Software Inventory Message and Attributes for PA-TNC (SWIMA) » History » Version 8
Andreas Steffen, 13.06.2017 13:55
| 1 | 4 | Andreas Steffen | h1. Software Inventory Message and Attributes for PA-TNC (SWIMA) |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 6 | Andreas Steffen | {{>toc}} |
| 4 | 6 | Andreas Steffen | |
| 5 | 8 | Andreas Steffen | h2. Starting PT-TLS Server Daemon |
| 6 | 6 | Andreas Steffen | |
| 7 | 4 | Andreas Steffen | The PT-TLS server based on the strongSwan systemd daemon is usually started automatically at boot time with the command |
| 8 | 1 | Andreas Steffen | <pre> |
| 9 | 4 | Andreas Steffen | systemctl start strongswan-swanctl |
| 10 | 4 | Andreas Steffen | </pre> |
| 11 | 4 | Andreas Steffen | |
| 12 | 4 | Andreas Steffen | First all the PA-TNC attribute definitions form the IETF, TCG, ITA-HSR and PWG namespaces are loaded. The IMVs to by dynamically loaded are read from _/etc/tnc_config_. |
| 13 | 4 | Andreas Steffen | <pre> |
| 14 | 1 | Andreas Steffen | Jun 12 09:46:00 koala systemd[1]: Starting strongSwan IPsec IKEv1/IKEv2 daemon using swanctl... |
| 15 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TNC recommendation policy is 'default' |
| 16 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loading IMVs from '/etc/tnc_config' |
| 17 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: added IETF attributes |
| 18 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: added ITA-HSR attributes |
| 19 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: added PWG attributes |
| 20 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: added TCG attributes |
| 21 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: libimcv initialized |
| 22 | 1 | Andreas Steffen | </pre> |
| 23 | 4 | Andreas Steffen | |
| 24 | 4 | Andreas Steffen | The SWMA IMV is loaded as a dynamic library and attached to the TNC server. |
| 25 | 1 | Andreas Steffen | <pre> |
| 26 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 1 "SWIMA" initialized |
| 27 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 1 supports 1 message type: 'IETF/Software' 0x000000/0x00000009 |
| 28 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 1 "SWIMA" loaded from '/usr/lib/ipsec/imcvs/imv-swima.so' |
| 29 | 1 | Andreas Steffen | </pre> |
| 30 | 4 | Andreas Steffen | |
| 31 | 4 | Andreas Steffen | The OS IMV is loaded as a dynamic library and attached to the TNC server. |
| 32 | 1 | Andreas Steffen | <pre> |
| 33 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 2 "OS" initialized |
| 34 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 2 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001 |
| 35 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: IMV 2 "OS" loaded from '/usr/lib/ipsec/imcvs/imv-os.so' |
| 36 | 1 | Andreas Steffen | </pre> |
| 37 | 4 | Andreas Steffen | |
| 38 | 4 | Andreas Steffen | The strongSwan daemon loads all required plugins and goes into multi-threading mode so that multiple PT-TLS connections can be handled |
| 39 | 1 | Andreas Steffen | <pre> |
| 40 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded plugins: charon-systemd charon-systemd random nonce x509 tpm openssl revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pem curve25519 chapoly sha3 mgf1 ntru bliss newhope eap-dynamic eap-radius eap-identity eap-md5 eap-ttls eap-tls eap-tnc tnc-imv tnc-pdp tnc-tnccs tnccs-20 tnc-ifmap kernel-netlink socket-default sqlite curl vici farp dhcp |
| 41 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: spawning 16 worker threads |
| 42 | 1 | Andreas Steffen | </pre> |
| 43 | 4 | Andreas Steffen | |
| 44 | 4 | Andreas Steffen | Multiple PT-TLS server and CA certificates are loaded into the daemon |
| 45 | 1 | Andreas Steffen | <pre> |
| 46 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded certificate 'C=CH, O=MSE, OU=TSM_ITSec, CN=mse2.strongswan.org' |
| 47 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded certificate 'C=CH, O=strongSec GmbH, CN=koala.strongsec.com' |
| 48 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded certificate 'C=CH, O=strongSec GmbH, CN=koala.strongsec.com' |
| 49 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded certificate 'C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA' |
| 50 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded certificate 'C=CH, O=MSE, OU=TSM_ITSec, CN=MSE CA' |
| 51 | 1 | Andreas Steffen | </pre> |
| 52 | 4 | Andreas Steffen | |
| 53 | 4 | Andreas Steffen | The actual loading is done by the *swanctl* command line tool which transfers the certificates to the daemon via a Unix socket. |
| 54 | 1 | Andreas Steffen | <pre> |
| 55 | 4 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded certificate from '/etc/swanctl/x509/MSE2_Cert.pem' |
| 56 | 4 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded certificate from '/etc/swanctl/x509/koala_AIK_ECC_Cert.pem' |
| 57 | 4 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded certificate from '/etc/swanctl/x509/koala_AIK_RSA_Cert.pem' |
| 58 | 4 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded certificate from '/etc/swanctl/x509ca/strongsecCaCert.pem' |
| 59 | 4 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded certificate from '/etc/swanctl/x509ca/MSE_CA_Cert.pem' |
| 60 | 4 | Andreas Steffen | </pre> |
| 61 | 4 | Andreas Steffen | |
| 62 | 4 | Andreas Steffen | The first server certificate has a matching ECDSA private key loaded from file |
| 63 | 4 | Andreas Steffen | <pre> |
| 64 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded ECDSA private key |
| 65 | 1 | Andreas Steffen | </pre> |
| 66 | 4 | Andreas Steffen | |
| 67 | 4 | Andreas Steffen | The second server certificate has a matching ECDSA key protected by a TPM 2.0 |
| 68 | 1 | Andreas Steffen | <pre> |
| 69 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 - algorithms: RSA SHA1 HMAC AES MGF1 KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH SM2 ECMQV KDF1_SP800_108 ECC SYMCIPHER CTR OFB CBC CFB ECB |
| 70 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 - ECC curves: NIST_P256 BN_P256 |
| 71 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 via TSS2 available |
| 72 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: AIK signature algorithm is ECDSA with SHA256 hash |
| 73 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded ECDSA private key from token |
| 74 | 1 | Andreas Steffen | </pre> |
| 75 | 4 | Andreas Steffen | |
| 76 | 4 | Andreas Steffen | The third server certificate has a matching RSA key protected by a TPM 2.0 |
| 77 | 1 | Andreas Steffen | <pre> |
| 78 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 - algorithms: RSA SHA1 HMAC AES MGF1 KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH SM2 ECMQV KDF1_SP800_108 ECC SYMCIPHER CTR OFB CBC CFB ECB |
| 79 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 - ECC curves: NIST_P256 BN_P256 |
| 80 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: TPM 2.0 via TSS2 available |
| 81 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: AIK signature algorithm is RSASSA with SHA256 hash |
| 82 | 1 | Andreas Steffen | Jun 12 09:46:00 koala charon-systemd[3747]: loaded RSA private key from token |
| 83 | 1 | Andreas Steffen | </pre> |
| 84 | 4 | Andreas Steffen | |
| 85 | 5 | Andreas Steffen | Again it is the *swanctl* tool which loads the private keys or determines the IDs of keys residing on smartcard or TPM devices. |
| 86 | 1 | Andreas Steffen | <pre> |
| 87 | 1 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded ecdsa key from '/etc/swanctl/ecdsa/MSE2_Key.pem' |
| 88 | 1 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded key token_ak_ecc from token [keyid: 8e70ca6665cd2e6c7893e407cb9a7cd6264d714f] |
| 89 | 1 | Andreas Steffen | Jun 12 09:46:01 koala swanctl[3766]: loaded key token_ak_rsa from token [keyid: ce431f647d549f759267422f4097c874e2eca547] |
| 90 | 1 | Andreas Steffen | </pre> |
| 91 | 5 | Andreas Steffen | |
| 92 | 5 | Andreas Steffen | The PT-TLS server is now up and ready to accept connections on the default TCP port 271. |
| 93 | 1 | Andreas Steffen | <pre> |
| 94 | 1 | Andreas Steffen | Jun 12 09:46:01 koala systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using swanctl. |
| 95 | 1 | Andreas Steffen | </pre> |
| 96 | 1 | Andreas Steffen | |
| 97 | 8 | Andreas Steffen | h2. Accepting PT-TLS Client Connection |
| 98 | 8 | Andreas Steffen | |
| 99 | 5 | Andreas Steffen | A PT-TLS client connects to the PT-TLS server and does a TLS 1.2 handshake to establish a secure socket |
| 100 | 1 | Andreas Steffen | <pre> |
| 101 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: accepting PT-TLS stream from 77.56.145.176 |
| 102 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: entering PT-TLS negotiation phase |
| 103 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: negotiated TLS 1.2 using suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
| 104 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending TLS server certificate 'C=CH, O=MSE, OU=TSM_ITSec, CN=mse2.strongswan.org' |
| 105 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending TLS cert request for 'C=CH, O=MSE, OU=TSM_ITSec, CN=MSE CA' |
| 106 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending TLS cert request for 'C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA' |
| 107 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received TLS peer certificate 'C=CH, O=strongSec GmbH, CN=brisbane.strongsec.com' |
| 108 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using certificate "C=CH, O=strongSec GmbH, CN=brisbane.strongsec.com" |
| 109 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using trusted ca certificate "C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA" |
| 110 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: checking certificate status of "C=CH, O=strongSec GmbH, CN=brisbane.strongsec.com" |
| 111 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using trusted certificate "C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA" |
| 112 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: crl correctly signed by "C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA" |
| 113 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: crl is valid: until Jun 18 10:00:01 2017 |
| 114 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using cached crl |
| 115 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using trusted certificate "C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA" |
| 116 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: crl correctly signed by "C=CH, O=strongSec GmbH, CN=strongSec 2016 Root CA" |
| 117 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: crl is valid: until Jun 13 10:00:01 2017 |
| 118 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: using cached crl |
| 119 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: certificate status is good |
| 120 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: reached self-signed root ca with a path length of 0 |
| 121 | 1 | Andreas Steffen | </pre> |
| 122 | 5 | Andreas Steffen | |
| 123 | 5 | Andreas Steffen | The PT-TLS protocol is started skipping SASL-based client authentication because the client already authenticated itself during the TLS handshake. |
| 124 | 1 | Andreas Steffen | <pre> |
| 125 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received PT-TLS message #0 of type 'Version Request' (20 bytes) |
| 126 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PT-TLS message #0 of type 'Version Response' (20 bytes) |
| 127 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: negotiated PT-TLS version 1 |
| 128 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: doing SASL client authentication |
| 129 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: skipping SASL, client already authenticated by TLS certificate |
| 130 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PT-TLS message #1 of type 'SASL Mechanisms' (16 bytes) |
| 131 | 1 | Andreas Steffen | </pre> |
| 132 | 5 | Andreas Steffen | |
| 133 | 5 | Andreas Steffen | The PT-TLS protocol switches to the data transport phase and a TNCCS (PB-TNC) connection is instantiated |
| 134 | 1 | Andreas Steffen | <pre> |
| 135 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: entering PT-TLS data transport phase |
| 136 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received PT-TLS message #1 of type 'PB-TNC Batch' (337 bytes) |
| 137 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: assigned TNCCS Connection ID 2 |
| 138 | 1 | Andreas Steffen | </pre> |
| 139 | 5 | Andreas Steffen | |
| 140 | 5 | Andreas Steffen | A SWIMA IMV instance is created for this PB-TNC connection |
| 141 | 1 | Andreas Steffen | <pre> |
| 142 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 "SWIMA" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh |
| 143 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes |
| 144 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: user AR identity 'C=CH, O=strongSec GmbH, CN=brisbane.strongsec.com' of type X.500 DN authenticated by certificate |
| 145 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: machine AR identity '77.56.145.176' of type IPv4 address authenticated by unknown method |
| 146 | 1 | Andreas Steffen | </pre> |
| 147 | 5 | Andreas Steffen | |
| 148 | 5 | Andreas Steffen | An OS IMV instance is created for this PB-TNC connection |
| 149 | 1 | Andreas Steffen | <pre> |
| 150 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 "OS" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh |
| 151 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes |
| 152 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 "SWIMA" changed state of Connection ID 2 to 'Handshake' |
| 153 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 "OS" changed state of Connection ID 2 to 'Handshake' |
| 154 | 1 | Andreas Steffen | </pre> |
| 155 | 5 | Andreas Steffen | |
| 156 | 5 | Andreas Steffen | The first PB-TNC client batch is received |
| 157 | 1 | Andreas Steffen | <pre> |
| 158 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received TNCCS batch (321 bytes) |
| 159 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 160 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PB-TNC CDATA batch for Connection ID 2 |
| 161 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: PB-TNC state transition from 'Init' to 'Server Working' |
| 162 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing IETF/PB-Language-Preference message (31 bytes) |
| 163 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing IETF/PB-PA message (230 bytes) |
| 164 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing IETF/PB-PA message (52 bytes) |
| 165 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: setting language preference to 'en' |
| 166 | 5 | Andreas Steffen | </pre> |
| 167 | 5 | Andreas Steffen | |
| 168 | 5 | Andreas Steffen | The OS IMC sends some standard information about the client platform |
| 169 | 5 | Andreas Steffen | <pre> |
| 170 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 |
| 171 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 "OS" received message for Connection ID 2 from IMC 1 |
| 172 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: => 206 bytes @ 0x7f4dc8002e40 |
| 173 | 1 | Andreas Steffen | 0: 01 00 00 00 0D 24 79 C7 00 00 00 00 00 00 00 02 .....$y......... |
| 174 | 1 | Andreas Steffen | 16: 00 00 00 17 00 71 32 00 00 55 62 75 6E 74 75 00 .....q2..Ubuntu. |
| 175 | 1 | Andreas Steffen | 32: 00 00 00 00 00 00 04 00 00 00 1B 0C 31 36 2E 30 ............16.0 |
| 176 | 1 | Andreas Steffen | 48: 34 20 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 4 x86_64........ |
| 177 | 1 | Andreas Steffen | 64: 00 03 00 00 00 1C 00 00 00 10 00 00 00 04 00 00 ................ |
| 178 | 1 | Andreas Steffen | 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 ................ |
| 179 | 1 | Andreas Steffen | 96: 00 24 03 01 00 00 32 30 31 37 2D 30 36 2D 31 31 .$....2017-06-11 |
| 180 | 1 | Andreas Steffen | 112: 54 30 39 3A 30 37 3A 33 34 5A 00 00 00 00 00 00 T09:07:34Z...... |
| 181 | 1 | Andreas Steffen | 128: 00 0B 00 00 00 10 00 00 00 01 00 00 00 00 00 00 ................ |
| 182 | 1 | Andreas Steffen | 144: 00 0C 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 .............*.. |
| 183 | 1 | Andreas Steffen | 160: 00 08 00 00 00 34 35 64 39 35 30 32 31 33 39 36 .....45d95021396 |
| 184 | 1 | Andreas Steffen | 176: 64 32 34 31 35 65 35 63 35 33 63 61 32 64 65 61 d2415e5c53ca2dea |
| 185 | 1 | Andreas Steffen | 192: 36 66 62 63 31 63 32 33 38 37 63 35 36 61 6fbc1c2387c56a |
| 186 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC message with ID 0x0d2479c7 |
| 187 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 |
| 188 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004 |
| 189 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003 |
| 190 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005 |
| 191 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b |
| 192 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c |
| 193 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008 |
| 194 | 1 | Andreas Steffen | </pre> |
| 195 | 5 | Andreas Steffen | |
| 196 | 5 | Andreas Steffen | This is the plaintext information contained in the PA-TNC attributes |
| 197 | 1 | Andreas Steffen | <pre> |
| 198 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: operating system name is 'Ubuntu' from vendor Canonical |
| 199 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: operating system version is '16.04 x86_64' |
| 200 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: operating system numeric version is 16.4 |
| 201 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: operational status: operational, result: successful |
| 202 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: last boot: Jun 11 09:07:34 UTC 2017 |
| 203 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IPv4 forwarding is enabled |
| 204 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: factory default password is disabled |
| 205 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: device ID is 5d95021396d2415e5c53ca2dea6fbc1c2387c56a |
| 206 | 1 | Andreas Steffen | </pre> |
| 207 | 5 | Andreas Steffen | |
| 208 | 5 | Andreas Steffen | The second PA-TNC message |
| 209 | 1 | Andreas Steffen | <pre> |
| 210 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: handling PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 211 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 "SWIMA" received message for Connection ID 2 from IMC 2 |
| 212 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: => 28 bytes @ 0x7f4dc8003780 |
| 213 | 1 | Andreas Steffen | 0: 01 00 00 00 0E 4F AE 95 00 00 55 97 00 00 00 21 .....O....U....! |
| 214 | 1 | Andreas Steffen | 16: 00 00 00 14 00 98 96 80 00 01 FF B8 ............ |
| 215 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC message with ID 0x0e4fae95 |
| 216 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 |
| 217 | 1 | Andreas Steffen | </pre> |
| 218 | 1 | Andreas Steffen | <pre> |
| 219 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 received a segmentation contract request from IMC 2 for PA message type 'IETF/Software' 0x000000/0x00000009 |
| 220 | 1 | Andreas Steffen | maximum attribute size of 10000000 bytes with maximum segment size of 131000 bytes |
| 221 | 1 | Andreas Steffen | </pre> |
| 222 | 1 | Andreas Steffen | <pre> |
| 223 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC message with ID 0xdb795d86 |
| 224 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 |
| 225 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: created PA-TNC message: => 28 bytes @ 0x7f4dc8002d30 |
| 226 | 1 | Andreas Steffen | 0: 01 00 00 00 DB 79 5D 86 00 00 55 97 00 00 00 22 .....y]...U...." |
| 227 | 1 | Andreas Steffen | 16: 00 00 00 14 00 98 96 80 00 01 FF B8 ............ |
| 228 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 229 | 1 | Andreas Steffen | </pre> |
| 230 | 1 | Andreas Steffen | <pre> |
| 231 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 requests a segmentation contract for PA message type 'IETF/Operating System' 0x000000/0x00000001 |
| 232 | 1 | Andreas Steffen | maximum attribute size of 100000000 bytes with maximum segment size of 131000 bytes |
| 233 | 1 | Andreas Steffen | </pre> |
| 234 | 1 | Andreas Steffen | <pre> |
| 235 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: assigned session ID 40 to Connection ID 2 |
| 236 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: running policy script: 2>&1 ipsec imv_policy_manager start 40 |
| 237 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: policy: imv_policy_manager start successful |
| 238 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: SWIDT workitem 251 |
| 239 | 1 | Andreas Steffen | </pre> |
| 240 | 1 | Andreas Steffen | <pre> |
| 241 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 has no workitems - no evaluation requested |
| 242 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC message with ID 0x1b56eee5 |
| 243 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 |
| 244 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC attribute type 'IETF/Remediation Instructions' 0x000000/0x0000000a |
| 245 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: created PA-TNC message: => 117 bytes @ 0x7f4dc80026b0 |
| 246 | 1 | Andreas Steffen | 0: 01 00 00 00 1B 56 EE E5 00 00 00 00 00 00 00 09 .....V.......... |
| 247 | 1 | Andreas Steffen | 16: 00 00 00 10 00 00 00 04 00 00 00 00 00 00 00 0A ................ |
| 248 | 1 | Andreas Steffen | 32: 00 00 00 5D 00 00 00 00 00 00 00 02 00 00 00 42 ...]...........B |
| 249 | 1 | Andreas Steffen | 48: 49 50 20 50 61 63 6B 65 74 20 46 6F 72 77 61 72 IP Packet Forwar |
| 250 | 1 | Andreas Steffen | 64: 64 69 6E 67 0A 20 20 50 6C 65 61 73 65 20 64 69 ding. Please di |
| 251 | 1 | Andreas Steffen | 80: 73 61 62 6C 65 20 74 68 65 20 66 6F 72 77 61 72 sable the forwar |
| 252 | 1 | Andreas Steffen | 96: 64 69 6E 67 20 6F 66 20 49 50 20 70 61 63 6B 65 ding of IP packe |
| 253 | 1 | Andreas Steffen | 112: 74 73 02 65 6E ts.en |
| 254 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 |
| 255 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 2 provides recommendation 'allow' and evaluation 'don't know' |
| 256 | 1 | Andreas Steffen | </pre> |
| 257 | 1 | Andreas Steffen | <pre> |
| 258 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: TNC server is handling outbound connection |
| 259 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: PB-TNC state transition from 'Server Working' to 'Client Working' |
| 260 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PB-TNC SDATA batch |
| 261 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 262 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 263 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PB-TNC SDATA batch (201 bytes) for Connection ID 2 |
| 264 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PT-TLS message #2 of type 'PB-TNC Batch' (217 bytes) |
| 265 | 1 | Andreas Steffen | </pre> |
| 266 | 1 | Andreas Steffen | <pre> |
| 267 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received PT-TLS message #2 of type 'PB-TNC Batch' (24 bytes) |
| 268 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received TNCCS batch (8 bytes) |
| 269 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 270 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: processing PB-TNC CDATA batch for Connection ID 2 |
| 271 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: PB-TNC state transition from 'Client Working' to 'Server Working' |
| 272 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received empty PB-TNC CDATA batch |
| 273 | 2 | Andreas Steffen | </pre> |
| 274 | 2 | Andreas Steffen | <pre> |
| 275 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 requests a segmentation contract for PA message type 'IETF/Software' 0x000000/0x00000009 |
| 276 | 1 | Andreas Steffen | maximum attribute size of 10000000 bytes with maximum segment size of 131000 bytes |
| 277 | 1 | Andreas Steffen | </pre> |
| 278 | 6 | Andreas Steffen | |
| 279 | 8 | Andreas Steffen | h2. Sending IETF SW Request Attribute |
| 280 | 7 | Andreas Steffen | |
| 281 | 1 | Andreas Steffen | <pre> |
| 282 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 handles SWIDT workitem 251 |
| 283 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: IMV 1 issues sw request 251 |
| 284 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC message with ID 0x8311ab95 |
| 285 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021 |
| 286 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PA-TNC attribute type 'IETF/SW Request' 0x000000/0x00000011 |
| 287 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: created PA-TNC message: => 52 bytes @ 0x7f4db0006200 |
| 288 | 1 | Andreas Steffen | 0: 01 00 00 00 83 11 AB 95 00 00 55 97 00 00 00 21 ..........U....! |
| 289 | 1 | Andreas Steffen | 16: 00 00 00 14 00 98 96 80 00 01 FF B8 00 00 00 00 ................ |
| 290 | 1 | Andreas Steffen | 32: 00 00 00 11 00 00 00 18 20 00 00 00 00 00 00 FB ........ ....... |
| 291 | 1 | Andreas Steffen | 48: 00 00 00 00 .... |
| 292 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 293 | 6 | Andreas Steffen | </pre> |
| 294 | 6 | Andreas Steffen | |
| 295 | 6 | Andreas Steffen | <pre> |
| 296 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: TNC server is handling outbound connection |
| 297 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: PB-TNC state transition from 'Server Working' to 'Client Working' |
| 298 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: creating PB-TNC SDATA batch |
| 299 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 300 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PB-TNC SDATA batch (84 bytes) for Connection ID 2 |
| 301 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: sending PT-TLS message #3 of type 'PB-TNC Batch' (100 bytes) |
| 302 | 1 | Andreas Steffen | </pre> |
| 303 | 7 | Andreas Steffen | |
| 304 | 8 | Andreas Steffen | h2. Receiving IETF SW Identity Inventory Attribute |
| 305 | 7 | Andreas Steffen | |
| 306 | 1 | Andreas Steffen | <pre> |
| 307 | 1 | Andreas Steffen | Jun 12 10:37:03 koala charon-systemd[17732]: received PT-TLS message #3 of type 'PB-TNC Batch' (131072 bytes) |
| 308 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received TNCCS batch (131056 bytes) |
| 309 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 310 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PB-TNC CDATA batch for Connection ID 2 |
| 311 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: PB-TNC state transition from 'Client Working' to 'Server Working' |
| 312 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing IETF/PB-PA message (131048 bytes) |
| 313 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: handling PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 314 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: IMV 1 "SWIMA" received message for Connection ID 2 from IMC 2 to IMV 1 |
| 315 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: => 131024 bytes @ 0x7f4dd808cb50 |
| 316 | 1 | Andreas Steffen | 0: 01 00 00 00 76 04 15 EC 00 00 55 97 00 00 00 22 ....v.....U...." |
| 317 | 1 | Andreas Steffen | 16: 00 00 00 14 00 98 96 80 00 01 FF B8 00 00 55 97 ..............U. |
| 318 | 1 | Andreas Steffen | 32: 00 00 00 23 00 01 FF B4 C0 00 00 01 00 00 00 00 ...#............ |
| 319 | 1 | Andreas Steffen | 48: 00 00 00 12 00 02 7F B7 00 00 07 FF 00 00 00 FB ................ |
| 320 | 1 | Andreas Steffen | 64: 11 22 33 44 00 00 00 01 00 00 00 00 00 00 00 01 ."3D............ |
| 321 | 1 | Andreas Steffen | 80: 01 00 00 51 73 74 72 6F 6E 67 73 77 61 6E 2E 6F ...Qstrongswan.o |
| 322 | 1 | Andreas Steffen | 96: 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E 30 34 2D rg_Ubuntu_16.04- |
| 323 | 1 | Andreas Steffen | 112: 78 38 36 5F 36 34 2D 61 31 31 79 2D 70 72 6F 66 x86_64-a11y-prof |
| 324 | 1 | Andreas Steffen | 128: 69 6C 65 2D 6D 61 6E 61 67 65 72 2D 69 6E 64 69 ile-manager-indi |
| 325 | 1 | Andreas Steffen | 144: 63 61 74 6F 72 2D 30 2E 31 2E 31 30 2D 30 75 62 cator-0.1.10-0ub |
| 326 | 1 | Andreas Steffen | 160: 75 6E 74 75 33 00 00 00 00 00 00 00 00 00 01 01 untu3........... |
| 327 | 1 | Andreas Steffen | 176: 00 00 57 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 ..Wstrongswan.or |
| 328 | 1 | Andreas Steffen | 192: 67 5F 55 62 75 6E 74 75 5F 31 36 2E 30 34 2D 78 g_Ubuntu_16.04-x |
| 329 | 1 | Andreas Steffen | 208: 38 36 5F 36 34 2D 61 63 63 6F 75 6E 74 2D 70 6C 86_64-account-pl |
| 330 | 1 | Andreas Steffen | 224: 75 67 69 6E 2D 66 61 63 65 62 6F 6F 6B 2D 30 2E ugin-facebook-0. |
| 331 | 1 | Andreas Steffen | 240: 31 32 7E 31 36 2E 30 34 2E 32 30 31 36 30 31 32 12~16.04.2016012 |
| 332 | 1 | Andreas Steffen | 256: 36 2D 30 75 62 75 6E 74 75 31 00 00 00 00 00 00 6-0ubuntu1...... |
| 333 | 1 | Andreas Steffen | 272: 00 00 00 01 01 00 00 55 73 74 72 6F 6E 67 73 77 .......Ustrongsw |
| 334 | 1 | Andreas Steffen | 288: 61 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 an.org_Ubuntu_16 |
| 335 | 1 | Andreas Steffen | 304: 2E 30 34 2D 78 38 36 5F 36 34 2D 61 63 63 6F 75 .04-x86_64-accou |
| 336 | 1 | Andreas Steffen | 320: 6E 74 2D 70 6C 75 67 69 6E 2D 66 6C 69 63 6B 72 nt-plugin-flickr |
| 337 | 1 | Andreas Steffen | 336: 2D 30 2E 31 32 7E 31 36 2E 30 34 2E 32 30 31 36 -0.12~16.04.2016 |
| 338 | 1 | Andreas Steffen | 352: 30 31 32 36 2D 30 75 62 75 6E 74 75 31 00 00 00 0126-0ubuntu1... |
| 339 | 1 | Andreas Steffen | 368: 00 00 00 00 00 00 01 01 00 00 55 73 74 72 6F 6E ..........Ustron |
| 340 | 1 | Andreas Steffen | 384: 67 73 77 61 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 gswan.org_Ubuntu |
| 341 | 1 | Andreas Steffen | 400: 5F 31 36 2E 30 34 2D 78 38 36 5F 36 34 2D 61 63 _16.04-x86_64-ac |
| 342 | 1 | Andreas Steffen | 416: 63 6F 75 6E 74 2D 70 6C 75 67 69 6E 2D 67 6F 6F count-plugin-goo |
| 343 | 1 | Andreas Steffen | 432: 67 6C 65 2D 30 2E 31 32 7E 31 36 2E 30 34 2E 32 gle-0.12~16.04.2 |
| 344 | 1 | Andreas Steffen | 448: 30 31 36 30 31 32 36 2D 30 75 62 75 6E 74 75 31 0160126-0ubuntu1 |
| 345 | 1 | Andreas Steffen | ... |
| 346 | 1 | Andreas Steffen | 130656: 00 00 00 01 01 00 00 40 73 74 72 6F 6E 67 73 77 .......@strongsw |
| 347 | 1 | Andreas Steffen | 130672: 61 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 an.org_Ubuntu_16 |
| 348 | 1 | Andreas Steffen | 130688: 2E 30 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F .04-x86_64-pytho |
| 349 | 1 | Andreas Steffen | 130704: 6E 2D 70 6B 67 2D 72 65 73 6F 75 72 63 65 73 2D n-pkg-resources- |
| 350 | 1 | Andreas Steffen | 130720: 32 30 2E 37 2E 30 2D 31 00 00 00 00 00 00 00 00 20.7.0-1........ |
| 351 | 1 | Andreas Steffen | 130736: 00 01 01 00 00 3D 73 74 72 6F 6E 67 73 77 61 6E .....=strongswan |
| 352 | 1 | Andreas Steffen | 130752: 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E 30 .org_Ubuntu_16.0 |
| 353 | 1 | Andreas Steffen | 130768: 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F 6E 2D 4-x86_64-python- |
| 354 | 1 | Andreas Steffen | 130784: 73 65 74 75 70 74 6F 6F 6C 73 2D 32 30 2E 37 2E setuptools-20.7. |
| 355 | 1 | Andreas Steffen | 130800: 30 2D 31 00 00 00 00 00 00 00 00 00 01 01 00 00 0-1............. |
| 356 | 1 | Andreas Steffen | 130816: 38 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 67 5F 8strongswan.org_ |
| 357 | 1 | Andreas Steffen | 130832: 55 62 75 6E 74 75 5F 31 36 2E 30 34 2D 78 38 36 Ubuntu_16.04-x86 |
| 358 | 1 | Andreas Steffen | 130848: 5F 36 34 2D 70 79 74 68 6F 6E 2D 74 61 6C 6C 6F _64-python-tallo |
| 359 | 1 | Andreas Steffen | 130864: 63 2D 32 2E 31 2E 35 2D 32 00 00 00 00 00 00 00 c-2.1.5-2....... |
| 360 | 1 | Andreas Steffen | 130880: 00 00 01 01 00 00 38 73 74 72 6F 6E 67 73 77 61 ......8strongswa |
| 361 | 1 | Andreas Steffen | 130896: 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E n.org_Ubuntu_16. |
| 362 | 1 | Andreas Steffen | 130912: 30 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F 6E 04-x86_64-python |
| 363 | 1 | Andreas Steffen | 130928: 2D 77 68 65 65 6C 2D 30 2E 32 39 2E 30 2D 31 00 -wheel-0.29.0-1. |
| 364 | 1 | Andreas Steffen | 130944: 00 00 00 00 00 00 00 00 01 01 00 00 44 73 74 72 ............Dstr |
| 365 | 1 | Andreas Steffen | 130960: 6F 6E 67 73 77 61 6E 2E 6F 72 67 5F 55 62 75 6E ongswan.org_Ubun |
| 366 | 1 | Andreas Steffen | 130976: 74 75 5F 31 36 2E 30 34 2D 78 38 36 5F 36 34 2D tu_16.04-x86_64- |
| 367 | 1 | Andreas Steffen | 130992: 70 79 74 68 6F 6E 32 2E 37 2D 32 2E 37 2E 31 32 python2.7-2.7.12 |
| 368 | 1 | Andreas Steffen | 131008: 2D 31 75 62 75 6E 74 75 30 7E 31 36 2E 30 34 2E -1ubuntu0~16.04. |
| 369 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC message with ID 0x760415ec |
| 370 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022 |
| 371 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC attribute type 'TCG/Attribute Segment Envelope' 0x005597/0x00000023 |
| 372 | 1 | Andreas Steffen | |
| 373 | 1 | Andreas Steffen | </pre> |
| 374 | 1 | Andreas Steffen | <pre>Jun 12 10:37:04 koala charon-systemd[17732]: IMV 1 received a segmentation contract response from IMC 2 for PA message type 'IETF/Software' 0x000000/0x00000009 |
| 375 | 1 | Andreas Steffen | maximum attribute size of 10000000 bytes with maximum segment size of 131000 bytes |
| 376 | 1 | Andreas Steffen | </pre> |
| 377 | 1 | Andreas Steffen | <pre> |
| 378 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received first segment for base attribute ID 1 (130980 bytes) |
| 379 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/SW Identifier Inventory' 0x000000/0x00000012 |
| 380 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: 67 bytes insufficient to parse 68 bytes of data |
| 381 | 1 | Andreas Steffen | </pre> |
| 382 | 1 | Andreas Steffen | <pre> |
| 383 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received software identity inventory with 1646 items for request 251 at eid 1 of epoch 0x11223344, 401 items to follow |
| 384 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-a11y-profile-manager-indicator-0.1.10-0ubuntu3 |
| 385 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-account-plugin-facebook-0.12~16.04.20160126-0ubuntu1 |
| 386 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-account-plugin-flickr-0.12~16.04.20160126-0ubuntu1 |
| 387 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-account-plugin-google-0.12~16.04.20160126-0ubuntu1 |
| 388 | 1 | Andreas Steffen | ... |
| 389 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python-pkg-resources-20.7.0-1 |
| 390 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python-setuptools-20.7.0-1 |
| 391 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python-talloc-2.1.5-2 |
| 392 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python-wheel-0.29.0-1 |
| 393 | 1 | Andreas Steffen | </pre> |
| 394 | 1 | Andreas Steffen | <pre> |
| 395 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PA-TNC message with ID 0x63400a67 |
| 396 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PA-TNC attribute type 'TCG/Next Segment Request' 0x005597/0x00000024 |
| 397 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: created PA-TNC message: => 24 bytes @ 0x7f4dd8157610 |
| 398 | 1 | Andreas Steffen | 0: 01 00 00 00 63 40 0A 67 00 00 55 97 00 00 00 24 ....c@.g..U....$ |
| 399 | 1 | Andreas Steffen | 16: 00 00 00 10 00 00 00 01 ........ |
| 400 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 401 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: TNC server is handling outbound connection |
| 402 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: PB-TNC state transition from 'Server Working' to 'Client Working' |
| 403 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PB-TNC SDATA batch |
| 404 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 405 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: sending PB-TNC SDATA batch (56 bytes) for Connection ID 2 |
| 406 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: sending PT-TLS message #4 of type 'PB-TNC Batch' (72 bytes) |
| 407 | 1 | Andreas Steffen | </pre> |
| 408 | 1 | Andreas Steffen | <pre> |
| 409 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received PT-TLS message #4 of type 'PB-TNC Batch' (32859 bytes) |
| 410 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received TNCCS batch (32843 bytes) |
| 411 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 412 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PB-TNC CDATA batch for Connection ID 2 |
| 413 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: PB-TNC state transition from 'Client Working' to 'Server Working' |
| 414 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing IETF/PB-PA message (32835 bytes) |
| 415 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: handling PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 416 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: IMV 1 "SWIMA" received message for Connection ID 2 from IMC 2 to IMV 1 |
| 417 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: => 32811 bytes @ 0x7f4dd00250b0 |
| 418 | 1 | Andreas Steffen | 0: 01 00 00 00 63 31 E2 36 00 00 55 97 00 00 00 23 ....c1.6..U....# |
| 419 | 1 | Andreas Steffen | 16: 00 00 80 23 00 00 00 01 31 00 00 00 00 00 00 00 ...#....1....... |
| 420 | 1 | Andreas Steffen | 32: 00 00 01 01 00 00 48 73 74 72 6F 6E 67 73 77 61 ......Hstrongswa |
| 421 | 1 | Andreas Steffen | 48: 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E n.org_Ubuntu_16. |
| 422 | 1 | Andreas Steffen | 64: 30 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F 6E 04-x86_64-python |
| 423 | 1 | Andreas Steffen | 80: 32 2E 37 2D 64 65 76 2D 32 2E 37 2E 31 32 2D 31 2.7-dev-2.7.12-1 |
| 424 | 1 | Andreas Steffen | 96: 75 62 75 6E 74 75 30 7E 31 36 2E 30 34 2E 31 00 ubuntu0~16.04.1. |
| 425 | 1 | Andreas Steffen | 112: 00 00 00 00 00 00 00 00 01 01 00 00 4C 73 74 72 ............Lstr |
| 426 | 1 | Andreas Steffen | 128: 6F 6E 67 73 77 61 6E 2E 6F 72 67 5F 55 62 75 6E ongswan.org_Ubun |
| 427 | 1 | Andreas Steffen | 144: 74 75 5F 31 36 2E 30 34 2D 78 38 36 5F 36 34 2D tu_16.04-x86_64- |
| 428 | 1 | Andreas Steffen | 160: 70 79 74 68 6F 6E 32 2E 37 2D 6D 69 6E 69 6D 61 python2.7-minima |
| 429 | 1 | Andreas Steffen | 176: 6C 2D 32 2E 37 2E 31 32 2D 31 75 62 75 6E 74 75 l-2.7.12-1ubuntu |
| 430 | 1 | Andreas Steffen | 192: 30 7E 31 36 2E 30 34 2E 31 00 00 00 00 00 00 00 0~16.04.1....... |
| 431 | 1 | Andreas Steffen | 208: 00 00 01 01 00 00 32 73 74 72 6F 6E 67 73 77 61 ......2strongswa |
| 432 | 1 | Andreas Steffen | 224: 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E n.org_Ubuntu_16. |
| 433 | 1 | Andreas Steffen | 240: 30 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F 6E 04-x86_64-python |
| 434 | 1 | Andreas Steffen | 256: 33 2D 33 2E 35 2E 31 2D 33 00 00 00 00 00 00 00 3-3.5.1-3....... |
| 435 | 1 | Andreas Steffen | 272: 00 00 01 01 00 00 43 73 74 72 6F 6E 67 73 77 61 ......Cstrongswa |
| 436 | 1 | Andreas Steffen | 288: 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 2E n.org_Ubuntu_16. |
| 437 | 1 | Andreas Steffen | 304: 30 34 2D 78 38 36 5F 36 34 2D 70 79 74 68 6F 6E 04-x86_64-python |
| 438 | 1 | Andreas Steffen | 320: 33 2D 61 70 70 6F 72 74 2D 32 2E 32 30 2E 31 2D 3-apport-2.20.1- |
| 439 | 1 | Andreas Steffen | 336: 30 75 62 75 6E 74 75 32 2E 36 00 00 00 00 00 00 0ubuntu2.6...... |
| 440 | 1 | Andreas Steffen | ... |
| 441 | 1 | Andreas Steffen | 32448: 00 00 00 01 01 00 00 42 73 74 72 6F 6E 67 73 77 .......Bstrongsw |
| 442 | 1 | Andreas Steffen | 32464: 61 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 an.org_Ubuntu_16 |
| 443 | 1 | Andreas Steffen | 32480: 2E 30 34 2D 78 38 36 5F 36 34 2D 7A 65 6E 69 74 .04-x86_64-zenit |
| 444 | 1 | Andreas Steffen | 32496: 79 2D 63 6F 6D 6D 6F 6E 2D 33 2E 31 38 2E 31 2E y-common-3.18.1. |
| 445 | 1 | Andreas Steffen | 32512: 31 2D 31 75 62 75 6E 74 75 32 00 00 00 00 00 00 1-1ubuntu2...... |
| 446 | 1 | Andreas Steffen | 32528: 00 00 00 01 01 00 00 2D 73 74 72 6F 6E 67 73 77 .......-strongsw |
| 447 | 1 | Andreas Steffen | 32544: 61 6E 2E 6F 72 67 5F 55 62 75 6E 74 75 5F 31 36 an.org_Ubuntu_16 |
| 448 | 1 | Andreas Steffen | 32560: 2E 30 34 2D 78 38 36 5F 36 34 2D 7A 69 70 2D 33 .04-x86_64-zip-3 |
| 449 | 1 | Andreas Steffen | 32576: 2E 30 2D 31 31 00 00 00 00 00 00 00 00 00 01 01 .0-11........... |
| 450 | 1 | Andreas Steffen | 32592: 00 00 41 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 ..Astrongswan.or |
| 451 | 1 | Andreas Steffen | 32608: 67 5F 55 62 75 6E 74 75 5F 31 36 2E 30 34 2D 78 g_Ubuntu_16.04-x |
| 452 | 1 | Andreas Steffen | 32624: 38 36 5F 36 34 2D 7A 6C 69 62 31 67 2D 31 7E 31 86_64-zlib1g-1~1 |
| 453 | 1 | Andreas Steffen | 32640: 2E 32 2E 38 2E 64 66 73 67 2D 32 75 62 75 6E 74 .2.8.dfsg-2ubunt |
| 454 | 1 | Andreas Steffen | 32656: 75 34 2E 31 00 00 00 00 00 00 00 00 00 01 01 00 u4.1............ |
| 455 | 1 | Andreas Steffen | 32672: 00 45 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 67 .Estrongswan.org |
| 456 | 1 | Andreas Steffen | 32688: 5F 55 62 75 6E 74 75 5F 31 36 2E 30 34 2D 78 38 _Ubuntu_16.04-x8 |
| 457 | 1 | Andreas Steffen | 32704: 36 5F 36 34 2D 7A 6C 69 62 31 67 2D 64 65 76 2D 6_64-zlib1g-dev- |
| 458 | 1 | Andreas Steffen | 32720: 31 7E 31 2E 32 2E 38 2E 64 66 73 67 2D 32 75 62 1~1.2.8.dfsg-2ub |
| 459 | 1 | Andreas Steffen | 32736: 75 6E 74 75 34 2E 31 00 00 00 00 00 00 00 00 00 untu4.1......... |
| 460 | 1 | Andreas Steffen | 32752: 01 02 00 00 1F 73 74 72 6F 6E 67 73 77 61 6E 2E .....strongswan. |
| 461 | 1 | Andreas Steffen | 32768: 6F 72 67 5F 73 74 72 6F 6E 67 53 77 61 6E 2D 35 org_strongSwan-5 |
| 462 | 1 | Andreas Steffen | 32784: 2D 35 2D 33 00 15 2F 75 73 72 2F 73 68 61 72 65 -5-3../usr/share |
| 463 | 1 | Andreas Steffen | 32800: 2F 73 74 72 6F 6E 67 73 77 61 6E /strongswan |
| 464 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC message with ID 0x6331e236 |
| 465 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC attribute type 'TCG/Attribute Segment Envelope' 0x005597/0x00000023 |
| 466 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received last segment for base attribute ID 1 (32787 bytes) |
| 467 | 1 | Andreas Steffen | </pre> |
| 468 | 1 | Andreas Steffen | <pre> |
| 469 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received software identity inventory with 401 items for request 251 at eid 1 of epoch 0x11223344, 0 items to follow |
| 470 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python2.7-2.7.12-1ubuntu0~16.04.1 |
| 471 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python2.7-dev-2.7.12-1ubuntu0~16.04.1 |
| 472 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python2.7-minimal-2.7.12-1ubuntu0~16.04.1 |
| 473 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python3-3.5.1-3 |
| 474 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-python3-apport-2.20.1-0ubuntu2.6 |
| 475 | 1 | Andreas Steffen | ... |
| 476 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-zenity-common-3.18.1.1-1ubuntu2 |
| 477 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-zip-3.0-11 |
| 478 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-zlib1g-1~1.2.8.dfsg-2ubuntu4.1 |
| 479 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_Ubuntu_16.04-x86_64-zlib1g-dev-1~1.2.8.dfsg-2ubuntu4.1 |
| 480 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_strongSwan-5-5-3 |
| 481 | 1 | Andreas Steffen | </pre> |
| 482 | 1 | Andreas Steffen | <pre> |
| 483 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: 1 SWID tag target |
| 484 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: strongswan.org_strongSwan-5-5-3 |
| 485 | 3 | Andreas Steffen | </pre> |
| 486 | 7 | Andreas Steffen | |
| 487 | 8 | Andreas Steffen | h2. Sending IETF [Targeted] SW Request Attribute |
| 488 | 7 | Andreas Steffen | |
| 489 | 3 | Andreas Steffen | <pre> |
| 490 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PA-TNC message with ID 0xf3c2af1e |
| 491 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PA-TNC attribute type 'IETF/SW Request' 0x000000/0x00000011 |
| 492 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: created PA-TNC message: => 65 bytes @ 0x7f4dd0003c40 |
| 493 | 1 | Andreas Steffen | 0: 01 00 00 00 F3 C2 AF 1E 00 00 00 00 00 00 00 11 ................ |
| 494 | 1 | Andreas Steffen | 16: 00 00 00 39 00 00 00 01 00 00 00 FB 00 00 00 00 ...9............ |
| 495 | 1 | Andreas Steffen | 32: 00 1F 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 67 ..strongswan.org |
| 496 | 1 | Andreas Steffen | 48: 5F 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 35 2D _strongSwan-5-5- |
| 497 | 1 | Andreas Steffen | 64: 33 3 |
| 498 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 499 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: TNC server is handling outbound connection |
| 500 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: PB-TNC state transition from 'Server Working' to 'Client Working' |
| 501 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: creating PB-TNC SDATA batch |
| 502 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 503 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: sending PB-TNC SDATA batch (97 bytes) for Connection ID 2 |
| 504 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: sending PT-TLS message #5 of type 'PB-TNC Batch' (113 bytes) |
| 505 | 1 | Andreas Steffen | </pre> |
| 506 | 7 | Andreas Steffen | |
| 507 | 8 | Andreas Steffen | h2. Receiving IETF SW Inventory Attribute |
| 508 | 7 | Andreas Steffen | |
| 509 | 1 | Andreas Steffen | <pre> |
| 510 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received PT-TLS message #5 of type 'PB-TNC Batch' (507 bytes) |
| 511 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received TNCCS batch (491 bytes) |
| 512 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 513 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PB-TNC CDATA batch for Connection ID 2 |
| 514 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: PB-TNC state transition from 'Client Working' to 'Server Working' |
| 515 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing IETF/PB-PA message (483 bytes) |
| 516 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: handling PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 517 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: IMV 1 "SWIMA" received message for Connection ID 2 from IMC 2 to IMV 1 |
| 518 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: => 459 bytes @ 0x7f4dd4005a80 |
| 519 | 1 | Andreas Steffen | 0: 01 00 00 00 EF 28 38 E0 00 00 00 00 00 00 00 14 .....(8......... |
| 520 | 1 | Andreas Steffen | 16: 00 00 01 C3 00 00 00 01 00 00 00 FB 11 22 33 44 ............."3D |
| 521 | 1 | Andreas Steffen | 32: 00 00 00 01 00 00 00 00 00 00 00 01 02 00 00 1F ................ |
| 522 | 1 | Andreas Steffen | 48: 73 74 72 6F 6E 67 73 77 61 6E 2E 6F 72 67 5F 73 strongswan.org_s |
| 523 | 1 | Andreas Steffen | 64: 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 35 2D 33 00 trongSwan-5-5-3. |
| 524 | 1 | Andreas Steffen | 80: 15 2F 75 73 72 2F 73 68 61 72 65 2F 73 74 72 6F ./usr/share/stro |
| 525 | 1 | Andreas Steffen | 96: 6E 67 73 77 61 6E 00 00 01 61 3C 3F 78 6D 6C 20 ngswan...a<?xml |
| 526 | 1 | Andreas Steffen | 112: 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 20 65 6E version="1.0" en |
| 527 | 1 | Andreas Steffen | 128: 63 6F 64 69 6E 67 3D 22 75 74 66 2D 38 22 3F 3E coding="utf-8"?> |
| 528 | 1 | Andreas Steffen | 144: 0A 0A 3C 53 6F 66 74 77 61 72 65 49 64 65 6E 74 ..<SoftwareIdent |
| 529 | 1 | Andreas Steffen | 160: 69 74 79 0A 20 20 6E 61 6D 65 3D 22 73 74 72 6F ity. name="stro |
| 530 | 1 | Andreas Steffen | 176: 6E 67 53 77 61 6E 22 0A 20 20 74 61 67 49 64 3D ngSwan". tagId= |
| 531 | 1 | Andreas Steffen | 192: 22 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 35 2D "strongSwan-5-5- |
| 532 | 1 | Andreas Steffen | 208: 33 22 0A 20 20 76 65 72 73 69 6F 6E 3D 22 35 2E 3". version="5. |
| 533 | 1 | Andreas Steffen | 224: 35 2E 33 22 20 76 65 72 73 69 6F 6E 53 63 68 65 5.3" versionSche |
| 534 | 1 | Andreas Steffen | 240: 6D 65 3D 22 61 6C 70 68 61 6E 75 6D 65 72 69 63 me="alphanumeric |
| 535 | 1 | Andreas Steffen | 256: 22 0A 20 20 78 6D 6C 6E 73 3D 22 68 74 74 70 3A ". xmlns="http: |
| 536 | 1 | Andreas Steffen | 272: 2F 2F 73 74 61 6E 64 61 72 64 73 2E 69 73 6F 2E //standards.iso. |
| 537 | 1 | Andreas Steffen | 288: 6F 72 67 2F 69 73 6F 2F 31 39 37 37 30 2F 2D 32 org/iso/19770/-2 |
| 538 | 1 | Andreas Steffen | 304: 2F 32 30 31 35 2F 73 63 68 65 6D 61 2E 78 73 64 /2015/schema.xsd |
| 539 | 1 | Andreas Steffen | 320: 22 3E 0A 20 20 3C 45 6E 74 69 74 79 0A 20 20 20 ">. <Entity. |
| 540 | 1 | Andreas Steffen | 336: 20 6E 61 6D 65 3D 22 73 74 72 6F 6E 67 53 77 61 name="strongSwa |
| 541 | 1 | Andreas Steffen | 352: 6E 20 50 72 6F 6A 65 63 74 22 0A 20 20 20 20 72 n Project". r |
| 542 | 1 | Andreas Steffen | 368: 65 67 69 64 3D 22 73 74 72 6F 6E 67 73 77 61 6E egid="strongswan |
| 543 | 1 | Andreas Steffen | 384: 2E 6F 72 67 22 0A 20 20 20 20 72 6F 6C 65 3D 22 .org". role=" |
| 544 | 1 | Andreas Steffen | 400: 73 6F 66 74 77 61 72 65 43 72 65 61 74 6F 72 20 softwareCreator |
| 545 | 1 | Andreas Steffen | 416: 6C 69 63 65 6E 73 6F 72 20 74 61 67 43 72 65 61 licensor tagCrea |
| 546 | 1 | Andreas Steffen | 432: 74 6F 72 22 2F 3E 0A 3C 2F 53 6F 66 74 77 61 72 tor"/>.</Softwar |
| 547 | 1 | Andreas Steffen | 448: 65 49 64 65 6E 74 69 74 79 3E 0A eIdentity>. |
| 548 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC message with ID 0xef2838e0 |
| 549 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: processing PA-TNC attribute type 'IETF/SW Inventory' 0x000000/0x00000014 |
| 550 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: received software inventory with 1 item for request 251 at eid 1 of epoch 0x11223344, 0 items to follow |
| 551 | 1 | Andreas Steffen | </pre> |
| 552 | 7 | Andreas Steffen | |
| 553 | 1 | Andreas Steffen | <pre> |
| 554 | 1 | Andreas Steffen | Jun 12 10:37:04 koala charon-systemd[17732]: <?xml version="1.0" encoding="utf-8"?> |
| 555 | 1 | Andreas Steffen | <SoftwareIdentity |
| 556 | 1 | Andreas Steffen | name="strongSwan" |
| 557 | 1 | Andreas Steffen | tagId="strongSwan-5-5-3" |
| 558 | 1 | Andreas Steffen | version="5.5.3" versionScheme="alphanumeric" |
| 559 | 1 | Andreas Steffen | xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd"> |
| 560 | 1 | Andreas Steffen | <Entity |
| 561 | 1 | Andreas Steffen | name="strongSwan Project" |
| 562 | 1 | Andreas Steffen | regid="strongswan.org" |
| 563 | 1 | Andreas Steffen | role="softwareCreator licensor tagCreator"/> |
| 564 | 1 | Andreas Steffen | </SoftwareIdentity> |
| 565 | 1 | Andreas Steffen | </pre> |
| 566 | 1 | Andreas Steffen | <pre> |
| 567 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 1 handled SWIDT workitem 251: allow - received inventory of 2047 SWID tag IDs and 1 SWID tag |
| 568 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: creating PA-TNC message with ID 0x19d0d973 |
| 569 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 |
| 570 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: created PA-TNC message: => 24 bytes @ 0x7f4dd4019d70 |
| 571 | 1 | Andreas Steffen | 0: 01 00 00 00 19 D0 D9 73 00 00 00 00 00 00 00 09 .......s........ |
| 572 | 1 | Andreas Steffen | 16: 00 00 00 10 00 00 00 00 ........ |
| 573 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: creating PB-PA message type 'IETF/Software' 0x000000/0x00000009 |
| 574 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 1 provides recommendation 'allow' and evaluation 'compliant' |
| 575 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: TNC server is handling outbound connection |
| 576 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 1 "SWIMA" changed state of Connection ID 2 to 'Allowed' |
| 577 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: running policy script: 2>&1 ipsec imv_policy_manager stop 40 |
| 578 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: policy: recommendation for access requestor 77.56.145.176 is allow |
| 579 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: policy: imv_policy_manager stop successful |
| 580 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 2 "OS" changed state of Connection ID 2 to 'Allowed' |
| 581 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: PB-TNC state transition from 'Server Working' to 'Decided' |
| 582 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: creating PB-TNC RESULT batch |
| 583 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: adding IETF/PB-PA message |
| 584 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: adding IETF/PB-Assessment-Result message |
| 585 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: adding IETF/PB-Access-Recommendation message |
| 586 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: sending PB-TNC RESULT batch (88 bytes) for Connection ID 2 |
| 587 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: sending PT-TLS message #6 of type 'PB-TNC Batch' (104 bytes) |
| 588 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: received PT-TLS message #6 of type 'PB-TNC Batch' (24 bytes) |
| 589 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: received TNCCS batch (8 bytes) |
| 590 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: TNC server is handling inbound connection |
| 591 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: processing PB-TNC CLOSE batch for Connection ID 2 |
| 592 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: PB-TNC state transition from 'Decided' to 'End' |
| 593 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: final recommendation is 'allow' and evaluation is 'compliant' |
| 594 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: PT-TLS connection terminates |
| 595 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 1 "SWIMA" deleted the state of Connection ID 2 |
| 596 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: IMV 2 "OS" deleted the state of Connection ID 2 |
| 597 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: removed TNCCS Connection ID 2 |
| 598 | 1 | Andreas Steffen | Jun 12 10:37:05 koala charon-systemd[17732]: sending TLS close notify |
| 599 | 1 | Andreas Steffen | </pre> |
| 600 | 7 | Andreas Steffen | |
| 601 | 7 | Andreas Steffen | h2. Stopping PT-TLS Daemon |
| 602 | 7 | Andreas Steffen | |
| 603 | 1 | Andreas Steffen | <pre> |
| 604 | 1 | Andreas Steffen | Jun 12 13:14:31 koala systemd[1]: Stopping strongSwan IPsec IKEv1/IKEv2 daemon using swanctl... |
| 605 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: SIGTERM received, shutting down |
| 606 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: IMV 2 "OS" terminated |
| 607 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: IMV 1 "SWIMA" terminated |
| 608 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: removed IETF attributes |
| 609 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: removed ITA-HSR attributes |
| 610 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: removed PWG attributes |
| 611 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: removed TCG attributes |
| 612 | 1 | Andreas Steffen | Jun 12 13:14:31 koala charon-systemd[17732]: libimcv terminated |
| 613 | 1 | Andreas Steffen | Jun 12 13:14:31 koala systemd[1]: Stopped strongSwan IPsec IKEv1/IKEv2 daemon using swanctl. |
| 614 | 1 | Andreas Steffen | </pre> |