Hardcopy Device Integrity Measurement Collector¶
- Table of contents
- Hardcopy Device Integrity Measurement Collector
Configuration of HCD IMC¶
The /etc/strongswan.conf configuration file of the hardcopy device carol restricts the maximum PB-TNC batch size to 16'370 bytes and as a consequence the PA-TNC message size to 16'338 bytes.
The simulation is running on a Debian virtual KVM host but some operating system parameters can be manually set in libimcv.os_info section to emulate an embedded hardcopy device.
The PA-TNC attributes of the Hardcopy Device Integrity Measurement Collectore (HCD-IMC) are defined in the libimcv.plugins.imc-hcd section of /etc/strongswan.conf:
charon { load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown plugins { eap-ttls { max_message_count = 0 } eap-tnc { max_message_count = 0 } tnccs-20 { max_batch_size = 16370 max_message_size = 16338 } } } libimcv { os_info { name = strongPrint OS version = 1.0 default_password_enabled = yes } plugins { imc-hcd { push_info = no subtypes { system { attributes_natural_language = en machine_type_model = strongPrint Laser X.509a vendor_name = ITA-HSR vendor_smi_code = 36906 pstn_fax_enabled = yes time_source = 0.ch.pool.ntp.org user_application_enabled = yes user_application_persistence_enabled = no firmware { fw-1 { name = Firmware ABC patches = "security patch 2014-05-08\r\nupgrade 2014-08-16\r\nsecurity patch 2015-3-22\r\n" string_version = 1.0.7 version = 00000001000000000000000700000000 } fw-2 { name = Firmware UVW string_version = 13.8.5 version = 0000000D000000080000000500000000 } } resident_application { resident-app-1 { name = Resident App XYZ patches = "xmas patch 2014-12-24\r\nservice patch 2015-05-22\r\n" string_version = 2.5 version = 00000002000000050000000000000000 } } user_application { user-app-1 { name = My Java Photo App patches = string_version = 5.2.3.8.1 version = 00000005000000020000000300080001 } user-app-2 { name = Print Your Dinosaur! patches = string_version = 1.0 version = 00000001000000000000000000000000 } user-app-3 { name = Label Everything App patches = string_version = 7.5.8.2.3 version = 00000007000000050000000800020003 } } certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf } console { attributes_natural_language = ru } marker { attributes_natural_language = fr } finisher { attributes_natural_language = de } interface { attributes_natural_language = en resident_application { resident-app-if { name = Resident App Interface+ patches = "service patch 2015-02-09\r\n" string_version = 2.5 version = 00000002000000050000000000000000 } } } scanner { attributes_natural_language = en firmware { fw-scanner { name = Scanner Firmware patches = "security patch 2013-08-11\r\nsecurity patch 2015-5-30\r\n" string_version = 2.5.3 version = 00000002000000050000000300000000 } } user_application { user-app-scanner { name = EasyScan patches = string_version = 2.2.3.5.7 version = 00000002000000020000000300050007 } } } } } } }
Setting up PT-EAP connection from device carol¶
The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.
Aug 4 17:24:13 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr3, Linux 4.1.3, x86_64) Aug 4 17:24:13 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' Aug 4 17:24:13 carol charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem' Aug 4 17:24:13 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' Aug 4 17:24:13 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' Aug 4 17:24:13 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' Aug 4 17:24:13 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' Aug 4 17:24:13 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets' Aug 4 17:24:13 carol charon: 00[CFG] loaded EAP secret for carol
Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard Operating System PA subtype and the HCD IMC to the mandatory System and the five recommended Console, Marker, Finisher, Interface and Scanner PWG HCD PA subtypes.
Aug 4 17:24:13 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config' Aug 4 17:24:13 carol charon: 00[TNC] added IETF attributes Aug 4 17:24:13 carol charon: 00[TNC] added ITA-HSR attributes Aug 4 17:24:13 carol charon: 00[TNC] added PWG attributes Aug 4 17:24:13 carol charon: 00[TNC] added TCG attributes Aug 4 17:24:13 carol charon: 00[LIB] libimcv initialized Aug 4 17:24:13 carol charon: 00[IMC] IMC 1 "OS" initialized Aug 4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS' Aug 4 17:24:13 carol charon: 00[IMC] operating system version is '1.0' Aug 4 17:24:13 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001 Aug 4 17:24:13 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so' Aug 4 17:24:13 carol charon: 00[IMC] IMC 2 "HCD" initialized Aug 4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS' Aug 4 17:24:13 carol charon: 00[IMC] operating system version is '1.0' Aug 4 17:24:13 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032 Aug 4 17:24:13 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'
The VPN client loads the definition for the IPsec connection to the VPN gateway
Aug 4 17:24:13 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown Aug 4 17:24:13 carol charon: 00[JOB] spawning 16 worker threads Aug 4 17:24:13 carol charon: 05[CFG] received stroke: add connection 'home' Aug 4 17:24:13 carol charon: 05[CFG] added configuration 'home'
The VPN client carol starts the IKEv2 negotiation with the VPN gateway moon. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server alice located behind the VPN gateway.
Aug 4 17:24:14 carol charon: 10[CFG] received stroke: initiate 'home' Aug 4 17:24:14 carol charon: 04[IKE] initiating IKE_SA home[1] to 192.168.0.1 Aug 4 17:24:14 carol charon: 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ] Aug 4 17:24:14 carol charon: 04[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes) Aug 4 17:24:14 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes) Aug 4 17:24:14 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ] Aug 4 17:24:14 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:14 carol charon: 12[IKE] establishing CHILD_SA home Aug 4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ] Aug 4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes) Aug 4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes) Aug 4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] Aug 4 17:24:15 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" Aug 4 17:24:15 carol charon: 13[CFG] using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" Aug 4 17:24:15 carol charon: 13[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" Aug 4 17:24:15 carol charon: 13[CFG] fetching crl from 'http://crl.strongswan.org/strongswan.crl' ... Aug 4 17:24:15 carol charon: 13[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 13[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 13[CFG] crl is valid: until Sep 03 17:23:39 2015 Aug 4 17:24:15 carol charon: 13[CFG] certificate status is good Aug 4 17:24:15 carol charon: 13[CFG] reached self-signed root ca with a path length of 0 Aug 4 17:24:15 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful Aug 4 17:24:15 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol' Aug 4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ] Aug 4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes) Aug 4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes) Aug 4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 03[IKE] server requested EAP_TTLS authentication (id 0xCA) Aug 4 17:24:15 carol charon: 03[TLS] EAP_TTLS version is v0 Aug 4 17:24:15 carol charon: 03[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes) Aug 4 17:24:15 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes) Aug 4 17:24:15 carol charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes) Aug 4 17:24:15 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes) Aug 4 17:24:15 carol charon: 15[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 15[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA Aug 4 17:24:15 carol charon: 15[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org' Aug 4 17:24:15 carol charon: 15[CFG] using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" Aug 4 17:24:15 carol charon: 15[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" Aug 4 17:24:15 carol charon: 15[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 15[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Aug 4 17:24:15 carol charon: 15[CFG] crl is valid: until Sep 03 17:23:39 2015 Aug 4 17:24:15 carol charon: 15[CFG] using cached crl Aug 4 17:24:15 carol charon: 15[CFG] certificate status is good Aug 4 17:24:15 carol charon: 15[CFG] reached self-signed root ca with a path length of 0 Aug 4 17:24:15 carol charon: 15[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA Aug 4 17:24:15 carol charon: 15[TLS] no TLS peer certificate found for 'carol', skipping client authentication Aug 4 17:24:15 carol charon: 15[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes) Aug 4 17:24:15 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes) Aug 4 17:24:15 carol charon: 16[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID] Aug 4 17:24:15 carol charon: 16[IKE] server requested EAP_IDENTITY authentication (id 0x00) Aug 4 17:24:15 carol charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID] Aug 4 17:24:15 carol charon: 16[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes) Aug 4 17:24:15 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes) Aug 4 17:24:15 carol charon: 02[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5] Aug 4 17:24:15 carol charon: 02[IKE] server requested EAP_MD5 authentication (id 0x1B) Aug 4 17:24:15 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5] Aug 4 17:24:15 carol charon: 02[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes) Aug 4 17:24:15 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes) Aug 4 17:24:15 carol charon: 01[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] Aug 4 17:24:15 carol charon: 01[IKE] server requested EAP_PT_EAP authentication (id 0x33) Aug 4 17:24:15 carol charon: 01[TLS] EAP_PT_EAP version is v1
THE PB-TNC connection between TNC client and TNC server is established. The maximum size of a PA-TNC message is limited to 16338 bytes.
Aug 4 17:24:15 carol charon: 01[TNC] TNC client is handling outbound connection Aug 4 17:24:15 carol charon: 01[TNC] assigned TNCCS Connection ID 1 Aug 4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh Aug 4 17:24:15 carol charon: 01[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes Aug 4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh Aug 4 17:24:15 carol charon: 01[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes Aug 4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake' Aug 4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'
Sending standard OS attributes¶
The OS IMC retrieves information on the operating system
Aug 4 17:24:15 carol charon: 01[IMC] operating system numeric version is 1.0 Aug 4 17:24:15 carol charon: 01[IMC] last boot: Aug 04 17:24:00 UTC 2015, 15 s ago Aug 4 17:24:15 carol charon: 01[IMC] IPv4 forwarding is disabled Aug 4 17:24:15 carol charon: 01[IMC] factory default password is enabled Aug 4 17:24:15 carol charon: 01[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e
The OS IMC is sending operating system information using IETF standard attributes
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xfbbcb9bd Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 197 bytes @ 0x7b0b70 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 FB BC B9 BD 00 00 00 00 00 00 00 02 ................ Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50 .........strongP Aug 4 17:24:15 carol charon: 01[IMC] 32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00 rint OS......... Aug 4 17:24:15 carol charon: 01[IMC] 48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00 ....1.0......... Aug 4 17:24:15 carol charon: 01[IMC] 64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 01[IMC] 80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 ................ Aug 4 17:24:15 carol charon: 01[IMC] 96: 24 03 01 00 00 32 30 31 35 2D 30 38 2D 30 34 54 $....2015-08-04T Aug 4 17:24:15 carol charon: 01[IMC] 112: 31 37 3A 32 34 3A 30 30 5A 00 00 00 00 00 00 00 17:24:00Z....... Aug 4 17:24:15 carol charon: 01[IMC] 128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 01[IMC] 144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00 ............*... Aug 4 17:24:15 carol charon: 01[IMC] 160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63 ....,79433e32cfc Aug 4 17:24:15 carol charon: 01[IMC] 176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66 1d0d3e7a637c954f Aug 4 17:24:15 carol charon: 01[IMC] 192: 30 38 37 30 65 0870e Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
Sending basic HCD attributes¶
The HCD IMC is retrieving attributes for PA subtype PWG/HCD System. Since push_info = no was set in the imc-hcd plugin section of strongswan.conf no large
Firmware, UserApplication or ResidentApplication quadruples are sent without an explict attribute request from the HCD IMV.
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD System Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: en Aug 4 17:24:15 carol charon: 01[IMC] HCD DefaultPasswordEnabled: yes Aug 4 17:24:15 carol charon: 01[IMC] HCD ForwardingEnabled: disabled Aug 4 17:24:15 carol charon: 01[IMC] HCD MachineTypeModel: strongPrint Laser X.509a Aug 4 17:24:15 carol charon: 01[IMC] HCD PSTNFaxEnabled: yes Aug 4 17:24:15 carol charon: 01[IMC] HCD TimeSource: 0.ch.pool.ntp.org Aug 4 17:24:15 carol charon: 01[IMC] HCD VendorName: ITA-HSR Aug 4 17:24:15 carol charon: 01[IMC] HCD VendorSMICode: 0x00902a (36906) Aug 4 17:24:15 carol charon: 01[IMC] HCD UserApplicationEnabled: yes Aug 4 17:24:15 carol charon: 01[IMC] HCD UserApplicationPersistenceEnabled: no
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD System
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x7add7208 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 202 bytes @ 0x7b2c70 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 7A DD 72 08 00 00 0A 8B 00 00 00 01 ....z.r......... Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00 ....en.......... Aug 4 17:24:15 carol charon: 01[IMC] 32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00 ................ Aug 4 17:24:15 carol charon: 01[IMC] 48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00 ................ Aug 4 17:24:15 carol charon: 01[IMC] 64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61 .$strongPrint La Aug 4 17:24:15 carol charon: 01[IMC] 80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00 ser X.509a...... Aug 4 17:24:15 carol charon: 01[IMC] 96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .(.............. Aug 4 17:24:15 carol charon: 01[IMC] 112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E .2....0.ch.pool. Aug 4 17:24:15 carol charon: 01[IMC] 128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00 ntp.org......... Aug 4 17:24:15 carol charon: 01[IMC] 144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00 ...ITA-HSR...... Aug 4 17:24:15 carol charon: 01[IMC] 160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00 .........*...... Aug 4 17:24:15 carol charon: 01[IMC] 176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .h.............. Aug 4 17:24:15 carol charon: 01[IMC] 192: 00 69 00 00 00 10 00 00 00 00 .i........ Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
The HCD IMC is retrieving attributes for PA subtype PWG/HCD Console
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Console Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: ru
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Console
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xc08b37ea Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7a6de0 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 C0 8B 37 EA 00 00 0A 8B 00 00 00 01 ......7......... Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 72 75 ....ru Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
The HCD IMC is retrieving attributes for PA subtype PWG/HCD Marker
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Marker Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: fr
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Marker
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xba97337a Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b3e20 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 BA 97 33 7A 00 00 0A 8B 00 00 00 01 ......3z........ Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 66 72 ....fr Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
The HCD IMC is retrieving attributes for PA subtype PWG/HCD Finisher
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Finisher Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: de
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Finisher
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x649b1045 Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b1320 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 64 9B 10 45 00 00 0A 8B 00 00 00 01 ....d..E........ Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 64 65 ....de Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
The HCD IMC is retrieving attributes for PA subtype PWG/HCD Interface
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Interface Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: en
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Interface
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xa55e5dcb Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b2a10 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 A5 5E 5D CB 00 00 0A 8B 00 00 00 01 .....^]......... Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 65 6E ....en Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
The HCD IMC is retrieving attributes for PA subtype PWG/HCD Scanner
Aug 4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Scanner Aug 4 17:24:15 carol charon: 01[IMC] HCD AttributesNaturalLanguage: en
The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Scanner
Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x9b793f7a Aug 4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001 Aug 4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b0a90 Aug 4 17:24:15 carol charon: 01[IMC] 0: 01 00 00 00 9B 79 3F 7A 00 00 0A 8B 00 00 00 01 .....y?z........ Aug 4 17:24:15 carol charon: 01[IMC] 16: 00 00 00 0E 65 6E ....en Aug 4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
The first Client Data PB-TNC batch is sent to the TNC server
Aug 4 17:24:15 carol charon: 01[TNC] PB-TNC state transition from 'Init' to 'Server Working' Aug 4 17:24:15 carol charon: 01[TNC] creating PB-TNC CDATA batch Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-Language-Preference message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 01[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1 Aug 4 17:24:15 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] Aug 4 17:24:15 carol charon: 01[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)
Sending HCD quadruples upon request¶
In response a Server Data PB-TNC batch is received
Aug 4 17:24:15 carol charon: 05[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes) Aug 4 17:24:15 carol charon: 05[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] Aug 4 17:24:15 carol charon: 05[TNC] received TNCCS batch (602 bytes) Aug 4 17:24:15 carol charon: 05[TNC] TNC client is handling inbound connection Aug 4 17:24:15 carol charon: 05[TNC] processing PB-TNC SDATA batch for Connection ID 1 Aug 4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Aug 4 17:24:15 carol charon: 05[TNC] processing TCG/PB-PDP-Referral message (42 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (112 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes) Aug 4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes) Aug 4 17:24:15 carol charon: 05[TNC] PDP server 'aaa.strongswan.org' is listening on port 271
The first PA-TNC message of subtype PWG/HCD System contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005 Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 88 bytes @ 0x7b4ce0 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 86 16 79 E2 00 00 55 97 00 00 00 21 ......y...U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15 .......<........ Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50 .......<.......P Aug 4 17:24:15 carol charon: 05[IMC] 64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8 .......d........ Aug 4 17:24:15 carol charon: 05[IMC] 80: 00 00 0A 8B 00 00 00 C9 ........ Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x861679e2 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000015 'PWG/HCD FirewallSetting' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x000000c8 'PWG/HCD CertificationState' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005 Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[IMC] --- fw-1 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareName: Firmware ABC Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwarePatches: Aug 4 17:24:15 carol charon: 05[IMC] security patch 2014-05-08#015 Aug 4 17:24:15 carol charon: 05[IMC] upgrade 2014-08-16#015 Aug 4 17:24:15 carol charon: 05[IMC] security patch 2015-3-22#015
Aug 4 17:24:15 carol charon: 05[IMC] --- fw-2 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareName: Firmware UVW Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwarePatches: Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareStringVersion: 13.8.5 Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00
Aug 4 17:24:15 carol charon: 05[IMC] --- resident-app-1 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationName: Resident App XYZ Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] xmas patch 2014-12-24#015 Aug 4 17:24:15 carol charon: 05[IMC] service patch 2015-05-22#015 Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationStringVersion: 2.5 Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
Aug 4 17:24:15 carol charon: 05[IMC] --- user-app-1 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationName: My Java Photo App Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationStringVersion: 5.2.3.8.1 Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01
Aug 4 17:24:15 carol charon: 05[IMC] --- user-app-2 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationName: Print Your Dinosaur! Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationStringVersion: 1.0 Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00
Aug 4 17:24:15 carol charon: 05[IMC] --- user-app-3 --- Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationName: Label Everything App Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationStringVersion: 7.5.8.2.3 Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationVersion: 00:00:00:07:00:00:00:05:00:00:00:08:00:02:00:03
Aug 4 17:24:15 carol charon: 05[IMC] HCD CertificationState: => 32 bytes @ 0x7b7d50 Aug 4 17:24:15 carol charon: 05[IMC] 0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F ................ Aug 4 17:24:15 carol charon: 05[IMC] 16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F ................ Aug 4 17:24:15 carol charon: 05[IMC] HCD ConfigurationState: => 48 bytes @ 0x7b96f0 Aug 4 17:24:15 carol charon: 05[IMC] 0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF ................ Aug 4 17:24:15 carol charon: 05[IMC] 16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF ................
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xc1018e8f Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 770 bytes @ 0x7becc0 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 C1 01 8E 8F 00 00 55 97 00 00 00 22 ..........U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B ..........?..... Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65 ...<....Firmware Aug 4 17:24:15 carol charon: 05[IMC] 48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 55 ABC.......=...U Aug 4 17:24:15 carol charon: 05[IMC] 64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 security patch 2 Aug 4 17:24:15 carol charon: 05[IMC] 80: 30 31 34 2D 30 35 2D 30 38 0D 0A 75 70 67 72 61 014-05-08..upgra Aug 4 17:24:15 carol charon: 05[IMC] 96: 64 65 20 32 30 31 34 2D 30 38 2D 31 36 0D 0A 73 de 2014-08-16..s Aug 4 17:24:15 carol charon: 05[IMC] 112: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30 ecurity patch 20 Aug 4 17:24:15 carol charon: 05[IMC] 128: 31 35 2D 33 2D 32 32 0D 0A 00 00 0A 8B 00 00 00 15-3-22......... Aug 4 17:24:15 carol charon: 05[IMC] 144: 3E 00 00 00 11 31 2E 30 2E 37 00 00 0A 8B 00 00 >....1.0.7...... Aug 4 17:24:15 carol charon: 05[IMC] 160: 00 3F 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 .?.............. Aug 4 17:24:15 carol charon: 05[IMC] 176: 00 07 00 00 00 00 00 00 0A 8B 00 00 00 3C 00 00 .............<.. Aug 4 17:24:15 carol charon: 05[IMC] 192: 00 18 46 69 72 6D 77 61 72 65 20 55 56 57 00 00 ..Firmware UVW.. Aug 4 17:24:15 carol charon: 05[IMC] 208: 0A 8B 00 00 00 3D 00 00 00 0C 00 00 0A 8B 00 00 .....=.......... Aug 4 17:24:15 carol charon: 05[IMC] 224: 00 3E 00 00 00 12 31 33 2E 38 2E 35 00 00 0A 8B .>....13.8.5.... Aug 4 17:24:15 carol charon: 05[IMC] 240: 00 00 00 3F 00 00 00 1C 00 00 00 0D 00 00 00 08 ...?............ Aug 4 17:24:15 carol charon: 05[IMC] 256: 00 00 00 05 00 00 00 00 00 00 0A 8B 00 00 00 50 ...............P Aug 4 17:24:15 carol charon: 05[IMC] 272: 00 00 00 1C 52 65 73 69 64 65 6E 74 20 41 70 70 ....Resident App Aug 4 17:24:15 carol charon: 05[IMC] 288: 20 58 59 5A 00 00 0A 8B 00 00 00 51 00 00 00 3D XYZ.......Q...= Aug 4 17:24:15 carol charon: 05[IMC] 304: 78 6D 61 73 20 70 61 74 63 68 20 32 30 31 34 2D xmas patch 2014- Aug 4 17:24:15 carol charon: 05[IMC] 320: 31 32 2D 32 34 0D 0A 73 65 72 76 69 63 65 20 70 12-24..service p Aug 4 17:24:15 carol charon: 05[IMC] 336: 61 74 63 68 20 32 30 31 35 2D 30 35 2D 32 32 0D atch 2015-05-22. Aug 4 17:24:15 carol charon: 05[IMC] 352: 0A 00 00 0A 8B 00 00 00 52 00 00 00 0F 32 2E 35 ........R....2.5 Aug 4 17:24:15 carol charon: 05[IMC] 368: 00 00 0A 8B 00 00 00 53 00 00 00 1C 00 00 00 02 .......S........ Aug 4 17:24:15 carol charon: 05[IMC] 384: 00 00 00 05 00 00 00 00 00 00 00 00 00 00 0A 8B ................ Aug 4 17:24:15 carol charon: 05[IMC] 400: 00 00 00 64 00 00 00 1D 4D 79 20 4A 61 76 61 20 ...d....My Java Aug 4 17:24:15 carol charon: 05[IMC] 416: 50 68 6F 74 6F 20 41 70 70 00 00 0A 8B 00 00 00 Photo App....... Aug 4 17:24:15 carol charon: 05[IMC] 432: 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 e...........f... Aug 4 17:24:15 carol charon: 05[IMC] 448: 15 35 2E 32 2E 33 2E 38 2E 31 00 00 0A 8B 00 00 .5.2.3.8.1...... Aug 4 17:24:15 carol charon: 05[IMC] 464: 00 67 00 00 00 1C 00 00 00 05 00 00 00 02 00 00 .g.............. Aug 4 17:24:15 carol charon: 05[IMC] 480: 00 03 00 08 00 01 00 00 0A 8B 00 00 00 64 00 00 .............d.. Aug 4 17:24:15 carol charon: 05[IMC] 496: 00 20 50 72 69 6E 74 20 59 6F 75 72 20 44 69 6E . Print Your Din Aug 4 17:24:15 carol charon: 05[IMC] 512: 6F 73 61 75 72 21 00 00 0A 8B 00 00 00 65 00 00 osaur!.......e.. Aug 4 17:24:15 carol charon: 05[IMC] 528: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 0F 31 2E .........f....1. Aug 4 17:24:15 carol charon: 05[IMC] 544: 30 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 00 00 0.......g....... Aug 4 17:24:15 carol charon: 05[IMC] 560: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A ................ Aug 4 17:24:15 carol charon: 05[IMC] 576: 8B 00 00 00 64 00 00 00 20 4C 61 62 65 6C 20 45 ....d... Label E Aug 4 17:24:15 carol charon: 05[IMC] 592: 76 65 72 79 74 68 69 6E 67 20 41 70 70 00 00 0A verything App... Aug 4 17:24:15 carol charon: 05[IMC] 608: 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 00 00 ....e........... Aug 4 17:24:15 carol charon: 05[IMC] 624: 66 00 00 00 15 37 2E 35 2E 38 2E 32 2E 33 00 00 f....7.5.8.2.3.. Aug 4 17:24:15 carol charon: 05[IMC] 640: 0A 8B 00 00 00 67 00 00 00 1C 00 00 00 07 00 00 .....g.......... Aug 4 17:24:15 carol charon: 05[IMC] 656: 00 05 00 00 00 08 00 02 00 03 00 00 0A 8B 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 672: 00 C8 00 00 00 2C 00 01 02 03 04 05 06 07 08 09 .....,.......... Aug 4 17:24:15 carol charon: 05[IMC] 688: 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19 ................ Aug 4 17:24:15 carol charon: 05[IMC] 704: 1A 1B 1C 1D 1E 1F 00 00 0A 8B 00 00 00 C9 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 720: 00 3C F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD .<.............. Aug 4 17:24:15 carol charon: 05[IMC] 736: FE FF E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED ................ Aug 4 17:24:15 carol charon: 05[IMC] 752: EE EF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD ................ Aug 4 17:24:15 carol charon: 05[IMC] 768: DE DF .. Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
The next PA-TNC message of subtype PWG/HCD Console also contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004 Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7730 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 F4 04 56 EE 00 00 55 97 00 00 00 21 ......V...U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......< Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf40456ee Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004 Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x0076a4b4 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b61e0 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 00 76 A4 B4 00 00 55 97 00 00 00 22 .....v....U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?. Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
The next PA-TNC message of subtype PWG/HCD Marker also contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 17 E7 9B 01 00 00 55 97 00 00 00 21 ..........U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......< Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x17e79b01 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x206fbf0c Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b4d10 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 20 6F BF 0C 00 00 55 97 00 00 00 22 .... o....U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?. Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
The next PA-TNC message of subtype PWG/HCD Finisher also contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 F8 29 1D 74 00 00 55 97 00 00 00 21 .....).t..U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......< Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf8291d74 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x9f1c93d6 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b6630 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 9F 1C 93 D6 00 00 55 97 00 00 00 22 ..........U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?. Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
The next PA-TNC message of subtype PWG/HCD Interface also contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028 Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7bef80 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 4A BC 71 FC 00 00 55 97 00 00 00 21 ....J.q...U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......< Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x4abc71fc Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028 Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[IMC] --- resident-app-if --- Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationName: Resident App Interface+ Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] service patch 2015-02-09#015 Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationStringVersion: 2.5 Aug 4 17:24:15 carol charon: 05[IMC] HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xcd4397f4 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 144 bytes @ 0x7b4ec0 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 CD 43 97 F4 00 00 55 97 00 00 00 22 .....C....U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B ..........?..... Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 50 00 00 00 23 52 65 73 69 64 65 6E 74 ...P...#Resident Aug 4 17:24:15 carol charon: 05[IMC] 48: 20 41 70 70 20 49 6E 74 65 72 66 61 63 65 2B 00 App Interface+. Aug 4 17:24:15 carol charon: 05[IMC] 64: 00 0A 8B 00 00 00 51 00 00 00 26 73 65 72 76 69 ......Q...&servi Aug 4 17:24:15 carol charon: 05[IMC] 80: 63 65 20 70 61 74 63 68 20 32 30 31 35 2D 30 32 ce patch 2015-02 Aug 4 17:24:15 carol charon: 05[IMC] 96: 2D 30 39 0D 0A 00 00 0A 8B 00 00 00 52 00 00 00 -09.........R... Aug 4 17:24:15 carol charon: 05[IMC] 112: 0F 32 2E 35 00 00 0A 8B 00 00 00 53 00 00 00 1C .2.5.......S.... Aug 4 17:24:15 carol charon: 05[IMC] 128: 00 00 00 02 00 00 00 05 00 00 00 00 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
The next PA-TNC message of subtype PWG/HCD Scanner also contains attribute requests for missing attributes
Aug 4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032 Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1 Aug 4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b8db0 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 CB B4 70 D2 00 00 55 97 00 00 00 21 ......p...U....! Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................ Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......< Aug 4 17:24:15 carol charon: 05[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xcbb470d2 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 Aug 4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName' Aug 4 17:24:15 carol charon: 05[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug 4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032 Aug 4 17:24:15 carol charon: 05[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes Aug 4 17:24:15 carol charon: 05[IMC] lowered maximum segment size to 16294 bytes
Aug 4 17:24:15 carol charon: 05[IMC] --- fw-scanner --- Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareName: Scanner Firmware Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwarePatches: Aug 4 17:24:15 carol charon: 05[IMC] security patch 2013-08-11#015 Aug 4 17:24:15 carol charon: 05[IMC] security patch 2015-5-30#015 Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareStringVersion: 2.5.3 Aug 4 17:24:15 carol charon: 05[IMC] HCD FirmwareVersion: 00:00:00:02:00:00:00:05:00:00:00:03:00:00:00:00
Aug 4 17:24:15 carol charon: 05[IMC] --- user-app-scanner --- Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationName: EasyScan Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationPatches: Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationStringVersion: 2.2.3.5.7 Aug 4 17:24:15 carol charon: 05[IMC] HCD UserApplicationVersion: 00:00:00:02:00:00:00:02:00:00:00:03:00:05:00:07
Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x6238a2db Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066 Aug 4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067 Aug 4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 247 bytes @ 0x7b9d60 Aug 4 17:24:15 carol charon: 05[IMC] 0: 01 00 00 00 62 38 A2 DB 00 00 55 97 00 00 00 22 ....b8....U...." Aug 4 17:24:15 carol charon: 05[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B ..........?..... Aug 4 17:24:15 carol charon: 05[IMC] 32: 00 00 00 3C 00 00 00 1C 53 63 61 6E 6E 65 72 20 ...<....Scanner Aug 4 17:24:15 carol charon: 05[IMC] 48: 46 69 72 6D 77 61 72 65 00 00 0A 8B 00 00 00 3D Firmware.......= Aug 4 17:24:15 carol charon: 05[IMC] 64: 00 00 00 41 73 65 63 75 72 69 74 79 20 70 61 74 ...Asecurity pat Aug 4 17:24:15 carol charon: 05[IMC] 80: 63 68 20 32 30 31 33 2D 30 38 2D 31 31 0D 0A 73 ch 2013-08-11..s Aug 4 17:24:15 carol charon: 05[IMC] 96: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30 ecurity patch 20 Aug 4 17:24:15 carol charon: 05[IMC] 112: 31 35 2D 35 2D 33 30 0D 0A 00 00 0A 8B 00 00 00 15-5-30......... Aug 4 17:24:15 carol charon: 05[IMC] 128: 3E 00 00 00 11 32 2E 35 2E 33 00 00 0A 8B 00 00 >....2.5.3...... Aug 4 17:24:15 carol charon: 05[IMC] 144: 00 3F 00 00 00 1C 00 00 00 02 00 00 00 05 00 00 .?.............. Aug 4 17:24:15 carol charon: 05[IMC] 160: 00 03 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00 .............d.. Aug 4 17:24:15 carol charon: 05[IMC] 176: 00 14 45 61 73 79 53 63 61 6E 00 00 0A 8B 00 00 ..EasyScan...... Aug 4 17:24:15 carol charon: 05[IMC] 192: 00 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 .e...........f.. Aug 4 17:24:15 carol charon: 05[IMC] 208: 00 15 32 2E 32 2E 33 2E 35 2E 37 00 00 0A 8B 00 ..2.2.3.5.7..... Aug 4 17:24:15 carol charon: 05[IMC] 224: 00 00 67 00 00 00 1C 00 00 00 02 00 00 00 02 00 ..g............. Aug 4 17:24:15 carol charon: 05[IMC] 240: 00 00 03 00 05 00 07 ....... Aug 4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
Aug 4 17:24:15 carol charon: 05[TNC] TNC client is handling outbound connection Aug 4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' Aug 4 17:24:15 carol charon: 05[TNC] creating PB-TNC CDATA batch Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message Aug 4 17:24:15 carol charon: 05[TNC] sending PB-TNC CDATA batch (1397 bytes) for Connection ID 1 Aug 4 17:24:15 carol charon: 05[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] Aug 4 17:24:15 carol charon: 05[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 05[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1100 bytes)
No more attributes to send¶
Aug 4 17:24:15 carol charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes) Aug 4 17:24:15 carol charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 11[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 11[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (524 bytes) Aug 4 17:24:15 carol charon: 04[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes) Aug 4 17:24:15 carol charon: 04[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 04[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] Aug 4 17:24:15 carol charon: 04[TNC] received TNCCS batch (8 bytes) Aug 4 17:24:15 carol charon: 04[TNC] TNC client is handling inbound connection Aug 4 17:24:15 carol charon: 04[TNC] processing PB-TNC SDATA batch for Connection ID 1 Aug 4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Aug 4 17:24:15 carol charon: 04[TNC] TNC client is handling outbound connection Aug 4 17:24:15 carol charon: 04[TNC] no client data to send, sending empty PB-TNC CDATA batch Aug 4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' Aug 4 17:24:15 carol charon: 04[TNC] creating PB-TNC CDATA batch Aug 4 17:24:15 carol charon: 04[TNC] sending PB-TNC CDATA batch (8 bytes) for Connection ID 1 Aug 4 17:24:15 carol charon: 04[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] Aug 4 17:24:15 carol charon: 04[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 04[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Receiving assessment result¶
Aug 4 17:24:15 carol charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (188 bytes) Aug 4 17:24:15 carol charon: 12[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] Aug 4 17:24:15 carol charon: 12[TNC] received TNCCS batch (40 bytes) Aug 4 17:24:15 carol charon: 12[TNC] TNC client is handling inbound connection Aug 4 17:24:15 carol charon: 12[TNC] processing PB-TNC RESULT batch for Connection ID 1 Aug 4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Decided' Aug 4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Assessment-Result message (16 bytes) Aug 4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Access-Recommendation message (16 bytes) Aug 4 17:24:15 carol charon: 12[TNC] PB-TNC assessment result is 'don't know' Aug 4 17:24:15 carol charon: 12[TNC] PB-TNC access recommendation is 'Access Denied' Aug 4 17:24:15 carol charon: 12[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'None' Aug 4 17:24:15 carol charon: 12[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'None' Aug 4 17:24:15 carol charon: 12[TNC] TNC client is handling outbound connection Aug 4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Decided' to 'End' Aug 4 17:24:15 carol charon: 12[TNC] creating PB-TNC CLOSE batch Aug 4 17:24:15 carol charon: 12[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1 Aug 4 17:24:15 carol charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] Aug 4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Aug 4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (140 bytes) Aug 4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ] Aug 4 17:24:15 carol charon: 13[TLS] received TLS close notify Aug 4 17:24:15 carol charon: 13[TLS] sending TLS close notify Aug 4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ] Aug 4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (140 bytes) Aug 4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes) Aug 4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 13 [ EAP/FAIL ] Aug 4 17:24:15 carol charon: 03[IKE] received EAP_FAILURE, EAP authentication failed Aug 4 17:24:15 carol charon: 03[ENC] generating INFORMATIONAL request 14 [ N(AUTH_FAILED) ] Aug 4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Aug 4 17:24:15 carol charon: 03[TNC] TODO: setup PT-TLS connection to aaa.strongswan.org:271 Aug 4 17:24:15 carol charon: 03[IMC] IMC 1 "OS" deleted the state of Connection ID 1 Aug 4 17:24:15 carol charon: 03[IMC] IMC 2 "HCD" deleted the state of Connection ID 1 Aug 4 17:24:15 carol charon: 03[TNC] removed TNCCS Connection ID 1
Aug 4 17:24:59 carol charon: 00[DMN] signal of type SIGINT received. Shutting down Aug 4 17:24:59 carol charon: 00[IMC] IMC 2 "HCD" terminated Aug 4 17:24:59 carol charon: 00[IMC] IMC 1 "OS" terminated Aug 4 17:24:59 carol charon: 00[TNC] removed IETF attributes Aug 4 17:24:59 carol charon: 00[TNC] removed ITA-HSR attributes Aug 4 17:24:59 carol charon: 00[TNC] removed PWG attributes Aug 4 17:24:59 carol charon: 00[TNC] removed TCG attributes Aug 4 17:24:59 carol charon: 00[LIB] libimcv terminated