diff options
Diffstat (limited to 'src/libimcv/imc')
| -rw-r--r-- | src/libimcv/imc/imc_agent.c | 24 | ||||
| -rw-r--r-- | src/libimcv/imc/imc_agent.h | 7 | ||||
| -rw-r--r-- | src/libimcv/imc/imc_state.h | 9 |
3 files changed, 38 insertions, 2 deletions
diff --git a/src/libimcv/imc/imc_agent.c b/src/libimcv/imc/imc_agent.c index 3a7a16bc2..ec44d587f 100644 --- a/src/libimcv/imc/imc_agent.c +++ b/src/libimcv/imc/imc_agent.c @@ -74,6 +74,11 @@ struct private_imc_agent_t { rwlock_t *connection_lock; /** + * Is the transport protocol PT-TLS? + */ + bool has_pt_tls; + + /** * Inform a TNCC about the set of message types the IMC is able to receive * * @param imc_id IMC ID assigned by TNCC @@ -372,6 +377,8 @@ METHOD(imc_agent_t, create_state, TNC_Result, DBG2(DBG_IMC, " over %s %s with maximum PA-TNC message size of %u bytes", t_p ? t_p:"?", t_v ? t_v :"?", max_msg_len); + this->has_pt_tls = streq(t_p, "IF-T for TLS"); + free(tnccs_p); free(tnccs_v); free(t_p); @@ -403,6 +410,7 @@ METHOD(imc_agent_t, change_state, TNC_Result, imc_state_t **state_p) { imc_state_t *state; + TNC_ConnectionState old_state; switch (new_state) { @@ -418,7 +426,7 @@ METHOD(imc_agent_t, change_state, TNC_Result, this->id, this->name, connection_id); return TNC_RESULT_FATAL; } - state->change_state(state, new_state); + old_state = state->change_state(state, new_state); DBG2(DBG_IMC, "IMC %u \"%s\" changed state of Connection ID %u to '%N'", this->id, this->name, connection_id, TNC_Connection_State_names, new_state); @@ -426,6 +434,13 @@ METHOD(imc_agent_t, change_state, TNC_Result, { *state_p = state; } + if (new_state == TNC_CONNECTION_STATE_HANDSHAKE && + old_state != TNC_CONNECTION_STATE_CREATE) + { + state->reset(state); + DBG2(DBG_IMC, "IMC %u \"%s\" reset state of Connection ID %u", + this->id, this->name, connection_id); + } break; case TNC_CONNECTION_STATE_CREATE: DBG1(DBG_IMC, "state '%N' should be handled by create_state()", @@ -531,6 +546,12 @@ METHOD(imc_agent_t, get_non_fatal_attr_types, linked_list_t*, return this->non_fatal_attr_types; } +METHOD(imc_agent_t, has_pt_tls, bool, + private_imc_agent_t *this) +{ + return this->has_pt_tls; +} + METHOD(imc_agent_t, destroy, void, private_imc_agent_t *this) { @@ -575,6 +596,7 @@ imc_agent_t *imc_agent_create(const char *name, .create_id_enumerator = _create_id_enumerator, .add_non_fatal_attr_type = _add_non_fatal_attr_type, .get_non_fatal_attr_types = _get_non_fatal_attr_types, + .has_pt_tls = _has_pt_tls, .destroy = _destroy, }, .name = name, diff --git a/src/libimcv/imc/imc_agent.h b/src/libimcv/imc/imc_agent.h index bac1b4832..27c749954 100644 --- a/src/libimcv/imc/imc_agent.h +++ b/src/libimcv/imc/imc_agent.h @@ -182,6 +182,13 @@ struct imc_agent_t { linked_list_t* (*get_non_fatal_attr_types)(imc_agent_t *this); /** + * Is the transport protocol PT-TLS? + * + * return TRUE if PT-TLS + */ + bool (*has_pt_tls)(imc_agent_t *this); + + /** * Destroys an imc_agent_t object */ void (*destroy)(imc_agent_t *this); diff --git a/src/libimcv/imc/imc_state.h b/src/libimcv/imc/imc_state.h index d8aeab996..bd55f7356 100644 --- a/src/libimcv/imc/imc_state.h +++ b/src/libimcv/imc/imc_state.h @@ -92,8 +92,10 @@ struct imc_state_t { * Change the connection state * * @param new_state new connection state + * @return old connection state */ - void (*change_state)(imc_state_t *this, TNC_ConnectionState new_state); + TNC_ConnectionState (*change_state)(imc_state_t *this, + TNC_ConnectionState new_state); /** * Set the Assessment/Evaluation Result @@ -115,6 +117,11 @@ struct imc_state_t { TNC_IMV_Evaluation_Result *result); /** + * Resets the state for a new measurement cycle triggered by a SRETRY batch + */ + void (*reset)(imc_state_t *this); + + /** * Destroys an imc_state_t object */ void (*destroy)(imc_state_t *this); |