implemented IETF Numeric Version attribute

2012-10-18 22:33:26 +02:00 · 2012-10-18 22:33:26 +02:00 · a9c9414d58
parent ef315c5a1c
commit a9c9414d58
9 changed files with 436 additions and 8 deletions
--- a/src/libimcv/Makefile.am
+++ b/src/libimcv/Makefile.am
@ -17,6 +17,7 @@ libimcv_la_SOURCES = \
 	ietf/ietf_attr_fwd_enabled.h ietf/ietf_attr_fwd_enabled.c \
 	ietf/ietf_attr_default_pwd_enabled.h ietf/ietf_attr_default_pwd_enabled.c \
 	ietf/ietf_attr_installed_packages.h ietf/ietf_attr_installed_packages.c \
+	ietf/ietf_attr_numeric_version.h ietf/ietf_attr_numeric_version.c \
 	ietf/ietf_attr_op_status.h ietf/ietf_attr_op_status.c \
 	ietf/ietf_attr_pa_tnc_error.h ietf/ietf_attr_pa_tnc_error.c \
 	ietf/ietf_attr_port_filter.h ietf/ietf_attr_port_filter.c \
--- a/src/libimcv/ietf/ietf_attr.c
+++ b/src/libimcv/ietf/ietf_attr.c
@ -19,6 +19,7 @@
 #include "ietf/ietf_attr_fwd_enabled.h"
 #include "ietf/ietf_attr_default_pwd_enabled.h"
 #include "ietf/ietf_attr_installed_packages.h"
+#include "ietf/ietf_attr_numeric_version.h"
 #include "ietf/ietf_attr_op_status.h"
 #include "ietf/ietf_attr_pa_tnc_error.h"
 #include "ietf/ietf_attr_port_filter.h"
@ -54,6 +55,8 @@ pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value)
 			return ietf_attr_attr_request_create_from_data(value);
 		case IETF_ATTR_PRODUCT_INFORMATION:
 			return ietf_attr_product_info_create_from_data(value);
+		case IETF_ATTR_NUMERIC_VERSION:
+			return ietf_attr_numeric_version_create_from_data(value);
 		case IETF_ATTR_STRING_VERSION:
 			return ietf_attr_string_version_create_from_data(value);
 		case IETF_ATTR_OPERATIONAL_STATUS:
@ -73,7 +76,6 @@ pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value)
 		case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
 			return ietf_attr_default_pwd_enabled_create_from_data(value);
 		case IETF_ATTR_TESTING:
-		case IETF_ATTR_NUMERIC_VERSION:
 		case IETF_ATTR_RESERVED:
 		default:
 			return NULL;
--- a/src/libimcv/ietf/ietf_attr_numeric_version.c
+++ b/src/libimcv/ietf/ietf_attr_numeric_version.c
@ -0,0 +1,281 @@
+/*
+ * Copyright (C) 2012 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "ietf_attr_numeric_version.h"
+
+#include <pa_tnc/pa_tnc_msg.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
+#include <debug.h>
+
+typedef struct private_ietf_attr_numeric_version_t private_ietf_attr_numeric_version_t;
+
+/**
+ * PA-TNC Numeric Version type  (see section 4.2.3 of RFC 5792)
+ *
+ *                       1                   2                   3
+ *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                        Major Version Number                   |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                        Minor Version Number                   |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |                            Build Number                       |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |      Service Pack Major       |      Service Pack Minor       |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+
+#define NUMERIC_VERSION_SIZE		16
+
+/**
+ * Private data of an ietf_attr_numeric_version_t object.
+ */
+struct private_ietf_attr_numeric_version_t {
+
+	/**
+	 * Public members of ietf_attr_numeric_version_t
+	 */
+	ietf_attr_numeric_version_t public;
+
+	/**
+	 * Vendor-specific attribute type
+	 */
+	pen_type_t type;
+
+	/**
+	 * Attribute value
+	 */
+	chunk_t value;
+
+	/**
+	 * Noskip flag
+	 */
+	bool noskip_flag;
+
+	/**
+	 * Major Version Number
+	 */
+	u_int32_t major_version;
+
+	/**
+	 * Minor Version Number
+	 */
+	u_int32_t minor_version;
+
+	/**
+	 * IBuild Number
+	 */
+	u_int32_t build;
+
+	/**
+	 * Service Pack Major Number
+	 */
+	u_int16_t service_pack_major;
+
+	/**
+	 * Service Pack Minor Number
+	 */
+	u_int16_t service_pack_minor;
+
+	/**
+	 * Reference count
+	 */
+	refcount_t ref;
+};
+
+METHOD(pa_tnc_attr_t, get_type, pen_type_t,
+	private_ietf_attr_numeric_version_t *this)
+{
+	return this->type;
+}
+
+METHOD(pa_tnc_attr_t, get_value, chunk_t,
+	private_ietf_attr_numeric_version_t *this)
+{
+	return this->value;
+}
+
+METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
+	private_ietf_attr_numeric_version_t *this)
+{
+	return this->noskip_flag;
+}
+
+METHOD(pa_tnc_attr_t, set_noskip_flag,void,
+	private_ietf_attr_numeric_version_t *this, bool noskip)
+{
+	this->noskip_flag = noskip;
+}
+
+METHOD(pa_tnc_attr_t, build, void,
+	private_ietf_attr_numeric_version_t *this)
+{
+	bio_writer_t *writer;
+
+	if (this->value.ptr)
+	{
+		return;
+	}
+
+	writer = bio_writer_create(NUMERIC_VERSION_SIZE);
+	writer->write_uint32(writer, this->major_version);
+	writer->write_uint32(writer, this->minor_version);
+	writer->write_uint32(writer, this->build);
+	writer->write_uint32(writer, this->service_pack_major);
+	writer->write_uint32(writer, this->service_pack_minor);
+
+	this->value = chunk_clone(writer->get_buf(writer));
+	writer->destroy(writer);
+}
+
+METHOD(pa_tnc_attr_t, process, status_t,
+	private_ietf_attr_numeric_version_t *this, u_int32_t *offset)
+{
+	bio_reader_t *reader;
+
+	if (this->value.len < NUMERIC_VERSION_SIZE)
+	{
+		DBG1(DBG_TNC, "insufficient data for IETF numeric version");
+		*offset = 0;
+		return FAILED;
+	}
+	reader = bio_reader_create(this->value);
+	reader->read_uint32(reader, &this->major_version);	
+	reader->read_uint32(reader, &this->minor_version);	
+	reader->read_uint32(reader, &this->build);	
+	reader->read_uint16(reader, &this->service_pack_major);	
+	reader->read_uint16(reader, &this->service_pack_minor);	
+	reader->destroy(reader);
+
+	return SUCCESS;
+}
+
+METHOD(pa_tnc_attr_t, get_ref, pa_tnc_attr_t*,
+	private_ietf_attr_numeric_version_t *this)
+{
+	ref_get(&this->ref);
+	return &this->public.pa_tnc_attribute;
+}
+
+METHOD(pa_tnc_attr_t, destroy, void,
+	private_ietf_attr_numeric_version_t *this)
+{
+	if (ref_put(&this->ref))
+	{
+		free(this->value.ptr);
+		free(this);
+	}
+}
+
+METHOD(ietf_attr_numeric_version_t, get_version, void,
+	private_ietf_attr_numeric_version_t *this, u_int32_t *major, u_int32_t *minor)
+{
+	if (major)
+	{
+		*major = this->major_version;
+	}
+	if (minor)
+	{
+		*minor = this->minor_version;
+	}
+}
+
+METHOD(ietf_attr_numeric_version_t, get_build, u_int32_t,
+	private_ietf_attr_numeric_version_t *this)
+{
+	return this->build;
+}
+
+METHOD(ietf_attr_numeric_version_t, get_service_pack, void,
+	private_ietf_attr_numeric_version_t *this, u_int16_t *major, u_int16_t *minor)
+{
+	if (major)
+	{
+		*major = this->service_pack_major;
+	}
+	if (minor)
+	{
+		*minor = this->service_pack_minor;
+	}
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor,
+												u_int32_t build,
+												u_int16_t service_pack_major,
+												u_int16_t service_pack_minor)
+{
+	private_ietf_attr_numeric_version_t *this;
+
+	INIT(this,
+		.public = {
+			.pa_tnc_attribute = {
+				.get_type = _get_type,
+				.get_value = _get_value,
+				.get_noskip_flag = _get_noskip_flag,
+				.set_noskip_flag = _set_noskip_flag,
+				.build = _build,
+				.process = _process,
+				.get_ref = _get_ref,
+				.destroy = _destroy,
+			},
+			.get_version = _get_version,
+			.get_build = _get_build,
+			.get_service_pack = _get_service_pack,
+		},
+		.type = { PEN_IETF, IETF_ATTR_NUMERIC_VERSION },
+		.major_version = major,
+		.minor_version = minor,
+		.build = build,
+		.service_pack_major = service_pack_major,
+		.service_pack_minor = service_pack_minor,
+		.ref = 1,
+	);
+
+	return &this->public.pa_tnc_attribute;
+}
+
+/**
+ * Described in header.
+ */
+pa_tnc_attr_t *ietf_attr_numeric_version_create_from_data(chunk_t data)
+{
+	private_ietf_attr_numeric_version_t *this;
+
+	INIT(this,
+		.public = {
+			.pa_tnc_attribute = {
+				.get_type = _get_type,
+				.get_value = _get_value,
+				.build = _build,
+				.process = _process,
+				.get_ref = _get_ref,
+				.destroy = _destroy,
+			},
+			.get_version = _get_version,
+			.get_build = _get_build,
+			.get_service_pack = _get_service_pack,
+		},
+		.type = { PEN_IETF, IETF_ATTR_NUMERIC_VERSION },
+		.value = chunk_clone(data),
+		.ref = 1,
+	);
+
+	return &this->public.pa_tnc_attribute;
+}
+
--- a/src/libimcv/ietf/ietf_attr_numeric_version.h
+++ b/src/libimcv/ietf/ietf_attr_numeric_version.h
@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2012 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ietf_attr_numeric_versiont ietf_attr_numeric_version
+ * @{ @ingroup ietf
+ */
+
+#ifndef IETF_ATTR_NUMERIC_VERSION_H_
+#define IETF_ATTR_NUMERIC_VERSION_H_
+
+typedef struct ietf_attr_numeric_version_t ietf_attr_numeric_version_t;
+
+#include "ietf_attr.h"
+#include "pa_tnc/pa_tnc_attr.h"
+
+
+/**
+ * Class implementing the IETF PA-TNC String Version attribute.
+ *
+ */
+struct ietf_attr_numeric_version_t {
+
+	/**
+	 * Public PA-TNC attribute interface
+	 */
+	pa_tnc_attr_t pa_tnc_attribute;
+
+	/**
+	 * Gets the Major and Minor Version Numbers
+	 *
+	 * @param major			Major Version Number
+	 * @param minor			Minor Version Number
+	 */
+	void (*get_version)(ietf_attr_numeric_version_t *this,
+						u_int32_t *major, u_int32_t *minor);
+
+	/**
+	 * Gets the Build Number
+	 *
+	 * @param major			Major Version Number
+	 * @param minor			Minor Version Number
+	 */
+	u_int32_t (*get_build)(ietf_attr_numeric_version_t *this);
+
+	/**
+	 * Gets the Major and Minor Numbers of the Service Pack
+	 *
+	 * @param major			Service Pack Major Number
+	 * @param minor			Servcie Pack Minor Number
+	 */
+	void (*get_service_pack)(ietf_attr_numeric_version_t *this,
+							 u_int16_t *major, u_int16_t *minor);
+};
+
+/**
+ * Creates an ietf_attr_numeric_version_t object
+ *
+ */
+pa_tnc_attr_t* ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor,
+												u_int32_t build,
+												u_int16_t service_pack_major,
+												u_int16_t service_pack_minor);
+
+/**
+ * Creates an ietf_attr_numeric_version_t object from received data
+ *
+ * @param value				unparsed attribute value
+ */
+pa_tnc_attr_t* ietf_attr_numeric_version_create_from_data(chunk_t value);
+
+#endif /** IETF_ATTR_NUMERIC_VERSION_H_ @}*/
--- a/src/libimcv/os_info/os_info.c
+++ b/src/libimcv/os_info/os_info.c
@ -58,6 +58,22 @@ METHOD(os_info_t, get_name, chunk_t,
 	return this->name;
 }

+METHOD(os_info_t, get_numeric_version, void,
+	private_os_info_t *this, u_int32_t *major, u_int32_t *minor)
+{
+	u_char *pos;
+
+	if (major)
+	{
+		*major = atol(this->version.ptr);
+	}
+	pos = memchr(this->version.ptr, '.', this->version.len);
+	if (minor)
+	{
+		*minor = pos ? atol(pos + 1) : 0;
+	}
+}
+
 METHOD(os_info_t, get_version, chunk_t,
 	private_os_info_t *this)
 {
@ -367,6 +383,7 @@ os_info_t *os_info_create(void)
 	INIT(this,
 		.public = {
 			.get_name = _get_name,
+			.get_numeric_version = _get_numeric_version,
 			.get_version = _get_version,
 			.get_fwd_status = _get_fwd_status,
 			.get_uptime = _get_uptime,
--- a/src/libimcv/os_info/os_info.h
+++ b/src/libimcv/os_info/os_info.h
@ -51,6 +51,15 @@ struct os_info_t {
 	 */
 	chunk_t (*get_name)(os_info_t *this);

+	/**
+	 * Get the numeric OS version or release
+	 *
+	 * @param major				OS major version number
+	 * @param minor				OS minor version number
+	 */
+	void (*get_numeric_version)(os_info_t *this, u_int32_t *major,
+												 u_int32_t *minor);
+
 	/**
 	 * Get the OS version or release
 	 *
--- a/src/libimcv/plugins/imc_os/imc_os.c
+++ b/src/libimcv/plugins/imc_os/imc_os.c
@ -22,6 +22,7 @@
 #include <ietf/ietf_attr_default_pwd_enabled.h>
 #include <ietf/ietf_attr_fwd_enabled.h>
 #include <ietf/ietf_attr_installed_packages.h>
+#include <ietf/ietf_attr_numeric_version.h>
 #include <ietf/ietf_attr_op_status.h>
 #include <ietf/ietf_attr_product_info.h>
 #include <ietf/ietf_attr_remediation_instr.h>
@ -127,6 +128,22 @@ static void add_product_info(imc_msg_t *msg)
 	msg->add_attribute(msg, attr);
 }

+/**
+ * Add IETF Numeric Version attribute to the send queue
+ */
+static void add_numeric_version(imc_msg_t *msg)
+{
+	pa_tnc_attr_t *attr;
+	u_int32_t major, minor;
+
+	os->get_numeric_version(os, &major, &minor);
+	DBG1(DBG_IMC, "operating system numeric version is %d.%d",
+				   major, minor);
+
+	attr = ietf_attr_numeric_version_create(major, minor, 0, 0, 0);
+	msg->add_attribute(msg, attr);
+}
+
 /**
 * Add IETF String Version attribute to the send queue
 */
@ -230,6 +247,7 @@ TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id,
 								 TNC_IMVID_ANY, msg_types[0]);
 		add_product_info(out_msg);
 		add_string_version(out_msg);
+		add_numeric_version(out_msg);
 		add_op_status(out_msg);
 		add_fwd_enabled(out_msg);
 		add_default_pwd_enabled(out_msg);
@ -292,6 +310,9 @@ static TNC_Result receive_message(imc_msg_t *in_msg)
 					case IETF_ATTR_STRING_VERSION:
 						add_string_version(out_msg);
 						break;
+					case IETF_ATTR_NUMERIC_VERSION:
+						add_numeric_version(out_msg);
+						break;
 					case IETF_ATTR_OPERATIONAL_STATUS:
 						add_op_status(out_msg);
 						break;
--- a/src/libimcv/plugins/imv_os/imv_os.c
+++ b/src/libimcv/plugins/imv_os/imv_os.c
@ -22,6 +22,7 @@
 #include <ietf/ietf_attr_default_pwd_enabled.h>
 #include <ietf/ietf_attr_fwd_enabled.h>
 #include <ietf/ietf_attr_installed_packages.h>
+#include <ietf/ietf_attr_numeric_version.h>
 #include <ietf/ietf_attr_op_status.h>
 #include <ietf/ietf_attr_pa_tnc_error.h>
 #include <ietf/ietf_attr_product_info.h>
@ -157,6 +158,17 @@ static TNC_Result receive_message(imv_state_t *state, imv_msg_t *in_msg)
 				}
 				break;
 			}
+			case IETF_ATTR_NUMERIC_VERSION:
+			{
+				ietf_attr_numeric_version_t *attr_cast;
+				u_int32_t major, minor;
+
+				attr_cast = (ietf_attr_numeric_version_t*)attr;
+				attr_cast->get_version(attr_cast, &major, &minor);
+				DBG1(DBG_IMV, "operating system numeric version is %d.%d",
+							   major, minor);
+				break;
+			}
 			case IETF_ATTR_OPERATIONAL_STATUS:
 			{
 				ietf_attr_op_status_t *attr_cast;
@ -404,6 +416,7 @@ TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
 											 IETF_ATTR_PRODUCT_INFORMATION);
 		attr_cast = (ietf_attr_attr_request_t*)attr;
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_STRING_VERSION);
+		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_NUMERIC_VERSION);
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_OPERATIONAL_STATUS);
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_FORWARDING_ENABLED);
 		attr_cast->add(attr_cast, PEN_IETF, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED);
--- a/testing/tests/tnc/tnccs-20-os/description.txt
+++ b/testing/tests/tnc/tnccs-20-os/description.txt
@ -8,13 +8,13 @@ is using the <b>IF-M 1.0</b> measurement protocol defined by <b>RFC 5792 PA-TNC<
 exchange PA-TNC attributes.
 <p>
 <b>carol</b> sends information on her operating system consisting of the PA-TNC attributes
-<em>Product Information</em>, <em>String Version</em>, <em>Operational Status</em>,
-<em>Forwarding Enabled</em>, and <em>Factory Default Password Enabled</em> up-front,
-whereas <b>dave</b> must be prompted by the IMV to do so via an <em>Attribute Request</em>
-PA-TNC attribute. <b>carol</b> is then prompted to send a list of installed packages
-using the <em>Installed Packages</em> PA-TNC attribute whereas <b>dave</b>'s "Windows 1.2.3"
-operating system is not supported and thus <b>dave</b> receives a <em>Remediation
-Instructions</em> PA-TNC attribute.
+<em>Product Information</em>, <em>String Version</em>, <em>Numeric Version</em>,
+<em>Operational Status</em>, <em>Forwarding Enabled</em>, and
+<em>Factory Default Password Enabled</em> up-front, whereas <b>dave</b> must be prompted
+by the IMV to do so via an <em>Attribute Request</em> PA-TNC attribute. <b>carol</b> is
+then prompted to send a list of installed packages using the <em>Installed Packages</em>
+PA-TNC attribute whereas <b>dave</b>'s "Windows 1.2.3" operating system is not supported
+and thus <b>dave</b> receives a <em>Remediation Instructions</em> PA-TNC attribute.
 <p>
 <b>carol</b> passes the health test and <b>dave</b> fails. Based on these assessments
 which are communicated to the IMCs using the <em>Assessment Result</em> PA-TNC attribute,