diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
| commit | e0e280b7669435b991b7e457abd8aa450930b3e8 (patch) | |
| tree | 3e6084f13b14ad2df104e2ce6e589eb96c5f7ac9 /src/libimcv/plugins | |
| parent | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (diff) | |
| download | vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.tar.gz vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.zip | |
New upstream version 5.7.0
Diffstat (limited to 'src/libimcv/plugins')
50 files changed, 800 insertions, 3976 deletions
diff --git a/src/libimcv/plugins/imc_attestation/Makefile.in b/src/libimcv/plugins/imc_attestation/Makefile.in index bc079ff12..4817d3fc5 100644 --- a/src/libimcv/plugins/imc_attestation/Makefile.in +++ b/src/libimcv/plugins/imc_attestation/Makefile.in @@ -311,7 +311,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -337,6 +336,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -357,8 +358,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -413,8 +412,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -443,8 +440,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c index 0dd88b6a7..f592a5134 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c @@ -115,19 +115,8 @@ TNC_Result TNC_IMC_API TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, case TNC_CONNECTION_STATE_CREATE: state = imc_attestation_state_create(connection_id); return imc_attestation->create_state(imc_attestation, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_attestation->change_state(imc_attestation, connection_id, - new_state, &state) != TNC_RESULT_SUCCESS) - { - return TNC_RESULT_FATAL; - } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - return TNC_RESULT_SUCCESS; case TNC_CONNECTION_STATE_DELETE: return imc_attestation->delete_state(imc_attestation, connection_id); - case TNC_CONNECTION_STATE_ACCESS_ISOLATED: - case TNC_CONNECTION_STATE_ACCESS_NONE: default: return imc_attestation->change_state(imc_attestation, connection_id, new_state, NULL); diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_state.c b/src/libimcv/plugins/imc_attestation/imc_attestation_state.c index b789a2104..f8e0b8d2c 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation_state.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation_state.c @@ -131,10 +131,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_attestation_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -155,6 +159,21 @@ METHOD(imc_state_t, get_result, bool, return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_attestation_state_t *this) +{ + this->result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->components->destroy_offset(this->components, + offsetof(pts_component_t, destroy)); + this->components = linked_list_create(); + this->list->destroy_offset(this->list, + offsetof(pts_comp_evidence_t, destroy)); + this->list = linked_list_create(); + this->pts->destroy(this->pts); + this->pts = pts_create(TRUE); +} + METHOD(imc_state_t, destroy, void, private_imc_attestation_state_t *this) { @@ -238,6 +257,7 @@ imc_state_t *imc_attestation_state_create(TNC_ConnectionID connection_id) .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, .get_pts = _get_pts, diff --git a/src/libimcv/plugins/imc_hcd/Makefile.in b/src/libimcv/plugins/imc_hcd/Makefile.in index 1b71b26d0..e6074a35c 100644 --- a/src/libimcv/plugins/imc_hcd/Makefile.in +++ b/src/libimcv/plugins/imc_hcd/Makefile.in @@ -308,7 +308,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -334,6 +333,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -354,8 +355,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -410,8 +409,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -440,8 +437,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imc_hcd/imc_hcd.c b/src/libimcv/plugins/imc_hcd/imc_hcd.c index b631683ce..09ba8bc0b 100644 --- a/src/libimcv/plugins/imc_hcd/imc_hcd.c +++ b/src/libimcv/plugins/imc_hcd/imc_hcd.c @@ -141,15 +141,6 @@ TNC_Result TNC_IMC_API TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, case TNC_CONNECTION_STATE_CREATE: state = imc_hcd_state_create(connection_id); return imc_hcd->create_state(imc_hcd, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_hcd->change_state(imc_hcd, connection_id, new_state, - &state) != TNC_RESULT_SUCCESS) - { - return TNC_RESULT_FATAL; - } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - return TNC_RESULT_SUCCESS; case TNC_CONNECTION_STATE_DELETE: return imc_hcd->delete_state(imc_hcd, connection_id); default: @@ -348,7 +339,7 @@ static void add_certification_state(imc_msg_t *msg) if (hex_string) { blob = chunk_from_hex(chunk_from_str(hex_string), NULL); - + DBG2(DBG_IMC, " %N: %B", pwg_attr_names, PWG_HCD_CERTIFICATION_STATE, &blob); attr = generic_attr_chunk_create(blob, @@ -373,7 +364,7 @@ static void add_configuration_state(imc_msg_t *msg) if (hex_string) { blob = chunk_from_hex(chunk_from_str(hex_string), NULL); - + DBG2(DBG_IMC, " %N: %B", pwg_attr_names, PWG_HCD_CONFIGURATION_STATE, &blob); attr = generic_attr_chunk_create(blob, @@ -412,7 +403,7 @@ static void add_quadruple(imc_msg_t *msg, char *section, quadruple_t *quad) "%s.plugins.imc-hcd.subtypes.%s.%s.%s.string_version", "", lib->ns, section, quad->section, app); hex_version = lib->settings->get_str(lib->settings, - "%s.plugins.imc-hcd.subtypes.%s.%s.%s.version", + "%s.plugins.imc-hcd.subtypes.%s.%s.%s.version", hex_version_default, lib->ns, section, quad->section, app); /* convert hex string into binary chunk */ diff --git a/src/libimcv/plugins/imc_hcd/imc_hcd_state.c b/src/libimcv/plugins/imc_hcd/imc_hcd_state.c index 60ccdce81..b2207f28a 100644 --- a/src/libimcv/plugins/imc_hcd/imc_hcd_state.c +++ b/src/libimcv/plugins/imc_hcd/imc_hcd_state.c @@ -110,10 +110,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_hcd_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -134,6 +138,12 @@ METHOD(imc_state_t, get_result, bool, return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_hcd_state_t *this) +{ + this->result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; +} + METHOD(imc_state_t, destroy, void, private_imc_hcd_state_t *this) { @@ -161,6 +171,7 @@ imc_state_t *imc_hcd_state_create(TNC_ConnectionID connection_id) .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, }, diff --git a/src/libimcv/plugins/imc_os/Makefile.in b/src/libimcv/plugins/imc_os/Makefile.in index e62c04bea..4821d43f7 100644 --- a/src/libimcv/plugins/imc_os/Makefile.in +++ b/src/libimcv/plugins/imc_os/Makefile.in @@ -308,7 +308,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -334,6 +333,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -354,8 +355,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -410,8 +409,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -440,8 +437,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imc_os/imc_os.c b/src/libimcv/plugins/imc_os/imc_os.c index d7b508ab9..a10492e04 100644 --- a/src/libimcv/plugins/imc_os/imc_os.c +++ b/src/libimcv/plugins/imc_os/imc_os.c @@ -103,15 +103,6 @@ TNC_Result TNC_IMC_API TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, case TNC_CONNECTION_STATE_CREATE: state = imc_os_state_create(connection_id); return imc_os->create_state(imc_os, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_os->change_state(imc_os, connection_id, new_state, - &state) != TNC_RESULT_SUCCESS) - { - return TNC_RESULT_FATAL; - } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - return TNC_RESULT_SUCCESS; case TNC_CONNECTION_STATE_DELETE: return imc_os->delete_state(imc_os, connection_id); default: diff --git a/src/libimcv/plugins/imc_os/imc_os_state.c b/src/libimcv/plugins/imc_os/imc_os_state.c index a38696a81..d26454719 100644 --- a/src/libimcv/plugins/imc_os/imc_os_state.c +++ b/src/libimcv/plugins/imc_os/imc_os_state.c @@ -110,10 +110,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_os_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -134,6 +138,12 @@ METHOD(imc_state_t, get_result, bool, return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_os_state_t *this) +{ + this->result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; +} + METHOD(imc_state_t, destroy, void, private_imc_os_state_t *this) { @@ -161,6 +171,7 @@ imc_state_t *imc_os_state_create(TNC_ConnectionID connection_id) .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, }, diff --git a/src/libimcv/plugins/imc_scanner/Makefile.in b/src/libimcv/plugins/imc_scanner/Makefile.in index a054a475b..c55ac867c 100644 --- a/src/libimcv/plugins/imc_scanner/Makefile.in +++ b/src/libimcv/plugins/imc_scanner/Makefile.in @@ -309,7 +309,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -335,6 +334,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -355,8 +356,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -411,8 +410,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -441,8 +438,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner.c b/src/libimcv/plugins/imc_scanner/imc_scanner.c index 93ed4271b..c4fc254cf 100644 --- a/src/libimcv/plugins/imc_scanner/imc_scanner.c +++ b/src/libimcv/plugins/imc_scanner/imc_scanner.c @@ -85,15 +85,6 @@ TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, case TNC_CONNECTION_STATE_CREATE: state = imc_scanner_state_create(connection_id); return imc_scanner->create_state(imc_scanner, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_scanner->change_state(imc_scanner, connection_id, new_state, - &state) != TNC_RESULT_SUCCESS) - { - return TNC_RESULT_FATAL; - } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - return TNC_RESULT_SUCCESS; case TNC_CONNECTION_STATE_DELETE: return imc_scanner->delete_state(imc_scanner, connection_id); default: diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner_state.c b/src/libimcv/plugins/imc_scanner/imc_scanner_state.c index c1b7a50e4..2a2214841 100644 --- a/src/libimcv/plugins/imc_scanner/imc_scanner_state.c +++ b/src/libimcv/plugins/imc_scanner/imc_scanner_state.c @@ -110,10 +110,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_scanner_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -134,6 +138,12 @@ METHOD(imc_state_t, get_result, bool, return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_scanner_state_t *this) +{ + this->result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; +} + METHOD(imc_state_t, destroy, void, private_imc_scanner_state_t *this) { @@ -161,6 +171,7 @@ imc_state_t *imc_scanner_state_create(TNC_ConnectionID connection_id) .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, }, diff --git a/src/libimcv/plugins/imc_swid/Makefile.am b/src/libimcv/plugins/imc_swid/Makefile.am deleted file mode 100644 index 22f2e3762..000000000 --- a/src/libimcv/plugins/imc_swid/Makefile.am +++ /dev/null @@ -1,36 +0,0 @@ -regid = strongswan.org -unique_sw_id = strongSwan-$(PACKAGE_VERSION_MAJOR)-$(PACKAGE_VERSION_MINOR)-$(PACKAGE_VERSION_BUILD)$(PACKAGE_VERSION_REVIEW) -swid_tag = $(regid)__$(unique_sw_id).swidtag - -swiddir = $(pkgdatadir)/swidtag -dist_swid_DATA = $(swid_tag) -EXTRA_DIST = $(regid)__strongSwan.swidtag.in -CLEANFILES = $(regid)__strongSwan*.swidtag - -$(swid_tag) : $(regid)__strongSwan.swidtag.in - $(AM_V_GEN) \ - sed \ - -e "s:@VERSION_MAJOR@:$(PACKAGE_VERSION_MAJOR):" \ - -e "s:@VERSION_MINOR@:$(PACKAGE_VERSION_MINOR):" \ - -e "s:@VERSION_BUILD@:$(PACKAGE_VERSION_BUILD):" \ - -e "s:@VERSION_REVIEW@:$(PACKAGE_VERSION_REVIEW):" \ - $(srcdir)/$(regid)__strongSwan.swidtag.in > $@ - -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libimcv \ - -DSWID_DIRECTORY=\"${prefix}/share\" - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) - -imcv_LTLIBRARIES = imc-swid.la - -imc_swid_la_LIBADD = \ - $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la - -imc_swid_la_SOURCES = imc_swid.c imc_swid_state.h imc_swid_state.c - -imc_swid_la_LDFLAGS = -module -avoid-version -no-undefined diff --git a/src/libimcv/plugins/imc_swid/Makefile.in b/src/libimcv/plugins/imc_swid/Makefile.in deleted file mode 100644 index f58935f2e..000000000 --- a/src/libimcv/plugins/imc_swid/Makefile.in +++ /dev/null @@ -1,831 +0,0 @@ -# Makefile.in generated by automake 1.15 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2014 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - - -VPATH = @srcdir@ -am__is_gnu_make = { \ - if test -z '$(MAKELEVEL)'; then \ - false; \ - elif test -n '$(MAKE_HOST)'; then \ - true; \ - elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ - true; \ - else \ - false; \ - fi; \ -} -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = src/libimcv/plugins/imc_swid -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ - $(top_srcdir)/m4/config/ltoptions.m4 \ - $(top_srcdir)/m4/config/ltsugar.m4 \ - $(top_srcdir)/m4/config/ltversion.m4 \ - $(top_srcdir)/m4/config/lt~obsolete.m4 \ - $(top_srcdir)/m4/macros/split-package-version.m4 \ - $(top_srcdir)/m4/macros/with.m4 \ - $(top_srcdir)/m4/macros/enable-disable.m4 \ - $(top_srcdir)/m4/macros/add-plugin.m4 \ - $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -DIST_COMMON = $(srcdir)/Makefile.am $(dist_swid_DATA) \ - $(am__DIST_COMMON) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -am__installdirs = "$(DESTDIR)$(imcvdir)" "$(DESTDIR)$(swiddir)" -LTLIBRARIES = $(imcv_LTLIBRARIES) -imc_swid_la_DEPENDENCIES = $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la -am_imc_swid_la_OBJECTS = imc_swid.lo imc_swid_state.lo -imc_swid_la_OBJECTS = $(am_imc_swid_la_OBJECTS) -AM_V_lt = $(am__v_lt_@AM_V@) -am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -am__v_lt_0 = --silent -am__v_lt_1 = -imc_swid_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(imc_swid_la_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -SOURCES = $(imc_swid_la_SOURCES) -DIST_SOURCES = $(imc_swid_la_SOURCES) -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -DATA = $(dist_swid_DATA) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -ALLOCA = @ALLOCA@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -ATOMICLIB = @ATOMICLIB@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -BFDLIB = @BFDLIB@ -BTLIB = @BTLIB@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ -COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLIB = @DLLIB@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -EASY_INSTALL = @EASY_INSTALL@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -FUZZING_LDFLAGS = @FUZZING_LDFLAGS@ -GEM = @GEM@ -GENHTML = @GENHTML@ -GPERF = @GPERF@ -GPERF_LEN_TYPE = @GPERF_LEN_TYPE@ -GPRBUILD = @GPRBUILD@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LCOV = @LCOV@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MYSQLCFLAG = @MYSQLCFLAG@ -MYSQLCONFIG = @MYSQLCONFIG@ -MYSQLLIB = @MYSQLLIB@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OPENSSL_LIB = @OPENSSL_LIB@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ -PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ -PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ -PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PERL = @PERL@ -PKG_CONFIG = @PKG_CONFIG@ -PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ -PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ -PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ -PTHREADLIB = @PTHREADLIB@ -PYTHON = @PYTHON@ -PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ -PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ -PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ -PYTHON_PLATFORM = @PYTHON_PLATFORM@ -PYTHON_PREFIX = @PYTHON_PREFIX@ -PYTHON_VERSION = @PYTHON_VERSION@ -PY_TEST = @PY_TEST@ -RANLIB = @RANLIB@ -RTLIB = @RTLIB@ -RUBY = @RUBY@ -RUBYGEMDIR = @RUBYGEMDIR@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -SOCKLIB = @SOCKLIB@ -STRIP = @STRIP@ -UNWINDLIB = @UNWINDLIB@ -VERSION = @VERSION@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -aikgen_plugins = @aikgen_plugins@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -attest_plugins = @attest_plugins@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -c_plugins = @c_plugins@ -charon_natt_port = @charon_natt_port@ -charon_plugins = @charon_plugins@ -charon_udp_port = @charon_udp_port@ -clearsilver_LIBS = @clearsilver_LIBS@ -cmd_plugins = @cmd_plugins@ -datadir = @datadir@ -datarootdir = @datarootdir@ -dev_headers = @dev_headers@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -fips_mode = @fips_mode@ -fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -imcvdir = @imcvdir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -ipsec_script = @ipsec_script@ -ipsec_script_upper = @ipsec_script_upper@ -ipsecdir = @ipsecdir@ -ipsecgroup = @ipsecgroup@ -ipseclibdir = @ipseclibdir@ -ipsecuser = @ipsecuser@ -json_CFLAGS = @json_CFLAGS@ -json_LIBS = @json_LIBS@ -libdir = @libdir@ -libexecdir = @libexecdir@ -libfuzzer = @libfuzzer@ -libiptc_CFLAGS = @libiptc_CFLAGS@ -libiptc_LIBS = @libiptc_LIBS@ -linux_headers = @linux_headers@ -localedir = @localedir@ -localstatedir = @localstatedir@ -manager_plugins = @manager_plugins@ -mandir = @mandir@ -medsrv_plugins = @medsrv_plugins@ -mkdir_p = @mkdir_p@ -nm_CFLAGS = @nm_CFLAGS@ -nm_LIBS = @nm_LIBS@ -nm_ca_dir = @nm_ca_dir@ -nm_plugins = @nm_plugins@ -oldincludedir = @oldincludedir@ -p_plugins = @p_plugins@ -pcsclite_CFLAGS = @pcsclite_CFLAGS@ -pcsclite_LIBS = @pcsclite_LIBS@ -pdfdir = @pdfdir@ -piddir = @piddir@ -pkgpyexecdir = @pkgpyexecdir@ -pkgpythondir = @pkgpythondir@ -pki_plugins = @pki_plugins@ -plugindir = @plugindir@ -pool_plugins = @pool_plugins@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -pyexecdir = @pyexecdir@ -pythondir = @pythondir@ -random_device = @random_device@ -resolv_conf = @resolv_conf@ -routing_table = @routing_table@ -routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ -runstatedir = @runstatedir@ -s_plugins = @s_plugins@ -sbindir = @sbindir@ -scepclient_plugins = @scepclient_plugins@ -scripts_plugins = @scripts_plugins@ -sharedstatedir = @sharedstatedir@ -soup_CFLAGS = @soup_CFLAGS@ -soup_LIBS = @soup_LIBS@ -srcdir = @srcdir@ -starter_plugins = @starter_plugins@ -strongswan_conf = @strongswan_conf@ -strongswan_options = @strongswan_options@ -swanctldir = @swanctldir@ -sysconfdir = @sysconfdir@ -systemd_CFLAGS = @systemd_CFLAGS@ -systemd_LIBS = @systemd_LIBS@ -systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ -systemd_daemon_LIBS = @systemd_daemon_LIBS@ -systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ -systemd_journal_LIBS = @systemd_journal_LIBS@ -systemdsystemunitdir = @systemdsystemunitdir@ -t_plugins = @t_plugins@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -tss2_CFLAGS = @tss2_CFLAGS@ -tss2_LIBS = @tss2_LIBS@ -tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ -tss2_socket_LIBS = @tss2_socket_LIBS@ -tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ -tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ -urandom_device = @urandom_device@ -xml_CFLAGS = @xml_CFLAGS@ -xml_LIBS = @xml_LIBS@ -regid = strongswan.org -unique_sw_id = strongSwan-$(PACKAGE_VERSION_MAJOR)-$(PACKAGE_VERSION_MINOR)-$(PACKAGE_VERSION_BUILD)$(PACKAGE_VERSION_REVIEW) -swid_tag = $(regid)__$(unique_sw_id).swidtag -swiddir = $(pkgdatadir)/swidtag -dist_swid_DATA = $(swid_tag) -EXTRA_DIST = $(regid)__strongSwan.swidtag.in -CLEANFILES = $(regid)__strongSwan*.swidtag -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libimcv \ - -DSWID_DIRECTORY=\"${prefix}/share\" - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) - -imcv_LTLIBRARIES = imc-swid.la -imc_swid_la_LIBADD = \ - $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la - -imc_swid_la_SOURCES = imc_swid.c imc_swid_state.h imc_swid_state.c -imc_swid_la_LDFLAGS = -module -avoid-version -no-undefined -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_swid/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/libimcv/plugins/imc_swid/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -install-imcvLTLIBRARIES: $(imcv_LTLIBRARIES) - @$(NORMAL_INSTALL) - @list='$(imcv_LTLIBRARIES)'; test -n "$(imcvdir)" || list=; \ - list2=; for p in $$list; do \ - if test -f $$p; then \ - list2="$$list2 $$p"; \ - else :; fi; \ - done; \ - test -z "$$list2" || { \ - echo " $(MKDIR_P) '$(DESTDIR)$(imcvdir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(imcvdir)" || exit 1; \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(imcvdir)'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(imcvdir)"; \ - } - -uninstall-imcvLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(imcv_LTLIBRARIES)'; test -n "$(imcvdir)" || list=; \ - for p in $$list; do \ - $(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(imcvdir)/$$f'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(imcvdir)/$$f"; \ - done - -clean-imcvLTLIBRARIES: - -test -z "$(imcv_LTLIBRARIES)" || rm -f $(imcv_LTLIBRARIES) - @list='$(imcv_LTLIBRARIES)'; \ - locs=`for p in $$list; do echo $$p; done | \ - sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ - sort -u`; \ - test -z "$$locs" || { \ - echo rm -f $${locs}; \ - rm -f $${locs}; \ - } - -imc-swid.la: $(imc_swid_la_OBJECTS) $(imc_swid_la_DEPENDENCIES) $(EXTRA_imc_swid_la_DEPENDENCIES) - $(AM_V_CCLD)$(imc_swid_la_LINK) -rpath $(imcvdir) $(imc_swid_la_OBJECTS) $(imc_swid_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imc_swid.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imc_swid_state.Plo@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-dist_swidDATA: $(dist_swid_DATA) - @$(NORMAL_INSTALL) - @list='$(dist_swid_DATA)'; test -n "$(swiddir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(swiddir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(swiddir)" || exit 1; \ - fi; \ - for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; \ - done | $(am__base_list) | \ - while read files; do \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(swiddir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(swiddir)" || exit $$?; \ - done - -uninstall-dist_swidDATA: - @$(NORMAL_UNINSTALL) - @list='$(dist_swid_DATA)'; test -n "$(swiddir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(swiddir)'; $(am__uninstall_files_from_dir) - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LTLIBRARIES) $(DATA) -installdirs: - for dir in "$(DESTDIR)$(imcvdir)" "$(DESTDIR)$(swiddir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-imcvLTLIBRARIES clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-dist_swidDATA install-imcvLTLIBRARIES - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-dist_swidDATA uninstall-imcvLTLIBRARIES - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-imcvLTLIBRARIES clean-libtool cscopelist-am ctags \ - ctags-am distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dist_swidDATA install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-imcvLTLIBRARIES install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-am uninstall uninstall-am uninstall-dist_swidDATA \ - uninstall-imcvLTLIBRARIES - -.PRECIOUS: Makefile - - -$(swid_tag) : $(regid)__strongSwan.swidtag.in - $(AM_V_GEN) \ - sed \ - -e "s:@VERSION_MAJOR@:$(PACKAGE_VERSION_MAJOR):" \ - -e "s:@VERSION_MINOR@:$(PACKAGE_VERSION_MINOR):" \ - -e "s:@VERSION_BUILD@:$(PACKAGE_VERSION_BUILD):" \ - -e "s:@VERSION_REVIEW@:$(PACKAGE_VERSION_REVIEW):" \ - $(srcdir)/$(regid)__strongSwan.swidtag.in > $@ - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/src/libimcv/plugins/imc_swid/imc_swid.c b/src/libimcv/plugins/imc_swid/imc_swid.c deleted file mode 100644 index 1468a59cc..000000000 --- a/src/libimcv/plugins/imc_swid/imc_swid.c +++ /dev/null @@ -1,417 +0,0 @@ -/* - * Copyright (C) 2013-2017 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "imc_swid_state.h" - -#include <imc/imc_agent.h> -#include <imc/imc_msg.h> -#include "tcg/seg/tcg_seg_attr_max_size.h" -#include "tcg/seg/tcg_seg_attr_seg_env.h" -#include "tcg/swid/tcg_swid_attr_req.h" -#include "tcg/swid/tcg_swid_attr_tag_inv.h" -#include "tcg/swid/tcg_swid_attr_tag_id_inv.h" -#include "swid/swid_inventory.h" -#include "swid/swid_error.h" - -#include <tncif_pa_subtypes.h> - -#include <pen/pen.h> -#include <utils/debug.h> - -/* IMC definitions */ - -static const char imc_name[] = "SWID"; - -static pen_type_t msg_types[] = { - { PEN_TCG, PA_SUBTYPE_TCG_SWID } -}; - -static imc_agent_t *imc_swid; - -/** - * see section 3.8.1 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id, - TNC_Version min_version, - TNC_Version max_version, - TNC_Version *actual_version) -{ - if (imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name); - return TNC_RESULT_ALREADY_INITIALIZED; - } - imc_swid = imc_agent_create(imc_name, msg_types, countof(msg_types), - imc_id, actual_version); - if (!imc_swid) - { - return TNC_RESULT_FATAL; - } - if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1) - { - DBG1(DBG_IMC, "no common IF-IMC version"); - return TNC_RESULT_NO_COMMON_VERSION; - } - return TNC_RESULT_SUCCESS; -} - -/** - * see section 3.8.2 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, - TNC_ConnectionID connection_id, - TNC_ConnectionState new_state) -{ - imc_state_t *state; - - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - switch (new_state) - { - case TNC_CONNECTION_STATE_CREATE: - state = imc_swid_state_create(connection_id); - return imc_swid->create_state(imc_swid, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_swid->change_state(imc_swid, connection_id, new_state, - &state) != TNC_RESULT_SUCCESS) - { - return TNC_RESULT_FATAL; - } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - return TNC_RESULT_SUCCESS; - case TNC_CONNECTION_STATE_DELETE: - return imc_swid->delete_state(imc_swid, connection_id); - default: - return imc_swid->change_state(imc_swid, connection_id, - new_state, NULL); - } -} - -/** - * see section 3.8.3 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id, - TNC_ConnectionID connection_id) -{ - imc_state_t *state; - imc_msg_t *out_msg; - pa_tnc_attr_t *attr; - seg_contract_t *contract; - seg_contract_manager_t *contracts; - size_t max_attr_size = SWID_MAX_ATTR_SIZE; - size_t max_seg_size; - char buf[BUF_LEN]; - TNC_Result result = TNC_RESULT_SUCCESS; - - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - if (!imc_swid->get_state(imc_swid, connection_id, &state)) - { - return TNC_RESULT_FATAL; - } - - /* Determine maximum PA-TNC attribute segment size */ - max_seg_size = state->get_max_msg_len(state) - PA_TNC_HEADER_SIZE - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_SEG_ENV_HEADER; - - /* Announce support of PA-TNC segmentation to IMV */ - contract = seg_contract_create(msg_types[0], max_attr_size, max_seg_size, - TRUE, imc_id, TRUE); - contract->get_info_string(contract, buf, BUF_LEN, TRUE); - DBG2(DBG_IMC, "%s", buf); - contracts = state->get_contracts(state); - contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); - - /* send PA-TNC message with the excl flag not set */ - out_msg = imc_msg_create(imc_swid, state, connection_id, imc_id, - TNC_IMVID_ANY, msg_types[0]); - out_msg->add_attribute(out_msg, attr); - result = out_msg->send(out_msg, FALSE); - out_msg->destroy(out_msg); - - return result; -} - -/** - * Add one or multiple SWID Inventory attributes to the send queue - */ -static bool add_swid_inventory(imc_state_t *state, imc_msg_t *msg, - uint32_t request_id, bool full_tags, - swid_inventory_t *targets) -{ - pa_tnc_attr_t *attr, *attr_error; - imc_swid_state_t *swid_state; - swid_inventory_t *swid_inventory; - char *swid_directory; - uint32_t eid_epoch; - bool swid_pretty, swid_full; - enumerator_t *enumerator; - - swid_directory = lib->settings->get_str(lib->settings, - "%s.plugins.imc-swid.swid_directory", - SWID_DIRECTORY, lib->ns); - swid_pretty = lib->settings->get_bool(lib->settings, - "%s.plugins.imc-swid.swid_pretty", - FALSE, lib->ns); - swid_full = lib->settings->get_bool(lib->settings, - "%s.plugins.imc-swid.swid_full", - FALSE, lib->ns); - - swid_inventory = swid_inventory_create(full_tags); - if (!swid_inventory->collect(swid_inventory, swid_directory, targets, - swid_pretty, swid_full)) - { - swid_inventory->destroy(swid_inventory); - attr_error = swid_error_create(TCG_SWID_ERROR, request_id, - 0, "error in SWID tag collection"); - msg->add_attribute(msg, attr_error); - return FALSE; - } - DBG1(DBG_IMC, "collected %d SWID tag%s%s", - swid_inventory->get_count(swid_inventory), full_tags ? "" : " ID", - swid_inventory->get_count(swid_inventory) == 1 ? "" : "s"); - - swid_state = (imc_swid_state_t*)state; - eid_epoch = swid_state->get_eid_epoch(swid_state); - - if (full_tags) - { - tcg_swid_attr_tag_inv_t *swid_attr; - swid_tag_t *tag; - - /* Send a TCG SWID Tag Inventory attribute */ - attr = tcg_swid_attr_tag_inv_create(request_id, eid_epoch, 1); - swid_attr = (tcg_swid_attr_tag_inv_t*)attr; - - enumerator = swid_inventory->create_enumerator(swid_inventory); - while (enumerator->enumerate(enumerator, &tag)) - { - swid_attr->add(swid_attr, tag->get_ref(tag)); - } - enumerator->destroy(enumerator); - } - else - { - tcg_swid_attr_tag_id_inv_t *swid_id_attr; - swid_tag_id_t *tag_id; - - /* Send a TCG SWID Tag ID Inventory attribute */ - attr = tcg_swid_attr_tag_id_inv_create(request_id, eid_epoch, 1); - swid_id_attr = (tcg_swid_attr_tag_id_inv_t*)attr; - - enumerator = swid_inventory->create_enumerator(swid_inventory); - while (enumerator->enumerate(enumerator, &tag_id)) - { - swid_id_attr->add(swid_id_attr, tag_id->get_ref(tag_id)); - } - enumerator->destroy(enumerator); - } - - msg->add_attribute(msg, attr); - swid_inventory->destroy(swid_inventory); - - return TRUE; -} - -static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg) -{ - imc_msg_t *out_msg; - pa_tnc_attr_t *attr; - enumerator_t *enumerator; - pen_type_t type; - TNC_Result result; - bool fatal_error = FALSE; - - /* generate an outgoing PA-TNC message - we might need it */ - out_msg = imc_msg_create_as_reply(in_msg); - - /* parse received PA-TNC message and handle local and remote errors */ - result = in_msg->receive(in_msg, out_msg, &fatal_error); - if (result != TNC_RESULT_SUCCESS) - { - out_msg->destroy(out_msg); - return result; - } - - /* analyze PA-TNC attributes */ - enumerator = in_msg->create_attribute_enumerator(in_msg); - while (enumerator->enumerate(enumerator, &attr)) - { - tcg_swid_attr_req_t *attr_req; - uint8_t flags; - uint32_t request_id; - bool full_tags; - swid_inventory_t *targets; - - type = attr->get_type(attr); - - if (type.vendor_id != PEN_TCG || type.type != TCG_SWID_REQUEST) - { - continue; - } - - attr_req = (tcg_swid_attr_req_t*)attr; - flags = attr_req->get_flags(attr_req); - request_id = attr_req->get_request_id(attr_req); - targets = attr_req->get_targets(attr_req); - - if (flags & (TCG_SWID_ATTR_REQ_FLAG_S | TCG_SWID_ATTR_REQ_FLAG_C)) - { - attr = swid_error_create(TCG_SWID_SUBSCRIPTION_DENIED, request_id, - 0, "no subscription available yet"); - out_msg->add_attribute(out_msg, attr); - break; - } - full_tags = (flags & TCG_SWID_ATTR_REQ_FLAG_R) == 0; - - if (!add_swid_inventory(state, out_msg, request_id, full_tags, targets)) - { - break; - } - } - enumerator->destroy(enumerator); - - if (fatal_error) - { - result = TNC_RESULT_FATAL; - } - else - { - /* send PA-TNC message with the EXCL flag set */ - result = out_msg->send(out_msg, TRUE); - } - out_msg->destroy(out_msg); - - return result; -} - -/** - * see section 3.8.4 of TCG TNC IF-IMC Specification 1.3 - - */ -TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id, - TNC_ConnectionID connection_id, - TNC_BufferReference msg, - TNC_UInt32 msg_len, - TNC_MessageType msg_type) -{ - imc_state_t *state; - imc_msg_t *in_msg; - TNC_Result result; - - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - if (!imc_swid->get_state(imc_swid, connection_id, &state)) - { - return TNC_RESULT_FATAL; - } - in_msg = imc_msg_create_from_data(imc_swid, state, connection_id, msg_type, - chunk_create(msg, msg_len)); - result = receive_message(state, in_msg); - in_msg->destroy(in_msg); - - return result; -} - -/** - * see section 3.8.6 of TCG TNC IF-IMV Specification 1.3 - */ -TNC_Result TNC_IMC_ReceiveMessageLong(TNC_IMCID imc_id, - TNC_ConnectionID connection_id, - TNC_UInt32 msg_flags, - TNC_BufferReference msg, - TNC_UInt32 msg_len, - TNC_VendorID msg_vid, - TNC_MessageSubtype msg_subtype, - TNC_UInt32 src_imv_id, - TNC_UInt32 dst_imc_id) -{ - imc_state_t *state; - imc_msg_t *in_msg; - TNC_Result result; - - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - if (!imc_swid->get_state(imc_swid, connection_id, &state)) - { - return TNC_RESULT_FATAL; - } - in_msg = imc_msg_create_from_long_data(imc_swid, state, connection_id, - src_imv_id, dst_imc_id,msg_vid, msg_subtype, - chunk_create(msg, msg_len)); - result =receive_message(state, in_msg); - in_msg->destroy(in_msg); - - return result; -} - -/** - * see section 3.8.7 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_BatchEnding(TNC_IMCID imc_id, - TNC_ConnectionID connection_id) -{ - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - return TNC_RESULT_SUCCESS; -} - -/** - * see section 3.8.8 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id) -{ - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - imc_swid->destroy(imc_swid); - imc_swid = NULL; - - return TNC_RESULT_SUCCESS; -} - -/** - * see section 4.2.8.1 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_ProvideBindFunction(TNC_IMCID imc_id, - TNC_TNCC_BindFunctionPointer bind_function) -{ - if (!imc_swid) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - return imc_swid->bind_functions(imc_swid, bind_function); -} diff --git a/src/libimcv/plugins/imc_swid/imc_swid_state.c b/src/libimcv/plugins/imc_swid/imc_swid_state.c deleted file mode 100644 index 8d5e8e089..000000000 --- a/src/libimcv/plugins/imc_swid/imc_swid_state.c +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright (C) 2013-2014 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "imc_swid_state.h" - -#include <tncif_names.h> - -#include <utils/debug.h> - -typedef struct private_imc_swid_state_t private_imc_swid_state_t; - -/** - * Private data of an imc_swid_state_t object. - */ -struct private_imc_swid_state_t { - - /** - * Public members of imc_swid_state_t - */ - imc_swid_state_t public; - - /** - * TNCCS connection ID - */ - TNC_ConnectionID connection_id; - - /** - * TNCCS connection state - */ - TNC_ConnectionState state; - - /** - * Assessment/Evaluation Result - */ - TNC_IMV_Evaluation_Result result; - - /** - * Does the TNCCS connection support long message types? - */ - bool has_long; - - /** - * Does the TNCCS connection support exclusive delivery? - */ - bool has_excl; - - /** - * Maximum PA-TNC message size for this TNCCS connection - */ - uint32_t max_msg_len; - - /** - * PA-TNC attribute segmentation contracts associated with TNCCS connection - */ - seg_contract_manager_t *contracts; - - /** - * Event ID Epoch - */ - uint32_t eid_epoch; -}; - -METHOD(imc_state_t, get_connection_id, TNC_ConnectionID, - private_imc_swid_state_t *this) -{ - return this->connection_id; -} - -METHOD(imc_state_t, has_long, bool, - private_imc_swid_state_t *this) -{ - return this->has_long; -} - -METHOD(imc_state_t, has_excl, bool, - private_imc_swid_state_t *this) -{ - return this->has_excl; -} - -METHOD(imc_state_t, set_flags, void, - private_imc_swid_state_t *this, bool has_long, bool has_excl) -{ - this->has_long = has_long; - this->has_excl = has_excl; -} - -METHOD(imc_state_t, set_max_msg_len, void, - private_imc_swid_state_t *this, uint32_t max_msg_len) -{ - this->max_msg_len = max_msg_len; -} - -METHOD(imc_state_t, get_max_msg_len, uint32_t, - private_imc_swid_state_t *this) -{ - return this->max_msg_len; -} - -METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, - private_imc_swid_state_t *this) -{ - return this->contracts; -} - -METHOD(imc_state_t, change_state, void, - private_imc_swid_state_t *this, TNC_ConnectionState new_state) -{ - this->state = new_state; -} - -METHOD(imc_state_t, set_result, void, - private_imc_swid_state_t *this, TNC_IMCID id, - TNC_IMV_Evaluation_Result result) -{ - this->result = result; -} - -METHOD(imc_state_t, get_result, bool, - private_imc_swid_state_t *this, TNC_IMCID id, - TNC_IMV_Evaluation_Result *result) -{ - if (result) - { - *result = this->result; - } - return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; -} - -METHOD(imc_state_t, destroy, void, - private_imc_swid_state_t *this) -{ - this->contracts->destroy(this->contracts); - free(this); -} - -METHOD(imc_swid_state_t, get_eid_epoch, uint32_t, - private_imc_swid_state_t *this) -{ - return this->eid_epoch; -} - -/** - * Described in header. - */ -imc_state_t *imc_swid_state_create(TNC_ConnectionID connection_id) -{ - private_imc_swid_state_t *this; - uint32_t eid_epoch; - nonce_gen_t *ng; - - ng = lib->crypto->create_nonce_gen(lib->crypto); - if (!ng || !ng->get_nonce(ng, 4, (uint8_t*)&eid_epoch)) - { - DBG1(DBG_TNC, "failed to generate random EID epoch value"); - DESTROY_IF(ng); - return NULL; - } - ng->destroy(ng); - - DBG1(DBG_IMC, "creating random EID epoch 0x%08x", eid_epoch); - - INIT(this, - .public = { - .interface = { - .get_connection_id = _get_connection_id, - .has_long = _has_long, - .has_excl = _has_excl, - .set_flags = _set_flags, - .set_max_msg_len = _set_max_msg_len, - .get_max_msg_len = _get_max_msg_len, - .get_contracts = _get_contracts, - .change_state = _change_state, - .set_result = _set_result, - .get_result = _get_result, - .destroy = _destroy, - }, - .get_eid_epoch = _get_eid_epoch, - }, - .state = TNC_CONNECTION_STATE_CREATE, - .result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW, - .connection_id = connection_id, - .contracts = seg_contract_manager_create(), - .eid_epoch = eid_epoch, - ); - - - return &this->public.interface; -} - - diff --git a/src/libimcv/plugins/imc_swid/imc_swid_state.h b/src/libimcv/plugins/imc_swid/imc_swid_state.h deleted file mode 100644 index c658549c8..000000000 --- a/src/libimcv/plugins/imc_swid/imc_swid_state.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (C) 2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup imc_swid imc_swid - * @ingroup libimcv_plugins - * - * @defgroup imc_swid_state_t imc_swid_state - * @{ @ingroup imc_swid - */ - -#ifndef IMC_SWID_STATE_H_ -#define IMC_SWID_STATE_H_ - -#include <imc/imc_state.h> -#include <library.h> - -typedef struct imc_swid_state_t imc_swid_state_t; - -/** - * Internal state of an imc_swid_t connection instance - */ -struct imc_swid_state_t { - - /** - * imc_state_t interface - */ - imc_state_t interface; - - /** - * Get Event ID Epoch - * - * @return Event ID Epoch - */ - uint32_t (*get_eid_epoch)(imc_swid_state_t *this); - -}; - -/** - * Create an imc_swid_state_t instance - * - * @param id connection ID - */ -imc_state_t* imc_swid_state_create(TNC_ConnectionID id); - -#endif /** IMC_SWID_STATE_H_ @}*/ diff --git a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan.swidtag.in b/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan.swidtag.in deleted file mode 100644 index 0e5aa8d4d..000000000 --- a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan.swidtag.in +++ /dev/null @@ -1,11 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<SoftwareIdentity - name="strongSwan" - tagId="strongSwan-@VERSION_MAJOR@-@VERSION_MINOR@-@VERSION_BUILD@@VERSION_REVIEW@" - version="@VERSION_MAJOR@.@VERSION_MINOR@.@VERSION_BUILD@@VERSION_REVIEW@" versionScheme="alphanumeric" - xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd"> - <Entity - name="strongSwan Project" - regid="strongswan.org" - role="softwareCreator licensor tagCreator"/> -</SoftwareIdentity> diff --git a/src/libimcv/plugins/imc_swima/Makefile.am b/src/libimcv/plugins/imc_swima/Makefile.am index 4a29e7949..e31f98d33 100644 --- a/src/libimcv/plugins/imc_swima/Makefile.am +++ b/src/libimcv/plugins/imc_swima/Makefile.am @@ -19,11 +19,13 @@ $(swid_tag) : $(regid)__strongSwan.swidtag.in AM_CPPFLAGS = \ -I$(top_srcdir)/src/libstrongswan \ -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libimcv + -I$(top_srcdir)/src/libimcv \ + -DSW_COLLECTOR=\"${prefix}/sbin/sw-collector\" AM_CFLAGS = \ $(PLUGIN_CFLAGS) $(json_CFLAGS) + imcv_LTLIBRARIES = imc-swima.la imc_swima_la_LIBADD = \ diff --git a/src/libimcv/plugins/imc_swima/Makefile.in b/src/libimcv/plugins/imc_swima/Makefile.in index ed2191921..62805151e 100644 --- a/src/libimcv/plugins/imc_swima/Makefile.in +++ b/src/libimcv/plugins/imc_swima/Makefile.in @@ -311,7 +311,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -337,6 +336,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -357,8 +358,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -413,8 +412,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -443,8 +440,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ @@ -460,7 +461,8 @@ CLEANFILES = $(regid)__strongSwan*.swidtag AM_CPPFLAGS = \ -I$(top_srcdir)/src/libstrongswan \ -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libimcv + -I$(top_srcdir)/src/libimcv \ + -DSW_COLLECTOR=\"${prefix}/sbin/sw-collector\" AM_CFLAGS = \ $(PLUGIN_CFLAGS) $(json_CFLAGS) diff --git a/src/libimcv/plugins/imc_swima/imc_swima.c b/src/libimcv/plugins/imc_swima/imc_swima.c index 67080e050..be258d335 100644 --- a/src/libimcv/plugins/imc_swima/imc_swima.c +++ b/src/libimcv/plugins/imc_swima/imc_swima.c @@ -30,6 +30,17 @@ #include <pen/pen.h> #include <utils/debug.h> +#include <errno.h> +#include <poll.h> +#include <stdio.h> +#include <stdlib.h> +#include <sys/inotify.h> +#include <unistd.h> + +#ifndef SW_COLLECTOR +#define SW_COLLECTOR NULL +#endif + /* IMC definitions */ static const char imc_name[] = "SWIMA"; @@ -68,6 +79,75 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id, } /** + * Poll for IN_CLOSE_WRITE event on the apt history.log + */ +static bool poll_history_log(void) +{ + int fd, wd, res; + nfds_t nfds; + struct pollfd fds[1]; + char *history_path; + bool success = FALSE; + + history_path = lib->settings->get_str(lib->settings, "sw-collector.history", + NULL); + if (!history_path) + { + DBG1(DBG_IMC, "sw-collector.history path not set"); + return FALSE; + } + + /* Create the file descriptor for accessing the inotify API */ + fd = inotify_init1(IN_NONBLOCK); + if (fd == -1) + { + DBG1(DBG_IMC, "inotify file descriptor could not be created"); + return FALSE; + } + + /* Watch for CLOSE_WRITE events on history log */ + wd = inotify_add_watch(fd, history_path, IN_CLOSE_WRITE); + if (wd == -1) + { + DBG1(DBG_IMC, "cannot watch '%s'", history_path); + goto end; + } + + /* Prepare for polling */ + nfds = 1; + + /* Inotify input */ + fds[0].fd = fd; + fds[0].events = POLLIN; + + while (1) + { + DBG1(DBG_IMC, " waiting for write event on history.log ..."); + + res = poll(fds, nfds, -1); + if (res == -1) + { + DBG1(DBG_IMC, " poll failed: %s", strerror(errno)); + if (errno == EINTR) + { + continue; + } + goto end; + } + if (res > 0 && fds[0].revents & POLLIN) + { + DBG1(DBG_IMC, " poll successful"); + success = TRUE; + break; + } + } + +end: + close(fd); + return success; +} + +/** * see section 3.8.2 of TCG TNC IF-IMC Specification 1.3 */ TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, @@ -75,6 +155,11 @@ TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, TNC_ConnectionState new_state) { imc_state_t *state; + imc_swima_state_t *swima_state; + imc_swima_subscription_t *subscription; + TNC_IMV_Evaluation_Result res; + TNC_Result result; + uint32_t eid, eid_epoch; if (!imc_swima) { @@ -86,14 +171,42 @@ TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, case TNC_CONNECTION_STATE_CREATE: state = imc_swima_state_create(connection_id); return imc_swima->create_state(imc_swima, state); - case TNC_CONNECTION_STATE_HANDSHAKE: - if (imc_swima->change_state(imc_swima, connection_id, new_state, - &state) != TNC_RESULT_SUCCESS) + case TNC_CONNECTION_STATE_ACCESS_ALLOWED: + case TNC_CONNECTION_STATE_ACCESS_ISOLATED: + case TNC_CONNECTION_STATE_ACCESS_NONE: + /* get updated IMC state */ + result = imc_swima->change_state(imc_swima, connection_id, + new_state, &state); + if (result != TNC_RESULT_SUCCESS) { return TNC_RESULT_FATAL; } - state->set_result(state, imc_id, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); + swima_state = (imc_swima_state_t*)state; + + /* do a handshake retry? */ + if (swima_state->get_subscription(swima_state, &subscription)) + { + /* update earliest EID in subscription target */ + if (state->get_result(state, imc_id, &res) && + res == TNC_IMV_EVALUATION_RESULT_COMPLIANT) + { + eid = subscription->targets->get_eid(subscription->targets, + &eid_epoch); + if (eid > 0) + { + eid = swima_state->get_earliest_eid(swima_state); + subscription->targets->set_eid(subscription->targets, eid, + eid_epoch); + } + } + DBG1(DBG_IMC, "SWIMA subscription %u:", subscription->request_id); + if (!poll_history_log()) + { + return TNC_RESULT_FATAL; + } + return imc_swima->request_handshake_retry(imc_id, connection_id, + TNC_RETRY_REASON_IMC_PERIODIC); + } return TNC_RESULT_SUCCESS; case TNC_CONNECTION_STATE_DELETE: return imc_swima->delete_state(imc_swima, connection_id); @@ -104,61 +217,11 @@ TNC_Result TNC_IMC_NotifyConnectionChange(TNC_IMCID imc_id, } /** - * see section 3.8.3 of TCG TNC IF-IMC Specification 1.3 - */ -TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id, - TNC_ConnectionID connection_id) -{ - imc_state_t *state; - imc_msg_t *out_msg; - pa_tnc_attr_t *attr; - seg_contract_t *contract; - seg_contract_manager_t *contracts; - size_t max_attr_size = SWIMA_MAX_ATTR_SIZE; - size_t max_seg_size; - char buf[BUF_LEN]; - TNC_Result result = TNC_RESULT_SUCCESS; - - if (!imc_swima) - { - DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); - return TNC_RESULT_NOT_INITIALIZED; - } - if (!imc_swima->get_state(imc_swima, connection_id, &state)) - { - return TNC_RESULT_FATAL; - } - - /* Determine maximum PA-TNC attribute segment size */ - max_seg_size = state->get_max_msg_len(state) - PA_TNC_HEADER_SIZE - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_SEG_ENV_HEADER; - - /* Announce support of PA-TNC segmentation to IMV */ - contract = seg_contract_create(msg_types[0], max_attr_size, max_seg_size, - TRUE, imc_id, TRUE); - contract->get_info_string(contract, buf, BUF_LEN, TRUE); - DBG2(DBG_IMC, "%s", buf); - contracts = state->get_contracts(state); - contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); - - /* send PA-TNC message with the excl flag not set */ - out_msg = imc_msg_create(imc_swima, state, connection_id, imc_id, - TNC_IMVID_ANY, msg_types[0]); - out_msg->add_attribute(out_msg, attr); - result = out_msg->send(out_msg, FALSE); - out_msg->destroy(out_msg); - - return result; -} - -/** * Add SWID Inventory or Event attribute to the send queue */ static void fulfill_request(imc_state_t *state, imc_msg_t *msg, - uint32_t request_id, bool sw_id_only, - swima_inventory_t *targets) + uint32_t request_id, bool sw_id_only, + swima_inventory_t *targets) { pa_tnc_attr_t *attr; swima_collector_t *collector; @@ -174,6 +237,8 @@ static void fulfill_request(imc_state_t *state, imc_msg_t *msg, { swima_events_t *sw_ev; ietf_swima_attr_sw_ev_t *sw_ev_attr; + imc_swima_state_t *swima_state; + uint32_t eid_epoch, last_eid = 0; sw_ev = collector->collect_events(collector, sw_id_only, targets); if (!sw_ev) @@ -185,8 +250,14 @@ static void fulfill_request(imc_state_t *state, imc_msg_t *msg, } else { items = sw_ev->get_count(sw_ev); - DBG1(DBG_IMC, "collected %d SW%s event%s", items, id_str, - items == 1 ? "" : "s"); + last_eid = sw_ev->get_eid(sw_ev, &eid_epoch, NULL); + + DBG1(DBG_IMC, "collected %d SW%s event%s at last eid %d of epoch 0x%08x", + items, id_str, items == 1 ? "" : "s", last_eid, eid_epoch); + + /* Store the earliest EID for the next subscription round */ + swima_state = (imc_swima_state_t*)state; + swima_state->set_earliest_eid(swima_state, last_eid + 1); /* Send an IETF SW [Identity] Events attribute */ attr = ietf_swima_attr_sw_ev_create(IETF_SWIMA_ATTR_SW_INV_FLAG_NONE, @@ -226,9 +297,78 @@ static void fulfill_request(imc_state_t *state, imc_msg_t *msg, collector->destroy(collector); } +/** + * see section 3.8.3 of TCG TNC IF-IMC Specification 1.3 + */ +TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id, + TNC_ConnectionID connection_id) +{ + imc_state_t *state; + imc_swima_state_t *swima_state; + imc_msg_t *out_msg; + pa_tnc_attr_t *attr; + seg_contract_t *contract; + seg_contract_manager_t *contracts; + imc_swima_subscription_t *subscription; + size_t max_attr_size = SWIMA_MAX_ATTR_SIZE; + size_t max_seg_size; + char buf[BUF_LEN]; + TNC_Result result = TNC_RESULT_SUCCESS; + + if (!imc_swima) + { + DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name); + return TNC_RESULT_NOT_INITIALIZED; + } + if (!imc_swima->get_state(imc_swima, connection_id, &state)) + { + return TNC_RESULT_FATAL; + } + swima_state = (imc_swima_state_t*)state; + + if (swima_state->get_subscription(swima_state, &subscription)) + { + if (system(SW_COLLECTOR) != 0) + { + DBG1(DBG_IMC, "calling %s failed", SW_COLLECTOR); + return TNC_RESULT_FATAL; + } + out_msg = imc_msg_create(imc_swima, state, connection_id, imc_id, + subscription->imv_id, msg_types[0]); + fulfill_request(state, out_msg, subscription->request_id, + subscription->sw_id_only, subscription->targets); + } + else + { + /* Determine maximum PA-TNC attribute segment size */ + max_seg_size = state->get_max_msg_len(state) - PA_TNC_HEADER_SIZE + - PA_TNC_ATTR_HEADER_SIZE + - TCG_SEG_ATTR_SEG_ENV_HEADER; + + /* Announce support of PA-TNC segmentation to IMV */ + contract = seg_contract_create(msg_types[0], max_attr_size, max_seg_size, + TRUE, imc_id, TRUE); + contract->get_info_string(contract, buf, BUF_LEN, TRUE); + DBG2(DBG_IMC, "%s", buf); + contracts = state->get_contracts(state); + contracts->add_contract(contracts, contract); + attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); + + /* send PA-TNC message with the excl flag not set */ + out_msg = imc_msg_create(imc_swima, state, connection_id, imc_id, + TNC_IMVID_ANY, msg_types[0]); + out_msg->add_attribute(out_msg, attr); + } + result = out_msg->send(out_msg, FALSE); + out_msg->destroy(out_msg); + + return result; +} + static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg) { imc_msg_t *out_msg; + imc_swima_state_t *swima_state; pa_tnc_attr_t *attr; enumerator_t *enumerator; pen_type_t type; @@ -255,7 +395,6 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg) uint32_t request_id; bool sw_id_only; swima_inventory_t *targets; - type = attr->get_type(attr); if (type.vendor_id != PEN_IETF || type.type != IETF_ATTR_SWIMA_REQUEST) @@ -267,15 +406,55 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg) flags = attr_req->get_flags(attr_req); request_id = attr_req->get_request_id(attr_req); targets = attr_req->get_targets(attr_req); + sw_id_only = (flags & IETF_SWIMA_ATTR_REQ_FLAG_R); if (flags & (IETF_SWIMA_ATTR_REQ_FLAG_S | IETF_SWIMA_ATTR_REQ_FLAG_C)) { - attr = swima_error_create(PA_ERROR_SWIMA_SUBSCRIPTION_DENIED, - request_id, 0, "no subscription available yet"); - out_msg->add_attribute(out_msg, attr); - break; + if (imc_swima->has_pt_tls(imc_swima) && + lib->settings->get_bool(lib->settings, + "%s.plugins.imc-swima.subscriptions", FALSE, lib->ns)) + { + imc_swima_subscription_t *subscription; + + swima_state = (imc_swima_state_t*)state; + + if (flags & IETF_SWIMA_ATTR_REQ_FLAG_C) + { + if (swima_state->get_subscription(swima_state, &subscription)) + { + DBG1(DBG_IMC, "SWIMA subscription %u cleared", + subscription->request_id); + swima_state->set_subscription(swima_state, NULL, FALSE); + } + } + else + { + INIT(subscription, + .imv_id = in_msg->get_src_id(in_msg), + .request_id = request_id, + .targets = targets->get_ref(targets), + .sw_id_only = sw_id_only, + ); + + swima_state->set_subscription(swima_state, subscription, + TRUE); + DBG1(DBG_IMC, "SWIMA subscription %u established", + subscription->request_id); + if (system(SW_COLLECTOR) != 0) + { + DBG1(DBG_IMC, "calling %s failed", SW_COLLECTOR); + out_msg->destroy(out_msg); + return TNC_RESULT_FATAL; + } + } + } + else + { + attr = swima_error_create(PA_ERROR_SWIMA_SUBSCRIPTION_DENIED, + request_id, 0, "subscriptions not enabled"); + out_msg->add_attribute(out_msg, attr); + } } - sw_id_only = (flags & IETF_SWIMA_ATTR_REQ_FLAG_R); fulfill_request(state, out_msg, request_id, sw_id_only, targets); break; diff --git a/src/libimcv/plugins/imc_swima/imc_swima_state.c b/src/libimcv/plugins/imc_swima/imc_swima_state.c index 70b2434a4..55d887055 100644 --- a/src/libimcv/plugins/imc_swima/imc_swima_state.c +++ b/src/libimcv/plugins/imc_swima/imc_swima_state.c @@ -65,8 +65,33 @@ struct private_imc_swima_state_t { * PA-TNC attribute segmentation contracts associated with TNCCS connection */ seg_contract_manager_t *contracts; + + /** + * Has a subscription been established? + */ + bool has_subscription; + + /** + * State information on subscriptions + */ + imc_swima_subscription_t *subscription; + + /** + * Earliest EID for the next subscription round + */ + uint32_t earliest_eid; + }; +static void free_subscription(imc_swima_subscription_t *this) +{ + if (this) + { + this->targets->destroy(this->targets); + free(this); + } +} + METHOD(imc_state_t, get_connection_id, TNC_ConnectionID, private_imc_swima_state_t *this) { @@ -110,10 +135,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_swima_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -134,13 +163,59 @@ METHOD(imc_state_t, get_result, bool, return this->result != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_swima_state_t *this) +{ + this->result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; +} + METHOD(imc_state_t, destroy, void, private_imc_swima_state_t *this) { + free(this->subscription); this->contracts->destroy(this->contracts); free(this); } +METHOD(imc_swima_state_t, set_subscription, void, + private_imc_swima_state_t *this, imc_swima_subscription_t *subscription, + bool set) +{ + free_subscription(this->subscription); + this->has_subscription = set; + + if (set) + { + this->subscription = subscription; + } + else + { + this->subscription = NULL; + } +} + +METHOD(imc_swima_state_t, get_subscription, bool, + private_imc_swima_state_t *this, imc_swima_subscription_t **subscription) +{ + if (subscription) + { + *subscription = this->subscription; + } + return this->has_subscription; +} + +METHOD(imc_swima_state_t, set_earliest_eid, void, + private_imc_swima_state_t *this, uint32_t eid) +{ + this->earliest_eid = eid; +} + +METHOD(imc_swima_state_t, get_earliest_eid, uint32_t, + private_imc_swima_state_t *this) +{ + return this->earliest_eid; +} + /** * Described in header. */ @@ -161,15 +236,20 @@ imc_state_t *imc_swima_state_create(TNC_ConnectionID connection_id) .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, + .set_subscription = _set_subscription, + .get_subscription = _get_subscription, + .set_earliest_eid = _set_earliest_eid, + .get_earliest_eid = _get_earliest_eid, }, .state = TNC_CONNECTION_STATE_CREATE, .result = TNC_IMV_EVALUATION_RESULT_DONT_KNOW, .connection_id = connection_id, .contracts = seg_contract_manager_create(), ); - + return &this->public.interface; } diff --git a/src/libimcv/plugins/imc_swima/imc_swima_state.h b/src/libimcv/plugins/imc_swima/imc_swima_state.h index 4e4e3b1bf..92a674ff8 100644 --- a/src/libimcv/plugins/imc_swima/imc_swima_state.h +++ b/src/libimcv/plugins/imc_swima/imc_swima_state.h @@ -25,9 +25,38 @@ #define IMC_SWIMA_STATE_H_ #include <imc/imc_state.h> +#include <swima/swima_inventory.h> #include <library.h> typedef struct imc_swima_state_t imc_swima_state_t; +typedef struct imc_swima_subscription_t imc_swima_subscription_t; + +/** + * State information on subscriptions + */ +struct imc_swima_subscription_t { + + /** + * IMV which sent the subscription request + */ + TNC_IMVID imv_id; + + /** + * SWIMA Request ID + */ + uint32_t request_id; + + /** + * SWIMA Request targets + */ + swima_inventory_t *targets; + + /** + * Retrieve SW Identifieres only + */ + bool sw_id_only; + +}; /** * Internal state of an imc_swima_t connection instance @@ -39,6 +68,37 @@ struct imc_swima_state_t { */ imc_state_t interface; + /** + * Set or clear a subscription + * + * @param subscription state information on subscription + * @param set TRUE sets and FALSE clears a subscripton + */ + void (*set_subscription)(imc_swima_state_t *this, + imc_swima_subscription_t *subscription, bool set); + + /** + * Get the subscription status + * + * @param subscription state information on subscription + * @return TRUE if subscription is set + */ + bool (*get_subscription)(imc_swima_state_t *this, + imc_swima_subscription_t**subscription); + + /** + * Set the earliest EID for the next subscription round + * + * @param eid Earliest EID for events or 0 for inventories + */ + void (*set_earliest_eid)(imc_swima_state_t *this, uint32_t eid); + + /** + * Get earliest EID for the next subscription round + * + * @return Earliest EID for events or 0 for inventories + */ + uint32_t (*get_earliest_eid)(imc_swima_state_t *this); }; /** diff --git a/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag deleted file mode 100644 index 4ce168623..000000000 --- a/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag +++ /dev/null @@ -1,11 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<SoftwareIdentity - name="strongSwan" - tagId="strongSwan-5-6-3" - version="5.6.3" versionScheme="alphanumeric" - xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd"> - <Entity - name="strongSwan Project" - regid="strongswan.org" - role="softwareCreator licensor tagCreator"/> -</SoftwareIdentity> diff --git a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-7-0.swidtag index 4ce168623..fa6e121b5 100644 --- a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag +++ b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-7-0.swidtag @@ -1,8 +1,8 @@ <?xml version="1.0" encoding="utf-8"?> <SoftwareIdentity name="strongSwan" - tagId="strongSwan-5-6-3" - version="5.6.3" versionScheme="alphanumeric" + tagId="strongSwan-5-7-0" + version="5.7.0" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd"> <Entity name="strongSwan Project" diff --git a/src/libimcv/plugins/imc_test/Makefile.in b/src/libimcv/plugins/imc_test/Makefile.in index fc6d2f6fb..2231f93bc 100644 --- a/src/libimcv/plugins/imc_test/Makefile.in +++ b/src/libimcv/plugins/imc_test/Makefile.in @@ -308,7 +308,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -334,6 +333,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -354,8 +355,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -410,8 +409,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -440,8 +437,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imc_test/imc_test_state.c b/src/libimcv/plugins/imc_test/imc_test_state.c index 047c82502..86d59a76a 100644 --- a/src/libimcv/plugins/imc_test/imc_test_state.c +++ b/src/libimcv/plugins/imc_test/imc_test_state.c @@ -141,10 +141,14 @@ METHOD(imc_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imc_state_t, change_state, void, +METHOD(imc_state_t, change_state, TNC_ConnectionState, private_imc_test_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imc_state_t, set_result, void, @@ -202,6 +206,12 @@ METHOD(imc_state_t, get_result, bool, return eval != TNC_IMV_EVALUATION_RESULT_DONT_KNOW; } +METHOD(imc_state_t, reset, void, + private_imc_test_state_t *this) +{ + /* nothing to reset */ +} + METHOD(imc_state_t, destroy, void, private_imc_test_state_t *this) { @@ -277,6 +287,7 @@ imc_state_t *imc_test_state_create(TNC_ConnectionID connection_id, .change_state = _change_state, .set_result = _set_result, .get_result = _get_result, + .reset = _reset, .destroy = _destroy, }, .get_command = _get_command, diff --git a/src/libimcv/plugins/imv_attestation/Makefile.in b/src/libimcv/plugins/imv_attestation/Makefile.in index f9eb9d6ed..98930d3f3 100644 --- a/src/libimcv/plugins/imv_attestation/Makefile.in +++ b/src/libimcv/plugins/imv_attestation/Makefile.in @@ -322,7 +322,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -348,6 +347,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -368,8 +369,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -424,8 +423,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -454,8 +451,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_attestation/attest_db.c b/src/libimcv/plugins/imv_attestation/attest_db.c index fb894f393..bc435df7f 100644 --- a/src/libimcv/plugins/imv_attestation/attest_db.c +++ b/src/libimcv/plugins/imv_attestation/attest_db.c @@ -187,7 +187,7 @@ char* print_cfn(pts_comp_func_name_t *cfn) int type, vid, name, qualifier, n; enum_name_t *names, *types; - vid = cfn->get_vendor_id(cfn), + vid = cfn->get_vendor_id(cfn); name = cfn->get_name(cfn); qualifier = cfn->get_qualifier(cfn); n = snprintf(buf, BUF_LEN, "0x%06x/0x%08x-0x%02x", vid, name, qualifier); diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_state.c b/src/libimcv/plugins/imv_attestation/imv_attestation_state.c index d63940797..3d9e0ab1f 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_state.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_state.c @@ -250,10 +250,14 @@ METHOD(imv_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_attestation_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_recommendation, void, @@ -338,6 +342,24 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return FALSE; } +METHOD(imv_state_t, reset, void, + private_imv_attestation_state_t *this) +{ + DESTROY_IF(this->reason_string); + this->reason_string = NULL; + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->action_flags = 0; + + this->handshake_state = IMV_ATTESTATION_STATE_INIT; + this->measurement_error = 0; + this->components->destroy_function(this->components, (void *)free_func_comp); + this->components = linked_list_create(); + this->pts->destroy(this->pts); + this->pts = pts_create(FALSE); +} + METHOD(imv_state_t, destroy, void, private_imv_attestation_state_t *this) { @@ -532,6 +554,7 @@ imv_state_t *imv_attestation_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .get_handshake_state = _get_handshake_state, diff --git a/src/libimcv/plugins/imv_hcd/Makefile.in b/src/libimcv/plugins/imv_hcd/Makefile.in index 99bf6d916..7bf503e0c 100644 --- a/src/libimcv/plugins/imv_hcd/Makefile.in +++ b/src/libimcv/plugins/imv_hcd/Makefile.in @@ -308,7 +308,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -334,6 +333,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -354,8 +355,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -410,8 +409,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -440,8 +437,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_hcd/imv_hcd_state.c b/src/libimcv/plugins/imv_hcd/imv_hcd_state.c index bfe6dd619..e2b6eaed9 100644 --- a/src/libimcv/plugins/imv_hcd/imv_hcd_state.c +++ b/src/libimcv/plugins/imv_hcd/imv_hcd_state.c @@ -213,10 +213,14 @@ METHOD(imv_state_t, update_recommendation, void, this->eval = tncif_policy_update_evaluation(this->eval, eval); } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_hcd_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_reason_string, bool, @@ -246,6 +250,24 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return FALSE; } +METHOD(imv_state_t, reset, void, + private_imv_hcd_state_t *this) +{ + DESTROY_IF(this->reason_string); + this->reason_string = NULL; + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->handshake_state = IMV_HCD_STATE_INIT; + this->subtype_action_flags[0].action_flags = IMV_HCD_ATTR_NONE; + this->subtype_action_flags[1].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY; + this->subtype_action_flags[2].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY; + this->subtype_action_flags[3].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY; + this->subtype_action_flags[4].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY; + this->subtype_action_flags[5].action_flags = IMV_HCD_ATTR_SYSTEM_ONLY; + this->action_flags = &this->subtype_action_flags[0].action_flags; +} + METHOD(imv_state_t, destroy, void, private_imv_hcd_state_t *this) { @@ -320,6 +342,7 @@ imv_state_t *imv_hcd_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .set_handshake_state = _set_handshake_state, diff --git a/src/libimcv/plugins/imv_os/Makefile.in b/src/libimcv/plugins/imv_os/Makefile.in index d5a6f07f1..4e8f8ea19 100644 --- a/src/libimcv/plugins/imv_os/Makefile.in +++ b/src/libimcv/plugins/imv_os/Makefile.in @@ -309,7 +309,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -335,6 +334,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -355,8 +356,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -411,8 +410,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -441,8 +438,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_os/imv_os_agent.c b/src/libimcv/plugins/imv_os/imv_os_agent.c index 3fa3d0965..bb1e8a806 100644 --- a/src/libimcv/plugins/imv_os/imv_os_agent.c +++ b/src/libimcv/plugins/imv_os/imv_os_agent.c @@ -539,7 +539,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, /* Determine maximum PA-TNC attribute segment size */ max_seg_size = state->get_max_msg_len(state) - - PA_TNC_HEADER_SIZE + - PA_TNC_HEADER_SIZE - PA_TNC_ATTR_HEADER_SIZE - TCG_SEG_ATTR_SEG_ENV_HEADER; @@ -614,7 +614,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (result != TNC_RESULT_SUCCESS) { return result; - } + } return this->agent->provide_recommendation(this->agent, state); } else @@ -686,7 +686,6 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, { continue; } - eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; switch (workitem->get_type(workitem)) { @@ -721,7 +720,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, TNC_IMV_EVALUATION_RESULT_COMPLIANT; snprintf(result_str, BUF_LEN, "unknown sources%s enabled", fail ? "" : " not"); - break; + break; case IMV_WORKITEM_FORWARDING: if (!(received & IMV_OS_ATTR_FORWARDING_ENABLED)) { @@ -749,14 +748,11 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, default: continue; } - if (eval != TNC_IMV_EVALUATION_RESULT_DONT_KNOW) - { - session->remove_workitem(session, enumerator); - rec = workitem->set_result(workitem, result_str, eval); - state->update_recommendation(state, rec, eval); - imcv_db->finalize_workitem(imcv_db, workitem); - workitem->destroy(workitem); - } + session->remove_workitem(session, enumerator); + rec = workitem->set_result(workitem, result_str, eval); + state->update_recommendation(state, rec, eval); + imcv_db->finalize_workitem(imcv_db, workitem); + workitem->destroy(workitem); } enumerator->destroy(enumerator); @@ -772,7 +768,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, return result; } return this->agent->provide_recommendation(this->agent, state); - } + } } /* send non-empty PA-TNC message with excl flag not set */ diff --git a/src/libimcv/plugins/imv_os/imv_os_state.c b/src/libimcv/plugins/imv_os/imv_os_state.c index af5daf0fc..dd8fcf594 100644 --- a/src/libimcv/plugins/imv_os/imv_os_state.c +++ b/src/libimcv/plugins/imv_os/imv_os_state.c @@ -362,10 +362,14 @@ METHOD(imv_state_t, update_recommendation, void, this->eval = tncif_policy_update_evaluation(this->eval, eval); } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_os_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_reason_string, bool, @@ -466,6 +470,32 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return TRUE; } +METHOD(imv_state_t, reset, void, + private_imv_os_state_t *this) +{ + DESTROY_IF(this->reason_string); + DESTROY_IF(this->remediation_string); + this->reason_string = NULL; + this->remediation_string = NULL; + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->action_flags = 0; + + this->handshake_state = IMV_OS_STATE_INIT; + this->count = 0; + this->count_security = 0; + this->count_blacklist = 0; + this->count_ok = 0; + this->os_settings = 0; + this->missing = 0; + + this->update_packages->destroy_function(this->update_packages, free); + this->remove_packages->destroy_function(this->remove_packages, free); + this->update_packages = linked_list_create(); + this->remove_packages = linked_list_create(); +} + METHOD(imv_state_t, destroy, void, private_imv_os_state_t *this) { @@ -590,6 +620,7 @@ imv_state_t *imv_os_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .set_handshake_state = _set_handshake_state, diff --git a/src/libimcv/plugins/imv_scanner/Makefile.in b/src/libimcv/plugins/imv_scanner/Makefile.in index 2649f499d..7c31a23fa 100644 --- a/src/libimcv/plugins/imv_scanner/Makefile.in +++ b/src/libimcv/plugins/imv_scanner/Makefile.in @@ -310,7 +310,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -336,6 +335,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -356,8 +357,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -412,8 +411,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -442,8 +439,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_scanner/imv_scanner_state.c b/src/libimcv/plugins/imv_scanner/imv_scanner_state.c index 8f9593f17..64ab5c4eb 100644 --- a/src/libimcv/plugins/imv_scanner/imv_scanner_state.c +++ b/src/libimcv/plugins/imv_scanner/imv_scanner_state.c @@ -222,10 +222,14 @@ METHOD(imv_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_scanner_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_recommendation, void, @@ -303,6 +307,26 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return TRUE; } +METHOD(imv_state_t, reset, void, + private_imv_scanner_state_t *this) +{ + DESTROY_IF(this->reason_string); + DESTROY_IF(this->remediation_string); + this->reason_string = NULL; + this->remediation_string = NULL; + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->action_flags = 0; + + this->handshake_state = IMV_SCANNER_STATE_INIT; + + DESTROY_IF(&this->port_filter_attr->pa_tnc_attribute); + this->port_filter_attr = NULL; + this->violating_ports->destroy_function(this->violating_ports, free); + this->violating_ports = linked_list_create(); +} + METHOD(imv_state_t, destroy, void, private_imv_scanner_state_t *this) { @@ -373,6 +397,7 @@ imv_state_t *imv_scanner_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .set_handshake_state = _set_handshake_state, @@ -391,5 +416,3 @@ imv_state_t *imv_scanner_state_create(TNC_ConnectionID connection_id) return &this->public.interface; } - - diff --git a/src/libimcv/plugins/imv_swid/Makefile.am b/src/libimcv/plugins/imv_swid/Makefile.am deleted file mode 100644 index e573ea0d8..000000000 --- a/src/libimcv/plugins/imv_swid/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libtpmtss \ - -I$(top_srcdir)/src/libimcv - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) $(json_CFLAGS) - -imcv_LTLIBRARIES = imv-swid.la - -imv_swid_la_LIBADD = \ - $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(json_LIBS) - -imv_swid_la_SOURCES = \ - imv_swid.c imv_swid_state.h imv_swid_state.c \ - imv_swid_agent.h imv_swid_agent.c - -imv_swid_la_LDFLAGS = -module -avoid-version -no-undefined diff --git a/src/libimcv/plugins/imv_swid/Makefile.in b/src/libimcv/plugins/imv_swid/Makefile.in deleted file mode 100644 index faccb683e..000000000 --- a/src/libimcv/plugins/imv_swid/Makefile.in +++ /dev/null @@ -1,797 +0,0 @@ -# Makefile.in generated by automake 1.15 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2014 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__is_gnu_make = { \ - if test -z '$(MAKELEVEL)'; then \ - false; \ - elif test -n '$(MAKE_HOST)'; then \ - true; \ - elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ - true; \ - else \ - false; \ - fi; \ -} -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = src/libimcv/plugins/imv_swid -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ - $(top_srcdir)/m4/config/ltoptions.m4 \ - $(top_srcdir)/m4/config/ltsugar.m4 \ - $(top_srcdir)/m4/config/ltversion.m4 \ - $(top_srcdir)/m4/config/lt~obsolete.m4 \ - $(top_srcdir)/m4/macros/split-package-version.m4 \ - $(top_srcdir)/m4/macros/with.m4 \ - $(top_srcdir)/m4/macros/enable-disable.m4 \ - $(top_srcdir)/m4/macros/add-plugin.m4 \ - $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -am__installdirs = "$(DESTDIR)$(imcvdir)" -LTLIBRARIES = $(imcv_LTLIBRARIES) -am__DEPENDENCIES_1 = -imv_swid_la_DEPENDENCIES = $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(am__DEPENDENCIES_1) -am_imv_swid_la_OBJECTS = imv_swid.lo imv_swid_state.lo \ - imv_swid_agent.lo -imv_swid_la_OBJECTS = $(am_imv_swid_la_OBJECTS) -AM_V_lt = $(am__v_lt_@AM_V@) -am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -am__v_lt_0 = --silent -am__v_lt_1 = -imv_swid_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(imv_swid_la_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -SOURCES = $(imv_swid_la_SOURCES) -DIST_SOURCES = $(imv_swid_la_SOURCES) -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -ALLOCA = @ALLOCA@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -ATOMICLIB = @ATOMICLIB@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -BFDLIB = @BFDLIB@ -BTLIB = @BTLIB@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ -COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLIB = @DLLIB@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -EASY_INSTALL = @EASY_INSTALL@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -FUZZING_LDFLAGS = @FUZZING_LDFLAGS@ -GEM = @GEM@ -GENHTML = @GENHTML@ -GPERF = @GPERF@ -GPERF_LEN_TYPE = @GPERF_LEN_TYPE@ -GPRBUILD = @GPRBUILD@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LCOV = @LCOV@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MYSQLCFLAG = @MYSQLCFLAG@ -MYSQLCONFIG = @MYSQLCONFIG@ -MYSQLLIB = @MYSQLLIB@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OPENSSL_LIB = @OPENSSL_LIB@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ -PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ -PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ -PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PERL = @PERL@ -PKG_CONFIG = @PKG_CONFIG@ -PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ -PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ -PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ -PTHREADLIB = @PTHREADLIB@ -PYTHON = @PYTHON@ -PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ -PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ -PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ -PYTHON_PLATFORM = @PYTHON_PLATFORM@ -PYTHON_PREFIX = @PYTHON_PREFIX@ -PYTHON_VERSION = @PYTHON_VERSION@ -PY_TEST = @PY_TEST@ -RANLIB = @RANLIB@ -RTLIB = @RTLIB@ -RUBY = @RUBY@ -RUBYGEMDIR = @RUBYGEMDIR@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -SOCKLIB = @SOCKLIB@ -STRIP = @STRIP@ -UNWINDLIB = @UNWINDLIB@ -VERSION = @VERSION@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -aikgen_plugins = @aikgen_plugins@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -attest_plugins = @attest_plugins@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -c_plugins = @c_plugins@ -charon_natt_port = @charon_natt_port@ -charon_plugins = @charon_plugins@ -charon_udp_port = @charon_udp_port@ -clearsilver_LIBS = @clearsilver_LIBS@ -cmd_plugins = @cmd_plugins@ -datadir = @datadir@ -datarootdir = @datarootdir@ -dev_headers = @dev_headers@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -fips_mode = @fips_mode@ -fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -imcvdir = @imcvdir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -ipsec_script = @ipsec_script@ -ipsec_script_upper = @ipsec_script_upper@ -ipsecdir = @ipsecdir@ -ipsecgroup = @ipsecgroup@ -ipseclibdir = @ipseclibdir@ -ipsecuser = @ipsecuser@ -json_CFLAGS = @json_CFLAGS@ -json_LIBS = @json_LIBS@ -libdir = @libdir@ -libexecdir = @libexecdir@ -libfuzzer = @libfuzzer@ -libiptc_CFLAGS = @libiptc_CFLAGS@ -libiptc_LIBS = @libiptc_LIBS@ -linux_headers = @linux_headers@ -localedir = @localedir@ -localstatedir = @localstatedir@ -manager_plugins = @manager_plugins@ -mandir = @mandir@ -medsrv_plugins = @medsrv_plugins@ -mkdir_p = @mkdir_p@ -nm_CFLAGS = @nm_CFLAGS@ -nm_LIBS = @nm_LIBS@ -nm_ca_dir = @nm_ca_dir@ -nm_plugins = @nm_plugins@ -oldincludedir = @oldincludedir@ -p_plugins = @p_plugins@ -pcsclite_CFLAGS = @pcsclite_CFLAGS@ -pcsclite_LIBS = @pcsclite_LIBS@ -pdfdir = @pdfdir@ -piddir = @piddir@ -pkgpyexecdir = @pkgpyexecdir@ -pkgpythondir = @pkgpythondir@ -pki_plugins = @pki_plugins@ -plugindir = @plugindir@ -pool_plugins = @pool_plugins@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -pyexecdir = @pyexecdir@ -pythondir = @pythondir@ -random_device = @random_device@ -resolv_conf = @resolv_conf@ -routing_table = @routing_table@ -routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ -runstatedir = @runstatedir@ -s_plugins = @s_plugins@ -sbindir = @sbindir@ -scepclient_plugins = @scepclient_plugins@ -scripts_plugins = @scripts_plugins@ -sharedstatedir = @sharedstatedir@ -soup_CFLAGS = @soup_CFLAGS@ -soup_LIBS = @soup_LIBS@ -srcdir = @srcdir@ -starter_plugins = @starter_plugins@ -strongswan_conf = @strongswan_conf@ -strongswan_options = @strongswan_options@ -swanctldir = @swanctldir@ -sysconfdir = @sysconfdir@ -systemd_CFLAGS = @systemd_CFLAGS@ -systemd_LIBS = @systemd_LIBS@ -systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ -systemd_daemon_LIBS = @systemd_daemon_LIBS@ -systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ -systemd_journal_LIBS = @systemd_journal_LIBS@ -systemdsystemunitdir = @systemdsystemunitdir@ -t_plugins = @t_plugins@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -tss2_CFLAGS = @tss2_CFLAGS@ -tss2_LIBS = @tss2_LIBS@ -tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ -tss2_socket_LIBS = @tss2_socket_LIBS@ -tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ -tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ -urandom_device = @urandom_device@ -xml_CFLAGS = @xml_CFLAGS@ -xml_LIBS = @xml_LIBS@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libtncif \ - -I$(top_srcdir)/src/libtpmtss \ - -I$(top_srcdir)/src/libimcv - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) $(json_CFLAGS) - -imcv_LTLIBRARIES = imv-swid.la -imv_swid_la_LIBADD = \ - $(top_builddir)/src/libimcv/libimcv.la \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(json_LIBS) - -imv_swid_la_SOURCES = \ - imv_swid.c imv_swid_state.h imv_swid_state.c \ - imv_swid_agent.h imv_swid_agent.c - -imv_swid_la_LDFLAGS = -module -avoid-version -no-undefined -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_swid/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/libimcv/plugins/imv_swid/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -install-imcvLTLIBRARIES: $(imcv_LTLIBRARIES) - @$(NORMAL_INSTALL) - @list='$(imcv_LTLIBRARIES)'; test -n "$(imcvdir)" || list=; \ - list2=; for p in $$list; do \ - if test -f $$p; then \ - list2="$$list2 $$p"; \ - else :; fi; \ - done; \ - test -z "$$list2" || { \ - echo " $(MKDIR_P) '$(DESTDIR)$(imcvdir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(imcvdir)" || exit 1; \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(imcvdir)'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(imcvdir)"; \ - } - -uninstall-imcvLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(imcv_LTLIBRARIES)'; test -n "$(imcvdir)" || list=; \ - for p in $$list; do \ - $(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(imcvdir)/$$f'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(imcvdir)/$$f"; \ - done - -clean-imcvLTLIBRARIES: - -test -z "$(imcv_LTLIBRARIES)" || rm -f $(imcv_LTLIBRARIES) - @list='$(imcv_LTLIBRARIES)'; \ - locs=`for p in $$list; do echo $$p; done | \ - sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ - sort -u`; \ - test -z "$$locs" || { \ - echo rm -f $${locs}; \ - rm -f $${locs}; \ - } - -imv-swid.la: $(imv_swid_la_OBJECTS) $(imv_swid_la_DEPENDENCIES) $(EXTRA_imv_swid_la_DEPENDENCIES) - $(AM_V_CCLD)$(imv_swid_la_LINK) -rpath $(imcvdir) $(imv_swid_la_OBJECTS) $(imv_swid_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imv_swid.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imv_swid_agent.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imv_swid_state.Plo@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LTLIBRARIES) -installdirs: - for dir in "$(DESTDIR)$(imcvdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-imcvLTLIBRARIES clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-imcvLTLIBRARIES - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-imcvLTLIBRARIES - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-imcvLTLIBRARIES clean-libtool cscopelist-am ctags \ - ctags-am distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am \ - install-imcvLTLIBRARIES install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ - uninstall-am uninstall-imcvLTLIBRARIES - -.PRECIOUS: Makefile - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/src/libimcv/plugins/imv_swid/imv_swid.c b/src/libimcv/plugins/imv_swid/imv_swid.c deleted file mode 100644 index cab011580..000000000 --- a/src/libimcv/plugins/imv_swid/imv_swid.c +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (C) 2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "imv_swid_agent.h" - -static const char imv_name[] = "SWID"; -static const imv_agent_create_t imv_agent_create = imv_swid_agent_create; - -/* include generic TGC TNC IF-IMV API code below */ - -#include <imv/imv_if.h> - diff --git a/src/libimcv/plugins/imv_swid/imv_swid_agent.c b/src/libimcv/plugins/imv_swid/imv_swid_agent.c deleted file mode 100644 index 2884a169c..000000000 --- a/src/libimcv/plugins/imv_swid/imv_swid_agent.c +++ /dev/null @@ -1,727 +0,0 @@ -/* - * Copyright (C) 2013-2017 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#define _GNU_SOURCE -#include <stdio.h> - -#include "imv_swid_agent.h" -#include "imv_swid_state.h" - -#include <imcv.h> -#include <imv/imv_agent.h> -#include <imv/imv_msg.h> -#include <ietf/ietf_attr_pa_tnc_error.h> -#include "rest/rest.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" -#include "tcg/seg/tcg_seg_attr_seg_env.h" -#include "tcg/swid/tcg_swid_attr_req.h" -#include "tcg/swid/tcg_swid_attr_tag_inv.h" -#include "tcg/swid/tcg_swid_attr_tag_id_inv.h" -#include "swid/swid_error.h" -#include "swid/swid_inventory.h" - -#include <tncif_names.h> -#include <tncif_pa_subtypes.h> - -#include <pen/pen.h> -#include <utils/debug.h> -#include <bio/bio_reader.h> - -typedef struct private_imv_swid_agent_t private_imv_swid_agent_t; - -/* Subscribed PA-TNC message subtypes */ -static pen_type_t msg_types[] = { - { PEN_TCG, PA_SUBTYPE_TCG_SWID } -}; - -/** - * Flag set when corresponding attribute has been received - */ -enum imv_swid_attr_t { - IMV_SWID_ATTR_TAG_INV = (1<<0), - IMV_SWID_ATTR_TAG_ID_INV = (1<<1) -}; - -/** - * Private data of an imv_swid_agent_t object. - */ -struct private_imv_swid_agent_t { - - /** - * Public members of imv_swid_agent_t - */ - imv_agent_if_t public; - - /** - * IMV agent responsible for generic functions - */ - imv_agent_t *agent; - - /** - * REST API to strongTNC manager - */ - rest_t *rest_api; - -}; - -METHOD(imv_agent_if_t, bind_functions, TNC_Result, - private_imv_swid_agent_t *this, TNC_TNCS_BindFunctionPointer bind_function) -{ - return this->agent->bind_functions(this->agent, bind_function); -} - -METHOD(imv_agent_if_t, notify_connection_change, TNC_Result, - private_imv_swid_agent_t *this, TNC_ConnectionID id, - TNC_ConnectionState new_state) -{ - imv_state_t *state; - - switch (new_state) - { - case TNC_CONNECTION_STATE_CREATE: - state = imv_swid_state_create(id); - return this->agent->create_state(this->agent, state); - case TNC_CONNECTION_STATE_DELETE: - return this->agent->delete_state(this->agent, id); - default: - return this->agent->change_state(this->agent, id, new_state, NULL); - } -} - -/** - * Process a received message - */ -static TNC_Result receive_msg(private_imv_swid_agent_t *this, - imv_state_t *state, imv_msg_t *in_msg) -{ - imv_swid_state_t *swid_state; - imv_msg_t *out_msg; - enumerator_t *enumerator; - pa_tnc_attr_t *attr; - TNC_Result result; - bool fatal_error = FALSE; - - /* generate an outgoing PA-TNC message - we might need it */ - out_msg = imv_msg_create_as_reply(in_msg); - - /* parse received PA-TNC message and handle local and remote errors */ - result = in_msg->receive(in_msg, out_msg, &fatal_error); - if (result != TNC_RESULT_SUCCESS) - { - out_msg->destroy(out_msg); - return result; - } - - swid_state = (imv_swid_state_t*)state; - - /* analyze PA-TNC attributes */ - enumerator = in_msg->create_attribute_enumerator(in_msg); - while (enumerator->enumerate(enumerator, &attr)) - { - uint32_t request_id = 0, last_eid, eid_epoch; - swid_inventory_t *inventory; - pen_type_t type; - - type = attr->get_type(attr); - - if (type.vendor_id == PEN_IETF && type.type == IETF_ATTR_PA_TNC_ERROR) - { - ietf_attr_pa_tnc_error_t *error_attr; - pen_type_t error_code; - chunk_t msg_info, description; - bio_reader_t *reader; - uint32_t max_attr_size; - bool success; - - error_attr = (ietf_attr_pa_tnc_error_t*)attr; - error_code = error_attr->get_error_code(error_attr); - - if (error_code.vendor_id == PEN_TCG) - { - fatal_error = TRUE; - msg_info = error_attr->get_msg_info(error_attr); - reader = bio_reader_create(msg_info); - success = reader->read_uint32(reader, &request_id); - - DBG1(DBG_IMV, "received TCG error '%N' for request %d", - swid_error_code_names, error_code.type, request_id); - if (!success) - { - reader->destroy(reader); - continue; - } - if (error_code.type == TCG_SWID_RESPONSE_TOO_LARGE) - { - if (!reader->read_uint32(reader, &max_attr_size)) - { - reader->destroy(reader); - continue; - } - DBG1(DBG_IMV, " maximum PA-TNC attribute size is %u bytes", - max_attr_size); - } - description = reader->peek(reader); - if (description.len) - { - DBG1(DBG_IMV, " description: %.*s", description.len, - description.ptr); - } - reader->destroy(reader); - } - } - else if (type.vendor_id != PEN_TCG) - { - continue; - } - - switch (type.type) - { - case TCG_SWID_TAG_ID_INVENTORY: - { - tcg_swid_attr_tag_id_inv_t *attr_cast; - uint32_t missing; - int tag_id_count; - - state->set_action_flags(state, IMV_SWID_ATTR_TAG_ID_INV); - - attr_cast = (tcg_swid_attr_tag_id_inv_t*)attr; - request_id = attr_cast->get_request_id(attr_cast); - last_eid = attr_cast->get_last_eid(attr_cast, &eid_epoch); - inventory = attr_cast->get_inventory(attr_cast); - tag_id_count = inventory->get_count(inventory); - missing = attr_cast->get_tag_id_count(attr_cast); - swid_state->set_missing(swid_state, missing); - - DBG2(DBG_IMV, "received SWID tag ID inventory with %d item%s " - "for request %d at eid %d of epoch 0x%08x, %d item%s to " - "follow", tag_id_count, (tag_id_count == 1) ? "" : "s", - request_id, last_eid, eid_epoch, missing, - (missing == 1) ? "" : "s"); - - if (request_id == swid_state->get_request_id(swid_state)) - { - swid_state->set_swid_inventory(swid_state, inventory); - swid_state->set_count(swid_state, tag_id_count, 0, - in_msg->get_src_id(in_msg)); - } - else - { - DBG1(DBG_IMV, "no workitem found for SWID tag ID inventory " - "with request ID %d", request_id); - } - attr_cast->clear_inventory(attr_cast); - break; - } - case TCG_SWID_TAG_INVENTORY: - { - tcg_swid_attr_tag_inv_t *attr_cast; - swid_tag_t *tag; - chunk_t tag_encoding; - json_object *jobj, *jarray, *jstring; - char *tag_str; - uint32_t missing; - int tag_count; - enumerator_t *e; - - state->set_action_flags(state, IMV_SWID_ATTR_TAG_INV); - - attr_cast = (tcg_swid_attr_tag_inv_t*)attr; - request_id = attr_cast->get_request_id(attr_cast); - last_eid = attr_cast->get_last_eid(attr_cast, &eid_epoch); - inventory = attr_cast->get_inventory(attr_cast); - tag_count = inventory->get_count(inventory); - missing = attr_cast->get_tag_count(attr_cast); - swid_state->set_missing(swid_state, missing); - - DBG2(DBG_IMV, "received SWID tag inventory with %d item%s for " - "request %d at eid %d of epoch 0x%08x, %d item%s to follow", - tag_count, (tag_count == 1) ? "" : "s", request_id, - last_eid, eid_epoch, missing, (missing == 1) ? "" : "s"); - - if (request_id == swid_state->get_request_id(swid_state)) - { - swid_state->set_count(swid_state, 0, tag_count, - in_msg->get_src_id(in_msg)); - - if (this->rest_api) - { - jobj = json_object_new_object(); - jarray = json_object_new_array(); - json_object_object_add(jobj, "data", jarray); - - e = inventory->create_enumerator(inventory); - while (e->enumerate(e, &tag)) - { - tag_encoding = tag->get_encoding(tag); - tag_str = strndup(tag_encoding.ptr, tag_encoding.len); - DBG3(DBG_IMV, "%s", tag_str); - jstring = json_object_new_string(tag_str); - json_object_array_add(jarray, jstring); - free(tag_str); - } - e->destroy(e); - - if (this->rest_api->post(this->rest_api, - "swid/add-tags/", jobj, NULL) != SUCCESS) - { - DBG1(DBG_IMV, "error in REST API add-tags request"); - } - json_object_put(jobj); - } - } - else - { - DBG1(DBG_IMV, "no workitem found for SWID tag inventory " - "with request ID %d", request_id); - } - attr_cast->clear_inventory(attr_cast); - break; - } - default: - break; - } - } - enumerator->destroy(enumerator); - - if (fatal_error) - { - state->set_recommendation(state, - TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION, - TNC_IMV_EVALUATION_RESULT_ERROR); - result = out_msg->send_assessment(out_msg); - if (result == TNC_RESULT_SUCCESS) - { - result = this->agent->provide_recommendation(this->agent, state); - } - } - else - { - /* send PA-TNC message with the EXCL flag set */ - result = out_msg->send(out_msg, TRUE); - } - out_msg->destroy(out_msg); - - return result; -} - -METHOD(imv_agent_if_t, receive_message, TNC_Result, - private_imv_swid_agent_t *this, TNC_ConnectionID id, - TNC_MessageType msg_type, chunk_t msg) -{ - imv_state_t *state; - imv_msg_t *in_msg; - TNC_Result result; - - if (!this->agent->get_state(this->agent, id, &state)) - { - return TNC_RESULT_FATAL; - } - in_msg = imv_msg_create_from_data(this->agent, state, id, msg_type, msg); - result = receive_msg(this, state, in_msg); - in_msg->destroy(in_msg); - - return result; -} - -METHOD(imv_agent_if_t, receive_message_long, TNC_Result, - private_imv_swid_agent_t *this, TNC_ConnectionID id, - TNC_UInt32 src_imc_id, TNC_UInt32 dst_imv_id, - TNC_VendorID msg_vid, TNC_MessageSubtype msg_subtype, chunk_t msg) -{ - imv_state_t *state; - imv_msg_t *in_msg; - TNC_Result result; - - if (!this->agent->get_state(this->agent, id, &state)) - { - return TNC_RESULT_FATAL; - } - in_msg = imv_msg_create_from_long_data(this->agent, state, id, - src_imc_id, dst_imv_id, msg_vid, msg_subtype, msg); - result = receive_msg(this, state, in_msg); - in_msg->destroy(in_msg); - - return result; - -} - -METHOD(imv_agent_if_t, batch_ending, TNC_Result, - private_imv_swid_agent_t *this, TNC_ConnectionID id) -{ - imv_msg_t *out_msg; - imv_state_t *state; - imv_session_t *session; - imv_workitem_t *workitem; - imv_swid_state_t *swid_state; - imv_swid_handshake_state_t handshake_state; - pa_tnc_attr_t *attr; - TNC_IMVID imv_id; - TNC_Result result = TNC_RESULT_SUCCESS; - bool no_workitems = TRUE; - uint32_t request_id, received; - uint8_t flags; - enumerator_t *enumerator; - - if (!this->agent->get_state(this->agent, id, &state)) - { - return TNC_RESULT_FATAL; - } - swid_state = (imv_swid_state_t*)state; - handshake_state = swid_state->get_handshake_state(swid_state); - session = state->get_session(state); - imv_id = this->agent->get_id(this->agent); - - if (handshake_state == IMV_SWID_STATE_END) - { - return TNC_RESULT_SUCCESS; - } - - /* Create an empty out message - we might need it */ - out_msg = imv_msg_create(this->agent, state, id, imv_id, - swid_state->get_imc_id(swid_state), - msg_types[0]); - - if (!imcv_db) - { - DBG2(DBG_IMV, "no workitems available - no evaluation possible"); - state->set_recommendation(state, - TNC_IMV_ACTION_RECOMMENDATION_ALLOW, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - result = out_msg->send_assessment(out_msg); - out_msg->destroy(out_msg); - swid_state->set_handshake_state(swid_state, IMV_SWID_STATE_END); - - if (result != TNC_RESULT_SUCCESS) - { - return result; - } - return this->agent->provide_recommendation(this->agent, state); - } - - /* Look for SWID tag workitem and create SWID tag request */ - if (handshake_state == IMV_SWID_STATE_INIT && - session->get_policy_started(session)) - { - size_t max_attr_size = SWID_MAX_ATTR_SIZE; - size_t max_seg_size; - seg_contract_t *contract; - seg_contract_manager_t *contracts; - char buf[BUF_LEN]; - - enumerator = session->create_workitem_enumerator(session); - if (enumerator) - { - while (enumerator->enumerate(enumerator, &workitem)) - { - if (workitem->get_imv_id(workitem) != TNC_IMVID_ANY || - workitem->get_type(workitem) != IMV_WORKITEM_SWID_TAGS) - { - continue; - } - - flags = TCG_SWID_ATTR_REQ_FLAG_NONE; - if (strchr(workitem->get_arg_str(workitem), 'R')) - { - flags |= TCG_SWID_ATTR_REQ_FLAG_R; - } - if (strchr(workitem->get_arg_str(workitem), 'S')) - { - flags |= TCG_SWID_ATTR_REQ_FLAG_S; - } - if (strchr(workitem->get_arg_str(workitem), 'C')) - { - flags |= TCG_SWID_ATTR_REQ_FLAG_C; - } - - /* Determine maximum PA-TNC attribute segment size */ - max_seg_size = state->get_max_msg_len(state) - - PA_TNC_HEADER_SIZE - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_SEG_ENV_HEADER; - - /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[0], max_attr_size, - max_seg_size, TRUE, imv_id, FALSE); - contract->get_info_string(contract, buf, BUF_LEN, TRUE); - DBG2(DBG_IMV, "%s", buf); - contracts = state->get_contracts(state); - contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, - max_seg_size, TRUE); - out_msg->add_attribute(out_msg, attr); - - /* Issue a SWID request */ - request_id = workitem->get_id(workitem); - swid_state->set_request_id(swid_state, request_id); - attr = tcg_swid_attr_req_create(flags, request_id, 0); - out_msg->add_attribute(out_msg, attr); - workitem->set_imv_id(workitem, imv_id); - no_workitems = FALSE; - DBG2(DBG_IMV, "IMV %d issues SWID request %d", - imv_id, request_id); - break; - } - enumerator->destroy(enumerator); - - if (no_workitems) - { - DBG2(DBG_IMV, "IMV %d has no workitems - " - "no evaluation requested", imv_id); - state->set_recommendation(state, - TNC_IMV_ACTION_RECOMMENDATION_ALLOW, - TNC_IMV_EVALUATION_RESULT_DONT_KNOW); - } - handshake_state = IMV_SWID_STATE_WORKITEMS; - swid_state->set_handshake_state(swid_state, handshake_state); - } - } - - received = state->get_action_flags(state); - - if (handshake_state == IMV_SWID_STATE_WORKITEMS && - (received & (IMV_SWID_ATTR_TAG_INV|IMV_SWID_ATTR_TAG_ID_INV)) && - swid_state->get_missing(swid_state) == 0) - { - TNC_IMV_Evaluation_Result eval; - TNC_IMV_Action_Recommendation rec; - char result_str[BUF_LEN], *error_str = "", *command; - char *target, *separator; - int tag_id_count, tag_count, i; - chunk_t tag_creator, unique_sw_id; - json_object *jrequest, *jresponse, *jvalue; - tcg_swid_attr_req_t *cast_attr; - swid_tag_id_t *tag_id; - status_t status = SUCCESS; - - if (this->rest_api && (received & IMV_SWID_ATTR_TAG_ID_INV)) - { - if (asprintf(&command, "sessions/%d/swid-measurement/", - session->get_session_id(session, NULL, NULL)) < 0) - { - error_str = "allocation of command string failed"; - status = FAILED; - } - else - { - jrequest = swid_state->get_swid_inventory(swid_state); - status = this->rest_api->post(this->rest_api, command, - jrequest, &jresponse); - if (status == FAILED) - { - error_str = "error in REST API swid-measurement request"; - } - free(command); - } - } - - switch (status) - { - case SUCCESS: - enumerator = session->create_workitem_enumerator(session); - while (enumerator->enumerate(enumerator, &workitem)) - { - if (workitem->get_type(workitem) == IMV_WORKITEM_SWID_TAGS) - { - swid_state->get_count(swid_state, &tag_id_count, - &tag_count); - snprintf(result_str, BUF_LEN, "received inventory of " - "%d SWID tag ID%s and %d SWID tag%s", - tag_id_count, (tag_id_count == 1) ? "" : "s", - tag_count, (tag_count == 1) ? "" : "s"); - session->remove_workitem(session, enumerator); - - eval = TNC_IMV_EVALUATION_RESULT_COMPLIANT; - rec = workitem->set_result(workitem, result_str, eval); - state->update_recommendation(state, rec, eval); - imcv_db->finalize_workitem(imcv_db, workitem); - workitem->destroy(workitem); - break; - } - } - enumerator->destroy(enumerator); - break; - case NEED_MORE: - if (received & IMV_SWID_ATTR_TAG_INV) - { - error_str = "not all requested SWID tags were received"; - status = FAILED; - json_object_put(jresponse); - break; - } - if (json_object_get_type(jresponse) != json_type_array) - { - error_str = "response was not a json_array"; - status = FAILED; - json_object_put(jresponse); - break; - } - - /* Create a TCG SWID Request attribute */ - attr = tcg_swid_attr_req_create(TCG_SWID_ATTR_REQ_FLAG_NONE, - swid_state->get_request_id(swid_state), 0); - tag_id_count = json_object_array_length(jresponse); - DBG1(DBG_IMV, "%d SWID tag target%s", tag_id_count, - (tag_id_count == 1) ? "" : "s"); - swid_state->set_missing(swid_state, tag_id_count); - - for (i = 0; i < tag_id_count; i++) - { - jvalue = json_object_array_get_idx(jresponse, i); - if (json_object_get_type(jvalue) != json_type_string) - { - error_str = "json_string element expected in json_array"; - status = FAILED; - json_object_put(jresponse); - break; - } - target = (char*)json_object_get_string(jvalue); - DBG1(DBG_IMV, " %s", target); - - /* Separate target into tag_creator and unique_sw_id */ - separator = strstr(target, "__"); - if (!separator) - { - error_str = "separation of regid from " - "unique software ID failed"; - break; - } - tag_creator = chunk_create(target, separator - target); - separator += 2; - unique_sw_id = chunk_create(separator, strlen(target) - - tag_creator.len - 2); - tag_id = swid_tag_id_create(tag_creator, unique_sw_id, - chunk_empty); - cast_attr = (tcg_swid_attr_req_t*)attr; - cast_attr->add_target(cast_attr, tag_id); - } - json_object_put(jresponse); - - out_msg->add_attribute(out_msg, attr); - break; - case FAILED: - default: - break; - } - - if (status == FAILED) - { - enumerator = session->create_workitem_enumerator(session); - while (enumerator->enumerate(enumerator, &workitem)) - { - if (workitem->get_type(workitem) == IMV_WORKITEM_SWID_TAGS) - { - session->remove_workitem(session, enumerator); - eval = TNC_IMV_EVALUATION_RESULT_ERROR; - rec = workitem->set_result(workitem, error_str, eval); - state->update_recommendation(state, rec, eval); - imcv_db->finalize_workitem(imcv_db, workitem); - workitem->destroy(workitem); - break; - } - } - enumerator->destroy(enumerator); - } - } - - /* finalized all workitems ? */ - if (handshake_state == IMV_SWID_STATE_WORKITEMS && - session->get_workitem_count(session, imv_id) == 0) - { - result = out_msg->send_assessment(out_msg); - out_msg->destroy(out_msg); - swid_state->set_handshake_state(swid_state, IMV_SWID_STATE_END); - - if (result != TNC_RESULT_SUCCESS) - { - return result; - } - return this->agent->provide_recommendation(this->agent, state); - } - - /* send non-empty PA-TNC message with excl flag not set */ - if (out_msg->get_attribute_count(out_msg)) - { - result = out_msg->send(out_msg, FALSE); - } - out_msg->destroy(out_msg); - - return result; -} - -METHOD(imv_agent_if_t, solicit_recommendation, TNC_Result, - private_imv_swid_agent_t *this, TNC_ConnectionID id) -{ - imv_state_t *state; - - if (!this->agent->get_state(this->agent, id, &state)) - { - return TNC_RESULT_FATAL; - } - return this->agent->provide_recommendation(this->agent, state); -} - -METHOD(imv_agent_if_t, destroy, void, - private_imv_swid_agent_t *this) -{ - DESTROY_IF(this->rest_api); - this->agent->destroy(this->agent); - free(this); -} - -/** - * Described in header. - */ -imv_agent_if_t *imv_swid_agent_create(const char *name, TNC_IMVID id, - TNC_Version *actual_version) -{ - private_imv_swid_agent_t *this; - imv_agent_t *agent; - char *rest_api_uri; - u_int rest_api_timeout; - - agent = imv_agent_create(name, msg_types, countof(msg_types), id, - actual_version); - if (!agent) - { - return NULL; - } - agent->add_non_fatal_attr_type(agent, - pen_type_create(PEN_TCG, TCG_SEG_MAX_ATTR_SIZE_REQ)); - - INIT(this, - .public = { - .bind_functions = _bind_functions, - .notify_connection_change = _notify_connection_change, - .receive_message = _receive_message, - .receive_message_long = _receive_message_long, - .batch_ending = _batch_ending, - .solicit_recommendation = _solicit_recommendation, - .destroy = _destroy, - }, - .agent = agent, - ); - - rest_api_uri = lib->settings->get_str(lib->settings, - "%s.plugins.imv-swid.rest_api_uri", NULL, lib->ns); - rest_api_timeout = lib->settings->get_int(lib->settings, - "%s.plugins.imv-swid.rest_api_timeout", 120, lib->ns); - if (rest_api_uri) - { - this->rest_api = rest_create(rest_api_uri, rest_api_timeout); - } - - return &this->public; -} - diff --git a/src/libimcv/plugins/imv_swid/imv_swid_agent.h b/src/libimcv/plugins/imv_swid/imv_swid_agent.h deleted file mode 100644 index 4218040bc..000000000 --- a/src/libimcv/plugins/imv_swid/imv_swid_agent.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright (C) 2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup imv_swid_agent_t imv_swid_agent - * @{ @ingroup imv_swid - */ - -#ifndef IMV_SWID_AGENT_H_ -#define IMV_SWID_AGENT_H_ - -#include <imv/imv_agent_if.h> - -/** - * Creates an SWID IMV agent - * - * @param name Name of the IMV - * @param id ID of the IMV - * @param actual_version TNC IF-IMV version - */ -imv_agent_if_t* imv_swid_agent_create(const char* name, TNC_IMVID id, - TNC_Version *actual_version); - -#endif /** IMV_SWID_AGENT_H_ @}*/ diff --git a/src/libimcv/plugins/imv_swid/imv_swid_state.c b/src/libimcv/plugins/imv_swid/imv_swid_state.c deleted file mode 100644 index 50e9f489a..000000000 --- a/src/libimcv/plugins/imv_swid/imv_swid_state.c +++ /dev/null @@ -1,417 +0,0 @@ -/* - * Copyright (C) 2013-2017 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "imv_swid_state.h" - -#include <imv/imv_lang_string.h> -#include <imv/imv_reason_string.h> -#include <imv/imv_remediation_string.h> -#include <swid/swid_tag_id.h> - -#include <tncif_policy.h> - -#include <utils/lexparser.h> -#include <utils/debug.h> - -typedef struct private_imv_swid_state_t private_imv_swid_state_t; - -/** - * Private data of an imv_swid_state_t object. - */ -struct private_imv_swid_state_t { - - /** - * Public members of imv_swid_state_t - */ - imv_swid_state_t public; - - /** - * TNCCS connection ID - */ - TNC_ConnectionID connection_id; - - /** - * TNCCS connection state - */ - TNC_ConnectionState state; - - /** - * Does the TNCCS connection support long message types? - */ - bool has_long; - - /** - * Does the TNCCS connection support exclusive delivery? - */ - bool has_excl; - - /** - * Maximum PA-TNC message size for this TNCCS connection - */ - uint32_t max_msg_len; - - /** - * Flags set for completed actions - */ - uint32_t action_flags; - - /** - * IMV database session associated with TNCCS connection - */ - imv_session_t *session; - - /** - * PA-TNC attribute segmentation contracts associated with TNCCS connection - */ - seg_contract_manager_t *contracts; - - /** - * IMV action recommendation - */ - TNC_IMV_Action_Recommendation rec; - - /** - * IMV evaluation result - */ - TNC_IMV_Evaluation_Result eval; - - /** - * IMV Scanner handshake state - */ - imv_swid_handshake_state_t handshake_state; - - /** - * TNC Reason String - */ - imv_reason_string_t *reason_string; - - /** - * IETF Remediation Instructions String - */ - imv_remediation_string_t *remediation_string; - - /** - * SWID Tag Request ID - */ - uint32_t request_id; - - /** - * Number of processed SWID Tag IDs - */ - int tag_id_count; - - /** - * Number of processed SWID Tags - */ - int tag_count; - - /** - * Number of missing SWID Tags or Tag IDs - */ - uint32_t missing; - - /** - * SWID IMC ID - */ - TNC_UInt32 imc_id; - - /** - * Top level JSON object - */ - json_object *jobj; - - /** - * JSON array containing an inventory of SWID Tag IDs - */ - json_object *jarray; - -}; - -METHOD(imv_state_t, get_connection_id, TNC_ConnectionID, - private_imv_swid_state_t *this) -{ - return this->connection_id; -} - -METHOD(imv_state_t, has_long, bool, - private_imv_swid_state_t *this) -{ - return this->has_long; -} - -METHOD(imv_state_t, has_excl, bool, - private_imv_swid_state_t *this) -{ - return this->has_excl; -} - -METHOD(imv_state_t, set_flags, void, - private_imv_swid_state_t *this, bool has_long, bool has_excl) -{ - this->has_long = has_long; - this->has_excl = has_excl; -} - -METHOD(imv_state_t, set_max_msg_len, void, - private_imv_swid_state_t *this, uint32_t max_msg_len) -{ - this->max_msg_len = max_msg_len; -} - -METHOD(imv_state_t, get_max_msg_len, uint32_t, - private_imv_swid_state_t *this) -{ - return this->max_msg_len; -} - -METHOD(imv_state_t, set_action_flags, void, - private_imv_swid_state_t *this, uint32_t flags) -{ - this->action_flags |= flags; -} - -METHOD(imv_state_t, get_action_flags, uint32_t, - private_imv_swid_state_t *this) -{ - return this->action_flags; -} - -METHOD(imv_state_t, set_session, void, - private_imv_swid_state_t *this, imv_session_t *session) -{ - this->session = session; -} - -METHOD(imv_state_t, get_session, imv_session_t*, - private_imv_swid_state_t *this) -{ - return this->session; -} - -METHOD(imv_state_t, get_contracts, seg_contract_manager_t*, - private_imv_swid_state_t *this) -{ - return this->contracts; -} - -METHOD(imv_state_t, change_state, void, - private_imv_swid_state_t *this, TNC_ConnectionState new_state) -{ - this->state = new_state; -} - -METHOD(imv_state_t, get_recommendation, void, - private_imv_swid_state_t *this, TNC_IMV_Action_Recommendation *rec, - TNC_IMV_Evaluation_Result *eval) -{ - *rec = this->rec; - *eval = this->eval; -} - -METHOD(imv_state_t, set_recommendation, void, - private_imv_swid_state_t *this, TNC_IMV_Action_Recommendation rec, - TNC_IMV_Evaluation_Result eval) -{ - this->rec = rec; - this->eval = eval; -} - -METHOD(imv_state_t, update_recommendation, void, - private_imv_swid_state_t *this, TNC_IMV_Action_Recommendation rec, - TNC_IMV_Evaluation_Result eval) -{ - this->rec = tncif_policy_update_recommendation(this->rec, rec); - this->eval = tncif_policy_update_evaluation(this->eval, eval); -} - -METHOD(imv_state_t, get_reason_string, bool, - private_imv_swid_state_t *this, enumerator_t *language_enumerator, - chunk_t *reason_string, char **reason_language) -{ - return FALSE; -} - -METHOD(imv_state_t, get_remediation_instructions, bool, - private_imv_swid_state_t *this, enumerator_t *language_enumerator, - chunk_t *string, char **lang_code, char **uri) -{ - return FALSE; -} - -METHOD(imv_state_t, destroy, void, - private_imv_swid_state_t *this) -{ - json_object_put(this->jobj); - DESTROY_IF(this->session); - DESTROY_IF(this->reason_string); - DESTROY_IF(this->remediation_string); - this->contracts->destroy(this->contracts); - free(this); -} - -METHOD(imv_swid_state_t, set_handshake_state, void, - private_imv_swid_state_t *this, imv_swid_handshake_state_t new_state) -{ - this->handshake_state = new_state; -} - -METHOD(imv_swid_state_t, get_handshake_state, imv_swid_handshake_state_t, - private_imv_swid_state_t *this) -{ - return this->handshake_state; -} - -METHOD(imv_swid_state_t, set_request_id, void, - private_imv_swid_state_t *this, uint32_t request_id) -{ - this->request_id = request_id; -} - -METHOD(imv_swid_state_t, get_request_id, uint32_t, - private_imv_swid_state_t *this) -{ - return this->request_id; -} - -METHOD(imv_swid_state_t, set_swid_inventory, void, - private_imv_swid_state_t *this, swid_inventory_t *inventory) -{ - chunk_t tag_creator, sw_id; - char software_id[BUF_LEN]; - json_object *jstring; - swid_tag_id_t *tag_id; - enumerator_t *enumerator; - - enumerator = inventory->create_enumerator(inventory); - while (enumerator->enumerate(enumerator, &tag_id)) - { - /* Construct software ID from tag creator and unique software ID */ - tag_creator = tag_id->get_tag_creator(tag_id); - sw_id = tag_id->get_unique_sw_id(tag_id, NULL); - snprintf(software_id, BUF_LEN, "%.*s__%.*s", - (int)tag_creator.len, tag_creator.ptr, - (int)sw_id.len, sw_id.ptr); - DBG3(DBG_IMV, " %s", software_id); - - /* Add software ID to JSON array */ - jstring = json_object_new_string(software_id); - json_object_array_add(this->jarray, jstring); - } - enumerator->destroy(enumerator); -} - -METHOD(imv_swid_state_t, get_swid_inventory, json_object*, - private_imv_swid_state_t *this) -{ - return this->jobj; -} - -METHOD(imv_swid_state_t, set_missing, void, - private_imv_swid_state_t *this, uint32_t count) -{ - this->missing = count; -} - -METHOD(imv_swid_state_t, get_missing, uint32_t, - private_imv_swid_state_t *this) -{ - return this->missing; -} - -METHOD(imv_swid_state_t, set_count, void, - private_imv_swid_state_t *this, int tag_id_count, int tag_count, - TNC_UInt32 imc_id) -{ - this->tag_id_count += tag_id_count; - this->tag_count += tag_count; - this->imc_id = imc_id; -} - -METHOD(imv_swid_state_t, get_count, void, - private_imv_swid_state_t *this, int *tag_id_count, int *tag_count) -{ - if (tag_id_count) - { - *tag_id_count = this->tag_id_count; - } - if (tag_count) - { - *tag_count = this->tag_count; - } -} - -METHOD(imv_swid_state_t, get_imc_id, TNC_UInt32, - private_imv_swid_state_t *this) -{ - return this->imc_id; -} - -/** - * Described in header. - */ -imv_state_t *imv_swid_state_create(TNC_ConnectionID connection_id) -{ - private_imv_swid_state_t *this; - - INIT(this, - .public = { - .interface = { - .get_connection_id = _get_connection_id, - .has_long = _has_long, - .has_excl = _has_excl, - .set_flags = _set_flags, - .set_max_msg_len = _set_max_msg_len, - .get_max_msg_len = _get_max_msg_len, - .set_action_flags = _set_action_flags, - .get_action_flags = _get_action_flags, - .set_session = _set_session, - .get_session= _get_session, - .get_contracts = _get_contracts, - .change_state = _change_state, - .get_recommendation = _get_recommendation, - .set_recommendation = _set_recommendation, - .update_recommendation = _update_recommendation, - .get_reason_string = _get_reason_string, - .get_remediation_instructions = _get_remediation_instructions, - .destroy = _destroy, - }, - .set_handshake_state = _set_handshake_state, - .get_handshake_state = _get_handshake_state, - .set_request_id = _set_request_id, - .get_request_id = _get_request_id, - .set_swid_inventory = _set_swid_inventory, - .get_swid_inventory = _get_swid_inventory, - .set_missing = _set_missing, - .get_missing = _get_missing, - .set_count = _set_count, - .get_count = _get_count, - .get_imc_id = _get_imc_id, - }, - .state = TNC_CONNECTION_STATE_CREATE, - .rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION, - .eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW, - .connection_id = connection_id, - .contracts = seg_contract_manager_create(), - .imc_id = TNC_IMCID_ANY, - .jobj = json_object_new_object(), - .jarray = json_object_new_array(), - ); - - json_object_object_add(this->jobj, "data", this->jarray); - - return &this->public.interface; -} - - diff --git a/src/libimcv/plugins/imv_swid/imv_swid_state.h b/src/libimcv/plugins/imv_swid/imv_swid_state.h deleted file mode 100644 index 5fe99ecdc..000000000 --- a/src/libimcv/plugins/imv_swid/imv_swid_state.h +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright (C) 2013-2016 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup imv_swid imv_swid - * @ingroup libimcv_plugins - * - * @defgroup imv_swid_state_t imv_swid_state - * @{ @ingroup imv_swid - */ - -#ifndef IMV_SWID_STATE_H_ -#define IMV_SWID_STATE_H_ - -#include <imv/imv_state.h> -#include <swid/swid_inventory.h> -#include <library.h> - -#include <json.h> - -typedef struct imv_swid_state_t imv_swid_state_t; -typedef enum imv_swid_handshake_state_t imv_swid_handshake_state_t; - -/** - * IMV OS Handshake States (state machine) - */ -enum imv_swid_handshake_state_t { - IMV_SWID_STATE_INIT, - IMV_SWID_STATE_WORKITEMS, - IMV_SWID_STATE_END -}; - -/** - * Internal state of an imv_swid_t connection instance - */ -struct imv_swid_state_t { - - /** - * imv_state_t interface - */ - imv_state_t interface; - - /** - * Set state of the handshake - * - * @param new_state the handshake state of IMV - */ - void (*set_handshake_state)(imv_swid_state_t *this, - imv_swid_handshake_state_t new_state); - - /** - * Get state of the handshake - * - * @return the handshake state of IMV - */ - imv_swid_handshake_state_t (*get_handshake_state)(imv_swid_state_t *this); - - /** - * Set the SWID request ID - * - * @param request_id SWID request ID to be set - */ - void (*set_request_id)(imv_swid_state_t *this, uint32_t request_id); - - /** - * Get the SWID request ID - * - * @return SWID request ID - */ - uint32_t (*get_request_id)(imv_swid_state_t *this); - - /** - * Set or extend the SWID Tag ID inventory in the state - * - * @param inventory SWID Tags ID inventory to be added - */ - void (*set_swid_inventory)(imv_swid_state_t *this, swid_inventory_t *inventory); - - /** - * Get the encoding of the complete SWID Tag ID inventory - * - * @return SWID Tags ID inventory as a JSON array - */ - json_object* (*get_swid_inventory)(imv_swid_state_t *this); - - /** - * Set the number of still missing SWID Tags or Tag IDs - * - * @param count Number of missing SWID Tags or Tag IDs - */ - void (*set_missing)(imv_swid_state_t *this, uint32_t count); - - /** - * Get the number of still missing SWID Tags or Tag IDs - * - * @result Number of missing SWID Tags or Tag IDs - */ - uint32_t (*get_missing)(imv_swid_state_t *this); - - /** - * Set [or with multiple attributes increment] SWID Tag [ID] counters - * - * @param tag_id_count Number of received SWID Tag IDs - * @param tag_count Number of received SWID Tags - * @param imc_id SWID IMC ID - */ - void (*set_count)(imv_swid_state_t *this, int tag_id_count, int tag_count, - TNC_UInt32 imc_id); - - /** - * Set [or with multiple attributes increment] SWID Tag [ID] counters - * - * @param tag_id_count Number of received SWID Tag IDs - * @param tag_count Number of received SWID Tags - */ - void (*get_count)(imv_swid_state_t *this, int *tag_id_count, int *tag_count); - - /** - * Get SWID IMC ID - * - * @return SWID IMC ID - */ - TNC_UInt32 (*get_imc_id)(imv_swid_state_t *this); -}; - -/** - * Create an imv_swid_state_t instance - * - * @param id connection ID - */ -imv_state_t* imv_swid_state_create(TNC_ConnectionID id); - -#endif /** IMV_SWID_STATE_H_ @}*/ diff --git a/src/libimcv/plugins/imv_swima/Makefile.in b/src/libimcv/plugins/imv_swima/Makefile.in index e2132b576..a9c7715ec 100644 --- a/src/libimcv/plugins/imv_swima/Makefile.in +++ b/src/libimcv/plugins/imv_swima/Makefile.in @@ -311,7 +311,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -337,6 +336,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -357,8 +358,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -413,8 +412,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -443,8 +440,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_swima/imv_swima_agent.c b/src/libimcv/plugins/imv_swima/imv_swima_agent.c index 1d9944200..52f1baf03 100644 --- a/src/libimcv/plugins/imv_swima/imv_swima_agent.c +++ b/src/libimcv/plugins/imv_swima/imv_swima_agent.c @@ -187,11 +187,17 @@ static TNC_Result receive_msg(private_imv_swima_agent_t *this, } description = reader->peek(reader); if (description.len) - { + { DBG1(DBG_IMV, " description: %.*s", description.len, description.ptr); } reader->destroy(reader); + if (error_code.type == PA_ERROR_SWIMA_SUBSCRIPTION_DENIED) + { + swima_state->set_subscription(swima_state, FALSE); + DBG1(DBG_IMV, "SWIMA subscription %u cleared", + swima_state->get_request_id(swima_state)); + } break; } case IETF_ATTR_SW_ID_INVENTORY: @@ -474,7 +480,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, seg_contract_t *contract; seg_contract_manager_t *contracts; swima_inventory_t *targets; - uint32_t earliest_eid = 0; + uint32_t old_request_id = 0, earliest_eid = 0; char buf[BUF_LEN]; enumerator = session->create_workitem_enumerator(session); @@ -487,7 +493,13 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, { continue; } - + + earliest_eid = workitem->get_arg_int(workitem); + request_id = workitem->get_id(workitem); + workitem->set_imv_id(workitem, imv_id); + no_workitems = FALSE; + old_request_id = swima_state->get_request_id(swima_state); + flags = IETF_SWIMA_ATTR_REQ_FLAG_NONE; if (strchr(workitem->get_arg_str(workitem), 'R')) { @@ -496,47 +508,57 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (strchr(workitem->get_arg_str(workitem), 'S')) { flags |= IETF_SWIMA_ATTR_REQ_FLAG_S; + swima_state->set_subscription(swima_state, TRUE); + if (!old_request_id) + { + DBG1(DBG_IMV, "SWIMA subscription %u requested", + request_id); + } } if (strchr(workitem->get_arg_str(workitem), 'C')) { flags |= IETF_SWIMA_ATTR_REQ_FLAG_C; + swima_state->set_subscription(swima_state, FALSE); } - earliest_eid = workitem->get_arg_int(workitem); - - /* Determine maximum PA-TNC attribute segment size */ - max_seg_size = state->get_max_msg_len(state) - - PA_TNC_HEADER_SIZE - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_SEG_ENV_HEADER; - - /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[0], max_attr_size, - max_seg_size, TRUE, imv_id, FALSE); - contract->get_info_string(contract, buf, BUF_LEN, TRUE); - DBG2(DBG_IMV, "%s", buf); - contracts = state->get_contracts(state); - contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, - max_seg_size, TRUE); - out_msg->add_attribute(out_msg, attr); - - /* Issue a SWID request */ - request_id = workitem->get_id(workitem); - swima_state->set_request_id(swima_state, request_id); - attr = ietf_swima_attr_req_create(flags, request_id); - /* Request software identifier events */ - targets = swima_inventory_create(); - targets->set_eid(targets, earliest_eid, 0); - cast_attr = (ietf_swima_attr_req_t*)attr; - cast_attr->set_targets(cast_attr, targets); - targets->destroy(targets); + if (!old_request_id) + { + /* Determine maximum PA-TNC attribute segment size */ + max_seg_size = state->get_max_msg_len(state) + - PA_TNC_HEADER_SIZE + - PA_TNC_ATTR_HEADER_SIZE + - TCG_SEG_ATTR_SEG_ENV_HEADER; + + /* Announce support of PA-TNC segmentation to IMC */ + contract = seg_contract_create(msg_types[0], max_attr_size, + max_seg_size, TRUE, imv_id, FALSE); + contract->get_info_string(contract, buf, BUF_LEN, TRUE); + DBG2(DBG_IMV, "%s", buf); + contracts = state->get_contracts(state); + contracts->add_contract(contracts, contract); + attr = tcg_seg_attr_max_size_create(max_attr_size, + max_seg_size, TRUE); + out_msg->add_attribute(out_msg, attr); + } - out_msg->add_attribute(out_msg, attr); - workitem->set_imv_id(workitem, imv_id); - no_workitems = FALSE; - DBG2(DBG_IMV, "IMV %d issues sw request %d with earliest eid %d", - imv_id, request_id, earliest_eid); + if (!old_request_id || + !swima_state->get_subscription(swima_state)) + { + /* Issue a SWID request */ + swima_state->set_request_id(swima_state, request_id); + attr = ietf_swima_attr_req_create(flags, request_id); + + /* Request software identifier events */ + targets = swima_inventory_create(); + targets->set_eid(targets, earliest_eid, 0); + cast_attr = (ietf_swima_attr_req_t*)attr; + cast_attr->set_targets(cast_attr, targets); + targets->destroy(targets); + + out_msg->add_attribute(out_msg, attr); + DBG2(DBG_IMV, "IMV %d issues sw request %d with earliest " + "eid %d", imv_id, request_id, earliest_eid); + } break; } enumerator->destroy(enumerator); @@ -565,7 +587,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, TNC_IMV_Action_Recommendation rec; char result_str[BUF_LEN], *format = NULL, *cmd = NULL, *command; char *target_str, *error_str = ""; - int sw_id_count, tag_count, i, res; + int sw_id_count, tag_count, i, res, written; json_object *jrequest, *jresponse, *jvalue; ietf_swima_attr_req_t *cast_attr; swima_inventory_t *targets; @@ -617,16 +639,24 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, &tag_count); if (format) { - snprintf(result_str, BUF_LEN, format, + written = snprintf(result_str, BUF_LEN, format, sw_id_count, (sw_id_count == 1) ? "" : "s", tag_count, (tag_count == 1) ? "" : "s"); } else { - snprintf(result_str, BUF_LEN, "received %d SWID tag" - "%s", tag_count, (tag_count == 1) ? "" : "s"); + written = snprintf(result_str, BUF_LEN, + "received %d SWID tag%s", + tag_count, (tag_count == 1) ? "" : "s"); } + if (swima_state->get_subscription(swima_state) && + written > 0 && written < BUF_LEN) + { + snprintf(result_str + written, BUF_LEN - written, + " from subscription %u", + swima_state->get_request_id(swima_state)); + } session->remove_workitem(session, enumerator); eval = TNC_IMV_EVALUATION_RESULT_COMPLIANT; diff --git a/src/libimcv/plugins/imv_swima/imv_swima_state.c b/src/libimcv/plugins/imv_swima/imv_swima_state.c index 03500bc2d..7d9631d3f 100644 --- a/src/libimcv/plugins/imv_swima/imv_swima_state.c +++ b/src/libimcv/plugins/imv_swima/imv_swima_state.c @@ -101,6 +101,11 @@ struct private_imv_swima_state_t { imv_remediation_string_t *remediation_string; /** + * Has a subscription been established? + */ + bool has_subscription; + + /** * SWID Tag Request ID */ uint32_t request_id; @@ -204,10 +209,14 @@ METHOD(imv_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_swima_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_recommendation, void, @@ -248,13 +257,28 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return FALSE; } +METHOD(imv_state_t, reset, void, + private_imv_swima_state_t *this) +{ + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->action_flags = 0; + + this->handshake_state = IMV_SWIMA_STATE_INIT; + this->sw_id_count = 0; + this->tag_count = 0; + this->missing = 0; + + json_object_put(this->jobj); + this->jobj = json_object_new_object(); +} + METHOD(imv_state_t, destroy, void, private_imv_swima_state_t *this) { json_object_put(this->jobj); DESTROY_IF(this->session); - DESTROY_IF(this->reason_string); - DESTROY_IF(this->remediation_string); this->contracts->destroy(this->contracts); free(this); } @@ -426,6 +450,18 @@ METHOD(imv_swima_state_t, get_imc_id, TNC_UInt32, return this->imc_id; } +METHOD(imv_swima_state_t, set_subscription, void, + private_imv_swima_state_t *this, bool set) +{ + this->has_subscription = set; +} + +METHOD(imv_swima_state_t, get_subscription, bool, + private_imv_swima_state_t *this) +{ + return this->has_subscription; +} + /** * Described in header. */ @@ -453,6 +489,7 @@ imv_state_t *imv_swima_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .set_handshake_state = _set_handshake_state, @@ -467,6 +504,8 @@ imv_state_t *imv_swima_state_create(TNC_ConnectionID connection_id) .set_count = _set_count, .get_count = _get_count, .get_imc_id = _get_imc_id, + .set_subscription = _set_subscription, + .get_subscription = _get_subscription, }, .state = TNC_CONNECTION_STATE_CREATE, .rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION, diff --git a/src/libimcv/plugins/imv_swima/imv_swima_state.h b/src/libimcv/plugins/imv_swima/imv_swima_state.h index 4fa32daf4..e2f805189 100644 --- a/src/libimcv/plugins/imv_swima/imv_swima_state.h +++ b/src/libimcv/plugins/imv_swima/imv_swima_state.h @@ -141,6 +141,20 @@ struct imv_swima_state_t { * @return SWID IMC ID */ TNC_UInt32 (*get_imc_id)(imv_swima_state_t *this); + + /** + * Set or clear a subscription + * + * @param set TRUE sets and FALSE clears a subscripton + */ + void (*set_subscription)(imv_swima_state_t *this, bool set); + + /** + * Get the subscription status + * + * @return TRUE if subscription is set + */ + bool (*get_subscription)(imv_swima_state_t *this); }; /** diff --git a/src/libimcv/plugins/imv_test/Makefile.in b/src/libimcv/plugins/imv_test/Makefile.in index b583a32c2..d9b1725d2 100644 --- a/src/libimcv/plugins/imv_test/Makefile.in +++ b/src/libimcv/plugins/imv_test/Makefile.in @@ -309,7 +309,6 @@ PYTHON_VERSION = @PYTHON_VERSION@ PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ -RUBY = @RUBY@ RUBYGEMDIR = @RUBYGEMDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -335,6 +334,8 @@ am__tar = @am__tar@ am__untar = @am__untar@ attest_plugins = @attest_plugins@ bindir = @bindir@ +botan_CFLAGS = @botan_CFLAGS@ +botan_LIBS = @botan_LIBS@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ @@ -355,8 +356,6 @@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ fuzz_plugins = @fuzz_plugins@ -gtk_CFLAGS = @gtk_CFLAGS@ -gtk_LIBS = @gtk_LIBS@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -411,8 +410,6 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ -ruby_CFLAGS = @ruby_CFLAGS@ -ruby_LIBS = @ruby_LIBS@ runstatedir = @runstatedir@ s_plugins = @s_plugins@ sbindir = @sbindir@ @@ -441,8 +438,12 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ tss2_CFLAGS = @tss2_CFLAGS@ tss2_LIBS = @tss2_LIBS@ +tss2_esys_CFLAGS = @tss2_esys_CFLAGS@ +tss2_esys_LIBS = @tss2_esys_LIBS@ tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_sys_CFLAGS = @tss2_sys_CFLAGS@ +tss2_sys_LIBS = @tss2_sys_LIBS@ tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ urandom_device = @urandom_device@ diff --git a/src/libimcv/plugins/imv_test/imv_test_state.c b/src/libimcv/plugins/imv_test/imv_test_state.c index c20d00bd1..fe6bf18b2 100644 --- a/src/libimcv/plugins/imv_test/imv_test_state.c +++ b/src/libimcv/plugins/imv_test/imv_test_state.c @@ -173,10 +173,14 @@ METHOD(imv_state_t, get_contracts, seg_contract_manager_t*, return this->contracts; } -METHOD(imv_state_t, change_state, void, +METHOD(imv_state_t, change_state, TNC_ConnectionState, private_imv_test_state_t *this, TNC_ConnectionState new_state) { + TNC_ConnectionState old_state; + + old_state = this->state; this->state = new_state; + return old_state; } METHOD(imv_state_t, get_recommendation, void, @@ -226,6 +230,20 @@ METHOD(imv_state_t, get_remediation_instructions, bool, return FALSE; } +METHOD(imv_state_t, reset, void, + private_imv_test_state_t *this) +{ + DESTROY_IF(this->reason_string); + this->reason_string = NULL; + this->rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION; + this->eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW; + + this->imcs->destroy_function(this->imcs, free); + this->imcs = linked_list_create(); + +} + + METHOD(imv_state_t, destroy, void, private_imv_test_state_t *this) { @@ -326,6 +344,7 @@ imv_state_t *imv_test_state_create(TNC_ConnectionID connection_id) .update_recommendation = _update_recommendation, .get_reason_string = _get_reason_string, .get_remediation_instructions = _get_remediation_instructions, + .reset = _reset, .destroy = _destroy, }, .add_imc = _add_imc, |