tls=true;
fi
+if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue; then
+ tnccs=true;
+fi
+
if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
imcv=true;
fi
AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
+AM_CONDITIONAL(USE_TNCCS, test x$tnccs = xtrue)
AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
AM_CONDITIONAL(USE_PTS, test x$pts = xtrue)
AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
src/libsimaka/Makefile
src/libtls/Makefile
src/libtncif/Makefile
+ src/libtnccs/Makefile
src/libpts/Makefile
src/libimcv/Makefile
src/libimcv/plugins/imc_test/Makefile
SUBDIRS += libtncif
endif
+if USE_TNCCS
+ SUBDIRS += libtnccs
+endif
+
if USE_PTS
SUBDIRS += libpts
endif
sa/tasks/ike_auth_lifetime.c sa/tasks/ike_auth_lifetime.h \
sa/tasks/ike_vendor.c sa/tasks/ike_vendor.h \
sa/tasks/task.c sa/tasks/task.h \
-tnc/imc/imc.h tnc/imc/imc_manager.h \
tnc/imv/imv.h tnc/imv/imv_manager.h \
tnc/imv/imv_recommendations.c tnc/imv/imv_recommendations.h \
tnc/tnccs/tnccs.c tnc/tnccs/tnccs.h \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libhydra \
-I$(top_srcdir)/src/libcharon \
- -I$(top_srcdir)/src/libtncif
+ -I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtnccs
AM_CFLAGS = \
-DIPSEC_DIR=\"${ipsecdir}\" \
#include <sa/shunt_manager.h>
#include <config/backend_manager.h>
#include <sa/authenticators/eap/eap_manager.h>
-#include <tnc/imc/imc_manager.h>
#include <tnc/imv/imv_manager.h>
#include <tnc/tnccs/tnccs_manager.h>
*/
eap_manager_t *eap;
- /**
- * TNC IMC manager controlling Integrity Measurement Collectors
- */
- imc_manager_t *imcs;
-
/**
* TNC IMV manager controlling Integrity Measurement Verifiers
*/
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
- -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtncif
+INCLUDES = \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libhydra \
+ -I$(top_srcdir)/src/libcharon \
+ -I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtnccs
AM_CFLAGS = -DUSE_TNC -rdynamic
#ifndef TNC_IMC_H_
#define TNC_IMC_H_
-#include <tnc/imc/imc.h>
+#include <imc/imc.h>
/**
* Create an Integrity Measurement Collector.
* for more details.
*/
-#include "tnc_imc.h"
+#include <imc/imc_manager.h>
#include <debug.h>
#include <daemon.h>
TNC_MessageTypeList supported_types,
TNC_UInt32 type_count)
{
- if (!charon->imcs->is_registered(charon->imcs, imc_id))
+ imc_manager_t *imcs = lib->get(lib, "imc-manager");
+
+ if (!imcs->is_registered(imcs, imc_id))
{
DBG1(DBG_TNC, "ignoring ReportMessageTypes() from unregistered IMC %u",
imc_id);
return TNC_RESULT_INVALID_PARAMETER;
}
- return charon->imcs->set_message_types(charon->imcs, imc_id,
- supported_types, type_count);
+ return imcs->set_message_types(imcs, imc_id, supported_types, type_count);
}
/**
TNC_ConnectionID connection_id,
TNC_RetryReason reason)
{
- if (!charon->imcs->is_registered(charon->imcs, imc_id))
+ imc_manager_t *imcs = lib->get(lib, "imc-manager");
+
+ if (!imcs->is_registered(imcs, imc_id))
{
DBG1(DBG_TNC, "ignoring RequestHandshakeRetry() from unregistered IMC %u",
imc_id);
TNC_UInt32 msg_len,
TNC_MessageType msg_type)
{
- if (!charon->imcs->is_registered(charon->imcs, imc_id))
+ imc_manager_t *imcs = lib->get(lib, "imc-manager");
+
+ if (!imcs->is_registered(imcs, imc_id))
{
DBG1(DBG_TNC, "ignoring SendMessage() from unregistered IMC %u",
imc_id);
#include "tnc_imc_manager.h"
-#include <tnc/imc/imc_manager.h>
-
#include <tncifimc.h>
#include <debug.h>
#ifndef TNC_IMC_MANAGER_H_
#define TNC_IMC_MANAGER_H_
-#include <tnc/imc/imc_manager.h>
+#include <imc/imc_manager.h>
/**
* Create an IMC manager instance.
#include <errno.h>
#include <fcntl.h>
-#include <daemon.h>
#include <utils/lexparser.h>
+#include <debug.h>
+
+typedef struct private_tnc_imc_plugin_t private_tnc_imc_plugin_t;
+
+/**
+ * Private data of a tnc_imc_plugin_t object.
+ */
+struct private_tnc_imc_plugin_t {
+
+ /**
+ * Public interface.
+ */
+ tnc_imc_plugin_t public;
+
+ /**
+ * TNC IMC manager controlling Integrity Measurement Collectors
+ */
+ imc_manager_t *imcs;
+};
/**
* load IMCs from a configuration file
*/
-static bool load_imcs(char *filename)
+static bool load_imcs(private_tnc_imc_plugin_t *this, char *filename)
{
int fd, line_nr = 0;
chunk_t src, line;
free(path);
return FALSE;
}
- if (!charon->imcs->add(charon->imcs, imc))
+ if (!this->imcs->add(this->imcs, imc))
{
if (imc->terminate &&
imc->terminate(imc->get_id(imc)) != TNC_RESULT_SUCCESS)
}
METHOD(plugin_t, get_name, char*,
- tnc_imc_plugin_t *this)
+ private_tnc_imc_plugin_t *this)
{
return "tnc-imc";
}
+METHOD(plugin_t, get_features, int,
+ private_tnc_imc_plugin_t *this, plugin_feature_t *features[])
+{
+ static plugin_feature_t f[] = {
+ PLUGIN_PROVIDE(CUSTOM, "imc-manager"),
+ };
+ *features = f;
+ return countof(f);
+}
+
METHOD(plugin_t, destroy, void,
- tnc_imc_plugin_t *this)
+ private_tnc_imc_plugin_t *this)
{
- charon->imcs->destroy(charon->imcs);
+ lib->set(lib, "imc-manager", NULL);
+ this->imcs->destroy(this->imcs);
free(this);
}
/*
* see header file
*/
-plugin_t *tnc_imc_plugin_create()
+plugin_t *tnc_imc_plugin_create(void)
{
+ private_tnc_imc_plugin_t *this;
char *tnc_config;
- tnc_imc_plugin_t *this;
INIT(this,
- .plugin = {
- .get_name = _get_name,
- .reload = (void*)return_false,
- .destroy = _destroy,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .get_features = _get_features,
+ .destroy = _destroy,
+ },
},
+ .imcs = tnc_imc_manager_create(),
);
- /* Create IMC manager */
- charon->imcs = tnc_imc_manager_create();
+ lib->set(lib, "imc-manager", this->imcs);
/* Load IMCs and abort if not all instances initalize successfully */
tnc_config = lib->settings->get_str(lib->settings,
"charon.plugins.tnc-imc.tnc_config", "/etc/tnc_config");
- if (!load_imcs(tnc_config))
+ if (!load_imcs(this, tnc_config))
{
- charon->imcs->destroy(charon->imcs);
- charon->imcs = NULL;
- free(this);
+ destroy(this);
return NULL;
}
- return &this->plugin;
+
+ return &this->public.plugin;
}
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
- -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls \
- -I$(top_srcdir)/src/libtncif ${xml_CFLAGS}
+INCLUDES = \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libhydra \
+ -I$(top_srcdir)/src/libcharon \
+ -I$(top_srcdir)/src/libtls \
+ -I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtnccs \
+ ${xml_CFLAGS}
AM_CFLAGS = -DUSE_TNC -rdynamic
noinst_LTLIBRARIES = libstrongswan-tnccs-11.la
else
plugin_LTLIBRARIES = libstrongswan-tnccs-11.la
-libstrongswan_tnccs_11_la_LIBADD += $(top_builddir)/src/libtncif/libtncif.la
+libstrongswan_tnccs_11_la_LIBADD += \
+ $(top_builddir)/src/libtncif/libtncif.la \
+ $(top_builddir)/src/libtnccs/libtnccs.la
endif
libstrongswan_tnccs_11_la_SOURCES = \
#include <tncif_names.h>
#include <tncif_pa_subtypes.h>
+#include <imc/imc_manager.h>
+
#include <daemon.h>
#include <debug.h>
#include <threading/mutex.h>
* Set of IMV recommendations (TNC Server only)
*/
recommendations_t *recs;
+
+ /**
+ * TNC IMC manager controlling Integrity Measurement Collectors
+ */
+ imc_manager_t *imcs;
+
};
METHOD(tnccs_t, send_msg, TNC_Result,
}
else
{
- charon->imcs->receive_message(charon->imcs,
+ this->imcs->receive_message(this->imcs,
this->connection_id, msg_body.ptr, msg_body.len,msg_type);
}
this->send_msg = FALSE;
default:
state = TNC_CONNECTION_STATE_ACCESS_NONE;
}
- charon->imcs->notify_connection_change(charon->imcs,
- this->connection_id, state);
+ this->imcs->notify_connection_change(this->imcs,
+ this->connection_id, state);
this->delete_state = TRUE;
break;
}
}
else
{
- charon->imcs->batch_ending(charon->imcs, this->connection_id);
+ this->imcs->batch_ending(this->imcs, this->connection_id);
}
this->send_msg = FALSE;
}
}
/* Create TNCCS-PreferredLanguage message */
- pref_lang = charon->imcs->get_preferred_language(charon->imcs);
+ pref_lang = this->imcs->get_preferred_language(this->imcs);
msg = tnccs_preferred_language_msg_create(pref_lang);
this->mutex->lock(this->mutex);
this->batch = tnccs_batch_create(this->is_server, ++this->batch_id);
this->batch->add_msg(this->batch, msg);
this->mutex->unlock(this->mutex);
- charon->imcs->notify_connection_change(charon->imcs,
+ this->imcs->notify_connection_change(this->imcs,
this->connection_id, TNC_CONNECTION_STATE_CREATE);
- charon->imcs->notify_connection_change(charon->imcs,
+ this->imcs->notify_connection_change(this->imcs,
this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
this->send_msg = TRUE;
- charon->imcs->begin_handshake(charon->imcs, this->connection_id);
+ this->imcs->begin_handshake(this->imcs, this->connection_id);
this->send_msg = FALSE;
}
},
.is_server = is_server,
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .imcs = lib->get(lib, "imc-manager"),
);
return &this->public;
PLUGIN_PROVIDE(CUSTOM, "tnccs-1.1"),
PLUGIN_DEPENDS(EAP_SERVER, EAP_TNC),
PLUGIN_DEPENDS(EAP_PEER, EAP_TNC),
+ PLUGIN_SDEPEND(CUSTOM, "imc-manager"),
+ PLUGIN_SDEPEND(CUSTOM, "imv-manager"),
};
*features = f;
return countof(f);
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
- -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls \
- -I$(top_srcdir)/src/libtncif
+INCLUDES = \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libhydra \
+ -I$(top_srcdir)/src/libcharon \
+ -I$(top_srcdir)/src/libtls \
+ -I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtnccs
AM_CFLAGS = -DUSE_TNC -rdynamic
noinst_LTLIBRARIES = libstrongswan-tnccs-20.la
else
plugin_LTLIBRARIES = libstrongswan-tnccs-20.la
-libstrongswan_tnccs_20_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la
+libstrongswan_tnccs_20_la_LIBADD = \
+ $(top_builddir)/src/libtncif/libtncif.la \
+ $(top_builddir)/src/libtnccs/libtnccs.la
endif
libstrongswan_tnccs_20_la_SOURCES = \
#include <tncif_names.h>
#include <tncif_pa_subtypes.h>
+#include <imc/imc_manager.h>
+
#include <debug.h>
#include <daemon.h>
#include <threading/mutex.h>
* Set of IMV recommendations (TNC Server only)
*/
recommendations_t *recs;
+
+ /**
+ * TNC IMC manager controlling Integrity Measurement Collectors
+ */
+ imc_manager_t *imcs;
+
};
METHOD(tnccs_t, send_msg, TNC_Result,
}
else
{
- charon->imcs->receive_message(charon->imcs,
+ this->imcs->receive_message(this->imcs,
this->connection_id, msg_body.ptr, msg_body.len,msg_type);
}
this->send_msg = FALSE;
case PB_REC_QUARANTINED:
state = TNC_CONNECTION_STATE_ACCESS_ISOLATED;
}
- charon->imcs->notify_connection_change(charon->imcs,
- this->connection_id, state);
+ this->imcs->notify_connection_change(this->imcs,
+ this->connection_id, state);
break;
}
case PB_MSG_REMEDIATION_PARAMETERS:
else if (batch_type == PB_BATCH_SRETRY)
{
/* Restart the measurements */
- charon->imcs->notify_connection_change(charon->imcs,
+ this->imcs->notify_connection_change(this->imcs,
this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
this->send_msg = TRUE;
- charon->imcs->begin_handshake(charon->imcs, this->connection_id);
+ this->imcs->begin_handshake(this->imcs, this->connection_id);
this->send_msg = FALSE;
}
}
else
{
- charon->imcs->batch_ending(charon->imcs, this->connection_id);
+ this->imcs->batch_ending(this->imcs, this->connection_id);
}
this->send_msg = FALSE;
}
}
/* Create PB-TNC Language Preference message */
- pref_lang = charon->imcs->get_preferred_language(charon->imcs);
+ pref_lang = this->imcs->get_preferred_language(this->imcs);
msg = pb_language_preference_msg_create(chunk_create(pref_lang,
strlen(pref_lang)));
this->mutex->lock(this->mutex);
this->batch->add_msg(this->batch, msg);
this->mutex->unlock(this->mutex);
- charon->imcs->notify_connection_change(charon->imcs,
+ this->imcs->notify_connection_change(this->imcs,
this->connection_id, TNC_CONNECTION_STATE_CREATE);
- charon->imcs->notify_connection_change(charon->imcs,
+ this->imcs->notify_connection_change(this->imcs,
this->connection_id, TNC_CONNECTION_STATE_HANDSHAKE);
this->send_msg = TRUE;
- charon->imcs->begin_handshake(charon->imcs, this->connection_id);
+ this->imcs->begin_handshake(this->imcs, this->connection_id);
this->send_msg = FALSE;
}
.is_server = is_server,
.state_machine = pb_tnc_state_machine_create(is_server),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .imcs = lib->get(lib, "imc-manager"),
);
return &this->public;
PLUGIN_PROVIDE(CUSTOM, "tnccs-2.0"),
PLUGIN_DEPENDS(EAP_SERVER, EAP_TNC),
PLUGIN_DEPENDS(EAP_PEER, EAP_TNC),
+ PLUGIN_SDEPEND(CUSTOM, "imc-manager"),
+ PLUGIN_SDEPEND(CUSTOM, "imv-manager"),
};
*features = f;
return countof(f);
#include "tnccs_manager.h"
+#include <imc/imc_manager.h>
#include <tnc/imv/imv_recommendations.h>
#include <debug.h>
*/
rwlock_t *connection_lock;
+ /**
+ * TNC IMC manager controlling Integrity Measurement Collectors
+ */
+ imc_manager_t *imcs;
+
};
METHOD(tnccs_manager_t, add_method, void,
else
{
/* we assume a TNC Client */
- if (!charon->imcs)
+ if (!this->imcs)
+ {
+ this->imcs = lib->get(lib, "imc-manager");
+ }
+ if (!this->imcs)
{
DBG1(DBG_TNC, "no IMC manager available!");
free(entry);
}
else
{
- if (charon->imcs)
+ if (this->imcs)
{
- charon->imcs->notify_connection_change(charon->imcs, id,
+ this->imcs->notify_connection_change(this->imcs, id,
TNC_CONNECTION_STATE_DELETE);
}
}
.connections = linked_list_create(),
.protocol_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
.connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+ .imcs = lib->get(lib, "imc-manager"),
);
return &this->public;
--- /dev/null
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libtncif
+
+ipseclib_LTLIBRARIES = libtnccs.la
+
+libtnccs_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la
+
+libtnccs_la_SOURCES = \
+ imc/imc.h imc/imc_manager.h
+
typedef struct imc_manager_t imc_manager_t;
-#ifdef USE_TNC
-
#include "imc.h"
#include <library.h>
void (*destroy)(imc_manager_t *this);
};
-#endif /* USE_TNC */
-
#endif /** IMC_MANAGER_H_ @}*/
projects / thirdparty / strongswan.git / commitdiff
