06x/0x%02x",
+					 pen_names, msg_vid, msg_vid, msg_subtype);
+			}
 
 			this->send_msg = TRUE;
 			if (this->is_server)
 			{
-				charon->imvs->receive_message(charon->imvs,
-				this->connection_id, msg_body.ptr, msg_body.len, msg_type);
+				tnc->imvs->receive_message(tnc->imvs, this->connection_id,
+										   FALSE, msg_body.ptr, msg_body.len,
+										   msg_vid, msg_subtype, 0, TNC_IMVID_ANY);
 			}
 			else
 			{
-				charon->imcs->receive_message(charon->imcs,
-				this->connection_id, msg_body.ptr, msg_body.len,msg_type);
+				tnc->imcs->receive_message(tnc->imcs, this->connection_id,
+										   FALSE, msg_body.ptr, msg_body.len,
+										   msg_vid, msg_subtype, 0, TNC_IMCID_ANY);
 			}
 			this->send_msg = FALSE;
 			break;
@@ -181,8 +226,8 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg)
 				default:
 					state = TNC_CONNECTION_STATE_ACCESS_NONE;
 			}
-			charon->imcs->notify_connection_change(charon->imcs,
-												   this->connection_id, state);
+			tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id,
+												state);
 			this->delete_state = TRUE;
 			break;
 		}
@@ -221,9 +266,9 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg)
 
 			reason_msg = (tnccs_reason_strings_msg_t*)msg;
 			reason_string = reason_msg->get_reason(reason_msg, &reason_lang);
-			DBG2(DBG_TNC, "reason string is '%.*s",   reason_string.len,
+			DBG2(DBG_TNC, "reason string is '%.*s'",   reason_string.len,
 													  reason_string.ptr);
-			DBG2(DBG_TNC, "reason language is '%.*s", reason_lang.len,
+			DBG2(DBG_TNC, "reason language is '%.*s'", reason_lang.len,
 													  reason_lang.ptr);
 			break;
 		}
@@ -243,17 +288,17 @@ METHOD(tls_t, process, status_t,
 
 	if (this->is_server && !this->connection_id)
 	{
-		this->connection_id = charon->tnccs->create_connection(charon->tnccs,
-								(tnccs_t*)this,	_send_msg,
+		this->connection_id = tnc->tnccs->create_connection(tnc->tnccs,
+								TNCCS_1_1, (tnccs_t*)this, _send_msg,
 								&this->request_handshake_retry, &this->recs);
 		if (!this->connection_id)
 		{
 			return FAILED;
 		}
-		charon->imvs->notify_connection_change(charon->imvs,
-							this->connection_id, TNC_CONNECTION_STATE_CREATE);
-		charon->imvs->notify_connection_change(charon->imvs,
-							this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
+		tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id,
+											TNC_CONNECTION_STATE_CREATE);
+		tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id,
+											TNC_CONNECTION_STATE_HANDSHAKE);
 	}
 
 	data = chunk_create(buf, buflen);
@@ -304,11 +349,11 @@ METHOD(tls_t, process, status_t,
 		this->send_msg = TRUE;
 		if (this->is_server)
 		{
-			charon->imvs->batch_ending(charon->imvs, this->connection_id);
+			tnc->imvs->batch_ending(tnc->imvs, this->connection_id);
 		}
 		else
 		{
-			charon->imcs->batch_ending(charon->imcs, this->connection_id);
+			tnc->imcs->batch_ending(tnc->imcs, this->connection_id);
 		}
 		this->send_msg = FALSE;
 	}
@@ -331,7 +376,7 @@ static void check_and_build_recommendation(private_tnccs_11_t *this)
 
 	if (!this->recs->have_recommendation(this->recs, &rec, &eval))
 	{
-		charon->imvs->solicit_recommendation(charon->imvs, this->connection_id);
+		tnc->imvs->solicit_recommendation(tnc->imvs, this->connection_id);
 	}
 	if (this->recs->have_recommendation(this->recs, &rec, &eval))
 	{
@@ -351,6 +396,7 @@ static void check_and_build_recommendation(private_tnccs_11_t *this)
 			this->batch->add_msg(this->batch, msg);
 		}
 		enumerator->destroy(enumerator);
+		this->recs->clear_reasons(this->recs);
 
 		/* we have reache the final state */
 		this->delete_state = TRUE;
@@ -368,8 +414,8 @@ METHOD(tls_t, build, status_t,
 		tnccs_msg_t *msg;
 		char *pref_lang;
 
-		this->connection_id = charon->tnccs->create_connection(charon->tnccs,
-										(tnccs_t*)this, _send_msg,
+		this->connection_id = tnc->tnccs->create_connection(tnc->tnccs,
+										TNCCS_1_1, (tnccs_t*)this, _send_msg,
 										&this->request_handshake_retry, NULL);
 		if (!this->connection_id)
 		{
@@ -377,19 +423,19 @@ METHOD(tls_t, build, status_t,
 		}
 
 		/* Create TNCCS-PreferredLanguage message */
-		pref_lang = charon->imcs->get_preferred_language(charon->imcs);
+		pref_lang = tnc->imcs->get_preferred_language(tnc->imcs);
 		msg = tnccs_preferred_language_msg_create(pref_lang);
 		this->mutex->lock(this->mutex);
 		this->batch = tnccs_batch_create(this->is_server, ++this->batch_id);
 		this->batch->add_msg(this->batch, msg);
 		this->mutex->unlock(this->mutex);
 
-		charon->imcs->notify_connection_change(charon->imcs,
-							this->connection_id, TNC_CONNECTION_STATE_CREATE);
-		charon->imcs->notify_connection_change(charon->imcs,
-							this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
+		tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id,
+											TNC_CONNECTION_STATE_CREATE);
+		tnc->imcs->notify_connection_change(tnc->imcs, this->connection_id,
+											TNC_CONNECTION_STATE_HANDSHAKE);
 		this->send_msg = TRUE;
-		charon->imcs->begin_handshake(charon->imcs, this->connection_id);
+		tnc->imcs->begin_handshake(tnc->imcs, this->connection_id);
 		this->send_msg = FALSE;
 	}
 
@@ -456,7 +502,7 @@ METHOD(tls_t, is_complete, bool,
 
 	if (this->recs && this->recs->have_recommendation(this->recs, &rec, &eval))
 	{
-		return charon->imvs->enforce_recommendation(charon->imvs, rec, eval);
+		return tnc->imvs->enforce_recommendation(tnc->imvs, rec, eval);
 	}
 	else
 	{
@@ -473,8 +519,8 @@ METHOD(tls_t, get_eap_msk, chunk_t,
 METHOD(tls_t, destroy, void,
 	private_tnccs_11_t *this)
 {
-	charon->tnccs->remove_connection(charon->tnccs, this->connection_id,
-													this->is_server);
+	tnc->tnccs->remove_connection(tnc->tnccs, this->connection_id,
+											  this->is_server);
 	this->mutex->destroy(this->mutex);
 	DESTROY_IF(this->batch);
 	free(this);
diff --git a/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c b/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c
index 9ec91f006..cd95afb1e 100644
--- a/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c
+++ b/src/libcharon/plugins/tnccs_11/tnccs_11_plugin.c
@@ -16,7 +16,7 @@
 #include "tnccs_11_plugin.h"
 #include "tnccs_11.h"
 
-#include <daemon.h>
+#include <tnc/tnccs/tnccs_manager.h>
 
 METHOD(plugin_t, get_name, char*,
 	tnccs_11_plugin_t *this)
@@ -24,11 +24,23 @@ METHOD(plugin_t, get_name, char*,
 	return "tnccs-11";
 }
 
+METHOD(plugin_t, get_features, int,
+	tnccs_11_plugin_t *this, plugin_feature_t *features[])
+{
+	static plugin_feature_t f[] = {
+		PLUGIN_CALLBACK(tnccs_method_register, tnccs_11_create),
+			PLUGIN_PROVIDE(CUSTOM, "tnccs-1.1"),
+				PLUGIN_DEPENDS(EAP_SERVER, EAP_TNC),
+				PLUGIN_DEPENDS(EAP_PEER, EAP_TNC),
+				PLUGIN_DEPENDS(CUSTOM, "tnccs-manager"),
+	};
+	*features = f;
+	return countof(f);
+}
+
 METHOD(plugin_t, destroy, void,
 	tnccs_11_plugin_t *this)
 {
-	charon->tnccs->remove_method(charon->tnccs,
-								(tnccs_constructor_t)tnccs_11_create);
 	free(this);
 }
 
@@ -42,14 +54,11 @@ plugin_t *tnccs_11_plugin_create()
 	INIT(this,
 		.plugin = {
 			.get_name = _get_name,
-			.reload = (void*)return_false,
+			.get_features = _get_features,
 			.destroy = _destroy,
 		},
 	);
 
-	charon->tnccs->add_method(charon->tnccs, TNCCS_1_1,
-							 (tnccs_constructor_t)tnccs_11_create);
-
 	return &this->plugin;
 }