From 6d0e9cf046fe736dafb582d08b5c6d74fd61f264 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Tue, 5 Oct 2010 21:15:24 +0200 Subject: [PATCH] created hull for TNCCS 2.0 plugin --- configure.in | 4 + src/libcharon/Makefile.am | 7 ++ src/libcharon/plugins/tnccs_20/Makefile.am | 21 ++++ src/libcharon/plugins/tnccs_20/tnccs_20.c | 103 ++++++++++++++++++ src/libcharon/plugins/tnccs_20/tnccs_20.h | 36 ++++++ .../plugins/tnccs_20/tnccs_20_plugin.c | 47 ++++++++ .../plugins/tnccs_20/tnccs_20_plugin.h | 42 +++++++ 7 files changed, 260 insertions(+) create mode 100644 src/libcharon/plugins/tnccs_20/Makefile.am create mode 100644 src/libcharon/plugins/tnccs_20/tnccs_20.c create mode 100644 src/libcharon/plugins/tnccs_20/tnccs_20.h create mode 100644 src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c create mode 100644 src/libcharon/plugins/tnccs_20/tnccs_20_plugin.h diff --git a/configure.in b/configure.in index 6528874a3..c225d7249 100644 --- a/configure.in +++ b/configure.in @@ -116,6 +116,7 @@ ARG_ENABL_SET([eap-ttls], [enable EAP TTLS authentication module.]) ARG_ENABL_SET([eap-tnc], [enable EAP TNC trusted network connect module.]) ARG_ENABL_SET([eap-radius], [enable RADIUS proxy authentication module.]) ARG_ENABL_SET([tnccs-11], [enable TNCCS 1.1 protocol module.]) +ARG_ENABL_SET([tnccs-20], [enable TNCCS 2.0 protocol module.]) ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.]) ARG_ENABL_SET([kernel-pfkey], [enable the PF_KEY kernel interface.]) ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.]) @@ -760,6 +761,7 @@ ADD_PLUGIN([eap-tls], [c libcharon]) ADD_PLUGIN([eap-ttls], [c libcharon]) ADD_PLUGIN([eap-tnc], [c libcharon]) ADD_PLUGIN([tnccs-11], [c libcharon]) +ADD_PLUGIN([tnccs-20], [c libcharon]) ADD_PLUGIN([medsrv], [c libcharon]) ADD_PLUGIN([medcli], [c libcharon]) ADD_PLUGIN([nm], [c libcharon]) @@ -857,6 +859,7 @@ AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue) AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue) AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue) AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue) +AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue) AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue) AM_CONDITIONAL(USE_SOCKET_RAW, test x$socket_raw = xtrue) AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue) @@ -995,6 +998,7 @@ AC_OUTPUT( src/libcharon/plugins/eap_tnc/Makefile src/libcharon/plugins/eap_radius/Makefile src/libcharon/plugins/tnccs_11/Makefile + src/libcharon/plugins/tnccs_20/Makefile src/libcharon/plugins/socket_default/Makefile src/libcharon/plugins/socket_raw/Makefile src/libcharon/plugins/socket_dynamic/Makefile diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am index b4d678e1d..b84886c74 100644 --- a/src/libcharon/Makefile.am +++ b/src/libcharon/Makefile.am @@ -321,6 +321,13 @@ if MONOLITHIC endif endif +if USE_TNCCS_20 + SUBDIRS += plugins/tnccs_20 +if MONOLITHIC + libcharon_la_LIBADD += plugins/eap_tnc/libstrongswan-tnccs-20.la +endif +endif + if USE_MEDSRV SUBDIRS += plugins/medsrv if MONOLITHIC diff --git a/src/libcharon/plugins/tnccs_20/Makefile.am b/src/libcharon/plugins/tnccs_20/Makefile.am new file mode 100644 index 000000000..3018121e3 --- /dev/null +++ b/src/libcharon/plugins/tnccs_20/Makefile.am @@ -0,0 +1,21 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \ + -I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls \ + `xml2-config --cflags` + +AM_CFLAGS = -rdynamic + +libstrongswan_tnccs_20_la_LIBADD = -ltnc + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-tnccs-20.la +else +plugin_LTLIBRARIES = libstrongswan-tnccs-20.la +libstrongswan_tnccs_20_la_LIBADD += $(top_builddir)/src/libtls/libtls.la +endif + +libstrongswan_tnccs_20_la_SOURCES = \ + tnccs_20_plugin.h tnccs_20_plugin.c tnccs_20.h tnccs_20.c + +libstrongswan_tnccs_20_la_LDFLAGS = -module -avoid-version + diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20.c b/src/libcharon/plugins/tnccs_20/tnccs_20.c new file mode 100644 index 000000000..2bd1bc476 --- /dev/null +++ b/src/libcharon/plugins/tnccs_20/tnccs_20.c @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "tnccs_20.h" + +#include + +static chunk_t tncc_output; + +typedef struct private_tnccs_20_t private_tnccs_20_t; + +/** + * Private data of a tnccs_20_t object. + */ +struct private_tnccs_20_t { + + /** + * Public tls_t interface. + */ + tls_t public; + + /** + * TNCC if TRUE, TNCS if FALSE + */ + bool is_server; +}; + +METHOD(tls_t, process, status_t, + private_tnccs_20_t *this, void *buf, size_t buflen) +{ + return NEED_MORE; +} + +METHOD(tls_t, build, status_t, + private_tnccs_20_t *this, void *buf, size_t *buflen, size_t *msglen) +{ + return ALREADY_DONE; +} + +METHOD(tls_t, is_server, bool, + private_tnccs_20_t *this) +{ + return this->is_server; +} + +METHOD(tls_t, get_purpose, tls_purpose_t, + private_tnccs_20_t *this) +{ + return TLS_PURPOSE_EAP_TNC; +} + +METHOD(tls_t, is_complete, bool, + private_tnccs_20_t *this) +{ + return FALSE; +} + +METHOD(tls_t, get_eap_msk, chunk_t, + private_tnccs_20_t *this) +{ + return chunk_empty; +} + +METHOD(tls_t, destroy, void, + private_tnccs_20_t *this) +{ + free(this); +} + +/** + * See header + */ +tls_t *tnccs_20_create(bool is_server) +{ + private_tnccs_20_t *this; + + INIT(this, + .public = { + .process = _process, + .build = _build, + .is_server = _is_server, + .get_purpose = _get_purpose, + .is_complete = _is_complete, + .get_eap_msk = _get_eap_msk, + .destroy = _destroy, + }, + .is_server = is_server, + ); + + return &this->public; +} diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20.h b/src/libcharon/plugins/tnccs_20/tnccs_20.h new file mode 100644 index 000000000..6454fae43 --- /dev/null +++ b/src/libcharon/plugins/tnccs_20/tnccs_20.h @@ -0,0 +1,36 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup tnccs_20 tnccs_20 + * @{ @ingroup tnccs_20 + */ + +#ifndef TNCCS_20_H_ +#define TNCCS_20_H_ + +#include + +#include + +/** + * Create an instance of the TNC IF-TNCCS 2.0 protocol handler. + * + * @param is_server TRUE to act as TNC Server, FALSE for TNC Client + * @return TNC_IF_TNCCS 2.0 protocol stack + */ +tls_t *tnccs_20_create(bool is_server); + +#endif /** TNCCS_20_H_ @}*/ diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c new file mode 100644 index 000000000..82c78f74c --- /dev/null +++ b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.c @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "tnccs_20_plugin.h" +#include "tnccs_20.h" + +#include + +METHOD(plugin_t, destroy, void, + tnccs_20_plugin_t *this) +{ + charon->tnccs->remove_method(charon->tnccs, + (tnccs_constructor_t)tnccs_20_create); + free(this); +} + +/* + * see header file + */ +plugin_t *tnccs_20_plugin_create() +{ + tnccs_20_plugin_t *this; + + INIT(this, + .plugin = { + .destroy = _destroy, + }, + ); + + charon->tnccs->add_method(charon->tnccs, TNCCS_2_0, + (tnccs_constructor_t)tnccs_20_create); + + return &this->plugin; +} + diff --git a/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.h b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.h new file mode 100644 index 000000000..1c4ecf4c9 --- /dev/null +++ b/src/libcharon/plugins/tnccs_20/tnccs_20_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup tnccs_20 tnccs_20 + * @ingroup cplugins + * + * @defgroup tnccs_20_plugin tnccs_20_plugin + * @{ @ingroup tnccs_20 + */ + +#ifndef TNCCS_20_PLUGIN_H_ +#define TNCCS_20_PLUGIN_H_ + +#include + +typedef struct tnccs_20_plugin_t tnccs_20_plugin_t; + +/** + * EAP-TNC plugin + */ +struct tnccs_20_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +#endif /** TNCCS_20_PLUGIN_H_ @}*/