diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
commit | e0e280b7669435b991b7e457abd8aa450930b3e8 (patch) | |
tree | 3e6084f13b14ad2df104e2ce6e589eb96c5f7ac9 /src/libimcv/imv | |
parent | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (diff) | |
download | vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.tar.gz vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.zip |
New upstream version 5.7.0
Diffstat (limited to 'src/libimcv/imv')
-rw-r--r-- | src/libimcv/imv/data.sql | 44 | ||||
-rw-r--r-- | src/libimcv/imv/imv_agent.c | 12 | ||||
-rw-r--r-- | src/libimcv/imv/imv_database.c | 3 | ||||
-rw-r--r-- | src/libimcv/imv/imv_session.c | 10 | ||||
-rw-r--r-- | src/libimcv/imv/imv_session.h | 12 | ||||
-rw-r--r-- | src/libimcv/imv/imv_session_manager.c | 4 | ||||
-rw-r--r-- | src/libimcv/imv/imv_state.h | 9 |
7 files changed, 78 insertions, 16 deletions
diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql index 860573c31..5d5283620 100644 --- a/src/libimcv/imv/data.sql +++ b/src/libimcv/imv/data.sql @@ -556,6 +556,24 @@ INSERT INTO products ( /* 93 */ 'Debian 8.10 x86_64' ); +INSERT INTO products ( /* 94 */ + name +) VALUES ( + 'Debian 8.11 i686' +); + +INSERT INTO products ( /* 95 */ + name +) VALUES ( + 'Debian 8.11 x86_64' +); + +INSERT INTO products ( /* 96 */ + name +) VALUES ( + 'Ubuntu 18.04 x86_64' +); + /* Directories */ INSERT INTO directories ( /* 1 */ @@ -968,19 +986,19 @@ INSERT INTO groups ( /* 10 */ 'Ref. Linux', 8 ); -INSERT INTO groups ( /* 11 */ +INSERT INTO groups ( /* 11 */ name ) VALUES ( 'TPM BIOS' ); -INSERT INTO groups ( /* 12 */ +INSERT INTO groups ( /* 12 */ name ) VALUES ( 'TPM IMA' ); -INSERT INTO groups ( /* 13 */ +INSERT INTO groups ( /* 13 */ name ) VALUES ( 'TPM BIOS/IMA' @@ -998,7 +1016,7 @@ INSERT INTO groups ( /* 15 */ 'Debian armv7l', 2 ); -INSERT INTO groups ( /* 16 */ +INSERT INTO groups ( /* 16 */ name ) VALUES ( 'TPM TBOOT' @@ -1123,6 +1141,12 @@ INSERT INTO groups_product_defaults ( INSERT INTO groups_product_defaults ( group_id, product_id ) VALUES ( + 4, 94 +); + +INSERT INTO groups_product_defaults ( + group_id, product_id +) VALUES ( 5, 2 ); @@ -1237,6 +1261,12 @@ INSERT INTO groups_product_defaults ( INSERT INTO groups_product_defaults ( group_id, product_id ) VALUES ( + 5, 95 +); + +INSERT INTO groups_product_defaults ( + group_id, product_id +) VALUES ( 6, 9 ); @@ -1387,6 +1417,12 @@ INSERT INTO groups_product_defaults ( INSERT INTO groups_product_defaults ( group_id, product_id ) VALUES ( + 7, 96 +); + +INSERT INTO groups_product_defaults ( + group_id, product_id +) VALUES ( 3, 21 ); diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c index bb0b3b75b..14623ad8d 100644 --- a/src/libimcv/imv/imv_agent.c +++ b/src/libimcv/imv/imv_agent.c @@ -492,6 +492,7 @@ METHOD(imv_agent_t, change_state, TNC_Result, imv_state_t **state_p) { imv_state_t *state; + TNC_ConnectionState old_state; switch (new_state) { @@ -506,7 +507,7 @@ METHOD(imv_agent_t, change_state, TNC_Result, this->id, this->name, connection_id); return TNC_RESULT_FATAL; } - state->change_state(state, new_state); + old_state = state->change_state(state, new_state); DBG2(DBG_IMV, "IMV %u \"%s\" changed state of Connection ID %u to '%N'", this->id, this->name, connection_id, TNC_Connection_State_names, new_state); @@ -514,6 +515,13 @@ METHOD(imv_agent_t, change_state, TNC_Result, { *state_p = state; } + if (new_state == TNC_CONNECTION_STATE_HANDSHAKE && + old_state != TNC_CONNECTION_STATE_CREATE) + { + state->reset(state); + DBG2(DBG_IMV, "IMV %u \"%s\" reset state of Connection ID %u", + this->id, this->name, connection_id); + } break; case TNC_CONNECTION_STATE_CREATE: DBG1(DBG_IMV, "state '%N' should be handled by create_state()", @@ -643,7 +651,7 @@ METHOD(enumerator_t, language_enumerator_enumerate, bool, if (pos) { len = pos - this->lang_pos; - this->lang_pos += len + 1, + this->lang_pos += len + 1; this->lang_len -= len + 1; } else diff --git a/src/libimcv/imv/imv_database.c b/src/libimcv/imv/imv_database.c index b444abdbb..03f583204 100644 --- a/src/libimcv/imv/imv_database.c +++ b/src/libimcv/imv/imv_database.c @@ -143,7 +143,7 @@ static bool create_session(private_imv_database_t *this, imv_session_t *session) } /* create a new session entry */ - created = session->get_creation_time(session); + created = time(NULL); conn_id = session->get_connection_id(session); this->db->execute(this->db, &session_id, "INSERT INTO sessions (time, connection, product, device) " @@ -161,6 +161,7 @@ static bool create_session(private_imv_database_t *this, imv_session_t *session) return FALSE; } session->set_session_id(session, session_id, pid, did); + session->set_creation_time(session, created); enumerator = session->create_ar_identities_enumerator(session); while (enumerator->enumerate(enumerator, &tnc_id)) diff --git a/src/libimcv/imv/imv_session.c b/src/libimcv/imv/imv_session.c index bc6b5a8d1..830dd48d4 100644 --- a/src/libimcv/imv/imv_session.c +++ b/src/libimcv/imv/imv_session.c @@ -121,6 +121,12 @@ METHOD(imv_session_t, get_connection_id, TNC_ConnectionID, return this->conn_id; } +METHOD(imv_session_t, set_creation_time, void, + private_imv_session_t *this, time_t created) +{ + this->created = created; +} + METHOD(imv_session_t, get_creation_time, time_t, private_imv_session_t *this) { @@ -259,7 +265,7 @@ METHOD(imv_session_t, destroy, void, /** * See header */ -imv_session_t *imv_session_create(TNC_ConnectionID conn_id, time_t created, +imv_session_t *imv_session_create(TNC_ConnectionID conn_id, linked_list_t *ar_identities) { private_imv_session_t *this; @@ -269,6 +275,7 @@ imv_session_t *imv_session_create(TNC_ConnectionID conn_id, time_t created, .set_session_id = _set_session_id, .get_session_id = _get_session_id, .get_connection_id = _get_connection_id, + .set_creation_time = _set_creation_time, .get_creation_time = _get_creation_time, .create_ar_identities_enumerator = _create_ar_identities_enumerator, .get_os_info = _get_os_info, @@ -286,7 +293,6 @@ imv_session_t *imv_session_create(TNC_ConnectionID conn_id, time_t created, .destroy = _destroy, }, .conn_id = conn_id, - .created = created, .ar_identities = ar_identities, .os_info = imv_os_info_create(), .workitems = linked_list_create(), diff --git a/src/libimcv/imv/imv_session.h b/src/libimcv/imv/imv_session.h index 107716f30..a2f6fc2a8 100644 --- a/src/libimcv/imv/imv_session.h +++ b/src/libimcv/imv/imv_session.h @@ -63,6 +63,13 @@ struct imv_session_t { TNC_ConnectionID (*get_connection_id)(imv_session_t *this); /** + * Set session creation time + * + * @param created Session creation time + */ + void (*set_creation_time)(imv_session_t *this, time_t created); + + /** * Get session creation time * * @return Session creation time @@ -170,10 +177,9 @@ struct imv_session_t { * Create an imv_session_t instance * * @param id Associated Connection ID - * @param created Session creation time * @param ar_identities List of Access Requestor identities */ -imv_session_t* imv_session_create(TNC_ConnectionID id, time_t created, - linked_list_t *ar_identities); +imv_session_t* imv_session_create(TNC_ConnectionID id, + linked_list_t *ar_identities); #endif /** IMV_SESSION_H_ @}*/ diff --git a/src/libimcv/imv/imv_session_manager.c b/src/libimcv/imv/imv_session_manager.c index c97602998..2e3cfa466 100644 --- a/src/libimcv/imv/imv_session_manager.c +++ b/src/libimcv/imv/imv_session_manager.c @@ -51,7 +51,6 @@ METHOD(imv_session_manager_t, add_session, imv_session_t*, enumerator_t *enumerator; tncif_identity_t *tnc_id; imv_session_t *current, *session = NULL; - time_t created; this->mutex->lock(this->mutex); @@ -105,8 +104,7 @@ METHOD(imv_session_manager_t, add_session, imv_session_t*, enumerator->destroy(enumerator); /* create a new session entry */ - created = time(NULL); - session = imv_session_create(conn_id, created, ar_identities); + session = imv_session_create(conn_id, ar_identities); this->sessions->insert_last(this->sessions, session); this->mutex->unlock(this->mutex); diff --git a/src/libimcv/imv/imv_state.h b/src/libimcv/imv/imv_state.h index 30ed612b3..4571da2fa 100644 --- a/src/libimcv/imv/imv_state.h +++ b/src/libimcv/imv/imv_state.h @@ -119,8 +119,10 @@ struct imv_state_t { * Change the connection state * * @param new_state new connection state + * @return old connection state */ - void (*change_state)(imv_state_t *this, TNC_ConnectionState new_state); + TNC_ConnectionState (*change_state)(imv_state_t *this, + TNC_ConnectionState new_state); /** * Get IMV action recommendation and evaluation result @@ -182,6 +184,11 @@ struct imv_state_t { char **uri); /** + * Resets the state for a new measurement cycle triggered by a SRETRY batch + */ + void (*reset)(imv_state_t *this); + + /** * Destroys an imv_state_t object */ void (*destroy)(imv_state_t *this); |