diff --git a/src/libimcv/imc/imc_agent.c b/src/libimcv/imc/imc_agent.c index 533151799..0d622f1b8 100644 --- a/src/libimcv/imc/imc_agent.c +++ b/src/libimcv/imc/imc_agent.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,6 +58,11 @@ struct private_imc_agent_t { */ linked_list_t *additional_ids; + /** + * list of non-fatal unsupported PA-TNC attribute types + */ + linked_list_t *non_fatal_attr_types; + /** * list of TNCC connection entries */ @@ -510,11 +515,29 @@ METHOD(imc_agent_t, create_id_enumerator, enumerator_t*, return this->additional_ids->create_enumerator(this->additional_ids); } +METHOD(imc_agent_t, add_non_fatal_attr_type, void, + private_imc_agent_t *this, pen_type_t type) +{ + pen_type_t *type_p; + + type_p = malloc_thing(pen_type_t); + *type_p = type; + this->non_fatal_attr_types->insert_last(this->non_fatal_attr_types, type_p); +} + +METHOD(imc_agent_t, get_non_fatal_attr_types, linked_list_t*, + private_imc_agent_t *this) +{ + return this->non_fatal_attr_types; +} + METHOD(imc_agent_t, destroy, void, private_imc_agent_t *this) { DBG1(DBG_IMC, "IMC %u \"%s\" terminated", this->id, this->name); this->additional_ids->destroy(this->additional_ids); + this->non_fatal_attr_types->destroy_function(this->non_fatal_attr_types, + free); this->connections->destroy_function(this->connections, free); this->connection_lock->destroy(this->connection_lock); free(this); @@ -550,6 +573,8 @@ imc_agent_t *imc_agent_create(const char *name, .reserve_additional_ids = _reserve_additional_ids, .count_additional_ids = _count_additional_ids, .create_id_enumerator = _create_id_enumerator, + .add_non_fatal_attr_type = _add_non_fatal_attr_type, + .get_non_fatal_attr_types = _get_non_fatal_attr_types, .destroy = _destroy, }, .name = name, @@ -557,6 +582,7 @@ imc_agent_t *imc_agent_create(const char *name, .type_count = type_count, .id = id, .additional_ids = linked_list_create(), + .non_fatal_attr_types = linked_list_create(), .connections = linked_list_create(), .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT), ); diff --git a/src/libimcv/imc/imc_agent.h b/src/libimcv/imc/imc_agent.h index 0a1638f47..8bdfb6c32 100644 --- a/src/libimcv/imc/imc_agent.h +++ b/src/libimcv/imc/imc_agent.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -171,6 +171,16 @@ struct imc_agent_t { */ enumerator_t* (*create_id_enumerator)(imc_agent_t *this); + /** + * Add an item to the list of non-fatal unsupported PA-TNC attribute types + */ + void (*add_non_fatal_attr_type)(imc_agent_t *this, pen_type_t type); + + /** + * Get a list of non-fatal unsupported PA-TNC attribute types + */ + linked_list_t* (*get_non_fatal_attr_types)(imc_agent_t *this); + /** * Destroys an imc_agent_t object */ diff --git a/src/libimcv/imc/imc_msg.c b/src/libimcv/imc/imc_msg.c index 1cf81c730..5f2772e69 100644 --- a/src/libimcv/imc/imc_msg.c +++ b/src/libimcv/imc/imc_msg.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -210,6 +210,7 @@ static void print_assessment_trailer(bool first) METHOD(imc_msg_t, receive, TNC_Result, private_imc_msg_t *this, bool *fatal_error) { + linked_list_t *non_fatal_types; TNC_UInt32 target_imc_id; enumerator_t *enumerator; pa_tnc_attr_t *attr; @@ -282,7 +283,9 @@ METHOD(imc_msg_t, receive, TNC_Result, this->dst_id : this->agent->get_id(this->agent); /* preprocess any received IETF standard error attributes */ - *fatal_error = this->pa_msg->process_ietf_std_errors(this->pa_msg); + non_fatal_types = this->agent->get_non_fatal_attr_types(this->agent); + *fatal_error = this->pa_msg->process_ietf_std_errors(this->pa_msg, + non_fatal_types); /* preprocess any received IETF assessment result attribute */ enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg); diff --git a/src/libimcv/imc/imc_msg.h b/src/libimcv/imc/imc_msg.h index 588225dbe..5a68e9ed9 100644 --- a/src/libimcv/imc/imc_msg.h +++ b/src/libimcv/imc/imc_msg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c index a46455d47..6b24f4b28 100644 --- a/src/libimcv/imv/imv_agent.c +++ b/src/libimcv/imv/imv_agent.c @@ -64,6 +64,11 @@ struct private_imv_agent_t { */ linked_list_t *additional_ids; + /** + * list of non-fatal unsupported PA-TNC attribute types + */ + linked_list_t *non_fatal_attr_types; + /** * list of TNCS connection entries */ @@ -772,11 +777,29 @@ METHOD(imv_agent_t, provide_recommendation, TNC_Result, return this->provide_recommendation(this->id, connection_id, rec, eval); } +METHOD(imv_agent_t, add_non_fatal_attr_type, void, + private_imv_agent_t *this, pen_type_t type) +{ + pen_type_t *type_p; + + type_p = malloc_thing(pen_type_t); + *type_p = type; + this->non_fatal_attr_types->insert_last(this->non_fatal_attr_types, type_p); +} + +METHOD(imv_agent_t, get_non_fatal_attr_types, linked_list_t*, + private_imv_agent_t *this) +{ + return this->non_fatal_attr_types; +} + METHOD(imv_agent_t, destroy, void, private_imv_agent_t *this) { DBG1(DBG_IMV, "IMV %u \"%s\" terminated", this->id, this->name); this->additional_ids->destroy(this->additional_ids); + this->non_fatal_attr_types->destroy_function(this->non_fatal_attr_types, + free); this->connections->destroy_offset(this->connections, offsetof(imv_state_t, destroy)); this->connection_lock->destroy(this->connection_lock); @@ -815,6 +838,8 @@ imv_agent_t *imv_agent_create(const char *name, .create_id_enumerator = _create_id_enumerator, .create_language_enumerator = _create_language_enumerator, .provide_recommendation = _provide_recommendation, + .add_non_fatal_attr_type = _add_non_fatal_attr_type, + .get_non_fatal_attr_types = _get_non_fatal_attr_types, .destroy = _destroy, }, .name = name, @@ -822,6 +847,7 @@ imv_agent_t *imv_agent_create(const char *name, .type_count = type_count, .id = id, .additional_ids = linked_list_create(), + .non_fatal_attr_types = linked_list_create(), .connections = linked_list_create(), .connection_lock = rwlock_create(RWLOCK_TYPE_DEFAULT), ); diff --git a/src/libimcv/imv/imv_agent.h b/src/libimcv/imv/imv_agent.h index 47ce770bc..1f6a10b7c 100644 --- a/src/libimcv/imv/imv_agent.h +++ b/src/libimcv/imv/imv_agent.h @@ -188,6 +188,16 @@ struct imv_agent_t { */ TNC_Result (*provide_recommendation)(imv_agent_t *this, imv_state_t* state); + /** + * Add an item to the list of non-fatal unsupported PA-TNC attribute types + */ + void (*add_non_fatal_attr_type)(imv_agent_t *this, pen_type_t type); + + /** + * Get a list of non-fatal unsupported PA-TNC attribute types + */ + linked_list_t* (*get_non_fatal_attr_types)(imv_agent_t *this); + /** * Destroys an imv_agent_t object */ diff --git a/src/libimcv/imv/imv_msg.c b/src/libimcv/imv/imv_msg.c index e7181750c..35017b508 100644 --- a/src/libimcv/imv/imv_msg.c +++ b/src/libimcv/imv/imv_msg.c @@ -248,6 +248,7 @@ METHOD(imv_msg_t, send_assessment, TNC_Result, METHOD(imv_msg_t, receive, TNC_Result, private_imv_msg_t *this, bool *fatal_error) { + linked_list_t *non_fatal_types; enumerator_t *enumerator; pa_tnc_attr_t *attr; chunk_t msg; @@ -313,7 +314,9 @@ METHOD(imv_msg_t, receive, TNC_Result, } /* preprocess any received IETF standard error attributes */ - *fatal_error = this->pa_msg->process_ietf_std_errors(this->pa_msg); + non_fatal_types = this->agent->get_non_fatal_attr_types(this->agent); + *fatal_error = this->pa_msg->process_ietf_std_errors(this->pa_msg, + non_fatal_types); return TNC_RESULT_SUCCESS; } diff --git a/src/libimcv/imv/imv_msg.h b/src/libimcv/imv/imv_msg.h index dfec169cc..6f93e1250 100644 --- a/src/libimcv/imv/imv_msg.h +++ b/src/libimcv/imv/imv_msg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libimcv/pa_tnc/pa_tnc_msg.c b/src/libimcv/pa_tnc/pa_tnc_msg.c index fa4ee008e..4cfb9bdd0 100644 --- a/src/libimcv/pa_tnc/pa_tnc_msg.c +++ b/src/libimcv/pa_tnc/pa_tnc_msg.c @@ -349,26 +349,27 @@ err: } METHOD(pa_tnc_msg_t, process_ietf_std_errors, bool, - private_pa_tnc_msg_t *this) + private_pa_tnc_msg_t *this, linked_list_t *non_fatal_types) { - enumerator_t *enumerator; + enumerator_t *e1, *e2; enum_name_t *pa_attr_names; pa_tnc_attr_t *attr; pen_type_t type, unsupported_type; uint8_t flags; bool fatal_error = FALSE; - enumerator = this->attributes->create_enumerator(this->attributes); - while (enumerator->enumerate(enumerator, &attr)) + e1 = this->attributes->create_enumerator(this->attributes); + while (e1->enumerate(e1, &attr)) { type = attr->get_type(attr); if (type.vendor_id == PEN_IETF && type.type == IETF_ATTR_PA_TNC_ERROR) { ietf_attr_pa_tnc_error_t *error_attr; - pen_type_t error_code; + pen_type_t error_code, *non_fatal_type; chunk_t msg_info; uint32_t offset; + bool fatal_current_error = TRUE; error_attr = (ietf_attr_pa_tnc_error_t*)attr; error_code = error_attr->get_error_code(error_attr); @@ -412,14 +413,27 @@ METHOD(pa_tnc_msg_t, process_ietf_std_errors, bool, unsupported_type.vendor_id, unsupported_type.type, flags); } + e2 = non_fatal_types->create_enumerator(non_fatal_types); + while (e2->enumerate(e2, &non_fatal_type)) + { + if (pen_type_equals(unsupported_type, *non_fatal_type)) + { + fatal_current_error = FALSE; + break; + } + } + e2->destroy(e2); break; default: break; } - fatal_error = TRUE; + if (fatal_current_error) + { + fatal_error = TRUE; + } } } - enumerator->destroy(enumerator); + e1->destroy(e1); return fatal_error; } diff --git a/src/libimcv/pa_tnc/pa_tnc_msg.h b/src/libimcv/pa_tnc/pa_tnc_msg.h index 84814b92b..57ff1a04c 100644 --- a/src/libimcv/pa_tnc/pa_tnc_msg.h +++ b/src/libimcv/pa_tnc/pa_tnc_msg.h @@ -68,9 +68,11 @@ struct pa_tnc_msg_t { /** * Process all IETF standard error PA-TNC attributes * - * @return TRUE if at least one error attribute processed + * @param non_fatal_types list of non fatal unsupported attribute types + * @return TRUE if at least one fatal error processed */ - bool (*process_ietf_std_errors)(pa_tnc_msg_t *this); + bool (*process_ietf_std_errors)(pa_tnc_msg_t *this, + linked_list_t *non_fatal_types); /** * Enumerates over all PA-TNC attributes