diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2013-11-01 13:32:07 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2013-11-01 13:32:07 +0100 |
| commit | 5313d2d78ca150515f7f5eb39801c100690b6b29 (patch) | |
| tree | c78e420367283bb1b16f14210b12687cdfbd26eb /src/libpts/plugins/imv_attestation | |
| parent | 6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 (diff) | |
| download | vyos-strongswan-5313d2d78ca150515f7f5eb39801c100690b6b29.tar.gz vyos-strongswan-5313d2d78ca150515f7f5eb39801c100690b6b29.zip | |
Imported Upstream version 5.1.1
Diffstat (limited to 'src/libpts/plugins/imv_attestation')
8 files changed, 229 insertions, 119 deletions
diff --git a/src/libpts/plugins/imv_attestation/Makefile.am b/src/libpts/plugins/imv_attestation/Makefile.am index ae5225ae3..8d18f1404 100644 --- a/src/libpts/plugins/imv_attestation/Makefile.am +++ b/src/libpts/plugins/imv_attestation/Makefile.am @@ -21,7 +21,7 @@ imv_attestation_la_SOURCES = imv_attestation.c \ imv_attestation_process.h imv_attestation_process.c \ imv_attestation_build.h imv_attestation_build.c -imv_attestation_la_LDFLAGS = -module -avoid-version +imv_attestation_la_LDFLAGS = -module -avoid-version -no-undefined ipsec_PROGRAMS = attest attest_SOURCES = attest.c \ diff --git a/src/libpts/plugins/imv_attestation/Makefile.in b/src/libpts/plugins/imv_attestation/Makefile.in index 36b440e82..032d07a38 100644 --- a/src/libpts/plugins/imv_attestation/Makefile.in +++ b/src/libpts/plugins/imv_attestation/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -17,23 +16,51 @@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -54,13 +81,15 @@ build_triplet = @build@ host_triplet = @host@ ipsec_PROGRAMS = attest$(EXEEXT) subdir = src/libpts/plugins/imv_attestation -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ $(top_srcdir)/m4/config/ltoptions.m4 \ $(top_srcdir)/m4/config/ltsugar.m4 \ $(top_srcdir)/m4/config/ltversion.m4 \ $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ $(top_srcdir)/m4/macros/with.m4 \ $(top_srcdir)/m4/macros/enable-disable.m4 \ $(top_srcdir)/m4/macros/add-plugin.m4 \ @@ -111,6 +140,7 @@ imv_attestation_la_OBJECTS = $(am_imv_attestation_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent +am__v_lt_1 = imv_attestation_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) $(imv_attestation_la_LDFLAGS) \ @@ -122,6 +152,18 @@ attest_OBJECTS = $(am_attest_OBJECTS) attest_DEPENDENCIES = $(top_builddir)/src/libimcv/libimcv.la \ $(top_builddir)/src/libpts/libpts.la \ $(top_builddir)/src/libstrongswan/libstrongswan.la +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -134,20 +176,16 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = SOURCES = $(imv_attestation_la_SOURCES) $(attest_SOURCES) DIST_SOURCES = $(imv_attestation_la_SOURCES) $(attest_SOURCES) am__can_run_installinfo = \ @@ -155,6 +193,23 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -231,6 +286,10 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ @@ -347,6 +406,7 @@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ @@ -376,7 +436,7 @@ imv_attestation_la_SOURCES = imv_attestation.c \ imv_attestation_process.h imv_attestation_process.c \ imv_attestation_build.h imv_attestation_build.c -imv_attestation_la_LDFLAGS = -module -avoid-version +imv_attestation_la_LDFLAGS = -module -avoid-version -no-undefined attest_SOURCES = attest.c \ attest_usage.h attest_usage.c \ attest_db.h attest_db.c @@ -421,6 +481,7 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + install-imcvLTLIBRARIES: $(imcv_LTLIBRARIES) @$(NORMAL_INSTALL) @list='$(imcv_LTLIBRARIES)'; test -n "$(imcvdir)" || list=; \ @@ -447,12 +508,15 @@ uninstall-imcvLTLIBRARIES: clean-imcvLTLIBRARIES: -test -z "$(imcv_LTLIBRARIES)" || rm -f $(imcv_LTLIBRARIES) - @list='$(imcv_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done + @list='$(imcv_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + imv-attestation.la: $(imv_attestation_la_OBJECTS) $(imv_attestation_la_DEPENDENCIES) $(EXTRA_imv_attestation_la_DEPENDENCIES) $(AM_V_CCLD)$(imv_attestation_la_LINK) -rpath $(imcvdir) $(imv_attestation_la_OBJECTS) $(imv_attestation_la_LIBADD) $(LIBS) install-ipsecPROGRAMS: $(ipsec_PROGRAMS) @@ -464,10 +528,12 @@ install-ipsecPROGRAMS: $(ipsec_PROGRAMS) fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ + while read p p1; do if test -f $$p \ + || test -f $$p1 \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ @@ -488,7 +554,8 @@ uninstall-ipsecPROGRAMS: @list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ + -e 's/$$/$(EXEEXT)/' \ + `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(ipsecdir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(ipsecdir)" && rm -f $$files @@ -501,6 +568,7 @@ clean-ipsecPROGRAMS: list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list + attest$(EXEEXT): $(attest_OBJECTS) $(attest_DEPENDENCIES) $(EXTRA_attest_DEPENDENCIES) @rm -f attest$(EXEEXT) $(AM_V_CCLD)$(LINK) $(attest_OBJECTS) $(attest_LDADD) $(LIBS) @@ -521,22 +589,25 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/imv_attestation_state.Plo@am__quote@ .c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< @@ -547,26 +618,15 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ + $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ @@ -578,15 +638,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $$unique; \ fi; \ fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique @@ -595,6 +651,21 @@ GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -739,20 +810,20 @@ uninstall-am: uninstall-imcvLTLIBRARIES uninstall-ipsecPROGRAMS .MAKE: install-am install-strip -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-imcvLTLIBRARIES clean-ipsecPROGRAMS clean-libtool ctags \ - distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am \ +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-imcvLTLIBRARIES clean-ipsecPROGRAMS clean-libtool \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ install-imcvLTLIBRARIES install-info install-info-am \ install-ipsecPROGRAMS install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-imcvLTLIBRARIES \ + tags tags-am uninstall uninstall-am uninstall-imcvLTLIBRARIES \ uninstall-ipsecPROGRAMS attest.o : $(top_builddir)/config.status diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_agent.c b/src/libpts/plugins/imv_attestation/imv_attestation_agent.c index fb934127e..978c74001 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_agent.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation_agent.c @@ -35,8 +35,8 @@ #include <pts/pts_creds.h> #include <tcg/tcg_attr.h> -#include <tcg/tcg_pts_attr_req_file_meas.h> -#include <tcg/tcg_pts_attr_req_file_meta.h> +#include <tcg/pts/tcg_pts_attr_req_file_meas.h> +#include <tcg/pts/tcg_pts_attr_req_file_meta.h> #include <tncif_pa_subtypes.h> @@ -440,9 +440,8 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, } /* check the IMV state for the next PA-TNC attributes to send */ - if (!imv_attestation_build(out_msg, attestation_state, - this->supported_algorithms, - this->supported_dh_groups, this->pts_db)) + if (!imv_attestation_build(out_msg, state, this->supported_algorithms, + this->supported_dh_groups, this->pts_db)) { state->set_recommendation(state, TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION, @@ -503,8 +502,11 @@ METHOD(imv_agent_if_t, solicit_recommendation, TNC_Result, if (session) { + TNC_IMV_Evaluation_Result eval; + TNC_IMV_Action_Recommendation rec; imv_workitem_t *workitem; enumerator_t *enumerator; + char *result_str; int pending_file_meas = 0; enumerator = session->create_workitem_enumerator(session); @@ -522,6 +524,13 @@ METHOD(imv_agent_if_t, solicit_recommendation, TNC_Result, case IMV_WORKITEM_FILE_MEAS: case IMV_WORKITEM_DIR_REF_MEAS: case IMV_WORKITEM_DIR_MEAS: + session->remove_workitem(session, enumerator); + result_str = "pending file measurements"; + eval = TNC_IMV_EVALUATION_RESULT_ERROR; + rec = workitem->set_result(workitem, result_str, eval); + state->update_recommendation(state, rec, eval); + imcv_db->finalize_workitem(imcv_db, workitem); + workitem->destroy(workitem); pending_file_meas++; break; default: @@ -565,8 +574,16 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id, TNC_Version *actual_version) { private_imv_attestation_agent_t *this; + imv_agent_t *agent; char *hash_alg, *dh_group, *cadir; + agent = imv_agent_create(name, msg_types, countof(msg_types), id, + actual_version); + if (!agent) + { + return NULL; + } + hash_alg = lib->settings->get_str(lib->settings, "libimcv.plugins.imv-attestation.hash_algorithm", "sha256"); dh_group = lib->settings->get_str(lib->settings, @@ -584,8 +601,7 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id, .solicit_recommendation = _solicit_recommendation, .destroy = _destroy, }, - .agent = imv_agent_create(name, msg_types, countof(msg_types), id, - actual_version), + .agent = agent, .supported_algorithms = PTS_MEAS_ALGO_NONE, .supported_dh_groups = PTS_DH_GROUP_NONE, .pts_credmgr = credential_manager_create(), @@ -595,8 +611,7 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id, libpts_init(); - if (!this->agent || - !pts_meas_algo_probe(&this->supported_algorithms) || + if (!pts_meas_algo_probe(&this->supported_algorithms) || !pts_dh_group_probe(&this->supported_dh_groups) || !pts_meas_algo_update(hash_alg, &this->supported_algorithms) || !pts_dh_group_update(dh_group, &this->supported_dh_groups)) @@ -613,4 +628,3 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id, return &this->public; } - diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_build.c b/src/libpts/plugins/imv_attestation/imv_attestation_build.c index 3e09f7204..1fbde2c6d 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_build.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation_build.c @@ -16,31 +16,42 @@ #include "imv_attestation_build.h" #include "imv_attestation_state.h" -#include <tcg/tcg_pts_attr_proto_caps.h> -#include <tcg/tcg_pts_attr_meas_algo.h> -#include <tcg/tcg_pts_attr_dh_nonce_params_req.h> -#include <tcg/tcg_pts_attr_dh_nonce_finish.h> -#include <tcg/tcg_pts_attr_get_tpm_version_info.h> -#include <tcg/tcg_pts_attr_get_aik.h> -#include <tcg/tcg_pts_attr_req_func_comp_evid.h> -#include <tcg/tcg_pts_attr_gen_attest_evid.h> +#include <tcg/pts/tcg_pts_attr_proto_caps.h> +#include <tcg/pts/tcg_pts_attr_meas_algo.h> +#include <tcg/pts/tcg_pts_attr_dh_nonce_params_req.h> +#include <tcg/pts/tcg_pts_attr_dh_nonce_finish.h> +#include <tcg/pts/tcg_pts_attr_get_tpm_version_info.h> +#include <tcg/pts/tcg_pts_attr_get_aik.h> +#include <tcg/pts/tcg_pts_attr_req_func_comp_evid.h> +#include <tcg/pts/tcg_pts_attr_gen_attest_evid.h> #include <utils/debug.h> bool imv_attestation_build(imv_msg_t *out_msg, - imv_attestation_state_t *attestation_state, + imv_state_t *state, pts_meas_algorithms_t supported_algorithms, pts_dh_group_t supported_dh_groups, pts_database_t *pts_db) { + imv_attestation_state_t *attestation_state; imv_attestation_handshake_state_t handshake_state; pts_t *pts; pa_tnc_attr_t *attr = NULL; + attestation_state = (imv_attestation_state_t*)state; handshake_state = attestation_state->get_handshake_state(attestation_state); pts = attestation_state->get_pts(attestation_state); /** + * Received a response form the Attestation IMC so we can proceeed + */ + if (handshake_state == IMV_ATTESTATION_STATE_DISCOVERY && + (state->get_action_flags(state) & IMV_ATTESTATION_FLAG_ALGO)) + { + handshake_state = IMV_ATTESTATION_STATE_NONCE_REQ; + } + + /** * Skip DH Nonce Parameters Request attribute when * DH Nonce Exchange is not selected by PTS-IMC side */ @@ -80,9 +91,11 @@ bool imv_attestation_build(imv_msg_t *out_msg, out_msg->add_attribute(out_msg, attr); attestation_state->set_handshake_state(attestation_state, - IMV_ATTESTATION_STATE_NONCE_REQ); + IMV_ATTESTATION_STATE_DISCOVERY); break; } + case IMV_ATTESTATION_STATE_DISCOVERY: + break; case IMV_ATTESTATION_STATE_NONCE_REQ: { int min_nonce_len; diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_build.h b/src/libpts/plugins/imv_attestation/imv_attestation_build.h index 108f6f923..0cee49b34 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_build.h +++ b/src/libpts/plugins/imv_attestation/imv_attestation_build.h @@ -34,14 +34,14 @@ * Process a TCG PTS attribute * * @param out_msg outbound PA-TNC message to be built - * @param attestation_state attestation state of a given connection + * @param state state of a given connection * @param supported_algorithms supported PTS measurement algorithms * @param supported_dh_groups supported DH groups * @param pts_db PTS configuration database * @return TRUE if successful */ bool imv_attestation_build(imv_msg_t *out_msg, - imv_attestation_state_t *attestation_state, + imv_state_t *state, pts_meas_algorithms_t supported_algorithms, pts_dh_group_t supported_dh_groups, pts_database_t *pts_db); diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_process.c b/src/libpts/plugins/imv_attestation/imv_attestation_process.c index d422ebcda..5137d64fe 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_process.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation_process.c @@ -20,15 +20,15 @@ #include <pts/pts.h> -#include <tcg/tcg_pts_attr_aik.h> -#include <tcg/tcg_pts_attr_dh_nonce_params_resp.h> -#include <tcg/tcg_pts_attr_file_meas.h> -#include <tcg/tcg_pts_attr_meas_algo.h> -#include <tcg/tcg_pts_attr_proto_caps.h> -#include <tcg/tcg_pts_attr_simple_comp_evid.h> -#include <tcg/tcg_pts_attr_simple_evid_final.h> -#include <tcg/tcg_pts_attr_tpm_version_info.h> -#include <tcg/tcg_pts_attr_unix_file_meta.h> +#include <tcg/pts/tcg_pts_attr_aik.h> +#include <tcg/pts/tcg_pts_attr_dh_nonce_params_resp.h> +#include <tcg/pts/tcg_pts_attr_file_meas.h> +#include <tcg/pts/tcg_pts_attr_meas_algo.h> +#include <tcg/pts/tcg_pts_attr_proto_caps.h> +#include <tcg/pts/tcg_pts_attr_simple_comp_evid.h> +#include <tcg/pts/tcg_pts_attr_simple_evid_final.h> +#include <tcg/pts/tcg_pts_attr_tpm_version_info.h> +#include <tcg/pts/tcg_pts_attr_unix_file_meta.h> #include <utils/debug.h> #include <crypto/hashers/hasher.h> @@ -380,6 +380,9 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg, if (comp->verify(comp, name->get_qualifier(name), pts, evidence) != SUCCESS) { + state->update_recommendation(state, + TNC_IMV_ACTION_RECOMMENDATION_ISOLATE, + TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR); attestation_state->set_measurement_error(attestation_state, IMV_ATTESTATION_ERROR_COMP_EVID_FAIL); name->log(name, " measurement mismatch for "); @@ -417,23 +420,28 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg, { DBG1(DBG_IMV, "received PCR Composite does not match " "constructed one"); + state->update_recommendation(state, + TNC_IMV_ACTION_RECOMMENDATION_ISOLATE, + TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR); attestation_state->set_measurement_error(attestation_state, IMV_ATTESTATION_ERROR_TPM_QUOTE_FAIL); - free(pcr_composite.ptr); - free(quote_info.ptr); - break; + goto quote_error; } DBG2(DBG_IMV, "received PCR Composite matches constructed one"); - free(pcr_composite.ptr); if (!pts->verify_quote_signature(pts, quote_info, tpm_quote_sig)) { + state->update_recommendation(state, + TNC_IMV_ACTION_RECOMMENDATION_ISOLATE, + TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR); attestation_state->set_measurement_error(attestation_state, IMV_ATTESTATION_ERROR_TPM_QUOTE_FAIL); - free(quote_info.ptr); - break; + goto quote_error; } DBG2(DBG_IMV, "TPM Quote Info signature verification successful"); + +quote_error: + free(pcr_composite.ptr); free(quote_info.ptr); /** diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_state.c b/src/libpts/plugins/imv_attestation/imv_attestation_state.c index 27b2655f8..47011751d 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_state.c +++ b/src/libpts/plugins/imv_attestation/imv_attestation_state.c @@ -461,6 +461,9 @@ METHOD(imv_attestation_state_t, finalize_components, void, if (!entry->comp->finalize(entry->comp, entry->qualifier)) { set_measurement_error(this, IMV_ATTESTATION_ERROR_COMP_EVID_PEND); + update_recommendation(this, + TNC_IMV_ACTION_RECOMMENDATION_ISOLATE, + TNC_IMV_EVALUATION_RESULT_ERROR); } free_func_comp(entry); } diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_state.h b/src/libpts/plugins/imv_attestation/imv_attestation_state.h index f3edd5fa1..27d1ae8db 100644 --- a/src/libpts/plugins/imv_attestation/imv_attestation_state.h +++ b/src/libpts/plugins/imv_attestation/imv_attestation_state.h @@ -50,6 +50,7 @@ enum imv_attestation_flag_t { */ enum imv_attestation_handshake_state_t { IMV_ATTESTATION_STATE_INIT, + IMV_ATTESTATION_STATE_DISCOVERY, IMV_ATTESTATION_STATE_NONCE_REQ, IMV_ATTESTATION_STATE_TPM_INIT, IMV_ATTESTATION_STATE_COMP_EVID, |