Endpoint Compliance via PT-TLS Protocol » History » Version 10
« Previous -
Version 10/21
(diff) -
Next » -
Current version
Andreas Steffen, 16.08.2013 17:17
Endpoint Compliance via PT-TLS Protocol¶
- Table of contents
- Endpoint Compliance via PT-TLS Protocol
- Starting the strongSwan Policy Decision Point (PDP)
- PT-TLS Connection by Access Requestor "carol"
- TLS Connection Setup
- PT-TLS Negotiation
- SASL Password-based Client Authentication
- IF-IMV v1.4 AR Identity
- Operating System Information
- Device Identity
- Policy Manager generating Workitem List
- Sending SWID Request
- Receiving SWID Tag Identifier Inventory
- Human-Readable SWID Tag Identities
- Policy Manager integrating Measurement Results
- Closing PT-TLS Connection
- PT-TLS Connection by Access Requestor "dave"
- TLS Connection Setup
- PT-TLS Negotiation
- TLS Certificate-based Client Authentication
- IF-IMV v1.4 AR Identity
- Operating System Information
- Device Identity
- Policy Manager generating Workitem List
- Sending SWID Request
- Receiving SWID Tag Inventory
- Human-Readable SWID Tags
- Policy Manager integrating Measurement Results
- Closing PT-TLS Connection
- Terminating the strongSwan Policy Decision Point
Starting the strongSwan Policy Decision Point (PDP)¶
The strongSwan PDP starts and loads its server certificate and the client credentials
00[DMN] Starting IKE charon daemon (strongSwan 5.1.0, Linux 3.10.5, x86_64) 00[LIB] openssl FIPS mode(0) - disabled 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem' 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' 00[CFG] loading crls from '/etc/ipsec.d/crls' 00[CFG] loading secrets from '/etc/ipsec.secrets' 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/aaaKey.pem' 00[CFG] loaded EAP secret for carol 00[CFG] loaded EAP secret for dave
Next the OS and SWID IMVs are loaded
00[TNC] TNC recommendation policy is 'default' 00[TNC] loading IMVs from '/etc/tnc_config' 00[TNC] added IETF attributes 00[TNC] added ITA-HSR attributes 00[LIB] libimcv initialized 00[IMV] IMV 1 "OS" initialized 00[TNC] IMV 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001 00[TNC] IMV 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imv-os.so' 00[IMV] IMV 2 "SWID" initialized 00[TNC] added TCG attributes 00[LIB] libpts initialized 00[TNC] IMV 2 supports 1 message type: 'TCG/SWID' 0x005597/0x00000003 00[TNC] IMV 2 "SWID" loaded from '/usr/local/lib/ipsec/imcvs/imv-swid.so'
The PDP loads all plugins needed to communicate via its EAP-RADIUS and PT-TLS interfaces and spawns 16 worker threads
00[IKE] eap method EAP_TTLS selected 00[LIB] loaded plugins: charon curl pem pkcs1 nonce x509 revocation openssl socket-default kernel-netlink stroke tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite 00[JOB] spawning 16 worker threads 05[CFG] received stroke: add connection 'aaa' 05[CFG] loaded certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" from 'aaaCert.pem' 05[CFG] added configuration 'aaa'
PT-TLS Connection by Access Requestor "carol"¶
11[TNC] accepting PT-TLS stream from 192.168.0.100
TLS Connection Setup¶
12[TNC] entering PT-TLS negotiation phase 12[TLS] processing TLS Handshake record (176 bytes) 12[TLS] received TLS ClientHello handshake (172 bytes) 12[TLS] received TLS 'signature algorithms' extension 12[TLS] received TLS 'elliptic curves' extension 12[TLS] received TLS 'ec point formats' extension 12[TLS] received TLS 'server name' extension 12[TLS] received 28 TLS cipher suites: 12[TLS] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 12[TLS] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 12[TLS] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 12[TLS] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 12[TLS] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 12[TLS] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 12[TLS] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 12[TLS] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 12[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA 12[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 12[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA 12[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 12[TLS] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 12[TLS] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 12[TLS] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 12[TLS] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 12[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 12[TLS] TLS_RSA_WITH_AES_128_CBC_SHA 12[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256 12[TLS] TLS_RSA_WITH_AES_256_CBC_SHA 12[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256 12[TLS] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 12[TLS] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 12[TLS] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 12[TLS] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 12[TLS] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 12[TLS] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 12[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA 12[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 12[TLS] sending TLS ServerHello handshake (54 bytes) 12[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org' 12[TLS] sending TLS Certificate handshake (1066 bytes) 12[TLS] selected ECDH group SECP256R1 12[TLS] created signature with MD5/RSA 12[TLS] sending TLS ServerKeyExchange handshake (329 bytes) 12[TLS] sending TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' 12[TLS] sending TLS CertificateRequest handshake (102 bytes) 12[TLS] sending TLS ServerHelloDone handshake (0 bytes) 12[TLS] sending TLS Handshake record (1571 bytes) 12[TLS] processing TLS Handshake record (77 bytes) 12[TLS] received TLS Certificate handshake (3 bytes) 12[TLS] received TLS ClientKeyExchange handshake (66 bytes) 12[TLS] processing TLS ChangeCipherSpec record (1 bytes) 12[TLS] processing TLS Handshake record (64 bytes) 12[TLS] received TLS Finished handshake (12 bytes) 12[TLS] sending TLS ChangeCipherSpec record (1 bytes) 12[TLS] sending TLS Finished handshake (12 bytes) 12[TLS] sending TLS Handshake record (64 bytes)
PT-TLS Negotiation¶
12[TLS] processing TLS ApplicationData record (64 bytes) 12[TNC] received PT-TLS message #0 of type 'Version Request' (20 bytes) 12[TNC] sending PT-TLS message #0 of type 'Version Response' (20 bytes) 12[TLS] sending TLS ApplicationData record (64 bytes) 12[TNC] negotiated PT-TLS version 1
SASL Password-based Client Authentication¶
12[TNC] doing SASL client authentication 12[TNC] offering SASL PLAIN 12[TNC] sending PT-TLS message #1 of type 'SASL Mechanisms' (22 bytes) 12[TLS] sending TLS ApplicationData record (64 bytes) 12[TLS] processing TLS ApplicationData record (80 bytes) 12[TNC] received PT-TLS message #1 of type 'SASL Mechanism Selection' (37 bytes) 12[TNC] client starts SASL PLAIN authentication 12[TNC] SASL PLAIN authentication successful 12[TNC] SASL client identity is 'carol' 12[TNC] sending PT-TLS message #2 of type 'SASL Result' (17 bytes) 12[TLS] sending TLS ApplicationData record (64 bytes) 12[TNC] sending PT-TLS message #3 of type 'SASL Mechanisms' (16 bytes) 12[TLS] sending TLS ApplicationData record (64 bytes)
IF-IMV v1.4 AR Identity¶
04[TNC] entering PT-TLS data transport phase 04[TNC] no PB-TNC batch to send 04[TLS] processing TLS ApplicationData record (320 bytes) 04[TNC] received PT-TLS message #2 of type 'PB-TNC Batch' (275 bytes) 04[TNC] assigned TNCCS Connection ID 1 04[IMV] IMV 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh 04[IMV] over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes 04[IMV] user AR identity 'carol' authenticated by password 04[IMV] assigned session ID 2 04[IMV] IMV 2 "SWID" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh 04[IMV] over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes 04[IMV] user AR identity 'carol' authenticated by password 04[IMV] assigned session ID 2 04[IMV] IMV 1 "OS" changed state of Connection ID 1 to 'Handshake' 04[IMV] IMV 2 "SWID" changed state of Connection ID 1 to 'Handshake'
04[TNC] received TNCCS batch (259 bytes) for Connection ID 1 04[TNC] => 259 bytes @ 0x6dcd80 04[TNC] 0: 02 00 00 01 00 00 01 03 00 00 00 00 00 00 00 06 ................ 04[TNC] 16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75 ....Accept-Langu 04[TNC] 32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00 age: en......... 04[TNC] 48: 00 00 DC 00 00 00 00 00 00 00 01 00 01 FF FF 01 ................ 04[TNC] 64: 00 00 00 B6 BB C4 99 00 00 00 00 00 00 00 02 00 ................ 04[TNC] 80: 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00 00 ....%r..Debian.. 04[TNC] 96: 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20 78 ...........7.0 x 04[TNC] 112: 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03 00 86_64........... 04[TNC] 128: 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00 00 ................ 04[TNC] 144: 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24 03 ..............$. 04[TNC] 160: 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 30 ...2013-08-15T20 04[TNC] 176: 3A 34 35 3A 30 36 5A 00 00 00 00 00 00 00 0B 00 :45:06Z......... 04[TNC] 192: 00 00 10 00 00 00 00 00 00 00 00 00 00 00 0C 00 ................ 04[TNC] 208: 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08 00 ..........*..... 04[TNC] 224: 00 00 2C 37 37 38 31 62 33 38 39 34 66 30 31 66 ..,7781b3894f01f 04[TNC] 240: 34 30 62 38 36 35 64 33 38 36 36 35 31 37 30 32 40b865d386651702 04[TNC] 256: 65 30 62 e0b 04[TNC] PB-TNC state transition from 'Init' to 'Server Working' 04[TNC] processing PB-TNC CDATA batch 04[TNC] processing PB-Language-Preference message (31 bytes) 04[TNC] processing PB-PA message (220 bytes) 04[TNC] setting language preference to 'en'
04[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 04[IMV] IMV 1 "OS" received message for Connection ID 1 from IMC 1 04[IMV] => 196 bytes @ 0x6ee790 04[IMV] 0: 01 00 00 00 B6 BB C4 99 00 00 00 00 00 00 00 02 ................ 04[IMV] 16: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00 .....%r..Debian. 04[IMV] 32: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20 ............7.0 04[IMV] 48: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03 x86_64.......... 04[IMV] 64: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00 ................ 04[IMV] 80: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24 ...............$ 04[IMV] 96: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 ....2013-08-15T2 04[IMV] 112: 30 3A 34 35 3A 30 36 5A 00 00 00 00 00 00 00 0B 0:45:06Z........ 04[IMV] 128: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 0C ................ 04[IMV] 144: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08 ...........*.... 04[IMV] 160: 00 00 00 2C 37 37 38 31 62 33 38 39 34 66 30 31 ...,7781b3894f01 04[IMV] 176: 66 34 30 62 38 36 35 64 33 38 36 36 35 31 37 30 f40b865d38665170 04[IMV] 192: 32 65 30 62 2e0b 04[TNC] processing PA-TNC message with ID 0xb6bbc499 04[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 04[TNC] => 11 bytes @ 0x6ee7a4 04[TNC] 0: 00 25 72 00 00 44 65 62 69 61 6E .%r..Debian 04[TNC] processing PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004 04[TNC] => 13 bytes @ 0x6ee7bb 04[TNC] 0: 0A 37 2E 30 20 78 38 36 5F 36 34 00 00 .7.0 x86_64.. 04[TNC] processing PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003 04[TNC] => 16 bytes @ 0x6ee7d4 04[TNC] 0: 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00 ................ 04[TNC] processing PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005 04[TNC] => 24 bytes @ 0x6ee7f0 04[TNC] 0: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 ....2013-08-15T2 04[TNC] 16: 30 3A 34 35 3A 30 36 5A 0:45:06Z 04[TNC] processing PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b 04[TNC] => 4 bytes @ 0x6ee814 04[TNC] 0: 00 00 00 00 .... 04[TNC] processing PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c 04[TNC] => 4 bytes @ 0x6ee824 04[TNC] 0: 00 00 00 00 .... 04[TNC] processing PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008 04[TNC] => 32 bytes @ 0x6ee834 04[TNC] 0: 37 37 38 31 62 33 38 39 34 66 30 31 66 34 30 62 7781b3894f01f40b 04[TNC] 16: 38 36 35 64 33 38 36 36 35 31 37 30 32 65 30 62 865d386651702e0b
Operating System Information¶
04[IMV] operating system name is 'Debian' from vendor Debian Project 04[IMV] operating system version is '7.0 x86_64' 04[IMV] operating system numeric version is 7.0 04[IMV] operational status: operational, result: successful 04[IMV] last boot: Aug 15 20:45:06 UTC 2013 04[IMV] IPv4 forwarding is disabled 04[IMV] factory default password is disabled
Device Identity¶
04[IMV] device ID is 7781b3894f01f40b865d386651702e0b
Policy Manager generating Workitem List¶
This is strongSwan's proprietary Configuration Management Database (CMDB) interface. Based on historical client measurement data and a set of group policies the start script generates a list of measurement workitems. In our scenario only IPv4 forwarding and SWID tags are checked.
04[IMV] running policy script: 2>&1 TNC_SESSION_ID='2' ipsec imv_policy_manager start 04[IMV] policy: imv_policy_manager start successful
04[IMV] IMV 1 handles FWDEN workitem 3 04[IMV] IMV 1 handled FWDEN workitem 3: allow - forwarding not enabled 04[TNC] creating PA-TNC message with ID 0x13044192 04[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 04[TNC] => 4 bytes @ 0x6e35f0 04[TNC] 0: 00 00 00 00 .... 04[IMV] created PA-TNC message: => 24 bytes @ 0x6fba00 04[IMV] 0: 01 00 00 00 13 04 41 92 00 00 00 00 00 00 00 09 ......A......... 04[IMV] 16: 00 00 00 10 00 00 00 00 ........ 04[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 04[TNC] IMV 1 provides recommendation 'allow' and evaluation 'compliant'
Sending SWID Request¶
04[IMV] IMV 2 handles SWIDT workitem 6 04[IMV] IMV 2 issues SWID request 6 04[TNC] creating PA-TNC message with ID 0x6bc52772 04[TNC] creating PA-TNC attribute type 'TCG/SWID Request' 0x005597/0x00000011 04[TNC] => 12 bytes @ 0x7150a0 04[TNC] 0: 01 00 00 00 00 00 00 06 00 00 00 00 ............ 04[IMV] created PA-TNC message: => 32 bytes @ 0x6ebcc0 04[IMV] 0: 01 00 00 00 6B C5 27 72 00 00 55 97 00 00 00 11 ....k.'r..U..... 04[IMV] 16: 00 00 00 18 01 00 00 00 00 00 00 06 00 00 00 00 ................ 04[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003 04[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' 04[TNC] creating PB-TNC SDATA batch 04[TNC] adding PB-PA message 04[TNC] adding PB-PA message 04[TNC] sending PB-TNC SDATA batch (112 bytes) for Connection ID 1 04[TNC] => 112 bytes @ 0x6fc950 04[TNC] 0: 02 80 00 02 00 00 00 70 80 00 00 00 00 00 00 01 .......p........ 04[TNC] 16: 00 00 00 30 00 00 00 00 00 00 00 01 FF FF 00 01 ...0............ 04[TNC] 32: 01 00 00 00 13 04 41 92 00 00 00 00 00 00 00 09 ......A......... 04[TNC] 48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 01 ................ 04[TNC] 64: 00 00 00 38 00 00 55 97 00 00 00 03 FF FF 00 02 ...8..U......... 04[TNC] 80: 01 00 00 00 6B C5 27 72 00 00 55 97 00 00 00 11 ....k.'r..U..... 04[TNC] 96: 00 00 00 18 01 00 00 00 00 00 00 06 00 00 00 00 ................ 04[TNC] sending PT-TLS message #4 of type 'PB-TNC Batch' (128 bytes) 04[TLS] sending TLS ApplicationData record (176 bytes)
Receiving SWID Tag Identifier Inventory¶
04[TLS] processing TLS ApplicationData record (176 bytes) 04[TNC] received PT-TLS message #3 of type 'PB-TNC Batch' (134 bytes) 04[TNC] received TNCCS batch (118 bytes) for Connection ID 1 04[TNC] => 118 bytes @ 0x714f30 04[TNC] 0: 02 00 00 01 00 00 00 76 80 00 00 00 00 00 00 01 .......v........ 04[TNC] 16: 00 00 00 6E 80 00 55 97 00 00 00 03 00 02 00 02 ...n..U......... 04[TNC] 32: 01 00 00 00 0C 84 EC 82 00 00 55 97 00 00 00 12 ..........U..... 04[TNC] 48: 00 00 00 4E 00 00 00 01 00 00 00 06 12 31 7A 21 ...N.........1z! 04[TNC] 64: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34 ......regid.2004 04[TNC] 80: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 04[TNC] 96: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35 an..strongSwan-5 04[TNC] 112: 2D 31 2D 30 00 00 -1-0.. 04[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' 04[TNC] processing PB-TNC CDATA batch 04[TNC] processing PB-PA message (110 bytes)
04[TNC] handling PB-PA message type 'TCG/SWID' 0x005597/0x00000003 04[IMV] IMV 2 "SWID" received message for Connection ID 1 from IMC 2 to IMV 2 04[IMV] => 86 bytes @ 0x6fbdc0 04[IMV] 0: 01 00 00 00 0C 84 EC 82 00 00 55 97 00 00 00 12 ..........U..... 04[IMV] 16: 00 00 00 4E 00 00 00 01 00 00 00 06 12 31 7A 21 ...N.........1z! 04[IMV] 32: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34 ......regid.2004 04[IMV] 48: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 04[IMV] 64: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35 an..strongSwan-5 04[IMV] 80: 2D 31 2D 30 00 00 -1-0.. 04[TNC] processing PA-TNC message with ID 0x0c84ec82 04[TNC] processing PA-TNC attribute type 'TCG/SWID Tag Identifier Inventory' 0x005597/0x00000012 04[TNC] => 66 bytes @ 0x6fbdd4 04[TNC] 0: 00 00 00 01 00 00 00 06 12 31 7A 21 00 00 00 01 .........1z!.... 04[TNC] 16: 00 1C 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E ..regid.2004-03. 04[TNC] 32: 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 00 10 org.strongswan.. 04[TNC] 48: 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 31 2D 30 strongSwan-5-1-0 04[TNC] 64: 00 00 ..
Human-Readable SWID Tag Identities¶
04[IMV] received SWID tag ID inventory for request 6 at eid 1 of epoch 0x12317a21 04[IMV] regid.2004-03.org.strongswan_strongSwan-5-1-0.swidtag
04[IMV] IMV 2 handled SWIDT workitem 6: allow - received inventory of 1 SWID tag ID 04[TNC] creating PA-TNC message with ID 0x51257e2e 04[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 04[TNC] => 4 bytes @ 0x6e9e50 04[TNC] 0: 00 00 00 00 .... 04[IMV] created PA-TNC message: => 24 bytes @ 0x6ed440 04[IMV] 0: 01 00 00 00 51 25 7E 2E 00 00 00 00 00 00 00 09 ....Q%~......... 04[IMV] 16: 00 00 00 10 00 00 00 00 ........ 04[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003 04[TNC] IMV 2 provides recommendation 'allow' and evaluation 'compliant'
Policy Manager integrating Measurement Results¶
04[IMV] running policy script: 2>&1 TNC_SESSION_ID='2' ipsec imv_policy_manager stop 04[IMV] policy: imv_policy_manager stop successful
04[IMV] IMV 1 "OS" changed state of Connection ID 1 to 'Allowed' 04[IMV] IMV 2 "SWID" changed state of Connection ID 1 to 'Allowed' 04[TNC] PB-TNC state transition from 'Server Working' to 'Decided' 04[TNC] creating PB-TNC RESULT batch 04[TNC] adding PB-PA message 04[TNC] adding PB-Assessment-Result message 04[TNC] adding PB-Access-Recommendation message 04[TNC] sending PB-TNC RESULT batch (88 bytes) for Connection ID 1 04[TNC] => 88 bytes @ 0x6ea730 04[TNC] 0: 02 80 00 03 00 00 00 58 80 00 00 00 00 00 00 01 .......X........ 04[TNC] 16: 00 00 00 30 00 00 55 97 00 00 00 03 FF FF 00 02 ...0..U......... 04[TNC] 32: 01 00 00 00 51 25 7E 2E 00 00 00 00 00 00 00 09 ....Q%~......... 04[TNC] 48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 02 ................ 04[TNC] 64: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 03 ................ 04[TNC] 80: 00 00 00 10 00 00 00 01 ........ 04[TNC] sending PT-TLS message #5 of type 'PB-TNC Batch' (104 bytes) 04[TLS] sending TLS ApplicationData record (144 bytes)
Closing PT-TLS Connection¶
04[TLS] processing TLS ApplicationData record (64 bytes) 04[TNC] received PT-TLS message #4 of type 'PB-TNC Batch' (24 bytes) 04[TNC] received TNCCS batch (8 bytes) for Connection ID 1 04[TNC] => 8 bytes @ 0x7150a0 04[TNC] 0: 02 00 00 06 00 00 00 08 ........ 04[TNC] PB-TNC state transition from 'Decided' to 'End' 04[TNC] processing PB-TNC CLOSE batch 04[TNC] final recommendation is 'allow' and evaluation is 'compliant' 04[TNC] PT-TLS connection terminates 04[IMV] IMV 1 "OS" deleted the state of Connection ID 1 04[IMV] IMV 2 "SWID" deleted the state of Connection ID 1 04[TNC] removed TNCCS Connection ID 1 04[TLS] sending TLS close notify 04[TLS] sending TLS Alert record (48 bytes)
PT-TLS Connection by Access Requestor "dave"¶
13[TNC] accepting PT-TLS stream from 192.168.0.200
TLS Connection Setup¶
14[TNC] entering PT-TLS negotiation phase 14[TLS] processing TLS Handshake record (176 bytes) 14[TLS] received TLS ClientHello handshake (172 bytes) 14[TLS] received TLS 'signature algorithms' extension 14[TLS] received TLS 'elliptic curves' extension 14[TLS] received TLS 'ec point formats' extension 14[TLS] received TLS 'server name' extension 14[TLS] received 28 TLS cipher suites: 14[TLS] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 14[TLS] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 14[TLS] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 14[TLS] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 14[TLS] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 14[TLS] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 14[TLS] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 14[TLS] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 14[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA 14[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 14[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA 14[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 14[TLS] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 14[TLS] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 14[TLS] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 14[TLS] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 14[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 14[TLS] TLS_RSA_WITH_AES_128_CBC_SHA 14[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256 14[TLS] TLS_RSA_WITH_AES_256_CBC_SHA 14[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256 14[TLS] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 14[TLS] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 14[TLS] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 14[TLS] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 14[TLS] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 14[TLS] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 14[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA 14[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 14[TLS] sending TLS ServerHello handshake (54 bytes) 14[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org' 14[TLS] sending TLS Certificate handshake (1066 bytes) 14[TLS] selected ECDH group SECP256R1 14[TLS] created signature with MD5/RSA 14[TLS] sending TLS ServerKeyExchange handshake (329 bytes) 14[TLS] sending TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' 14[TLS] sending TLS CertificateRequest handshake (102 bytes) 14[TLS] sending TLS ServerHelloDone handshake (0 bytes) 14[TLS] sending TLS Handshake record (1571 bytes) 14[TLS] processing TLS Handshake record (1406 bytes) 14[TLS] received TLS Certificate handshake (1068 bytes) 14[TLS] received TLS peer certificate 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' 14[TLS] received TLS ClientKeyExchange handshake (66 bytes) 14[TLS] received TLS CertificateVerify handshake (260 bytes) 14[CFG] using certificate "C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org" 14[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 14[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org" 14[CFG] fetching crl from 'http://crl.strongswan.org/strongswan.crl' ... 14[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 14[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 14[CFG] crl is valid: until Sep 14 20:44:55 2013 14[CFG] certificate status is good 14[CFG] reached self-signed root ca with a path length of 0 14[TLS] verified signature with SHA1/RSA 14[TLS] processing TLS ChangeCipherSpec record (1 bytes) 14[TLS] processing TLS Handshake record (64 bytes) 14[TLS] received TLS Finished handshake (12 bytes) 14[TLS] sending TLS ChangeCipherSpec record (1 bytes) 14[TLS] sending TLS Finished handshake (12 bytes) 14[TLS] sending TLS Handshake record (64 bytes)
PT-TLS Negotiation¶
14[TLS] processing TLS ApplicationData record (64 bytes) 14[TNC] received PT-TLS message #0 of type 'Version Request' (20 bytes) 14[TNC] sending PT-TLS message #0 of type 'Version Response' (20 bytes) 14[TLS] sending TLS ApplicationData record (64 bytes) 14[TNC] negotiated PT-TLS version 1
TLS Certificate-based Client Authentication¶
14[TNC] doing SASL client authentication 14[TNC] skipping SASL, client already authenticated by TLS certificate 14[TNC] sending PT-TLS message #1 of type 'SASL Mechanisms' (16 bytes) 14[TLS] sending TLS ApplicationData record (64 bytes)
IF-IMV v1.4 AR Identity¶
16[TNC] entering PT-TLS data transport phase 16[TNC] no PB-TNC batch to send 16[TLS] processing TLS ApplicationData record (96 bytes) 16[TNC] received PT-TLS message #1 of type 'PB-TNC Batch' (55 bytes) 16[TNC] assigned TNCCS Connection ID 2 16[IMV] IMV 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh 16[IMV] over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes 16[IMV] user AR identity 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' authenticated by certificate 16[IMV] assigned session ID 3 16[IMV] IMV 2 "SWID" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh 16[IMV] over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes 16[IMV] user AR identity 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' authenticated by certificate 16[IMV] assigned session ID 3 16[IMV] IMV 1 "OS" changed state of Connection ID 2 to 'Handshake' 16[IMV] IMV 2 "SWID" changed state of Connection ID 2 to 'Handshake'
16[TNC] received TNCCS batch (39 bytes) for Connection ID 2 16[TNC] => 39 bytes @ 0x6e87f0 16[TNC] 0: 02 00 00 01 00 00 00 27 00 00 00 00 00 00 00 06 .......'........ 16[TNC] 16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75 ....Accept-Langu 16[TNC] 32: 61 67 65 3A 20 65 6E age: en 16[TNC] PB-TNC state transition from 'Init' to 'Server Working' 16[TNC] processing PB-TNC CDATA batch 16[TNC] processing PB-Language-Preference message (31 bytes) 16[TNC] setting language preference to 'en'
16[TNC] creating PA-TNC message with ID 0xdf43848c 16[TNC] creating PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 16[TNC] => 56 bytes @ 0x6ec8d0 16[TNC] 0: 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 04 ................ 16[TNC] 16: 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 05 ................ 16[TNC] 32: 00 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 0C ................ 16[TNC] 48: 00 00 90 2A 00 00 00 08 ...*.... 16[IMV] created PA-TNC message: => 76 bytes @ 0x739a80 16[IMV] 0: 01 00 00 00 DF 43 84 8C 00 00 00 00 00 00 00 01 .....C.......... 16[IMV] 16: 00 00 00 44 00 00 00 00 00 00 00 02 00 00 00 00 ...D............ 16[IMV] 32: 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 00 ................ 16[IMV] 48: 00 00 00 05 00 00 00 00 00 00 00 0B 00 00 00 00 ................ 16[IMV] 64: 00 00 00 0C 00 00 90 2A 00 00 00 08 .......*.... 16[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 16[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' 16[TNC] creating PB-TNC SDATA batch 16[TNC] adding PB-PA message 16[TNC] sending PB-TNC SDATA batch (108 bytes) for Connection ID 2 16[TNC] => 108 bytes @ 0x6e7820 16[TNC] 0: 02 80 00 02 00 00 00 6C 80 00 00 00 00 00 00 01 .......l........ 16[TNC] 16: 00 00 00 64 00 00 00 00 00 00 00 01 FF FF 00 01 ...d............ 16[TNC] 32: 01 00 00 00 DF 43 84 8C 00 00 00 00 00 00 00 01 .....C.......... 16[TNC] 48: 00 00 00 44 00 00 00 00 00 00 00 02 00 00 00 00 ...D............ 16[TNC] 64: 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 00 ................ 16[TNC] 80: 00 00 00 05 00 00 00 00 00 00 00 0B 00 00 00 00 ................ 16[TNC] 96: 00 00 00 0C 00 00 90 2A 00 00 00 08 .......*.... 16[TNC] sending PT-TLS message #2 of type 'PB-TNC Batch' (124 bytes) 16[TLS] sending TLS ApplicationData record (176 bytes)
16[TLS] processing TLS ApplicationData record (288 bytes) 16[TNC] received PT-TLS message #2 of type 'PB-TNC Batch' (244 bytes) 16[TNC] received TNCCS batch (228 bytes) for Connection ID 2 16[TNC] => 228 bytes @ 0x714a00 16[TNC] 0: 02 00 00 01 00 00 00 E4 80 00 00 00 00 00 00 01 ................ 16[TNC] 16: 00 00 00 DC 80 00 00 00 00 00 00 01 00 01 00 01 ................ 16[TNC] 32: 01 00 00 00 D5 CA 70 3D 00 00 00 00 00 00 00 02 ......p=........ 16[TNC] 48: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00 .....%r..Debian. 16[TNC] 64: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20 ............7.0 16[TNC] 80: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03 x86_64.......... 16[TNC] 96: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00 ................ 16[TNC] 112: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24 ...............$ 16[TNC] 128: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 ....2013-08-15T2 16[TNC] 144: 30 3A 34 35 3A 30 37 5A 00 00 00 00 00 00 00 0B 0:45:07Z........ 16[TNC] 160: 00 00 00 10 00 00 00 01 00 00 00 00 00 00 00 0C ................ 16[TNC] 176: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08 ...........*.... 16[TNC] 192: 00 00 00 2C 61 61 62 62 63 63 64 64 65 65 66 66 ...,aabbccddeeff 16[TNC] 208: 31 31 32 32 33 33 34 34 35 35 36 36 37 37 38 38 1122334455667788 16[TNC] 224: 39 39 30 30 9900 16[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' 16[TNC] processing PB-TNC CDATA batch 16[TNC] processing PB-PA message (220 bytes) 16[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 16[IMV] IMV 1 "OS" received message for Connection ID 2 from IMC 1 to IMV 1 16[IMV] => 196 bytes @ 0x738ac0 16[IMV] 0: 01 00 00 00 D5 CA 70 3D 00 00 00 00 00 00 00 02 ......p=........ 16[IMV] 16: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00 .....%r..Debian. 16[IMV] 32: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20 ............7.0 16[IMV] 48: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03 x86_64.......... 16[IMV] 64: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00 ................ 16[IMV] 80: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24 ...............$ 16[IMV] 96: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 ....2013-08-15T2 16[IMV] 112: 30 3A 34 35 3A 30 37 5A 00 00 00 00 00 00 00 0B 0:45:07Z........ 16[IMV] 128: 00 00 00 10 00 00 00 01 00 00 00 00 00 00 00 0C ................ 16[IMV] 144: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08 ...........*.... 16[IMV] 160: 00 00 00 2C 61 61 62 62 63 63 64 64 65 65 66 66 ...,aabbccddeeff 16[IMV] 176: 31 31 32 32 33 33 34 34 35 35 36 36 37 37 38 38 1122334455667788 16[IMV] 192: 39 39 30 30 9900 16[TNC] processing PA-TNC message with ID 0xd5ca703d 16[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 16[TNC] => 11 bytes @ 0x738ad4 16[TNC] 0: 00 25 72 00 00 44 65 62 69 61 6E .%r..Debian 16[TNC] processing PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004 16[TNC] => 13 bytes @ 0x738aeb 16[TNC] 0: 0A 37 2E 30 20 78 38 36 5F 36 34 00 00 .7.0 x86_64.. 16[TNC] processing PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003 16[TNC] => 16 bytes @ 0x738b04 16[TNC] 0: 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00 ................ 16[TNC] processing PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005 16[TNC] => 24 bytes @ 0x738b20 16[TNC] 0: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 ....2013-08-15T2 16[TNC] 16: 30 3A 34 35 3A 30 37 5A 0:45:07Z 16[TNC] processing PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b 16[TNC] => 4 bytes @ 0x738b44 16[TNC] 0: 00 00 00 01 .... 16[TNC] processing PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c 16[TNC] => 4 bytes @ 0x738b54 16[TNC] 0: 00 00 00 00 .... 16[TNC] processing PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008 16[TNC] => 32 bytes @ 0x738b64 16[TNC] 0: 61 61 62 62 63 63 64 64 65 65 66 66 31 31 32 32 aabbccddeeff1122 16[TNC] 16: 33 33 34 34 35 35 36 36 37 37 38 38 39 39 30 30 3344556677889900
Operating System Information¶
16[IMV] operating system name is 'Debian' from vendor Debian Project 16[IMV] operating system version is '7.0 x86_64' 16[IMV] operating system numeric version is 7.0 16[IMV] operational status: operational, result: successful 16[IMV] last boot: Aug 15 20:45:07 UTC 2013 16[IMV] IPv4 forwarding is enabled 16[IMV] factory default password is disabled
Device Identity¶
16[IMV] device ID is aabbccddeeff11223344556677889900
Policy Manager generating Workitem List¶
This is strongSwan's proprietary Configuration Management Database (CMDB) interface. Based on historical client measurement data and a set of group policies the start script generates a list of measurement workitems. In our scenario only IPv4 forwarding and SWID tags are checked.
16[IMV] running policy script: 2>&1 TNC_SESSION_ID='3' ipsec imv_policy_manager start 16[IMV] policy: imv_policy_manager start successful
16[IMV] IMV 1 handles FWDEN workitem 9 16[IMV] IMV 1 handled FWDEN workitem 9: isolate - forwarding enabled 16[TNC] creating PA-TNC message with ID 0xa039bf34 16[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 16[TNC] => 4 bytes @ 0x653880 16[TNC] 0: 00 00 00 02 .... 16[TNC] creating PA-TNC attribute type 'IETF/Remediation Instructions' 0x000000/0x0000000a 16[TNC] => 81 bytes @ 0x73fad0 16[TNC] 0: 00 00 00 00 00 00 00 02 00 00 00 42 49 50 20 50 ...........BIP P 16[TNC] 16: 61 63 6B 65 74 20 46 6F 72 77 61 72 64 69 6E 67 acket Forwarding 16[TNC] 32: 0A 20 20 50 6C 65 61 73 65 20 64 69 73 61 62 6C . Please disabl 16[TNC] 48: 65 20 74 68 65 20 66 6F 72 77 61 72 64 69 6E 67 e the forwarding 16[TNC] 64: 20 6F 66 20 49 50 20 70 61 63 6B 65 74 73 02 65 of IP packets.e 16[TNC] 80: 6E n 16[IMV] created PA-TNC message: => 117 bytes @ 0x73b730 16[IMV] 0: 01 00 00 00 A0 39 BF 34 00 00 00 00 00 00 00 09 .....9.4........ 16[IMV] 16: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 0A ................ 16[IMV] 32: 00 00 00 5D 00 00 00 00 00 00 00 02 00 00 00 42 ...]...........B 16[IMV] 48: 49 50 20 50 61 63 6B 65 74 20 46 6F 72 77 61 72 IP Packet Forwar 16[IMV] 64: 64 69 6E 67 0A 20 20 50 6C 65 61 73 65 20 64 69 ding. Please di 16[IMV] 80: 73 61 62 6C 65 20 74 68 65 20 66 6F 72 77 61 72 sable the forwar 16[IMV] 96: 64 69 6E 67 20 6F 66 20 49 50 20 70 61 63 6B 65 ding of IP packe 16[IMV] 112: 74 73 02 65 6E ts.en 16[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 16[TNC] IMV 1 is setting reason string to 'Improper OS settings were detected' 16[TNC] IMV 1 is setting reason language to 'en' 16[TNC] IMV 1 provides recommendation 'isolate' and evaluation 'non-compliant major'
Sending SWID Request¶
16[IMV] IMV 2 handles SWIDT workitem 11 16[IMV] IMV 2 issues SWID request 11 16[TNC] creating PA-TNC message with ID 0x0d065bfe 16[TNC] creating PA-TNC attribute type 'TCG/SWID Request' 0x005597/0x00000011 16[TNC] => 12 bytes @ 0x736d60 16[TNC] 0: 00 00 00 00 00 00 00 0B 00 00 00 00 ............ 16[IMV] created PA-TNC message: => 32 bytes @ 0x6dcfe0 16[IMV] 0: 01 00 00 00 0D 06 5B FE 00 00 55 97 00 00 00 11 ......[...U..... 16[IMV] 16: 00 00 00 18 00 00 00 00 00 00 00 0B 00 00 00 00 ................ 16[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003
16[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' 16[TNC] creating PB-TNC SDATA batch 16[TNC] adding PB-PA message 16[TNC] adding PB-PA message 16[TNC] sending PB-TNC SDATA batch (205 bytes) for Connection ID 2 16[TNC] => 205 bytes @ 0x6eb0d0 16[TNC] 0: 02 80 00 02 00 00 00 CD 80 00 00 00 00 00 00 01 ................ 16[TNC] 16: 00 00 00 8D 00 00 00 00 00 00 00 01 FF FF 00 01 ................ 16[TNC] 32: 01 00 00 00 A0 39 BF 34 00 00 00 00 00 00 00 09 .....9.4........ 16[TNC] 48: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 0A ................ 16[TNC] 64: 00 00 00 5D 00 00 00 00 00 00 00 02 00 00 00 42 ...]...........B 16[TNC] 80: 49 50 20 50 61 63 6B 65 74 20 46 6F 72 77 61 72 IP Packet Forwar 16[TNC] 96: 64 69 6E 67 0A 20 20 50 6C 65 61 73 65 20 64 69 ding. Please di 16[TNC] 112: 73 61 62 6C 65 20 74 68 65 20 66 6F 72 77 61 72 sable the forwar 16[TNC] 128: 64 69 6E 67 20 6F 66 20 49 50 20 70 61 63 6B 65 ding of IP packe 16[TNC] 144: 74 73 02 65 6E 80 00 00 00 00 00 00 01 00 00 00 ts.en........... 16[TNC] 160: 38 00 00 55 97 00 00 00 03 FF FF 00 02 01 00 00 8..U............ 16[TNC] 176: 00 0D 06 5B FE 00 00 55 97 00 00 00 11 00 00 00 ...[...U........ 16[TNC] 192: 18 00 00 00 00 00 00 00 0B 00 00 00 00 ............. 16[TNC] sending PT-TLS message #3 of type 'PB-TNC Batch' (221 bytes) 16[TLS] sending TLS ApplicationData record (272 bytes)
16[TLS] processing TLS ApplicationData record (1056 bytes) 16[TNC] received PT-TLS message #3 of type 'PB-TNC Batch' (1017 bytes) 16[TNC] received TNCCS batch (1001 bytes) for Connection ID 2 16[TNC] => 1001 bytes @ 0x7375e0 16[TNC] 0: 02 00 00 01 00 00 03 E9 80 00 00 00 00 00 00 01 ................ 16[TNC] 16: 00 00 03 E1 80 00 55 97 00 00 00 03 00 02 00 02 ......U......... 16[TNC] 32: 01 00 00 00 8B B5 06 A6 00 00 55 97 00 00 00 14 ..........U..... 16[TNC] 48: 00 00 03 C1 00 00 00 01 00 00 00 0B C2 7A D3 9D .............z.. 16[TNC] 64: 00 00 00 01 00 00 00 00 03 9F 3C 3F 78 6D 6C 20 ..........<?xml 16[TNC] 80: 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 20 65 6E version="1.0" en 16[TNC] 96: 63 6F 64 69 6E 67 3D 22 75 74 66 2D 38 22 3F 3E coding="utf-8"?> 16[TNC] 112: 0A 3C 73 6F 66 74 77 61 72 65 5F 69 64 65 6E 74 .<software_ident 16[TNC] 128: 69 66 69 63 61 74 69 6F 6E 5F 74 61 67 20 78 6D ification_tag xm 16[TNC] 144: 6C 6E 73 3D 22 68 74 74 70 3A 2F 2F 73 74 61 6E lns="http://stan 16[TNC] 160: 64 61 72 64 73 2E 69 73 6F 2E 6F 72 67 2F 69 73 dards.iso.org/is 16[TNC] 176: 6F 2F 31 39 37 37 30 2F 2D 32 2F 32 30 30 39 2F o/19770/-2/2009/ 16[TNC] 192: 73 63 68 65 6D 61 2E 78 73 64 22 3E 0A 3C 65 6E schema.xsd">.<en 16[TNC] 208: 74 69 74 6C 65 6D 65 6E 74 5F 72 65 71 75 69 72 titlement_requir 16[TNC] 224: 65 64 5F 69 6E 64 69 63 61 74 6F 72 3E 74 72 75 ed_indicator>tru 16[TNC] 240: 65 3C 2F 65 6E 74 69 74 6C 65 6D 65 6E 74 5F 72 e</entitlement_r 16[TNC] 256: 65 71 75 69 72 65 64 5F 69 6E 64 69 63 61 74 6F equired_indicato 16[TNC] 272: 72 3E 0A 3C 70 72 6F 64 75 63 74 5F 74 69 74 6C r>.<product_titl 16[TNC] 288: 65 3E 73 74 72 6F 6E 67 53 77 61 6E 3C 2F 70 72 e>strongSwan</pr 16[TNC] 304: 6F 64 75 63 74 5F 74 69 74 6C 65 3E 0A 3C 70 72 oduct_title>.<pr 16[TNC] 320: 6F 64 75 63 74 5F 76 65 72 73 69 6F 6E 3E 0A 20 oduct_version>. 16[TNC] 336: 20 3C 6E 61 6D 65 3E 35 2E 31 2E 31 64 72 31 3C <name>5.1.1dr1< 16[TNC] 352: 2F 6E 61 6D 65 3E 0A 20 20 3C 6E 75 6D 65 72 69 /name>. <numeri 16[TNC] 368: 63 3E 0A 20 20 20 20 3C 6D 61 6A 6F 72 3E 35 3C c>. <major>5< 16[TNC] 384: 2F 6D 61 6A 6F 72 3E 0A 20 20 20 20 3C 6D 69 6E /major>. <min 16[TNC] 400: 6F 72 3E 31 3C 2F 6D 69 6E 6F 72 3E 0A 20 20 20 or>1</minor>. 16[TNC] 416: 20 3C 62 75 69 6C 64 3E 30 3C 2F 62 75 69 6C 64 <build>0</build 16[TNC] 432: 3E 0A 20 20 20 20 3C 72 65 76 69 65 77 3E 3C 2F >. <review></ 16[TNC] 448: 72 65 76 69 65 77 3E 0A 20 20 3C 2F 6E 75 6D 65 review>. </nume 16[TNC] 464: 72 69 63 3E 0A 3C 2F 70 72 6F 64 75 63 74 5F 76 ric>.</product_v 16[TNC] 480: 65 72 73 69 6F 6E 3E 0A 3C 73 6F 66 74 77 61 72 ersion>.<softwar 16[TNC] 496: 65 5F 63 72 65 61 74 6F 72 3E 0A 20 20 3C 6E 61 e_creator>. <na 16[TNC] 512: 6D 65 3E 73 74 72 6F 6E 67 53 77 61 6E 20 50 72 me>strongSwan Pr 16[TNC] 528: 6F 6A 65 63 74 3C 2F 6E 61 6D 65 3E 0A 20 20 3C oject</name>. < 16[TNC] 544: 72 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 regid>regid.2004 16[TNC] 560: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 16[TNC] 576: 61 6E 3C 2F 72 65 67 69 64 3E 0A 3C 2F 73 6F 66 an</regid>.</sof 16[TNC] 592: 74 77 61 72 65 5F 63 72 65 61 74 6F 72 3E 0A 3C tware_creator>.< 16[TNC] 608: 73 6F 66 74 77 61 72 65 5F 6C 69 63 65 6E 73 6F software_licenso 16[TNC] 624: 72 3E 0A 20 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E r>. <name>stron 16[TNC] 640: 67 53 77 61 6E 20 50 72 6F 6A 65 63 74 3C 2F 6E gSwan Project</n 16[TNC] 656: 61 6D 65 3E 0A 20 20 3C 72 65 67 69 64 3E 72 65 ame>. <regid>re 16[TNC] 672: 67 69 64 2E 32 30 30 34 2D 30 33 2E 6F 72 67 2E gid.2004-03.org. 16[TNC] 688: 73 74 72 6F 6E 67 73 77 61 6E 3C 2F 72 65 67 69 strongswan</regi 16[TNC] 704: 64 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 5F 6C 69 d>.</software_li 16[TNC] 720: 63 65 6E 73 6F 72 3E 0A 3C 73 6F 66 74 77 61 72 censor>.<softwar 16[TNC] 736: 65 5F 69 64 3E 0A 20 20 3C 75 6E 69 71 75 65 5F e_id>. <unique_ 16[TNC] 752: 69 64 3E 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D id>strongSwan-5- 16[TNC] 768: 31 2D 30 3C 2F 75 6E 69 71 75 65 5F 69 64 3E 0A 1-0</unique_id>. 16[TNC] 784: 20 20 3C 74 61 67 5F 63 72 65 61 74 6F 72 5F 72 <tag_creator_r 16[TNC] 800: 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 2D egid>regid.2004- 16[TNC] 816: 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 03.org.strongswa 16[TNC] 832: 6E 3C 2F 74 61 67 5F 63 72 65 61 74 6F 72 5F 72 n</tag_creator_r 16[TNC] 848: 65 67 69 64 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 egid>.</software 16[TNC] 864: 5F 69 64 3E 0A 3C 74 61 67 5F 63 72 65 61 74 6F _id>.<tag_creato 16[TNC] 880: 72 3E 0A 20 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E r>. <name>stron 16[TNC] 896: 67 53 77 61 6E 3C 2F 6E 61 6D 65 3E 0A 20 20 3C gSwan</name>. < 16[TNC] 912: 72 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 regid>regid.2004 16[TNC] 928: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 16[TNC] 944: 61 6E 3C 2F 72 65 67 69 64 3E 0A 3C 2F 74 61 67 an</regid>.</tag 16[TNC] 960: 5F 63 72 65 61 74 6F 72 3E 0A 3C 2F 73 6F 66 74 _creator>.</soft 16[TNC] 976: 77 61 72 65 5F 69 64 65 6E 74 69 66 69 63 61 74 ware_identificat 16[TNC] 992: 69 6F 6E 5F 74 61 67 3E 0A ion_tag>. 16[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' 16[TNC] processing PB-TNC CDATA batch 16[TNC] processing PB-PA message (993 bytes)
Receiving SWID Tag Inventory¶
16[TNC] handling PB-PA message type 'TCG/SWID' 0x005597/0x00000003 16[IMV] IMV 2 "SWID" received message for Connection ID 2 from IMC 2 to IMV 2 16[IMV] => 969 bytes @ 0x6ef040 16[IMV] 0: 01 00 00 00 8B B5 06 A6 00 00 55 97 00 00 00 14 ..........U..... 16[IMV] 16: 00 00 03 C1 00 00 00 01 00 00 00 0B C2 7A D3 9D .............z.. 16[IMV] 32: 00 00 00 01 00 00 00 00 03 9F 3C 3F 78 6D 6C 20 ..........<?xml 16[IMV] 48: 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 20 65 6E version="1.0" en 16[IMV] 64: 63 6F 64 69 6E 67 3D 22 75 74 66 2D 38 22 3F 3E coding="utf-8"?> 16[IMV] 80: 0A 3C 73 6F 66 74 77 61 72 65 5F 69 64 65 6E 74 .<software_ident 16[IMV] 96: 69 66 69 63 61 74 69 6F 6E 5F 74 61 67 20 78 6D ification_tag xm 16[IMV] 112: 6C 6E 73 3D 22 68 74 74 70 3A 2F 2F 73 74 61 6E lns="http://stan 16[IMV] 128: 64 61 72 64 73 2E 69 73 6F 2E 6F 72 67 2F 69 73 dards.iso.org/is 16[IMV] 144: 6F 2F 31 39 37 37 30 2F 2D 32 2F 32 30 30 39 2F o/19770/-2/2009/ 16[IMV] 160: 73 63 68 65 6D 61 2E 78 73 64 22 3E 0A 3C 65 6E schema.xsd">.<en 16[IMV] 176: 74 69 74 6C 65 6D 65 6E 74 5F 72 65 71 75 69 72 titlement_requir 16[IMV] 192: 65 64 5F 69 6E 64 69 63 61 74 6F 72 3E 74 72 75 ed_indicator>tru 16[IMV] 208: 65 3C 2F 65 6E 74 69 74 6C 65 6D 65 6E 74 5F 72 e</entitlement_r 16[IMV] 224: 65 71 75 69 72 65 64 5F 69 6E 64 69 63 61 74 6F equired_indicato 16[IMV] 240: 72 3E 0A 3C 70 72 6F 64 75 63 74 5F 74 69 74 6C r>.<product_titl 16[IMV] 256: 65 3E 73 74 72 6F 6E 67 53 77 61 6E 3C 2F 70 72 e>strongSwan</pr 16[IMV] 272: 6F 64 75 63 74 5F 74 69 74 6C 65 3E 0A 3C 70 72 oduct_title>.<pr 16[IMV] 288: 6F 64 75 63 74 5F 76 65 72 73 69 6F 6E 3E 0A 20 oduct_version>. 16[IMV] 304: 20 3C 6E 61 6D 65 3E 35 2E 31 2E 31 64 72 31 3C <name>5.1.1dr1< 16[IMV] 320: 2F 6E 61 6D 65 3E 0A 20 20 3C 6E 75 6D 65 72 69 /name>. <numeri 16[IMV] 336: 63 3E 0A 20 20 20 20 3C 6D 61 6A 6F 72 3E 35 3C c>. <major>5< 16[IMV] 352: 2F 6D 61 6A 6F 72 3E 0A 20 20 20 20 3C 6D 69 6E /major>. <min 16[IMV] 368: 6F 72 3E 31 3C 2F 6D 69 6E 6F 72 3E 0A 20 20 20 or>1</minor>. 16[IMV] 384: 20 3C 62 75 69 6C 64 3E 30 3C 2F 62 75 69 6C 64 <build>0</build 16[IMV] 400: 3E 0A 20 20 20 20 3C 72 65 76 69 65 77 3E 3C 2F >. <review></ 16[IMV] 416: 72 65 76 69 65 77 3E 0A 20 20 3C 2F 6E 75 6D 65 review>. </nume 16[IMV] 432: 72 69 63 3E 0A 3C 2F 70 72 6F 64 75 63 74 5F 76 ric>.</product_v 16[IMV] 448: 65 72 73 69 6F 6E 3E 0A 3C 73 6F 66 74 77 61 72 ersion>.<softwar 16[IMV] 464: 65 5F 63 72 65 61 74 6F 72 3E 0A 20 20 3C 6E 61 e_creator>. <na 16[IMV] 480: 6D 65 3E 73 74 72 6F 6E 67 53 77 61 6E 20 50 72 me>strongSwan Pr 16[IMV] 496: 6F 6A 65 63 74 3C 2F 6E 61 6D 65 3E 0A 20 20 3C oject</name>. < 16[IMV] 512: 72 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 regid>regid.2004 16[IMV] 528: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 16[IMV] 544: 61 6E 3C 2F 72 65 67 69 64 3E 0A 3C 2F 73 6F 66 an</regid>.</sof 16[IMV] 560: 74 77 61 72 65 5F 63 72 65 61 74 6F 72 3E 0A 3C tware_creator>.< 16[IMV] 576: 73 6F 66 74 77 61 72 65 5F 6C 69 63 65 6E 73 6F software_licenso 16[IMV] 592: 72 3E 0A 20 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E r>. <name>stron 16[IMV] 608: 67 53 77 61 6E 20 50 72 6F 6A 65 63 74 3C 2F 6E gSwan Project</n 16[IMV] 624: 61 6D 65 3E 0A 20 20 3C 72 65 67 69 64 3E 72 65 ame>. <regid>re 16[IMV] 640: 67 69 64 2E 32 30 30 34 2D 30 33 2E 6F 72 67 2E gid.2004-03.org. 16[IMV] 656: 73 74 72 6F 6E 67 73 77 61 6E 3C 2F 72 65 67 69 strongswan</regi 16[IMV] 672: 64 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 5F 6C 69 d>.</software_li 16[IMV] 688: 63 65 6E 73 6F 72 3E 0A 3C 73 6F 66 74 77 61 72 censor>.<softwar 16[IMV] 704: 65 5F 69 64 3E 0A 20 20 3C 75 6E 69 71 75 65 5F e_id>. <unique_ 16[IMV] 720: 69 64 3E 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D id>strongSwan-5- 16[IMV] 736: 31 2D 30 3C 2F 75 6E 69 71 75 65 5F 69 64 3E 0A 1-0</unique_id>. 16[IMV] 752: 20 20 3C 74 61 67 5F 63 72 65 61 74 6F 72 5F 72 <tag_creator_r 16[IMV] 768: 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 2D egid>regid.2004- 16[IMV] 784: 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 03.org.strongswa 16[IMV] 800: 6E 3C 2F 74 61 67 5F 63 72 65 61 74 6F 72 5F 72 n</tag_creator_r 16[IMV] 816: 65 67 69 64 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 egid>.</software 16[IMV] 832: 5F 69 64 3E 0A 3C 74 61 67 5F 63 72 65 61 74 6F _id>.<tag_creato 16[IMV] 848: 72 3E 0A 20 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E r>. <name>stron 16[IMV] 864: 67 53 77 61 6E 3C 2F 6E 61 6D 65 3E 0A 20 20 3C gSwan</name>. < 16[IMV] 880: 72 65 67 69 64 3E 72 65 67 69 64 2E 32 30 30 34 regid>regid.2004 16[IMV] 896: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77 -03.org.strongsw 16[IMV] 912: 61 6E 3C 2F 72 65 67 69 64 3E 0A 3C 2F 74 61 67 an</regid>.</tag 16[IMV] 928: 5F 63 72 65 61 74 6F 72 3E 0A 3C 2F 73 6F 66 74 _creator>.</soft 16[IMV] 944: 77 61 72 65 5F 69 64 65 6E 74 69 66 69 63 61 74 ware_identificat 16[IMV] 960: 69 6F 6E 5F 74 61 67 3E 0A ion_tag>.
16[TNC] processing PA-TNC message with ID 0x8bb506a6 16[TNC] processing PA-TNC attribute type 'TCG/SWID Tag Inventory' 0x005597/0x00000014 16[TNC] => 949 bytes @ 0x6ef054 16[TNC] 0: 00 00 00 01 00 00 00 0B C2 7A D3 9D 00 00 00 01 .........z...... 16[TNC] 16: 00 00 00 00 03 9F 3C 3F 78 6D 6C 20 76 65 72 73 ......<?xml vers 16[TNC] 32: 69 6F 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 ion="1.0" encodi 16[TNC] 48: 6E 67 3D 22 75 74 66 2D 38 22 3F 3E 0A 3C 73 6F ng="utf-8"?>.<so 16[TNC] 64: 66 74 77 61 72 65 5F 69 64 65 6E 74 69 66 69 63 ftware_identific 16[TNC] 80: 61 74 69 6F 6E 5F 74 61 67 20 78 6D 6C 6E 73 3D ation_tag xmlns= 16[TNC] 96: 22 68 74 74 70 3A 2F 2F 73 74 61 6E 64 61 72 64 "http://standard 16[TNC] 112: 73 2E 69 73 6F 2E 6F 72 67 2F 69 73 6F 2F 31 39 s.iso.org/iso/19 16[TNC] 128: 37 37 30 2F 2D 32 2F 32 30 30 39 2F 73 63 68 65 770/-2/2009/sche 16[TNC] 144: 6D 61 2E 78 73 64 22 3E 0A 3C 65 6E 74 69 74 6C ma.xsd">.<entitl 16[TNC] 160: 65 6D 65 6E 74 5F 72 65 71 75 69 72 65 64 5F 69 ement_required_i 16[TNC] 176: 6E 64 69 63 61 74 6F 72 3E 74 72 75 65 3C 2F 65 ndicator>true</e 16[TNC] 192: 6E 74 69 74 6C 65 6D 65 6E 74 5F 72 65 71 75 69 ntitlement_requi 16[TNC] 208: 72 65 64 5F 69 6E 64 69 63 61 74 6F 72 3E 0A 3C red_indicator>.< 16[TNC] 224: 70 72 6F 64 75 63 74 5F 74 69 74 6C 65 3E 73 74 product_title>st 16[TNC] 240: 72 6F 6E 67 53 77 61 6E 3C 2F 70 72 6F 64 75 63 rongSwan</produc 16[TNC] 256: 74 5F 74 69 74 6C 65 3E 0A 3C 70 72 6F 64 75 63 t_title>.<produc 16[TNC] 272: 74 5F 76 65 72 73 69 6F 6E 3E 0A 20 20 3C 6E 61 t_version>. <na 16[TNC] 288: 6D 65 3E 35 2E 31 2E 31 64 72 31 3C 2F 6E 61 6D me>5.1.1dr1</nam 16[TNC] 304: 65 3E 0A 20 20 3C 6E 75 6D 65 72 69 63 3E 0A 20 e>. <numeric>. 16[TNC] 320: 20 20 20 3C 6D 61 6A 6F 72 3E 35 3C 2F 6D 61 6A <major>5</maj 16[TNC] 336: 6F 72 3E 0A 20 20 20 20 3C 6D 69 6E 6F 72 3E 31 or>. <minor>1 16[TNC] 352: 3C 2F 6D 69 6E 6F 72 3E 0A 20 20 20 20 3C 62 75 </minor>. <bu 16[TNC] 368: 69 6C 64 3E 30 3C 2F 62 75 69 6C 64 3E 0A 20 20 ild>0</build>. 16[TNC] 384: 20 20 3C 72 65 76 69 65 77 3E 3C 2F 72 65 76 69 <review></revi 16[TNC] 400: 65 77 3E 0A 20 20 3C 2F 6E 75 6D 65 72 69 63 3E ew>. </numeric> 16[TNC] 416: 0A 3C 2F 70 72 6F 64 75 63 74 5F 76 65 72 73 69 .</product_versi 16[TNC] 432: 6F 6E 3E 0A 3C 73 6F 66 74 77 61 72 65 5F 63 72 on>.<software_cr 16[TNC] 448: 65 61 74 6F 72 3E 0A 20 20 3C 6E 61 6D 65 3E 73 eator>. <name>s 16[TNC] 464: 74 72 6F 6E 67 53 77 61 6E 20 50 72 6F 6A 65 63 trongSwan Projec 16[TNC] 480: 74 3C 2F 6E 61 6D 65 3E 0A 20 20 3C 72 65 67 69 t</name>. <regi 16[TNC] 496: 64 3E 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E d>regid.2004-03. 16[TNC] 512: 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 3C 2F org.strongswan</ 16[TNC] 528: 72 65 67 69 64 3E 0A 3C 2F 73 6F 66 74 77 61 72 regid>.</softwar 16[TNC] 544: 65 5F 63 72 65 61 74 6F 72 3E 0A 3C 73 6F 66 74 e_creator>.<soft 16[TNC] 560: 77 61 72 65 5F 6C 69 63 65 6E 73 6F 72 3E 0A 20 ware_licensor>. 16[TNC] 576: 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E 67 53 77 61 <name>strongSwa 16[TNC] 592: 6E 20 50 72 6F 6A 65 63 74 3C 2F 6E 61 6D 65 3E n Project</name> 16[TNC] 608: 0A 20 20 3C 72 65 67 69 64 3E 72 65 67 69 64 2E . <regid>regid. 16[TNC] 624: 32 30 30 34 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 2004-03.org.stro 16[TNC] 640: 6E 67 73 77 61 6E 3C 2F 72 65 67 69 64 3E 0A 3C ngswan</regid>.< 16[TNC] 656: 2F 73 6F 66 74 77 61 72 65 5F 6C 69 63 65 6E 73 /software_licens 16[TNC] 672: 6F 72 3E 0A 3C 73 6F 66 74 77 61 72 65 5F 69 64 or>.<software_id 16[TNC] 688: 3E 0A 20 20 3C 75 6E 69 71 75 65 5F 69 64 3E 73 >. <unique_id>s 16[TNC] 704: 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 31 2D 30 3C trongSwan-5-1-0< 16[TNC] 720: 2F 75 6E 69 71 75 65 5F 69 64 3E 0A 20 20 3C 74 /unique_id>. <t 16[TNC] 736: 61 67 5F 63 72 65 61 74 6F 72 5F 72 65 67 69 64 ag_creator_regid 16[TNC] 752: 3E 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E 6F >regid.2004-03.o 16[TNC] 768: 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 3C 2F 74 rg.strongswan</t 16[TNC] 784: 61 67 5F 63 72 65 61 74 6F 72 5F 72 65 67 69 64 ag_creator_regid 16[TNC] 800: 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 5F 69 64 3E >.</software_id> 16[TNC] 816: 0A 3C 74 61 67 5F 63 72 65 61 74 6F 72 3E 0A 20 .<tag_creator>. 16[TNC] 832: 20 3C 6E 61 6D 65 3E 73 74 72 6F 6E 67 53 77 61 <name>strongSwa 16[TNC] 848: 6E 3C 2F 6E 61 6D 65 3E 0A 20 20 3C 72 65 67 69 n</name>. <regi 16[TNC] 864: 64 3E 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E d>regid.2004-03. 16[TNC] 880: 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 3C 2F org.strongswan</ 16[TNC] 896: 72 65 67 69 64 3E 0A 3C 2F 74 61 67 5F 63 72 65 regid>.</tag_cre 16[TNC] 912: 61 74 6F 72 3E 0A 3C 2F 73 6F 66 74 77 61 72 65 ator>.</software 16[TNC] 928: 5F 69 64 65 6E 74 69 66 69 63 61 74 69 6F 6E 5F _identification_ 16[TNC] 944: 74 61 67 3E 0A tag>.
Human-Readable SWID Tags¶
16[IMV] received SWID tag inventory for request 11 at eid 1 of epoch 0xc27ad39d 16[IMV] <?xml version="1.0" encoding="utf-8"?> 16[IMV] <software_identification_tag xmlns="http://standards.iso.org/iso/19770/-2/2009/schema.xsd"> 16[IMV] <entitlement_required_indicator>true</entitlement_required_indicator> 16[IMV] <product_title>strongSwan</product_title> 16[IMV] <product_version> 16[IMV] <name>5.1.1dr1</name> 16[IMV] <numeric> 16[IMV] <major>5</major> 16[IMV] <minor>1</minor> 16[IMV] <build>0</build> 16[IMV] <review></review> 16[IMV] </numeric> 16[IMV] </product_version> 16[IMV] <software_creator> 16[IMV] <name>strongSwan Project</name> 16[IMV] <regid>regid.2004-03.org.strongswan</regid> 16[IMV] </software_creator> 16[IMV] <software_licensor> 16[IMV] <name>strongSwan Project</name> 16[IMV] <regid>regid.2004-03.org.strongswan</regid> 16[IMV] </software_licensor> 16[IMV] <software_id> 16[IMV] <unique_id>strongSwan-5-1-0</unique_id> 16[IMV] <tag_creator_regid>regid.2004-03.org.strongswan</tag_creator_regid> 16[IMV] </software_id> 16[IMV] <tag_creator> 16[IMV] <name>strongSwan</name> 16[IMV] <regid>regid.2004-03.org.strongswan</regid> 16[IMV] </tag_creator> 16[IMV] </software_identification_tag>
16[IMV] IMV 2 handled SWIDT workitem 11: allow - received inventory of 1 SWID tag 16[TNC] creating PA-TNC message with ID 0x4389bba0 16[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 16[TNC] => 4 bytes @ 0x701a80 16[TNC] 0: 00 00 00 00 .... 16[IMV] created PA-TNC message: => 24 bytes @ 0x6e84c0 16[IMV] 0: 01 00 00 00 43 89 BB A0 00 00 00 00 00 00 00 09 ....C........... 16[IMV] 16: 00 00 00 10 00 00 00 00 ........ 16[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003 16[TNC] IMV 2 provides recommendation 'allow' and evaluation 'compliant'
Policy Manager integrating Measurement Results¶
16[IMV] running policy script: 2>&1 TNC_SESSION_ID='3' ipsec imv_policy_manager stop 16[IMV] policy: imv_policy_manager stop successful
16[IMV] IMV 1 "OS" changed state of Connection ID 2 to 'Isolated' 16[IMV] IMV 2 "SWID" changed state of Connection ID 2 to 'Isolated' 16[TNC] PB-TNC state transition from 'Server Working' to 'Decided' 16[TNC] creating PB-TNC RESULT batch 16[TNC] adding PB-PA message 16[TNC] adding PB-Assessment-Result message 16[TNC] adding PB-Access-Recommendation message 16[TNC] adding PB-Reason-String message 16[TNC] sending PB-TNC RESULT batch (141 bytes) for Connection ID 2 16[TNC] => 141 bytes @ 0x709e40 16[TNC] 0: 02 80 00 03 00 00 00 8D 80 00 00 00 00 00 00 01 ................ 16[TNC] 16: 00 00 00 30 00 00 55 97 00 00 00 03 FF FF 00 02 ...0..U......... 16[TNC] 32: 01 00 00 00 43 89 BB A0 00 00 00 00 00 00 00 09 ....C........... 16[TNC] 48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 02 ................ 16[TNC] 64: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 03 ................ 16[TNC] 80: 00 00 00 10 00 00 00 03 00 00 00 00 00 00 00 07 ................ 16[TNC] 96: 00 00 00 35 00 00 00 22 49 6D 70 72 6F 70 65 72 ...5..."Improper 16[TNC] 112: 20 4F 53 20 73 65 74 74 69 6E 67 73 20 77 65 72 OS settings wer 16[TNC] 128: 65 20 64 65 74 65 63 74 65 64 02 65 6E e detected.en 16[TNC] sending PT-TLS message #4 of type 'PB-TNC Batch' (157 bytes) 16[TLS] sending TLS ApplicationData record (208 bytes)
Closing PT-TLS Connection¶
16[TLS] processing TLS ApplicationData record (64 bytes) 16[TNC] received PT-TLS message #4 of type 'PB-TNC Batch' (24 bytes) 16[TNC] received TNCCS batch (8 bytes) for Connection ID 2 16[TNC] => 8 bytes @ 0x6f7e40 16[TNC] 0: 02 00 00 06 00 00 00 08 ........ 16[TNC] PB-TNC state transition from 'Decided' to 'End' 16[TNC] processing PB-TNC CLOSE batch 16[TNC] final recommendation is 'isolate' and evaluation is 'non-compliant major' 16[TNC] PT-TLS connection terminates 16[IMV] IMV 1 "OS" deleted the state of Connection ID 2 16[IMV] IMV 2 "SWID" deleted the state of Connection ID 2 16[TNC] removed TNCCS Connection ID 2 16[TLS] sending TLS close notify 16[TLS] sending TLS Alert record (48 bytes)
Terminating the strongSwan Policy Decision Point¶
00[DMN] signal of type SIGINT received. Shutting down 00[IMV] IMV 2 "SWID" terminated 00[TNC] removed TCG attributes 00[LIB] libpts terminated 00[IMV] IMV 1 "OS" terminated 00[TNC] removed IETF attributes 00[TNC] removed ITA-HSR attributes 00[LIB] libimcv terminated