diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2015-04-11 22:03:59 +0200 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2015-04-11 22:30:17 +0200 |
commit | 8404fb0212f9fb77bc53b23004b829b488430700 (patch) | |
tree | 23876c7540d138f58a6a7d90793ccf9004f6afd2 /src/libimcv/plugins/imv_attestation | |
parent | 1b7c683a32c62b6e08ad7bf5af39b9f4edd634f3 (diff) | |
download | vyos-strongswan-8404fb0212f9fb77bc53b23004b829b488430700.tar.gz vyos-strongswan-8404fb0212f9fb77bc53b23004b829b488430700.zip |
Imported Upstream version 5.3.0
Diffstat (limited to 'src/libimcv/plugins/imv_attestation')
5 files changed, 25 insertions, 14 deletions
diff --git a/src/libimcv/plugins/imv_attestation/Makefile.in b/src/libimcv/plugins/imv_attestation/Makefile.in index 3ba7c8c88..09a0ab0ce 100644 --- a/src/libimcv/plugins/imv_attestation/Makefile.in +++ b/src/libimcv/plugins/imv_attestation/Makefile.in @@ -236,6 +236,7 @@ DLLIB = @DLLIB@ DLLTOOL = @DLLTOOL@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ @@ -296,10 +297,12 @@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ PTHREADLIB = @PTHREADLIB@ PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ PYTHON_PLATFORM = @PYTHON_PLATFORM@ PYTHON_PREFIX = @PYTHON_PREFIX@ PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,6 +376,8 @@ json_CFLAGS = @json_CFLAGS@ json_LIBS = @json_LIBS@ libdir = @libdir@ libexecdir = @libexecdir@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ diff --git a/src/libimcv/plugins/imv_attestation/attest_db.c b/src/libimcv/plugins/imv_attestation/attest_db.c index f85a02b3d..f1a1f923e 100644 --- a/src/libimcv/plugins/imv_attestation/attest_db.c +++ b/src/libimcv/plugins/imv_attestation/attest_db.c @@ -849,29 +849,31 @@ METHOD(attest_db_t, list_devices, void, { enumerator_t *e, *e_ar; chunk_t ar_id_value = chunk_empty; - char *product, *device; + char *product, *device, *description; time_t timestamp; - int id, last_id = 0, ar_id = 0, last_ar_id = 0, device_count = 0; + int id, last_id = 0, ar_id = 0, last_ar_id = 0, device_count = 0, trusted; int session_id, rec; u_int32_t ar_id_type; u_int tstamp; e = this->db->query(this->db, - "SELECT d.id, d.value, s.id, s.time, s.identity, s.rec, p.name " + "SELECT d.id, d.value, d.trusted, d.description, " + "s.id, s.time, s.identity, s.rec, p.name " "FROM devices AS d " "JOIN sessions AS s ON d.id = s.device " "JOIN products AS p ON p.id = s.product " - "ORDER BY d.value, s.time DESC", DB_INT, DB_TEXT, DB_INT, DB_UINT, - DB_INT, DB_INT, DB_TEXT); + "ORDER BY d.value, s.time DESC", DB_INT, DB_TEXT, DB_INT, DB_TEXT, + DB_INT, DB_UINT, DB_INT, DB_INT, DB_TEXT); if (e) { - while (e->enumerate(e, &id, &device, &session_id, &tstamp, &ar_id, &rec, - &product)) + while (e->enumerate(e, &id, &device, &trusted, &description, + &session_id, &tstamp, &ar_id, &rec, &product)) { if (id != last_id) { - printf("%4d: %s - %s\n", id, device, product); + printf("%4d: %s %s - %s - %s\n", id, trusted ? "+" : "-", + device, product, description); device_count++; last_id = id; } diff --git a/src/libimcv/plugins/imv_attestation/build-database.sh b/src/libimcv/plugins/imv_attestation/build-database.sh index ca2939b49..0babb5366 100755 --- a/src/libimcv/plugins/imv_attestation/build-database.sh +++ b/src/libimcv/plugins/imv_attestation/build-database.sh @@ -2,7 +2,7 @@ p="Ubuntu 14.04 x86_64" a="x86_64-linux-gnu" -k="3.13.0-37-generic" +k="3.13.0-46-generic" for hash in sha1 sha256 do diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_build.c b/src/libimcv/plugins/imv_attestation/imv_attestation_build.c index c39fe8d47..db93ac45f 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_build.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_build.c @@ -69,7 +69,11 @@ bool imv_attestation_build(imv_msg_t *out_msg, imv_state_t *state, /* Send DH nonce finish attribute */ selected_algorithm = pts->get_meas_algorithm(pts); - pts->get_my_public_value(pts, &initiator_value, &initiator_nonce); + if (!pts->get_my_public_value(pts, &initiator_value, + &initiator_nonce)) + { + return FALSE; + } attr = tcg_pts_attr_dh_nonce_finish_create(selected_algorithm, initiator_value, initiator_nonce); attr->set_noskip_flag(attr, TRUE); diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c index 89a1f02cf..fbeb6618e 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c @@ -134,11 +134,11 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg, } responder_value = attr_cast->get_responder_value(attr_cast); - pts->set_peer_public_value(pts, responder_value, - responder_nonce); /* Calculate secret assessment value */ - if (!pts->calculate_secret(pts)) + if (!pts->set_peer_public_value(pts, responder_value, + responder_nonce) || + !pts->calculate_secret(pts)) { return FALSE; } @@ -198,7 +198,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg, e = pts_credmgr->create_trusted_enumerator(pts_credmgr, KEY_ANY, aik->get_issuer(aik), FALSE); - while (e->enumerate(e, &issuer)) + while (e->enumerate(e, &issuer, NULL)) { if (aik->issued_by(aik, issuer, NULL)) { |