Andreas Steffen
737f7fce51
testing: Switched PTS measurements to /usr/sbin
...
Due to Debian 10 linking /bin to /usr/bin which drastically
increased the number of files in /bin, the PTS measurement
was switched to /usr/sbin with a lesser number of files.
2021-03-23 10:54:48 +01:00
Tobias Brunner
fbb70c968b
pts: Don't rely on BIOS event buffer to be null terminated
2021-02-16 15:16:25 +01:00
Tobias Brunner
e6a6fc33b6
path: Also accept / as directory separator on Windows
...
This adds helper functions to determine the first or last directory separator
in a string and to check if a given character is a separator.
Paths starting with a separator are now also considered absolute on
Windows as these are rooted at the current drive.
Note that it's fine to use DIRECTORY_SEPARATOR when combining strings as
Windows API calls accept both forward and backward slashes as separators.
Co-authored-by: Michał Skalski <mskalski@enigma.com.pl>
References #3684 .
2021-02-03 17:27:57 +01:00
Andreas Steffen
2889133cc0
imc_attestation: Fixed double free of tpm_version_info chunk
2021-01-08 11:00:15 +01:00
Andreas Steffen
2ea1dac203
libimcv: Support symlinks introduced by usrmerge
...
Debian, Ubuntu, Fedora et. al. started to apply usrmerge to their
latest Linux distributions, i.e. /bin, /sbin, and /lib are now
symbolical links to /usr/bin, /usr/sbin, and /usr/lib, respectively.
Since executables and libraries are contained only once in Linux
packages (e.g. /bin/cp in coreutils but not /usr/bin/cp) this leads
to missing file measurments due to the symlinks when doing remote
attestation.
The new ita_attr_symlinks PA-TNC attribute fixes this problem by
collecting symbolic links pointing to directories on the client
platform.
2021-01-08 11:00:15 +01:00
Andreas Steffen
9b4a2322d6
libimcv: Evaluate IMA SHA-256 measurements
2021-01-08 11:00:15 +01:00
Tobias Brunner
eb4cd8e3b1
imv-scanner: Fix potentially unsafe port filter attribute destruction
...
DESTROY_IF() checks if the given value is not NULL, before calling
destroy() on it, which does not work for sub-structs. If
port_filter_attr is NULL, this could crash.
2020-12-03 12:19:06 +01:00
Tobias Brunner
4fc6b79b93
libimcv: Avoid compiler warning in segmentation unit test
...
Newer versions of GCC complain that the variable may be used
uninitialized.
2020-11-13 16:38:17 +01:00
Tobias Brunner
19343998bb
imv-attestation: Fix typo in default value for hash_algorithm option
2020-11-04 10:06:46 +01:00
Tobias Brunner
f0f65b20ae
libimcv: Remove empty 'swid' Doxygen group
...
The corresponding IMC/IMV were already removed with a31f9b7691
("libimcv:
Removed TCG SWID IMC/IMV support").
2020-11-04 10:06:46 +01:00
Tobias Brunner
c810912d2f
libimcv: Fix Doxygen comments for some pts_meas_algo_* functions
2020-10-12 13:48:57 +02:00
Andreas Steffen
f3d96b7bc9
Version bump to 5.9.1dr1
2020-10-07 16:54:32 +02:00
Andreas Steffen
3e5a528aec
tpm: Auto-detection of legacy TPM 2.0 devices
2020-10-07 16:54:32 +02:00
Andreas Steffen
3ef5b23903
pts: Variable size PCR banks
2020-10-07 16:54:32 +02:00
Andreas Steffen
d647a8f91d
pts: Parse TPM 2.0 BIOS/EFI event log
2020-10-07 16:54:32 +02:00
Tobias Brunner
766017a8d3
libimcv: Add Debian 10.5 to IMV database
2020-09-03 13:34:19 +02:00
Tobias Brunner
bdd058e36c
imv-scanner: Fix potential buffer overflow
...
While `pos` was moved to the end, `len` was not adjusted (i.e. set to 0)
so later calls could write beyond the buffer. However, the last port
written might have been incomplete, so instead we just reset the string.
2020-08-18 14:05:04 +02:00
Josh Soref
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
Tobias Brunner
17c9972252
Fixed some typos, courtesy of codespell
2019-08-28 14:03:41 +02:00
Tobias Brunner
b9949e98c2
Some whitespace fixes
...
Didn't change some of the larger testing scripts that use an inconsistent
indentation style.
2019-08-22 15:18:06 +02:00
Tobias Brunner
12e64e5cf4
libimcv: Use proper printf specifier for unsigned issuer and responder IDs
2019-05-08 14:48:54 +02:00
Tobias Brunner
994cff3fac
swima-collector: Use proper type for field precision
2019-05-08 14:48:54 +02:00
Tobias Brunner
02b348403a
Fixed some typos, courtesy of codespell
2019-04-29 15:09:20 +02:00
Tobias Brunner
0f193be23d
libimcv: Add Debian 9.7 to IMV database
2019-01-30 12:26:19 +01:00
Andreas Steffen
77e4a420c3
libimcv: Updated openssl version in IMV database
2018-12-09 19:53:05 +01:00
Tobias Brunner
babb979e42
libimcv: Add Debian 9.5 and 9.6 to IMV database
2018-11-21 14:32:24 +01:00
Tobias Brunner
de80946f6a
Remove useless break statements
2018-11-12 17:36:22 +01:00
Tobias Brunner
f1889ca34a
imv-attestation: Don't use comma to separate statements
2018-09-17 18:51:43 +02:00
Tobias Brunner
f0d34f32a7
imv-agent: Don't use comma to separate statements
2018-09-17 18:51:43 +02:00
Tobias Brunner
1295558ab3
imv-os-agent: Remove useless assignment
...
`eval` will never be TNC_IMV_EVALUATION_RESULT_DONT_KNOW so we can
remove the if statement too.
2018-09-17 18:51:42 +02:00
Tobias Brunner
ddc797686f
pts: Remove commented call of inexistent function
2018-09-17 18:51:42 +02:00
Tobias Brunner
2ff4983adc
libimcv: Fix Android.mk
2018-08-10 10:10:00 +02:00
Andreas Steffen
731e043c8e
libimcv: Reset of IMC state for new measurement cycle
2018-08-01 15:44:49 +02:00
Andreas Steffen
25973c0350
libimcv: Reset of IMV state for new measurement cycle
2018-08-01 15:44:49 +02:00
Andreas Steffen
37c12f98b0
imv-swima: Support subscriptions
2018-07-30 12:06:34 +02:00
Andreas Steffen
f649a13cc6
imc-swima: Support subscriptions
2018-07-29 10:37:36 +02:00
Andreas Steffen
ff9bac6ab8
libimcv: Missing comma in pa_tnc_error_code_names
2018-07-24 22:49:45 +02:00
Andreas Steffen
5fbb8b6a4a
libimcv: Added Debian 8.11 and Ubunut 18.04 to IMV database
2018-07-19 14:11:44 +02:00
Andreas Steffen
782344e5e5
libimcv: Prevent integer overflow in time conversion
2018-06-18 11:04:53 +02:00
Andreas Steffen
2a26566ed3
libimcv: Implementation of RFC 8412 SWIMA
2018-06-12 21:47:40 +02:00
Andreas Steffen
27ec213d0b
libimcv: Added reserved field in SWIMA Inventory encoding
2018-06-12 21:47:40 +02:00
Andreas Steffen
cd6e45817e
libimcv: Fixed processing of PTS Request File Metadata
2018-06-12 21:47:39 +02:00
Andreas Steffen
0a3c89a053
libimcv: Removed whitespace
2018-06-12 21:47:39 +02:00
Andreas Steffen
66b9287cd5
libimcv: Fixed processing of PTS Simple Component Evidence
2018-06-12 21:47:39 +02:00
Andreas Steffen
a31f9b7691
libimcv: Removed TCG SWID IMC/IMV support
2018-06-12 21:47:39 +02:00
Andreas Steffen
eccd2b6e09
libimcv: SWIMA SW locator must be file URI
2018-06-12 17:53:06 +02:00
Andreas Steffen
0b445a5c54
libimcv: Updated IANA numbers assigned to SWIMA
2018-06-12 17:53:06 +02:00
Tobias Brunner
89bd016ef4
Fixed some typos, courtesy of codespell
2018-05-23 16:33:02 +02:00
Tobias Brunner
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
Andreas Steffen
43a1839cbc
libimcv: Added inactive field to device database table
2018-04-27 12:42:29 +02:00