ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,934 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

771 Commits

Author SHA1 Message Date
Andreas Steffen 737f7fce51 testing: Switched PTS measurements to /usr/sbin 
Due to Debian 10 linking /bin to /usr/bin which drastically
increased the number of files in /bin, the PTS measurement
was switched to /usr/sbin with a lesser number of files.
 2021-03-23 10:54:48 +01:00
Tobias Brunner fbb70c968b pts: Don't rely on BIOS event buffer to be null terminated 2021-02-16 15:16:25 +01:00
Tobias Brunner e6a6fc33b6 path: Also accept / as directory separator on Windows 
This adds helper functions to determine the first or last directory separator
in a string and to check if a given character is a separator.

Paths starting with a separator are now also considered absolute on
Windows as these are rooted at the current drive.

Note that it's fine to use DIRECTORY_SEPARATOR when combining strings as
Windows API calls accept both forward and backward slashes as separators.

Co-authored-by: Michał Skalski <mskalski@enigma.com.pl>

References #3684.
 2021-02-03 17:27:57 +01:00
Andreas Steffen 2889133cc0 imc_attestation: Fixed double free of tpm_version_info chunk 2021-01-08 11:00:15 +01:00
Andreas Steffen 2ea1dac203 libimcv: Support symlinks introduced by usrmerge 
Debian, Ubuntu, Fedora et. al. started to apply usrmerge to their
latest Linux distributions, i.e.  /bin, /sbin, and /lib are now
symbolical links to /usr/bin, /usr/sbin, and /usr/lib, respectively.
Since executables and libraries are contained only once in Linux
packages (e.g. /bin/cp in coreutils but not /usr/bin/cp) this leads
to missing file measurments due to the symlinks when doing remote
attestation.

The new ita_attr_symlinks PA-TNC attribute fixes this problem by
collecting symbolic links pointing to directories on the client
platform.
 2021-01-08 11:00:15 +01:00
Andreas Steffen 9b4a2322d6 libimcv: Evaluate IMA SHA-256 measurements 2021-01-08 11:00:15 +01:00
Tobias Brunner eb4cd8e3b1 imv-scanner: Fix potentially unsafe port filter attribute destruction 
DESTROY_IF() checks if the given value is not NULL, before calling
destroy() on it, which does not work for sub-structs.  If
port_filter_attr is NULL, this could crash.
 2020-12-03 12:19:06 +01:00
Tobias Brunner 4fc6b79b93 libimcv: Avoid compiler warning in segmentation unit test 
Newer versions of GCC complain that the variable may be used
uninitialized.
 2020-11-13 16:38:17 +01:00
Tobias Brunner 19343998bb imv-attestation: Fix typo in default value for hash_algorithm option 2020-11-04 10:06:46 +01:00
Tobias Brunner f0f65b20ae libimcv: Remove empty 'swid' Doxygen group 
The corresponding IMC/IMV were already removed with a31f9b7691 ("libimcv:
Removed TCG SWID IMC/IMV support").
 2020-11-04 10:06:46 +01:00
Tobias Brunner c810912d2f libimcv: Fix Doxygen comments for some pts_meas_algo_* functions 2020-10-12 13:48:57 +02:00
Andreas Steffen f3d96b7bc9 Version bump to 5.9.1dr1 2020-10-07 16:54:32 +02:00
Andreas Steffen 3e5a528aec tpm: Auto-detection of legacy TPM 2.0 devices 2020-10-07 16:54:32 +02:00
Andreas Steffen 3ef5b23903 pts: Variable size PCR banks 2020-10-07 16:54:32 +02:00
Andreas Steffen d647a8f91d pts: Parse TPM 2.0 BIOS/EFI event log 2020-10-07 16:54:32 +02:00
Tobias Brunner 766017a8d3 libimcv: Add Debian 10.5 to IMV database 2020-09-03 13:34:19 +02:00
Tobias Brunner bdd058e36c imv-scanner: Fix potential buffer overflow 
While `pos` was moved to the end, `len` was not adjusted (i.e. set to 0)
so later calls could write beyond the buffer.  However, the last port
written might have been incomplete, so instead we just reset the string.
 2020-08-18 14:05:04 +02:00
Josh Soref b3ab7a48cc Spelling fixes 
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior

Closes strongswan/strongswan#164.
 2020-02-11 18:23:07 +01:00
Tobias Brunner 17c9972252 Fixed some typos, courtesy of codespell 2019-08-28 14:03:41 +02:00
Tobias Brunner b9949e98c2 Some whitespace fixes 
Didn't change some of the larger testing scripts that use an inconsistent
indentation style.
 2019-08-22 15:18:06 +02:00
Tobias Brunner 12e64e5cf4 libimcv: Use proper printf specifier for unsigned issuer and responder IDs 2019-05-08 14:48:54 +02:00
Tobias Brunner 994cff3fac swima-collector: Use proper type for field precision 2019-05-08 14:48:54 +02:00
Tobias Brunner 02b348403a Fixed some typos, courtesy of codespell 2019-04-29 15:09:20 +02:00
Tobias Brunner 0f193be23d libimcv: Add Debian 9.7 to IMV database 2019-01-30 12:26:19 +01:00
Andreas Steffen 77e4a420c3 libimcv: Updated openssl version in IMV database 2018-12-09 19:53:05 +01:00
Tobias Brunner babb979e42 libimcv: Add Debian 9.5 and 9.6 to IMV database 2018-11-21 14:32:24 +01:00
Tobias Brunner de80946f6a Remove useless break statements 2018-11-12 17:36:22 +01:00
Tobias Brunner f1889ca34a imv-attestation: Don't use comma to separate statements 2018-09-17 18:51:43 +02:00
Tobias Brunner f0d34f32a7 imv-agent: Don't use comma to separate statements 2018-09-17 18:51:43 +02:00
Tobias Brunner 1295558ab3 imv-os-agent: Remove useless assignment 
`eval` will never be TNC_IMV_EVALUATION_RESULT_DONT_KNOW so we can
remove the if statement too.
 2018-09-17 18:51:42 +02:00
Tobias Brunner ddc797686f pts: Remove commented call of inexistent function 2018-09-17 18:51:42 +02:00
Tobias Brunner 2ff4983adc libimcv: Fix Android.mk 2018-08-10 10:10:00 +02:00
Andreas Steffen 731e043c8e libimcv: Reset of IMC state for new measurement cycle 2018-08-01 15:44:49 +02:00
Andreas Steffen 25973c0350 libimcv: Reset of IMV state for new measurement cycle 2018-08-01 15:44:49 +02:00
Andreas Steffen 37c12f98b0 imv-swima: Support subscriptions 2018-07-30 12:06:34 +02:00
Andreas Steffen f649a13cc6 imc-swima: Support subscriptions 2018-07-29 10:37:36 +02:00
Andreas Steffen ff9bac6ab8 libimcv: Missing comma in pa_tnc_error_code_names 2018-07-24 22:49:45 +02:00
Andreas Steffen 5fbb8b6a4a libimcv: Added Debian 8.11 and Ubunut 18.04 to IMV database 2018-07-19 14:11:44 +02:00
Andreas Steffen 782344e5e5 libimcv: Prevent integer overflow in time conversion 2018-06-18 11:04:53 +02:00
Andreas Steffen 2a26566ed3 libimcv: Implementation of RFC 8412 SWIMA 2018-06-12 21:47:40 +02:00
Andreas Steffen 27ec213d0b libimcv: Added reserved field in SWIMA Inventory encoding 2018-06-12 21:47:40 +02:00
Andreas Steffen cd6e45817e libimcv: Fixed processing of PTS Request File Metadata 2018-06-12 21:47:39 +02:00
Andreas Steffen 0a3c89a053 libimcv: Removed whitespace 2018-06-12 21:47:39 +02:00
Andreas Steffen 66b9287cd5 libimcv: Fixed processing of PTS Simple Component Evidence 2018-06-12 21:47:39 +02:00
Andreas Steffen a31f9b7691 libimcv: Removed TCG SWID IMC/IMV support 2018-06-12 21:47:39 +02:00
Andreas Steffen eccd2b6e09 libimcv: SWIMA SW locator must be file URI 2018-06-12 17:53:06 +02:00
Andreas Steffen 0b445a5c54 libimcv: Updated IANA numbers assigned to SWIMA 2018-06-12 17:53:06 +02:00
Tobias Brunner 89bd016ef4 Fixed some typos, courtesy of codespell 2018-05-23 16:33:02 +02:00
Tobias Brunner 1b67166921 Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
Andreas Steffen 43a1839cbc libimcv: Added inactive field to device database table 2018-04-27 12:42:29 +02:00