IF-MAP is a standard interface between the Metadata Access Point and other elements of the Trusted Network Connect (TNC) architecture. You can find documents define and specify IF-MAP HERE: IF-MAP Server (Java) --------------------------- - Install http://trust.inform.fh-hannover.de/joomla/index.php/projects/iron IF-MAP Client/Library (C/C++) ---------------------------- - Install http://code.google.com/p/libifmap2c/Download one zip file from project iron (SERVER): irond-0.2.2-bin.zip Download two zip file from libifmap2c (CLIENT):- "libifmap2c-0.2.0.tar.gz" & "libifmap2c-examples-0.2.0.tar.gz".-------------------------------------------------------------------------I will provide Installation steps for above downloaded file on Ubuntu Linux.The following are the files or dependencies required before starting Installation/build process:-For SERVER Installation:
- g++
- cmake
- libxml2-dev
- libcurl4-gnutls-dev
The server file is already pre-build i.e binary file. You just have to extract And run it.For CLIENT Installation:
- Extract file irond-0.2.2-bin.zip
- cd irond-0.2.2-bin (Go inside the directory)
- run the shell script name ./start.sh
- and your server will start giving first message "0 [main] INFO - Starting irond version 0.2.2..."
You need to build the library source and please install all dependencies mentioned above before proceedings.Now, Building the IF-MAP examples:-
- Extract file libifmap2c-0.2.0.tar.gz
- $cd libifmap2c-0.2.0/build/ (Go inside the directory named 'build')
- $cmake ../
- $make
- $sudo make install
- And you are DONE!
After listing your current directory, you will see many binary executable files are present.
- Extract file libifmap2c-examples-0.2.0.tar.gz
- $cd libifmap2c-examples-0.2.0/build/
- $cmake ../
- $make
- $ls ./ (list current directory build)
These are the examples which you will run for testing the IF-MAP Client Server interaction.Now, lets test some examples given in the WIKI and see the messages on the server of IF-MAP which we started earlier.
- $mkdir capath (in the current directory 'build')
- you need to copy a valid server certificate i.e $cp /path/to/servercert.pem capath
- If you have no valid certificate no need to panic if you get the error message given below when running the module with given parameters.
- $./ip-mac update 192.168.0.1 11:bb:cc:dd:ee:ff https://localhost:8443 test test capath/
Doing newSession... CommunicationError: server certificate verification failed.CAfile: none CRLfile: noneThere is a SMALL TWEAK which will help you testing your module without verification of valid certificate:You have to edit the following file given in:libifmap2c-0.2.0/communication/lowlevelcurlcommunication.cpp"#define CURL_VERIFY_PEER 1L" Change to "#define CURL_VERIFY_PEER 0L"'0L' will skip the verification of certificate.Again build the Client Library as shown above. Now, run again the module like this$./ip-mac update 192.168.0.1 11:bb:cc:dd:ee:ff https://localhost:8443 test test capath/Doing newSession... Ok! SessionID="990489538-1344493087-220289568-279621823" PublisherID="test-18160887771"
Doing publish... Ok!
Doing endSession... Ok!
Baaamm!!! The module is executed successfully and you can also see the event messages on Server debug console. :)
Hi Ankit,
ReplyDeletenice post ;)
Regarding the "small tweak" you mentioned. This shouldn't appear if you use the libcurl4-openssl-dev package instead of the libcurl4-gnutls-dev. I still need to figure out why they behave differently, but an easy fix is to simply replace the gnutls package with the openssl one. Also, running c_rehash for the capath is mandatory.
Thanks,
Arne
Hi Arne,
ReplyDeleteThanks a lot for the information and glad that you gone throough this post.
Well, I am very new to the IF-MAP. I started playing with IF-MAP client & server few days ago for one project. So, I thought to write a blog post for newbie like me to get started. ;) I had no clue about libcurl4-openssl-dev package for this. I will try using this package also.
~Thanks again and keep clicking!
Ankit