diff options
Diffstat (limited to 'src/libimcv/imc/imc_msg.c')
-rw-r--r-- | src/libimcv/imc/imc_msg.c | 457 |
1 files changed, 457 insertions, 0 deletions
diff --git a/src/libimcv/imc/imc_msg.c b/src/libimcv/imc/imc_msg.c new file mode 100644 index 000000000..050e63f32 --- /dev/null +++ b/src/libimcv/imc/imc_msg.c @@ -0,0 +1,457 @@ +/* + * Copyright (C) 2012 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "imc_msg.h" + +#include "ietf/ietf_attr.h" +#include "ietf/ietf_attr_assess_result.h" +#include "ietf/ietf_attr_remediation_instr.h" + +#include <tncif_names.h> + +#include <pen/pen.h> +#include <collections/linked_list.h> +#include <utils/debug.h> + +typedef struct private_imc_msg_t private_imc_msg_t; + +/** + * Private data of a imc_msg_t object. + * + */ +struct private_imc_msg_t { + + /** + * Public imc_msg_t interface. + */ + imc_msg_t public; + + /** + * Connection ID + */ + TNC_ConnectionID connection_id; + + /** + * source ID + */ + TNC_UInt32 src_id; + + /** + * destination ID + */ + TNC_UInt32 dst_id; + + /** + * PA-TNC message type + */ + pen_type_t msg_type; + + /** + * List of PA-TNC attributes to be sent + */ + linked_list_t *attr_list; + + /** + * PA-TNC message + */ + pa_tnc_msg_t *pa_msg; + + /** + * Assigned IMC agent + */ + imc_agent_t *agent; + + /** + * Assigned IMC state + */ + imc_state_t *state; +}; + +METHOD(imc_msg_t, get_src_id, TNC_UInt32, + private_imc_msg_t *this) +{ + return this->src_id; +} + +METHOD(imc_msg_t, get_dst_id, TNC_UInt32, + private_imc_msg_t *this) +{ + return this->dst_id; +} + +METHOD(imc_msg_t, send_, TNC_Result, + private_imc_msg_t *this, bool excl) +{ + pa_tnc_msg_t *pa_tnc_msg; + pa_tnc_attr_t *attr; + TNC_UInt32 msg_flags; + TNC_MessageType msg_type; + bool attr_added; + chunk_t msg; + enumerator_t *enumerator; + TNC_Result result = TNC_RESULT_SUCCESS; + + while (this->attr_list->get_count(this->attr_list)) + { + pa_tnc_msg = pa_tnc_msg_create(this->state->get_max_msg_len(this->state)); + attr_added = FALSE; + + enumerator = this->attr_list->create_enumerator(this->attr_list); + while (enumerator->enumerate(enumerator, &attr)) + { + if (pa_tnc_msg->add_attribute(pa_tnc_msg, attr)) + { + attr_added = TRUE; + } + else + { + if (attr_added) + { + break; + } + else + { + DBG1(DBG_IMC, "PA-TNC attribute too large to send, deleted"); + attr->destroy(attr); + } + } + this->attr_list->remove_at(this->attr_list, enumerator); + } + enumerator->destroy(enumerator); + + /* build and send the PA-TNC message via the IF-IMC interface */ + if (!pa_tnc_msg->build(pa_tnc_msg)) + { + pa_tnc_msg->destroy(pa_tnc_msg); + return TNC_RESULT_FATAL; + } + msg = pa_tnc_msg->get_encoding(pa_tnc_msg); + DBG3(DBG_IMC, "created PA-TNC message: %B", &msg); + + if (this->state->has_long(this->state) && this->agent->send_message_long) + { + excl = excl && this->state->has_excl(this->state) && + this->dst_id != TNC_IMVID_ANY; + msg_flags = excl ? TNC_MESSAGE_FLAGS_EXCLUSIVE : 0; + result = this->agent->send_message_long(this->src_id, + this->connection_id, msg_flags, msg.ptr, msg.len, + this->msg_type.vendor_id, this->msg_type.type, + this->dst_id); + } + else if (this->agent->send_message) + { + msg_type = (this->msg_type.vendor_id << 8) | + (this->msg_type.type & 0x000000ff); + result = this->agent->send_message(this->src_id, this->connection_id, + msg.ptr, msg.len, msg_type); + } + + pa_tnc_msg->destroy(pa_tnc_msg); + + if (result != TNC_RESULT_SUCCESS) + { + break; + } + } + return result; +} + +/** + * Print a clearly visible assessment header to the log + */ +static void print_assessment_header(const char *name, TNC_UInt32 id, bool *first) +{ + if (*first) + { + DBG1(DBG_IMC, "***** assessment of IMC %u \"%s\" *****", id, name); + *first = FALSE; + } +} + +/** + * Print a clearly visible assessment trailer to the log + */ +static void print_assessment_trailer(bool first) +{ + if (!first) + { + DBG1(DBG_IMC, "***** end of assessment *****"); + } +} + +METHOD(imc_msg_t, receive, TNC_Result, + private_imc_msg_t *this, bool *fatal_error) +{ + TNC_UInt32 target_imc_id; + enumerator_t *enumerator; + pa_tnc_attr_t *attr; + pen_type_t attr_type; + chunk_t msg; + bool first = TRUE; + + if (this->state->has_long(this->state)) + { + if (this->dst_id != TNC_IMCID_ANY) + { + DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u " + "from IMV %u to IMC %u", + this->agent->get_id(this->agent), + this->agent->get_name(this->agent), + this->connection_id, this->src_id, this->dst_id); + } + else + { + DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u " + "from IMV %u", this->agent->get_id(this->agent), + this->agent->get_name(this->agent), + this->connection_id, this->src_id); + } + } + else + { + DBG2(DBG_IMC, "IMC %u \"%s\" received message for Connection ID %u", + this->agent->get_id(this->agent), + this->agent->get_name(this->agent), + this->connection_id); + } + msg = this->pa_msg->get_encoding(this->pa_msg); + DBG3(DBG_IMC, "%B", &msg); + + switch (this->pa_msg->process(this->pa_msg)) + { + case SUCCESS: + break; + case VERIFY_ERROR: + { + imc_msg_t *error_msg; + TNC_Result result; + + error_msg = imc_msg_create_as_reply(&this->public); + + /* extract and copy by reference all error attributes */ + enumerator = this->pa_msg->create_error_enumerator(this->pa_msg); + while (enumerator->enumerate(enumerator, &attr)) + { + error_msg->add_attribute(error_msg, attr->get_ref(attr)); + } + enumerator->destroy(enumerator); + + /* + * send the PA-TNC message containing all error attributes + * with the excl flag set + */ + result = error_msg->send(error_msg, TRUE); + error_msg->destroy(error_msg); + return result; + } + case FAILED: + default: + return TNC_RESULT_FATAL; + } + + /* determine target IMC ID */ + target_imc_id = (this->dst_id != TNC_IMCID_ANY) ? + this->dst_id : this->agent->get_id(this->agent); + + /* preprocess any received IETF standard error attributes */ + *fatal_error = this->pa_msg->process_ietf_std_errors(this->pa_msg); + + /* preprocess any received IETF assessment result attribute */ + enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg); + while (enumerator->enumerate(enumerator, &attr)) + { + attr_type = attr->get_type(attr); + + if (attr_type.vendor_id != PEN_IETF) + { + continue; + } + if (attr_type.type == IETF_ATTR_ASSESSMENT_RESULT) + { + ietf_attr_assess_result_t *attr_cast; + TNC_IMV_Evaluation_Result result; + + attr_cast = (ietf_attr_assess_result_t*)attr; + result = attr_cast->get_result(attr_cast); + this->state->set_result(this->state, target_imc_id, result); + + print_assessment_header(this->agent->get_name(this->agent), + target_imc_id, &first); + DBG1(DBG_IMC, "assessment result is '%N'", + TNC_IMV_Evaluation_Result_names, result); + } + else if (attr_type.type == IETF_ATTR_REMEDIATION_INSTRUCTIONS) + { + ietf_attr_remediation_instr_t *attr_cast; + pen_type_t parameters_type; + chunk_t parameters, string, lang_code; + + attr_cast = (ietf_attr_remediation_instr_t*)attr; + parameters_type = attr_cast->get_parameters_type(attr_cast); + parameters = attr_cast->get_parameters(attr_cast); + + print_assessment_header(this->agent->get_name(this->agent), + target_imc_id, &first); + if (parameters_type.vendor_id == PEN_IETF) + { + switch (parameters_type.type) + { + case IETF_REMEDIATION_PARAMETERS_URI: + DBG1(DBG_IMC, "remediation uri: %.*s", + parameters.len, parameters.ptr); + break; + case IETF_REMEDIATION_PARAMETERS_STRING: + string = attr_cast->get_string(attr_cast, &lang_code); + DBG1(DBG_IMC, "remediation string: [%.*s]\n%.*s", + lang_code.len, lang_code.ptr, + string.len, string.ptr); + break; + default: + DBG1(DBG_IMC, "remediation parameters: %B", ¶meters); + } + } + else + { + DBG1(DBG_IMC, "remediation parameters: %B", ¶meters); + } + } + } + enumerator->destroy(enumerator); + + print_assessment_trailer(first); + + return TNC_RESULT_SUCCESS; +} + +METHOD(imc_msg_t, add_attribute, void, + private_imc_msg_t *this, pa_tnc_attr_t *attr) +{ + this->attr_list->insert_last(this->attr_list, attr); +} + +METHOD(imc_msg_t, create_attribute_enumerator, enumerator_t*, + private_imc_msg_t *this) +{ + return this->pa_msg->create_attribute_enumerator(this->pa_msg); +} + +METHOD(imc_msg_t, get_encoding, chunk_t, + private_imc_msg_t *this) +{ + if (this->pa_msg) + { + return this->pa_msg->get_encoding(this->pa_msg); + } + return chunk_empty; +} + +METHOD(imc_msg_t, destroy, void, + private_imc_msg_t *this) +{ + this->attr_list->destroy_offset(this->attr_list, + offsetof(pa_tnc_attr_t, destroy)); + DESTROY_IF(this->pa_msg); + free(this); +} + +/** + * See header + */ +imc_msg_t *imc_msg_create(imc_agent_t *agent, imc_state_t *state, + TNC_ConnectionID connection_id, + TNC_UInt32 src_id, TNC_UInt32 dst_id, + pen_type_t msg_type) +{ + private_imc_msg_t *this; + + INIT(this, + .public = { + .get_src_id = _get_src_id, + .get_dst_id = _get_dst_id, + .send = _send_, + .receive = _receive, + .add_attribute = _add_attribute, + .create_attribute_enumerator = _create_attribute_enumerator, + .get_encoding = _get_encoding, + .destroy = _destroy, + }, + .connection_id = connection_id, + .src_id = src_id, + .dst_id = dst_id, + .msg_type = msg_type, + .attr_list = linked_list_create(), + .agent = agent, + .state = state, + ); + + return &this->public; +} + +/** + * See header + */ +imc_msg_t* imc_msg_create_as_reply(imc_msg_t *msg) +{ + private_imc_msg_t *in; + TNC_UInt32 src_id; + + in = (private_imc_msg_t*)msg; + src_id = (in->dst_id != TNC_IMCID_ANY) ? + in->dst_id : in->agent->get_id(in->agent); + + return imc_msg_create(in->agent, in->state, in->connection_id, src_id, + in->src_id, in->msg_type); +} + +/** + * See header + */ +imc_msg_t *imc_msg_create_from_data(imc_agent_t *agent, imc_state_t *state, + TNC_ConnectionID connection_id, + TNC_MessageType msg_type, + chunk_t msg) +{ + TNC_VendorID msg_vid; + TNC_MessageSubtype msg_subtype; + + msg_vid = msg_type >> 8; + msg_subtype = msg_type & TNC_SUBTYPE_ANY; + + return imc_msg_create_from_long_data(agent, state, connection_id, + TNC_IMVID_ANY, agent->get_id(agent), + msg_vid, msg_subtype, msg); +} + +/** + * See header + */ +imc_msg_t *imc_msg_create_from_long_data(imc_agent_t *agent, imc_state_t *state, + TNC_ConnectionID connection_id, + TNC_UInt32 src_id, + TNC_UInt32 dst_id, + TNC_VendorID msg_vid, + TNC_MessageSubtype msg_subtype, + chunk_t msg) +{ + private_imc_msg_t *this; + + this = (private_imc_msg_t*)imc_msg_create(agent, state, + connection_id, src_id, dst_id, + pen_type_create(msg_vid, msg_subtype)); + this->pa_msg = pa_tnc_msg_create_from_data(msg); + + return &this->public; +} + |