improved control when an attribute request is sent

src/libimcv/plugins/imv_os/imv_os.c

@@ -360,7 +360,9 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 		out_msg->add_attribute(out_msg, attr);
 	}
 
-	if (fatal_error)
+	if (fatal_error ||
+	   (os_state->get_attribute_request(os_state) &&
+		os_state->get_info(os_state, NULL, NULL, NULL) == NULL))
 	{
 		state->set_recommendation(state,
 								TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
@@ -371,7 +373,8 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 	/* If all Installed Packages attributes were received, go to assessment */
 	if (!assessment &&
 		!os_state->get_package_request(os_state) &&
-		!os_state->get_angel_count(os_state))
+		!os_state->get_angel_count(os_state) &&
+		 os_state->get_info(os_state, NULL, NULL, NULL))
 	{
 		int device_id, count, count_update, count_blacklist, count_ok;
 		u_int os_settings;
@@ -518,6 +521,8 @@ TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
 {
 	imv_state_t *state;
 	imv_os_state_t *os_state;
+	TNC_IMV_Action_Recommendation rec;
+	TNC_IMV_Evaluation_Result eval;
 	TNC_Result result = TNC_RESULT_SUCCESS;
 
 	if (!imv_os)
@@ -531,6 +536,18 @@ TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
 	}
 	os_state = (imv_os_state_t*)state;
 
+	state->get_recommendation(state, &rec, &eval);
+
+	/*
+	 * Don't send an attribute request if an evaluation is available 
+	 * or if an attribute request has already been sent
+	 */
+	if (eval != TNC_IMV_EVALUATION_RESULT_DONT_KNOW ||
+		os_state->get_attribute_request(os_state))
+	{
+		return TNC_RESULT_SUCCESS;
+	}
+
 	if (os_state->get_info(os_state, NULL, NULL, NULL) == NULL)
 	{
 		imv_msg_t *out_msg;
@@ -548,6 +565,7 @@ TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_FORWARDING_ENABLED);
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED);
 		out_msg->add_attribute(out_msg, attr);
+		os_state->set_attribute_request(os_state, TRUE);
 
 		/* send PA-TNC message with excl flag not set */
 		result = out_msg->send(out_msg, FALSE);

src/libimcv/plugins/imv_os/imv_os_state.c

@@ -136,6 +136,11 @@ struct private_imv_os_state_t {
 	 */
 	int count_ok;
 
+	/**
+	 * Attribute request sent - mandatory response expected
+	 */
+	bool attribute_request;
+
 	/**
 	 * OS Installed Package request sent - mandatory response expected
 	 */
@@ -506,6 +511,18 @@ METHOD(imv_os_state_t, get_count, void,
 	}
 }
 
+METHOD(imv_os_state_t, set_attribute_request, void,
+	private_imv_os_state_t *this, bool set)
+{
+	this->attribute_request = set;
+}
+
+METHOD(imv_os_state_t, get_attribute_request, bool,
+	private_imv_os_state_t *this)
+{
+	return this->attribute_request;
+}
+
 METHOD(imv_os_state_t, set_package_request, void,
 	private_imv_os_state_t *this, bool set)
 {
@@ -597,6 +614,8 @@ imv_state_t *imv_os_state_create(TNC_ConnectionID connection_id)
 			.get_info = _get_info,
 			.set_count = _set_count,
 			.get_count = _get_count,
+			.set_attribute_request = _set_attribute_request,
+			.get_attribute_request = _get_attribute_request,
 			.set_package_request = _set_package_request,
 			.get_package_request = _get_package_request,
 			.set_device_id = _set_device_id,

src/libimcv/plugins/imv_os/imv_os_state.h

@@ -87,6 +87,21 @@ struct imv_os_state_t {
 	 */
 	void (*get_count)(imv_os_state_t *this, int *count, int *count_update,
 					  int *count_blacklist, int *count_ok);
+
+	/**
+	 * Set/reset attribute request status
+	 *
+	 * @param set			TRUE to set, FALSE to clear
+	 */
+	void (*set_attribute_request)(imv_os_state_t *this, bool set);
+
+	/**
+	 * Get attribute request status
+	 *
+	 * @return				TRUE if set, FALSE if unset
+	 */
+	bool (*get_attribute_request)(imv_os_state_t *this);
+
 	/**
 	 * Set/reset OS Installed Packages request status
 	 *