Hardcopy Device Integrity Measurement Collector » History » Version 7
Version 6 (Andreas Steffen, 26.07.2015 11:22) → Version 7/22 (Andreas Steffen, 26.07.2015 11:23)
h1. Hardcopy Device Integrity Measurement Collector
The PA-TNC attributes of the HCD *carol* are defined in the *libimcv.plugins.imc-hcd* section of /etc/strongswan.conf:
<pre>
# /etc/strongswan.conf - strongSwan configuration file
charon {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
plugins {
eap-ttls {
max_message_count = 0
}
eap-tnc {
max_message_count = 0
}
tnccs-20 {
max_batch_size = 16370
max_message_size = 16338
}
}
}
libimcv {
os_info {
name = strongPrint OS
version = 1.0
default_password_enabled = yes
}
plugins {
imc-hcd {
push_info = no
subtypes {
system {
attributes_natural_language = en
machine_type_model = strongPrint Laser X.509a
vendor_name = ITA-HSR
vendor_smi_code = 36906
pstn_fax_enabled = yes
time_source = 0.ch.pool.ntp.org
user_application_enabled = yes
user_application_persistence_enabled = no
firmware {
fw-1 {
name = Firmware ABC
patches = "security patch 2014-05-08\nupgrade 2014-08-16\nsecurity patch 2015-3-22"
string_version = 1.0.7
version = 00000001000000000000000700000000
}
fw-2 {
name = Firmware UVW
string_version = 13.8.5
version = 0000000D000000080000000500000000
}
}
resident_application {
resident-app-1 {
name = Resident App XYZ
patches = "xmas patch 2014-12-24\nservice patch 2015-05-22"
string_version = 2.5
version = 00000002000000050000000000000000
}
}
user_application {
user-app-1 {
name = My Java Photo App
patches =
string_version = 5.2.3.8.1
version = 00000005000000020000000300080001
}
user-app-2 {
name = Print Your Dinosaur!
patches =
string_version = 1.0
version = 00000001000000000000000000000000
}
user-app-3 {
name = Label Everything App
patches =
string_version = 7.5.8.2.3
version = 0000000700000050000000800020003
}
}
certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf
}
console {
attributes_natural_language = ru
}
marker {
attributes_natural_language = fr
}
finisher {
attributes_natural_language = de
}
interface {
attributes_natural_language = en
resident_application {
resident-app-if {
name = Resident App Interface+
patches = "service patch 2015-02-09"
string_version = 2.5
version = 00000002000000050000000000000000
}
}
}
scanner {
attributes_natural_language = en
firmware {
fw-scanner {
name = Scanner Firmware
patches = "security patch 2013-08-11\nsecurity patch 2015-5-30"
string_version = 2.5.3
version = 00000002000000050000000300000000
}
}
user_application {
user-app-scanner {
name = EasyScan
patches =
string_version = 2.2.3.5.7
version = 00000002000000020000000300050007
}
}
}
}
}
}
}
</pre>
The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.
<pre>
Jul 25 16:12:40 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr1, Linux 4.0.9, x86_64)
Jul 25 16:12:40 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Jul 25 16:12:40 carol charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Jul 25 16:12:40 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Jul 25 16:12:40 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Jul 25 16:12:40 carol charon: 00[CFG] loaded EAP secret for carol
</pre>
Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard *Operating System* PA subtype and the HCD IMC to the mandatory *System* and the five recommended *Console*, *Marker*, *Finisher*, *Interface* and *Scanner* PWG HCD PA subtypes.
<pre>
Jul 25 16:12:40 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config'
Jul 25 16:12:40 carol charon: 00[TNC] added IETF attributes
Jul 25 16:12:40 carol charon: 00[TNC] added ITA-HSR attributes
Jul 25 16:12:40 carol charon: 00[TNC] added PWG attributes
Jul 25 16:12:40 carol charon: 00[TNC] added TCG attributes
Jul 25 16:12:40 carol charon: 00[LIB] libimcv initialized
Jul 25 16:12:40 carol charon: 00[IMC] IMC 1 "OS" initialized
Jul 25 16:12:40 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Jul 25 16:12:40 carol charon: 00[IMC] operating system version is '1.0'
Jul 25 16:12:40 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001
Jul 25 16:12:40 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so'
Jul 25 16:12:40 carol charon: 00[IMC] IMC 2 "HCD" initialized
Jul 25 16:12:40 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Jul 25 16:12:40 carol charon: 00[IMC] operating system version is '1.0'
Jul 25 16:12:40 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032
Jul 25 16:12:40 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'
</pre>
The VPN client loads the definition for the IPsec connection to the VPN gateway
<pre>
Jul 25 16:12:40 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
Jul 25 16:12:40 carol charon: 00[JOB] spawning 16 worker threads
Jul 25 16:12:40 carol charon: 09[CFG] received stroke: add connection 'home'
Jul 25 16:12:40 carol charon: 09[CFG] added configuration 'home'
</pre>
The VPN client *carol* starts the IKEv2 negotiation with the VPN gateway *moon*. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server *alice* located behind the VPN gateway.
<pre>
Jul 25 16:12:41 carol charon: 10[CFG] received stroke: initiate 'home'
Jul 25 16:12:41 carol charon: 03[IKE] initiating IKE_SA home[1] to 192.168.0.1
Jul 25 16:12:41 carol charon: 03[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Jul 25 16:12:41 carol charon: 03[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes)
Jul 25 16:12:41 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes)
Jul 25 16:12:41 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Jul 25 16:12:41 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 12[IKE] establishing CHILD_SA home
Jul 25 16:12:41 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ]
Jul 25 16:12:41 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes)
Jul 25 16:12:41 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes)
Jul 25 16:12:41 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Jul 25 16:12:41 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Jul 25 16:12:41 carol charon: 13[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] crl is valid: until Aug 24 16:12:17 2015
Jul 25 16:12:41 carol charon: 13[CFG] certificate status is good
Jul 25 16:12:41 carol charon: 13[CFG] reached self-signed root ca with a path length of 0
Jul 25 16:12:41 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful
Jul 25 16:12:41 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol'
Jul 25 16:12:41 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
Jul 25 16:12:41 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 14[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 14[IKE] server requested EAP_TTLS authentication (id 0xF0)
Jul 25 16:12:41 carol charon: 14[TLS] EAP_TTLS version is v0
Jul 25 16:12:41 carol charon: 14[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes)
Jul 25 16:12:41 carol charon: 15[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 15[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes)
Jul 25 16:12:41 carol charon: 16[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 16[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Jul 25 16:12:41 carol charon: 16[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'
Jul 25 16:12:41 carol charon: 16[CFG] using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
Jul 25 16:12:41 carol charon: 16[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
Jul 25 16:12:41 carol charon: 16[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] crl is valid: until Aug 24 16:12:17 2015
Jul 25 16:12:41 carol charon: 16[CFG] using cached crl
Jul 25 16:12:41 carol charon: 16[CFG] certificate status is good
Jul 25 16:12:41 carol charon: 16[CFG] reached self-signed root ca with a path length of 0
Jul 25 16:12:41 carol charon: 16[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA
Jul 25 16:12:41 carol charon: 16[TLS] no TLS peer certificate found for 'carol', skipping client authentication
Jul 25 16:12:41 carol charon: 16[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes)
Jul 25 16:12:41 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes)
Jul 25 16:12:41 carol charon: 02[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]
Jul 25 16:12:41 carol charon: 02[IKE] server requested EAP_IDENTITY authentication (id 0x00)
Jul 25 16:12:41 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]
Jul 25 16:12:41 carol charon: 02[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Jul 25 16:12:41 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 01[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Jul 25 16:12:41 carol charon: 01[IKE] server requested EAP_MD5 authentication (id 0x46)
Jul 25 16:12:41 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]
Jul 25 16:12:41 carol charon: 01[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 04[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)
Jul 25 16:12:41 carol charon: 04[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 04[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Jul 25 16:12:41 carol charon: 04[IKE] server requested EAP_PT_EAP authentication (id 0xBE)
Jul 25 16:12:41 carol charon: 04[TLS] EAP_PT_EAP version is v1
</pre>
THE PB-TNC connection between TNC client and TNC server is established. The maximum size of a PA-TNC message is limited to 16338 bytes.
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] TNC client is handling outbound connection
Jul 25 16:12:41 carol charon: 04[TNC] assigned TNCCS Connection ID 1
Jul 25 16:12:41 carol charon: 04[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Jul 25 16:12:41 carol charon: 04[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Jul 25 16:12:41 carol charon: 04[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Jul 25 16:12:41 carol charon: 04[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Jul 25 16:12:41 carol charon: 04[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake'
Jul 25 16:12:41 carol charon: 04[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'
</pre>
The OS IMC retrieves information on the operating system
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] operating system numeric version is 1.0
Jul 25 16:12:41 carol charon: 04[IMC] last boot: Jul 25 16:12:26 UTC 2015, 15 s ago
Jul 25 16:12:41 carol charon: 04[IMC] IPv4 forwarding is disabled
Jul 25 16:12:41 carol charon: 04[IMC] factory default password is enabled
Jul 25 16:12:41 carol charon: 04[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e
</pre>
The OS IMC is sending operating system information using IETF standard attributes
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x1c2fcae3
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 197 bytes @ 0x7b01d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 1C 2F CA E3 00 00 00 00 00 00 00 02 ...../..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50 .........strongP
Jul 25 16:12:41 carol charon: 04[IMC] 32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00 rint OS.........
Jul 25 16:12:41 carol charon: 04[IMC] 48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00 ....1.0.........
Jul 25 16:12:41 carol charon: 04[IMC] 64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 96: 24 03 01 00 00 32 30 31 35 2D 30 37 2D 32 35 54 $....2015-07-25T
Jul 25 16:12:41 carol charon: 04[IMC] 112: 31 36 3A 31 32 3A 32 36 5A 00 00 00 00 00 00 00 16:12:26Z.......
Jul 25 16:12:41 carol charon: 04[IMC] 128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00 ............*...
Jul 25 16:12:41 carol charon: 04[IMC] 160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63 ....,79433e32cfc
Jul 25 16:12:41 carol charon: 04[IMC] 176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66 1d0d3e7a637c954f
Jul 25 16:12:41 carol charon: 04[IMC] 192: 30 38 37 30 65 0870e
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
</pre>
The HCD IMC is retrieving attributes for PA subtype PWG/HCD System
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD System
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
Jul 25 16:12:41 carol charon: 04[IMC] HCD DefaultPasswordEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD ForwardingEnabled: disabled
Jul 25 16:12:41 carol charon: 04[IMC] HCD MachineTypeModel: strongPrint Laser X.509a
Jul 25 16:12:41 carol charon: 04[IMC] HCD PSTNFaxEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD TimeSource: 0.ch.pool.ntp.org
Jul 25 16:12:41 carol charon: 04[IMC] HCD VendorName: ITA-HSR
Jul 25 16:12:41 carol charon: 04[IMC] HCD VendorSMICode: 0x00902a (36906)
Jul 25 16:12:41 carol charon: 04[IMC] HCD UserApplicationEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD UserApplicationPersistenceEnabled: no
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x4b54dbfa
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 202 bytes @ 0x7b2370
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 4B 54 DB FA 00 00 0A 8B 00 00 00 01 ....KT..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00 ....en..........
Jul 25 16:12:41 carol charon: 04[IMC] 32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61 .$strongPrint La
Jul 25 16:12:41 carol charon: 04[IMC] 80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00 ser X.509a......
Jul 25 16:12:41 carol charon: 04[IMC] 96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .(..............
Jul 25 16:12:41 carol charon: 04[IMC] 112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E .2....0.ch.pool.
Jul 25 16:12:41 carol charon: 04[IMC] 128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00 ntp.org.........
Jul 25 16:12:41 carol charon: 04[IMC] 144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00 ...ITA-HSR......
Jul 25 16:12:41 carol charon: 04[IMC] 160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00 .........*......
Jul 25 16:12:41 carol charon: 04[IMC] 176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .h..............
Jul 25 16:12:41 carol charon: 04[IMC] 192: 00 69 00 00 00 10 00 00 00 00 .i........
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Console
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: ru
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x479c3ead
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b1500
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 47 9C 3E AD 00 00 0A 8B 00 00 00 01 ....G.>.........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 72 75 ....ru
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Marker
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: fr
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x5009e6e8
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7af030
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 50 09 E6 E8 00 00 0A 8B 00 00 00 01 ....P...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 66 72 ....fr
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Finisher
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: de
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x22540aee
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b28d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 22 54 0A EE 00 00 0A 8B 00 00 00 01 ...."T..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 64 65 ....de
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Interface
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x24f0da1d
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b17d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 24 F0 DA 1D 00 00 0A 8B 00 00 00 01 ....$...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E ....en
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Scanner
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x3a83eec4
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b2c70
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 3A 83 EE C4 00 00 0A 8B 00 00 00 01 ....:...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E ....en
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-TNC CDATA batch
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-Language-Preference message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1
Jul 25 16:12:41 carol charon: 04[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Jul 25 16:12:41 carol charon: 04[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 04[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes)
Jul 25 16:12:41 carol charon: 09[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Jul 25 16:12:41 carol charon: 09[TNC] received TNCCS batch (602 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] TNC client is handling inbound connection
Jul 25 16:12:41 carol charon: 09[TNC] processing PB-TNC SDATA batch for Connection ID 1
Jul 25 16:12:41 carol charon: 09[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Jul 25 16:12:41 carol charon: 09[TNC] processing TCG/PB-PDP-Referral message (42 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (112 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] PDP server 'aaa.strongswan.org' is listening on port 271
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 88 bytes @ 0x7b3ed0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 9D 9D 53 E5 00 00 55 97 00 00 00 21 ......S...U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15 .......<........
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50 .......<.......P
Jul 25 16:12:41 carol charon: 09[IMC] 64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8 .......d........
Jul 25 16:12:41 carol charon: 09[IMC] 80: 00 00 0A 8B 00 00 00 C9 ........
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x9d9d53e5
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000015 'PWG/HCD FirewallSetting'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x000000c8 'PWG/HCD CertificationState'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- fw-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareName: Firmware ABC
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwarePatches: security patch 2014-05-08
Jul 25 16:12:41 carol charon: 09[IMC] upgrade 2014-08-16
Jul 25 16:12:41 carol charon: 09[IMC] security patch 2015-3-22
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareStringVersion: 1.0.7
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareVersion: 00:00:00:01:00:00:00:00:00:00:00:07:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- fw-2 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareName: Firmware UVW
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwarePatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareStringVersion: 13.8.5
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- resident-app-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationName: Resident App XYZ
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationPatches: xmas patch 2014-12-24
Jul 25 16:12:41 carol charon: 09[IMC] service patch 2015-05-22
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationStringVersion: 2.5
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: My Java Photo App
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 5.2.3.8.1
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-2 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: Print Your Dinosaur!
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 1.0
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-3 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: Label Everything App
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 7.5.8.2.3
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:00:70:00:00:05:00:00:00:08:00:02:00:03
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] HCD CertificationState: => 32 bytes @ 0x7b7010
Jul 25 16:12:41 carol charon: 09[IMC] 0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F ................
Jul 25 16:12:41 carol charon: 09[IMC] 16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F ................
Jul 25 16:12:41 carol charon: 09[IMC] HCD ConfigurationState: => 48 bytes @ 0x7bbb40
Jul 25 16:12:41 carol charon: 09[IMC] 0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF ................
Jul 25 16:12:41 carol charon: 09[IMC] 16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF ................
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0xa4007712
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 763 bytes @ 0x7bdfb0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 A4 00 77 12 00 00 55 97 00 00 00 22 ......w...U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B ..........?.....
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65 ...<....Firmware
Jul 25 16:12:41 carol charon: 09[IMC] 48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 51 ABC.......=...Q
Jul 25 16:12:41 carol charon: 09[IMC] 64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 security patch 2
Jul 25 16:12:41 carol charon: 09[IMC] 80: 30 31 34 2D 30 35 2D 30 38 0A 75 70 67 72 61 64 014-05-08.upgrad
Jul 25 16:12:41 carol charon: 09[IMC] 96: 65 20 32 30 31 34 2D 30 38 2D 31 36 0A 73 65 63 e 2014-08-16.sec
Jul 25 16:12:41 carol charon: 09[IMC] 112: 75 72 69 74 79 20 70 61 74 63 68 20 32 30 31 35 urity patch 2015
Jul 25 16:12:41 carol charon: 09[IMC] 128: 2D 33 2D 32 32 00 00 0A 8B 00 00 00 3E 00 00 00 -3-22.......>...
Jul 25 16:12:41 carol charon: 09[IMC] 144: 11 31 2E 30 2E 37 00 00 0A 8B 00 00 00 3F 00 00 .1.0.7.......?..
Jul 25 16:12:41 carol charon: 09[IMC] 160: 00 1C 00 00 00 01 00 00 00 00 00 00 00 07 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 176: 00 00 00 00 0A 8B 00 00 00 3C 00 00 00 18 46 69 .........<....Fi
Jul 25 16:12:41 carol charon: 09[IMC] 192: 72 6D 77 61 72 65 20 55 56 57 00 00 0A 8B 00 00 rmware UVW......
Jul 25 16:12:41 carol charon: 09[IMC] 208: 00 3D 00 00 00 0C 00 00 0A 8B 00 00 00 3E 00 00 .=...........>..
Jul 25 16:12:41 carol charon: 09[IMC] 224: 00 12 31 33 2E 38 2E 35 00 00 0A 8B 00 00 00 3F ..13.8.5.......?
Jul 25 16:12:41 carol charon: 09[IMC] 240: 00 00 00 1C 00 00 00 0D 00 00 00 08 00 00 00 05 ................
Jul 25 16:12:41 carol charon: 09[IMC] 256: 00 00 00 00 00 00 0A 8B 00 00 00 50 00 00 00 1C ...........P....
Jul 25 16:12:41 carol charon: 09[IMC] 272: 52 65 73 69 64 65 6E 74 20 41 70 70 20 58 59 5A Resident App XYZ
Jul 25 16:12:41 carol charon: 09[IMC] 288: 00 00 0A 8B 00 00 00 51 00 00 00 3A 78 6D 61 73 .......Q...:xmas
Jul 25 16:12:41 carol charon: 09[IMC] 304: 20 70 61 74 63 68 20 32 30 31 34 2D 31 32 2D 32 patch 2014-12-2
Jul 25 16:12:41 carol charon: 09[IMC] 320: 34 0A 73 65 72 76 69 63 65 20 70 61 74 63 68 20 4.service patch
Jul 25 16:12:41 carol charon: 09[IMC] 336: 32 30 31 35 2D 30 35 2D 32 32 00 00 0A 8B 00 00 2015-05-22......
Jul 25 16:12:41 carol charon: 09[IMC] 352: 00 52 00 00 00 0F 32 2E 35 00 00 0A 8B 00 00 00 .R....2.5.......
Jul 25 16:12:41 carol charon: 09[IMC] 368: 53 00 00 00 1C 00 00 00 02 00 00 00 05 00 00 00 S...............
Jul 25 16:12:41 carol charon: 09[IMC] 384: 00 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00 00 ............d...
Jul 25 16:12:41 carol charon: 09[IMC] 400: 1D 4D 79 20 4A 61 76 61 20 50 68 6F 74 6F 20 41 .My Java Photo A
Jul 25 16:12:41 carol charon: 09[IMC] 416: 70 70 00 00 0A 8B 00 00 00 65 00 00 00 0C 00 00 pp.......e......
Jul 25 16:12:41 carol charon: 09[IMC] 432: 0A 8B 00 00 00 66 00 00 00 15 35 2E 32 2E 33 2E .....f....5.2.3.
Jul 25 16:12:41 carol charon: 09[IMC] 448: 38 2E 31 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 8.1.......g.....
Jul 25 16:12:41 carol charon: 09[IMC] 464: 00 00 05 00 00 00 02 00 00 00 03 00 08 00 01 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 480: 00 0A 8B 00 00 00 64 00 00 00 20 50 72 69 6E 74 ......d... Print
Jul 25 16:12:41 carol charon: 09[IMC] 496: 20 59 6F 75 72 20 44 69 6E 6F 73 61 75 72 21 00 Your Dinosaur!.
Jul 25 16:12:41 carol charon: 09[IMC] 512: 00 0A 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 ......e.........
Jul 25 16:12:41 carol charon: 09[IMC] 528: 00 00 66 00 00 00 0F 31 2E 30 00 00 0A 8B 00 00 ..f....1.0......
Jul 25 16:12:41 carol charon: 09[IMC] 544: 00 67 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 .g..............
Jul 25 16:12:41 carol charon: 09[IMC] 560: 00 00 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00 .............d..
Jul 25 16:12:41 carol charon: 09[IMC] 576: 00 20 4C 61 62 65 6C 20 45 76 65 72 79 74 68 69 . Label Everythi
Jul 25 16:12:41 carol charon: 09[IMC] 592: 6E 67 20 41 70 70 00 00 0A 8B 00 00 00 65 00 00 ng App.......e..
Jul 25 16:12:41 carol charon: 09[IMC] 608: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 15 37 2E .........f....7.
Jul 25 16:12:41 carol charon: 09[IMC] 624: 35 2E 38 2E 32 2E 33 00 00 0A 8B 00 00 00 67 00 5.8.2.3.......g.
Jul 25 16:12:41 carol charon: 09[IMC] 640: 00 00 1C 00 00 00 00 70 00 00 05 00 00 00 08 00 .......p........
Jul 25 16:12:41 carol charon: 09[IMC] 656: 02 00 03 00 00 0A 8B 00 00 00 C8 00 00 00 2C 00 ..............,.
Jul 25 16:12:41 carol charon: 09[IMC] 672: 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 ................
Jul 25 16:12:41 carol charon: 09[IMC] 688: 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 704: 00 0A 8B 00 00 00 C9 00 00 00 3C F0 F1 F2 F3 F4 ..........<.....
Jul 25 16:12:41 carol charon: 09[IMC] 720: F5 F6 F7 F8 F9 FA FB FC FD FE FF E0 E1 E2 E3 E4 ................
Jul 25 16:12:41 carol charon: 09[IMC] 736: E5 E6 E7 E8 E9 EA EB EC ED EE EF D0 D1 D2 D3 D4 ................
Jul 25 16:12:41 carol charon: 09[IMC] 752: D5 D6 D7 D8 D9 DA DB DC DD DE DF ...........
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b6af0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 44 55 6E 76 00 00 55 97 00 00 00 21 ....DUnv..U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......<
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x44556e76
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x10f5116c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b54d0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 10 F5 11 6C 00 00 55 97 00 00 00 22 .......l..U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?.
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b37d0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 CE 8C F5 6C 00 00 55 97 00 00 00 21 .......l..U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......<
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0xce8cf56c
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0xcf94b8d7
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b67e0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 CF 94 B8 D7 00 00 55 97 00 00 00 22 ..........U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?.
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
</pre> [ Incomplete diff, document too large... ]
The PA-TNC attributes of the HCD *carol* are defined in the *libimcv.plugins.imc-hcd* section of /etc/strongswan.conf:
<pre>
# /etc/strongswan.conf - strongSwan configuration file
charon {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
plugins {
eap-ttls {
max_message_count = 0
}
eap-tnc {
max_message_count = 0
}
tnccs-20 {
max_batch_size = 16370
max_message_size = 16338
}
}
}
libimcv {
os_info {
name = strongPrint OS
version = 1.0
default_password_enabled = yes
}
plugins {
imc-hcd {
push_info = no
subtypes {
system {
attributes_natural_language = en
machine_type_model = strongPrint Laser X.509a
vendor_name = ITA-HSR
vendor_smi_code = 36906
pstn_fax_enabled = yes
time_source = 0.ch.pool.ntp.org
user_application_enabled = yes
user_application_persistence_enabled = no
firmware {
fw-1 {
name = Firmware ABC
patches = "security patch 2014-05-08\nupgrade 2014-08-16\nsecurity patch 2015-3-22"
string_version = 1.0.7
version = 00000001000000000000000700000000
}
fw-2 {
name = Firmware UVW
string_version = 13.8.5
version = 0000000D000000080000000500000000
}
}
resident_application {
resident-app-1 {
name = Resident App XYZ
patches = "xmas patch 2014-12-24\nservice patch 2015-05-22"
string_version = 2.5
version = 00000002000000050000000000000000
}
}
user_application {
user-app-1 {
name = My Java Photo App
patches =
string_version = 5.2.3.8.1
version = 00000005000000020000000300080001
}
user-app-2 {
name = Print Your Dinosaur!
patches =
string_version = 1.0
version = 00000001000000000000000000000000
}
user-app-3 {
name = Label Everything App
patches =
string_version = 7.5.8.2.3
version = 0000000700000050000000800020003
}
}
certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf
}
console {
attributes_natural_language = ru
}
marker {
attributes_natural_language = fr
}
finisher {
attributes_natural_language = de
}
interface {
attributes_natural_language = en
resident_application {
resident-app-if {
name = Resident App Interface+
patches = "service patch 2015-02-09"
string_version = 2.5
version = 00000002000000050000000000000000
}
}
}
scanner {
attributes_natural_language = en
firmware {
fw-scanner {
name = Scanner Firmware
patches = "security patch 2013-08-11\nsecurity patch 2015-5-30"
string_version = 2.5.3
version = 00000002000000050000000300000000
}
}
user_application {
user-app-scanner {
name = EasyScan
patches =
string_version = 2.2.3.5.7
version = 00000002000000020000000300050007
}
}
}
}
}
}
}
</pre>
The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.
<pre>
Jul 25 16:12:40 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr1, Linux 4.0.9, x86_64)
Jul 25 16:12:40 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Jul 25 16:12:40 carol charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Jul 25 16:12:40 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Jul 25 16:12:40 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Jul 25 16:12:40 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Jul 25 16:12:40 carol charon: 00[CFG] loaded EAP secret for carol
</pre>
Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard *Operating System* PA subtype and the HCD IMC to the mandatory *System* and the five recommended *Console*, *Marker*, *Finisher*, *Interface* and *Scanner* PWG HCD PA subtypes.
<pre>
Jul 25 16:12:40 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config'
Jul 25 16:12:40 carol charon: 00[TNC] added IETF attributes
Jul 25 16:12:40 carol charon: 00[TNC] added ITA-HSR attributes
Jul 25 16:12:40 carol charon: 00[TNC] added PWG attributes
Jul 25 16:12:40 carol charon: 00[TNC] added TCG attributes
Jul 25 16:12:40 carol charon: 00[LIB] libimcv initialized
Jul 25 16:12:40 carol charon: 00[IMC] IMC 1 "OS" initialized
Jul 25 16:12:40 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Jul 25 16:12:40 carol charon: 00[IMC] operating system version is '1.0'
Jul 25 16:12:40 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001
Jul 25 16:12:40 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so'
Jul 25 16:12:40 carol charon: 00[IMC] IMC 2 "HCD" initialized
Jul 25 16:12:40 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Jul 25 16:12:40 carol charon: 00[IMC] operating system version is '1.0'
Jul 25 16:12:40 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032
Jul 25 16:12:40 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'
</pre>
The VPN client loads the definition for the IPsec connection to the VPN gateway
<pre>
Jul 25 16:12:40 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
Jul 25 16:12:40 carol charon: 00[JOB] spawning 16 worker threads
Jul 25 16:12:40 carol charon: 09[CFG] received stroke: add connection 'home'
Jul 25 16:12:40 carol charon: 09[CFG] added configuration 'home'
</pre>
The VPN client *carol* starts the IKEv2 negotiation with the VPN gateway *moon*. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server *alice* located behind the VPN gateway.
<pre>
Jul 25 16:12:41 carol charon: 10[CFG] received stroke: initiate 'home'
Jul 25 16:12:41 carol charon: 03[IKE] initiating IKE_SA home[1] to 192.168.0.1
Jul 25 16:12:41 carol charon: 03[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Jul 25 16:12:41 carol charon: 03[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes)
Jul 25 16:12:41 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes)
Jul 25 16:12:41 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Jul 25 16:12:41 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 12[IKE] establishing CHILD_SA home
Jul 25 16:12:41 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ]
Jul 25 16:12:41 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes)
Jul 25 16:12:41 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes)
Jul 25 16:12:41 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Jul 25 16:12:41 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
Jul 25 16:12:41 carol charon: 13[CFG] fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Jul 25 16:12:41 carol charon: 13[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 13[CFG] crl is valid: until Aug 24 16:12:17 2015
Jul 25 16:12:41 carol charon: 13[CFG] certificate status is good
Jul 25 16:12:41 carol charon: 13[CFG] reached self-signed root ca with a path length of 0
Jul 25 16:12:41 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful
Jul 25 16:12:41 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol'
Jul 25 16:12:41 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
Jul 25 16:12:41 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 14[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 14[IKE] server requested EAP_TTLS authentication (id 0xF0)
Jul 25 16:12:41 carol charon: 14[TLS] EAP_TTLS version is v0
Jul 25 16:12:41 carol charon: 14[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes)
Jul 25 16:12:41 carol charon: 15[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 15[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Jul 25 16:12:41 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes)
Jul 25 16:12:41 carol charon: 16[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 16[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Jul 25 16:12:41 carol charon: 16[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'
Jul 25 16:12:41 carol charon: 16[CFG] using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
Jul 25 16:12:41 carol charon: 16[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
Jul 25 16:12:41 carol charon: 16[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Jul 25 16:12:41 carol charon: 16[CFG] crl is valid: until Aug 24 16:12:17 2015
Jul 25 16:12:41 carol charon: 16[CFG] using cached crl
Jul 25 16:12:41 carol charon: 16[CFG] certificate status is good
Jul 25 16:12:41 carol charon: 16[CFG] reached self-signed root ca with a path length of 0
Jul 25 16:12:41 carol charon: 16[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA
Jul 25 16:12:41 carol charon: 16[TLS] no TLS peer certificate found for 'carol', skipping client authentication
Jul 25 16:12:41 carol charon: 16[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes)
Jul 25 16:12:41 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes)
Jul 25 16:12:41 carol charon: 02[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]
Jul 25 16:12:41 carol charon: 02[IKE] server requested EAP_IDENTITY authentication (id 0x00)
Jul 25 16:12:41 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]
Jul 25 16:12:41 carol charon: 02[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Jul 25 16:12:41 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 01[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Jul 25 16:12:41 carol charon: 01[IKE] server requested EAP_MD5 authentication (id 0x46)
Jul 25 16:12:41 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]
Jul 25 16:12:41 carol charon: 01[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Jul 25 16:12:41 carol charon: 04[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)
Jul 25 16:12:41 carol charon: 04[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 04[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Jul 25 16:12:41 carol charon: 04[IKE] server requested EAP_PT_EAP authentication (id 0xBE)
Jul 25 16:12:41 carol charon: 04[TLS] EAP_PT_EAP version is v1
</pre>
THE PB-TNC connection between TNC client and TNC server is established. The maximum size of a PA-TNC message is limited to 16338 bytes.
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] TNC client is handling outbound connection
Jul 25 16:12:41 carol charon: 04[TNC] assigned TNCCS Connection ID 1
Jul 25 16:12:41 carol charon: 04[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Jul 25 16:12:41 carol charon: 04[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Jul 25 16:12:41 carol charon: 04[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Jul 25 16:12:41 carol charon: 04[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Jul 25 16:12:41 carol charon: 04[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake'
Jul 25 16:12:41 carol charon: 04[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'
</pre>
The OS IMC retrieves information on the operating system
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] operating system numeric version is 1.0
Jul 25 16:12:41 carol charon: 04[IMC] last boot: Jul 25 16:12:26 UTC 2015, 15 s ago
Jul 25 16:12:41 carol charon: 04[IMC] IPv4 forwarding is disabled
Jul 25 16:12:41 carol charon: 04[IMC] factory default password is enabled
Jul 25 16:12:41 carol charon: 04[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e
</pre>
The OS IMC is sending operating system information using IETF standard attributes
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x1c2fcae3
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 197 bytes @ 0x7b01d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 1C 2F CA E3 00 00 00 00 00 00 00 02 ...../..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50 .........strongP
Jul 25 16:12:41 carol charon: 04[IMC] 32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00 rint OS.........
Jul 25 16:12:41 carol charon: 04[IMC] 48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00 ....1.0.........
Jul 25 16:12:41 carol charon: 04[IMC] 64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 96: 24 03 01 00 00 32 30 31 35 2D 30 37 2D 32 35 54 $....2015-07-25T
Jul 25 16:12:41 carol charon: 04[IMC] 112: 31 36 3A 31 32 3A 32 36 5A 00 00 00 00 00 00 00 16:12:26Z.......
Jul 25 16:12:41 carol charon: 04[IMC] 128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00 ............*...
Jul 25 16:12:41 carol charon: 04[IMC] 160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63 ....,79433e32cfc
Jul 25 16:12:41 carol charon: 04[IMC] 176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66 1d0d3e7a637c954f
Jul 25 16:12:41 carol charon: 04[IMC] 192: 30 38 37 30 65 0870e
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
</pre>
The HCD IMC is retrieving attributes for PA subtype PWG/HCD System
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD System
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
Jul 25 16:12:41 carol charon: 04[IMC] HCD DefaultPasswordEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD ForwardingEnabled: disabled
Jul 25 16:12:41 carol charon: 04[IMC] HCD MachineTypeModel: strongPrint Laser X.509a
Jul 25 16:12:41 carol charon: 04[IMC] HCD PSTNFaxEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD TimeSource: 0.ch.pool.ntp.org
Jul 25 16:12:41 carol charon: 04[IMC] HCD VendorName: ITA-HSR
Jul 25 16:12:41 carol charon: 04[IMC] HCD VendorSMICode: 0x00902a (36906)
Jul 25 16:12:41 carol charon: 04[IMC] HCD UserApplicationEnabled: yes
Jul 25 16:12:41 carol charon: 04[IMC] HCD UserApplicationPersistenceEnabled: no
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x4b54dbfa
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 202 bytes @ 0x7b2370
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 4B 54 DB FA 00 00 0A 8B 00 00 00 01 ....KT..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00 ....en..........
Jul 25 16:12:41 carol charon: 04[IMC] 32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00 ................
Jul 25 16:12:41 carol charon: 04[IMC] 64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61 .$strongPrint La
Jul 25 16:12:41 carol charon: 04[IMC] 80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00 ser X.509a......
Jul 25 16:12:41 carol charon: 04[IMC] 96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .(..............
Jul 25 16:12:41 carol charon: 04[IMC] 112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E .2....0.ch.pool.
Jul 25 16:12:41 carol charon: 04[IMC] 128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00 ntp.org.........
Jul 25 16:12:41 carol charon: 04[IMC] 144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00 ...ITA-HSR......
Jul 25 16:12:41 carol charon: 04[IMC] 160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00 .........*......
Jul 25 16:12:41 carol charon: 04[IMC] 176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00 .h..............
Jul 25 16:12:41 carol charon: 04[IMC] 192: 00 69 00 00 00 10 00 00 00 00 .i........
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Console
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: ru
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x479c3ead
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b1500
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 47 9C 3E AD 00 00 0A 8B 00 00 00 01 ....G.>.........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 72 75 ....ru
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Marker
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: fr
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x5009e6e8
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7af030
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 50 09 E6 E8 00 00 0A 8B 00 00 00 01 ....P...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 66 72 ....fr
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Finisher
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: de
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x22540aee
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b28d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 22 54 0A EE 00 00 0A 8B 00 00 00 01 ...."T..........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 64 65 ....de
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Interface
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x24f0da1d
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b17d0
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 24 F0 DA 1D 00 00 0A 8B 00 00 00 01 ....$...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E ....en
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[IMC] retrieving attributes for PA subtype PWG/HCD Scanner
Jul 25 16:12:41 carol charon: 04[IMC] HCD AttributesNaturalLanguage: en
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC message with ID 0x3a83eec4
Jul 25 16:12:41 carol charon: 04[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Jul 25 16:12:41 carol charon: 04[IMC] created PA-TNC message: => 22 bytes @ 0x7b2c70
Jul 25 16:12:41 carol charon: 04[IMC] 0: 01 00 00 00 3A 83 EE C4 00 00 0A 8B 00 00 00 01 ....:...........
Jul 25 16:12:41 carol charon: 04[IMC] 16: 00 00 00 0E 65 6E ....en
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
</pre>
<pre>
Jul 25 16:12:41 carol charon: 04[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Jul 25 16:12:41 carol charon: 04[TNC] creating PB-TNC CDATA batch
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-Language-Preference message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] adding IETF/PB-PA message
Jul 25 16:12:41 carol charon: 04[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1
Jul 25 16:12:41 carol charon: 04[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Jul 25 16:12:41 carol charon: 04[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]
Jul 25 16:12:41 carol charon: 04[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes)
Jul 25 16:12:41 carol charon: 09[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Jul 25 16:12:41 carol charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Jul 25 16:12:41 carol charon: 09[TNC] received TNCCS batch (602 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] TNC client is handling inbound connection
Jul 25 16:12:41 carol charon: 09[TNC] processing PB-TNC SDATA batch for Connection ID 1
Jul 25 16:12:41 carol charon: 09[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Jul 25 16:12:41 carol charon: 09[TNC] processing TCG/PB-PDP-Referral message (42 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (112 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] processing IETF/PB-PA message (88 bytes)
Jul 25 16:12:41 carol charon: 09[TNC] PDP server 'aaa.strongswan.org' is listening on port 271
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 88 bytes @ 0x7b3ed0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 9D 9D 53 E5 00 00 55 97 00 00 00 21 ......S...U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15 .......<........
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50 .......<.......P
Jul 25 16:12:41 carol charon: 09[IMC] 64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8 .......d........
Jul 25 16:12:41 carol charon: 09[IMC] 80: 00 00 0A 8B 00 00 00 C9 ........
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x9d9d53e5
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000015 'PWG/HCD FirewallSetting'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x000000c8 'PWG/HCD CertificationState'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- fw-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareName: Firmware ABC
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwarePatches: security patch 2014-05-08
Jul 25 16:12:41 carol charon: 09[IMC] upgrade 2014-08-16
Jul 25 16:12:41 carol charon: 09[IMC] security patch 2015-3-22
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareStringVersion: 1.0.7
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareVersion: 00:00:00:01:00:00:00:00:00:00:00:07:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- fw-2 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareName: Firmware UVW
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwarePatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareStringVersion: 13.8.5
Jul 25 16:12:41 carol charon: 09[IMC] HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- resident-app-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationName: Resident App XYZ
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationPatches: xmas patch 2014-12-24
Jul 25 16:12:41 carol charon: 09[IMC] service patch 2015-05-22
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationStringVersion: 2.5
Jul 25 16:12:41 carol charon: 09[IMC] HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-1 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: My Java Photo App
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 5.2.3.8.1
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-2 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: Print Your Dinosaur!
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 1.0
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-3 ---
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationName: Label Everything App
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationPatches:
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationStringVersion: 7.5.8.2.3
Jul 25 16:12:41 carol charon: 09[IMC] HCD UserApplicationVersion: 00:00:00:00:70:00:00:05:00:00:00:08:00:02:00:03
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] HCD CertificationState: => 32 bytes @ 0x7b7010
Jul 25 16:12:41 carol charon: 09[IMC] 0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F ................
Jul 25 16:12:41 carol charon: 09[IMC] 16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F ................
Jul 25 16:12:41 carol charon: 09[IMC] HCD ConfigurationState: => 48 bytes @ 0x7bbb40
Jul 25 16:12:41 carol charon: 09[IMC] 0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF ................
Jul 25 16:12:41 carol charon: 09[IMC] 16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF ................
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0xa4007712
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 763 bytes @ 0x7bdfb0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 A4 00 77 12 00 00 55 97 00 00 00 22 ......w...U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B ..........?.....
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65 ...<....Firmware
Jul 25 16:12:41 carol charon: 09[IMC] 48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 51 ABC.......=...Q
Jul 25 16:12:41 carol charon: 09[IMC] 64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 security patch 2
Jul 25 16:12:41 carol charon: 09[IMC] 80: 30 31 34 2D 30 35 2D 30 38 0A 75 70 67 72 61 64 014-05-08.upgrad
Jul 25 16:12:41 carol charon: 09[IMC] 96: 65 20 32 30 31 34 2D 30 38 2D 31 36 0A 73 65 63 e 2014-08-16.sec
Jul 25 16:12:41 carol charon: 09[IMC] 112: 75 72 69 74 79 20 70 61 74 63 68 20 32 30 31 35 urity patch 2015
Jul 25 16:12:41 carol charon: 09[IMC] 128: 2D 33 2D 32 32 00 00 0A 8B 00 00 00 3E 00 00 00 -3-22.......>...
Jul 25 16:12:41 carol charon: 09[IMC] 144: 11 31 2E 30 2E 37 00 00 0A 8B 00 00 00 3F 00 00 .1.0.7.......?..
Jul 25 16:12:41 carol charon: 09[IMC] 160: 00 1C 00 00 00 01 00 00 00 00 00 00 00 07 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 176: 00 00 00 00 0A 8B 00 00 00 3C 00 00 00 18 46 69 .........<....Fi
Jul 25 16:12:41 carol charon: 09[IMC] 192: 72 6D 77 61 72 65 20 55 56 57 00 00 0A 8B 00 00 rmware UVW......
Jul 25 16:12:41 carol charon: 09[IMC] 208: 00 3D 00 00 00 0C 00 00 0A 8B 00 00 00 3E 00 00 .=...........>..
Jul 25 16:12:41 carol charon: 09[IMC] 224: 00 12 31 33 2E 38 2E 35 00 00 0A 8B 00 00 00 3F ..13.8.5.......?
Jul 25 16:12:41 carol charon: 09[IMC] 240: 00 00 00 1C 00 00 00 0D 00 00 00 08 00 00 00 05 ................
Jul 25 16:12:41 carol charon: 09[IMC] 256: 00 00 00 00 00 00 0A 8B 00 00 00 50 00 00 00 1C ...........P....
Jul 25 16:12:41 carol charon: 09[IMC] 272: 52 65 73 69 64 65 6E 74 20 41 70 70 20 58 59 5A Resident App XYZ
Jul 25 16:12:41 carol charon: 09[IMC] 288: 00 00 0A 8B 00 00 00 51 00 00 00 3A 78 6D 61 73 .......Q...:xmas
Jul 25 16:12:41 carol charon: 09[IMC] 304: 20 70 61 74 63 68 20 32 30 31 34 2D 31 32 2D 32 patch 2014-12-2
Jul 25 16:12:41 carol charon: 09[IMC] 320: 34 0A 73 65 72 76 69 63 65 20 70 61 74 63 68 20 4.service patch
Jul 25 16:12:41 carol charon: 09[IMC] 336: 32 30 31 35 2D 30 35 2D 32 32 00 00 0A 8B 00 00 2015-05-22......
Jul 25 16:12:41 carol charon: 09[IMC] 352: 00 52 00 00 00 0F 32 2E 35 00 00 0A 8B 00 00 00 .R....2.5.......
Jul 25 16:12:41 carol charon: 09[IMC] 368: 53 00 00 00 1C 00 00 00 02 00 00 00 05 00 00 00 S...............
Jul 25 16:12:41 carol charon: 09[IMC] 384: 00 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00 00 ............d...
Jul 25 16:12:41 carol charon: 09[IMC] 400: 1D 4D 79 20 4A 61 76 61 20 50 68 6F 74 6F 20 41 .My Java Photo A
Jul 25 16:12:41 carol charon: 09[IMC] 416: 70 70 00 00 0A 8B 00 00 00 65 00 00 00 0C 00 00 pp.......e......
Jul 25 16:12:41 carol charon: 09[IMC] 432: 0A 8B 00 00 00 66 00 00 00 15 35 2E 32 2E 33 2E .....f....5.2.3.
Jul 25 16:12:41 carol charon: 09[IMC] 448: 38 2E 31 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 8.1.......g.....
Jul 25 16:12:41 carol charon: 09[IMC] 464: 00 00 05 00 00 00 02 00 00 00 03 00 08 00 01 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 480: 00 0A 8B 00 00 00 64 00 00 00 20 50 72 69 6E 74 ......d... Print
Jul 25 16:12:41 carol charon: 09[IMC] 496: 20 59 6F 75 72 20 44 69 6E 6F 73 61 75 72 21 00 Your Dinosaur!.
Jul 25 16:12:41 carol charon: 09[IMC] 512: 00 0A 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 ......e.........
Jul 25 16:12:41 carol charon: 09[IMC] 528: 00 00 66 00 00 00 0F 31 2E 30 00 00 0A 8B 00 00 ..f....1.0......
Jul 25 16:12:41 carol charon: 09[IMC] 544: 00 67 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 .g..............
Jul 25 16:12:41 carol charon: 09[IMC] 560: 00 00 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00 .............d..
Jul 25 16:12:41 carol charon: 09[IMC] 576: 00 20 4C 61 62 65 6C 20 45 76 65 72 79 74 68 69 . Label Everythi
Jul 25 16:12:41 carol charon: 09[IMC] 592: 6E 67 20 41 70 70 00 00 0A 8B 00 00 00 65 00 00 ng App.......e..
Jul 25 16:12:41 carol charon: 09[IMC] 608: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 15 37 2E .........f....7.
Jul 25 16:12:41 carol charon: 09[IMC] 624: 35 2E 38 2E 32 2E 33 00 00 0A 8B 00 00 00 67 00 5.8.2.3.......g.
Jul 25 16:12:41 carol charon: 09[IMC] 640: 00 00 1C 00 00 00 00 70 00 00 05 00 00 00 08 00 .......p........
Jul 25 16:12:41 carol charon: 09[IMC] 656: 02 00 03 00 00 0A 8B 00 00 00 C8 00 00 00 2C 00 ..............,.
Jul 25 16:12:41 carol charon: 09[IMC] 672: 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 ................
Jul 25 16:12:41 carol charon: 09[IMC] 688: 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 704: 00 0A 8B 00 00 00 C9 00 00 00 3C F0 F1 F2 F3 F4 ..........<.....
Jul 25 16:12:41 carol charon: 09[IMC] 720: F5 F6 F7 F8 F9 FA FB FC FD FE FF E0 E1 E2 E3 E4 ................
Jul 25 16:12:41 carol charon: 09[IMC] 736: E5 E6 E7 E8 E9 EA EB EC ED EE EF D0 D1 D2 D3 D4 ................
Jul 25 16:12:41 carol charon: 09[IMC] 752: D5 D6 D7 D8 D9 DA DB DC DD DE DF ...........
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b6af0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 44 55 6E 76 00 00 55 97 00 00 00 21 ....DUnv..U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......<
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x44556e76
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x10f5116c
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b54d0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 10 F5 11 6C 00 00 55 97 00 00 00 22 .......l..U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?.
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b37d0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 CE 8C F5 6C 00 00 55 97 00 00 00 21 .......l..U....!
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00 ................
Jul 25 16:12:41 carol charon: 09[IMC] 32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C .......$.......<
Jul 25 16:12:41 carol charon: 09[IMC] 48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64 .......P.......d
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0xce8cf56c
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Jul 25 16:12:41 carol charon: 09[TNC] 0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Jul 25 16:12:41 carol charon: 09[IMC] maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Jul 25 16:12:41 carol charon: 09[IMC] lowered maximum segment size to 16294 bytes
</pre>
<pre>
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0xcf94b8d7
Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b67e0
Jul 25 16:12:41 carol charon: 09[IMC] 0: 01 00 00 00 CF 94 B8 D7 00 00 55 97 00 00 00 22 ..........U...."
Jul 25 16:12:41 carol charon: 09[IMC] 16: 00 00 00 14 00 98 96 80 00 00 3F A6 ..........?.
Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
</pre> [ Incomplete diff, document too large... ]