tnc_compliance_funcs.c

linux 下通过802.1认证的安装包

	liblist_delete_list((genlist **)&batch_ptr, (node_delete_func)&tnc_compliance_funcs_delete_node);

	return TNC_RESULT_SUCCESS;
}

/**
 * \brief Send a "single-shot" batch.
 * 
 * @param[in] imcID  The ID of the IMC requesting the addition to the batch.
 * @param[in] connectionID   The connection ID requesting that the data be sent.
 * @param[in] oui   The OUI number assigned to the IMC's developer company by IANA.
 * @param[in] parent_msg   The "parent" message type to send to the UI.
 * @param[in] msg   A message id provided by the IMC that will let the UI know to expect
 *                  a batch of messages.  (Must be unique!!)
 * @param[in] cb   The callback to call when the UI responds.  (If this is NULL then no callback
 *                 is expected.)
 *
 * \todo  Clean this up!
 *
 * \retval 0 on success
 * \retval !=0 on failure
 **/
TNC_UInt32 TNC_28383_TNCC_Single_Shot_Batch(TNC_IMCID imcID, TNC_ConnectionID connectionID, TNC_UInt32 oui,
											TNC_UInt32 parent_msg, TNC_UInt32 msg, TNC_BufferReference attr, callback *cb)
{
	tnc_msg_batch *ss_batch = NULL;
	tnc_msg_batch *cur = NULL;

	cur = Malloc(sizeof(tnc_msg_batch));
	if (cur == NULL)
	{
		debug_printf(DEBUG_NORMAL, "Couldn't allocate memory to store new TNC UI message batch node.\n");
		return TNC_RESULT_FATAL;
	}

	cur->imcID = imcID;
	cur->connectionID = connectionID;
	cur->msgid = msg;
	cur->oui = oui;
	cur->parameter = _strdup(attr);
	cur->next = NULL;

	liblist_add_to_head((genlist **)&ss_batch, (genlist *)cur);

	if (tnc_compliance_callbacks_add(imcID, connectionID, oui, parent_msg, cb) != 0)
	{
		debug_printf(DEBUG_NORMAL, "Couldn't add the callback needed to get an answer from the TNC "
				"batch message.\n");
		return TNC_RESULT_FATAL;	
	}

	ipc_events_send_tnc_batch(ss_batch, imcID, connectionID, oui, parent_msg);

	liblist_delete_list((genlist **)&ss_batch, (node_delete_func)&tnc_compliance_funcs_delete_node);

	return TNC_RESULT_SUCCESS;
}

/**
 * \brief Allow the IMC to forward an error message up to the UI.  The IMCs should do
 *        this sparingly, since proper behvaior for the type of message being sent is to
 *        pop up a window to display to the user.
 *
 * @param[in] imcID   The ID of the IMC that is requesting we send an error message.
 * @param[in] connectionID   The ID of the connection that is sending the error message.
 * @param[in] errMsg   A string that contains the error message that we want to pass up to the UI.
 *
 **/
void TNC_28383_TNCC_Send_Error_Message(TNC_IMCID imcID, TNC_ConnectionID connectionID, char *errMsg)
{
	ipc_events_error(NULL, IPC_EVENT_ERROR_TEXT, errMsg);
}

/**
 * \brief Find the context for the given Connection ID/IMC ID
 * @param[out] ctx The context.  NULL if the context wasn't found. 
 * @param[in] imcID The ID of the IMC that the connection belongs to.
 * @param[in] connectionID The ID of the connection in question.
 *
 **/
TNC_UInt32 find_context_for_imc_id_and_connection(context **ctx, TNC_IMCID imcID, TNC_ConnectionID connectionID)
{
	event_core_reset_locator();

	(*ctx) = event_core_get_next_context();
	while ((*ctx) != NULL)
	{
		if ((*ctx)->tnc_connID == connectionID)
		{
			break;
		}
		(*ctx) = event_core_get_next_context();
	}

	if((*ctx) == NULL)
	{
		return TNC_RESULT_OTHER;
	}

	return TNC_RESULT_SUCCESS;
}

/**
 * \brief Allow the IMC to request that the supplicant drop the connection
 *        and reauthenticate.
 *
 * @param[in] imcID  The ID of the IMC that is requesting the connection reset.
 * @param[in] connectionID  The ID of the connection that we are supposed to reset.
 *
 * \retval TNC_UInt32 success/failure of the request to reset.
 **/
TNC_UInt32 TNC_28383_TNCC_Reset_Connection(TNC_IMCID imcID, TNC_ConnectionID connectionID)
{
	context *ctx = NULL;

	debug_printf(DEBUG_NORMAL, "IMC %d has requested that we reset the connection for ID %d.\n", imcID, connectionID);

	if(find_context_for_imc_id_and_connection(&ctx, imcID, connectionID) == TNC_RESULT_SUCCESS)
	{
		// We found it!
		if (ctx->intType == ETH_802_11_INT)
		{
			// Send a logoff, and disassociate.
			txLogoff(ctx);
			cardif_disassociate(ctx, 0);  

			debug_printf(DEBUG_PHYSICAL_STATE, "!!!!! Bypassing scanning phase!\n");
			wireless_sm_change_state(ASSOCIATING, ctx);
		}
		else
		{
			// It is wired, so just send a logoff.
			txLogoff(ctx);
		}

		// Set the authentication counter back to 0.
		// This causes a DHCP release/renew to happen
		// on the next successful authentication
		// Which is probably what is desired since
		// the user is likely to be placed on a new VLAN
		// in the cases where a TNC IMC requests a connection reset
		ctx->auths = 0;
	}
	else
	{
		debug_printf(DEBUG_NORMAL, "Unable to reset connection because we couldn't find the context!\n");
		return TNC_RESULT_OTHER;
	}

	return TNC_RESULT_SUCCESS;
}

/**
 * \brief Allow the IMC to request that the supplicant renew DHCP for the connection specified.
 *
 * @param[in] imcID  The ID of the IMC that is requesting the connection renewal.
 * @param[in] connectionID  The ID of the connection that we are supposed to renew.
 *
 * \retval TNC_UInt32 success/failure of the request to renew DHCP.
 **/
XSUP_OUI_API TNC_UInt32 TNC_28383_TNCC_Renew_DHCP(TNC_IMCID imcID, TNC_ConnectionID connectionID)
{
	context *ctx = NULL;

	debug_printf(DEBUG_NORMAL, "IMC %d has requested DHCP renew for connection ID %d.\n", imcID, connectionID);

	if(find_context_for_imc_id_and_connection(&ctx, imcID, connectionID) == TNC_RESULT_SUCCESS)
	{
		// Set the authentication counter back to 0.
		// This causes a DHCP release/renew to happen
		// on the next successful authentication
		// Which is probably what is desired since
		// the user is likely to be placed on a new VLAN
		// in the cases where a TNC IMC requests a DHCP renew
		ctx->auths = 0;
	}
	else
	{
		debug_printf(DEBUG_NORMAL, "Unable to renew DHCP because we couldn't find the context!\n");
		return TNC_RESULT_OTHER;
	}

	return TNC_RESULT_SUCCESS;
}

/**
 * \brief Allow the IMC to register a call to be notified when a user logs in.
 *        
 *
 * @param[in] callback The callback to register.
 *
 * \retval TNC_UInt32 success/failure of the registration request.
 **/
XSUP_OUI_API TNC_UInt32 TNC_28383_TNCC_Set_User_Logon_Callback(void *callback)
{
	//debug_printf(DEBUG_NORMAL, ">>* Setting user callback function!\n");
	if (callback == NULL) debug_printf(DEBUG_NORMAL, "An IMC attempted to set a NULL callback function in %s!\n", __FUNCTION__);
	return event_core_register_imc_logon_callback(callback);
}

/**
 * \brief Allow the IMC to register a call to be notified when a connection changes from authenticated state.
 *        
 *
 * @param[in] callback The callback to register.
 *
 * \retval TNC_UInt32 success/failure of the registration request.
 **/
XSUP_OUI_API TNC_UInt32 TNC_28383_TNCC_Set_Disconnect_Callback(void *callback)
{
	//debug_printf(DEBUG_NORMAL, ">>* Setting user callback function!\n");
	if (callback == NULL) debug_printf(DEBUG_NORMAL, "An IMC attempted to set a NULL callback function in %s!\n", __FUNCTION__);
	return event_core_register_disconnect_callback(callback);
}

/**
 * \brief Allow the IMC to register a call to be notified when the UI connects to the engine.
 *        
 *
 * @param[in] callback The callback to register.
 *
 * \retval TNC_UInt32 success/failure of the registration request.
 **/
XSUP_OUI_API TNC_UInt32 TNC_28383_TNCC_Set_UI_Connect_Callback(void *callback)
{
	debug_printf(DEBUG_NORMAL, ">>* Setting UI Connect function!\n");
	if (callback == NULL) debug_printf(DEBUG_NORMAL, "An IMC attempted to set a NULL callback function in %s!\n", __FUNCTION__);
	return event_core_register_ui_connect_callback(callback);
}

#endif //HAVE_TNC