diff options
| author | ngie <ngie@FreeBSD.org> | 2017-01-01 00:36:52 +0000 |
|---|---|---|
| committer | ngie <ngie@FreeBSD.org> | 2017-01-01 00:36:52 +0000 |
| commit | 70306d785bb89374efa5244dbf39c78765e52e11 (patch) | |
| tree | 5dd9b3df49c31a003d941ce1453074983e63e527 | |
| parent | 4ccab6d42f7217249e615ba93e91a7449f015be9 (diff) | |
| download | FreeBSD-src-70306d785bb89374efa5244dbf39c78765e52e11.zip FreeBSD-src-70306d785bb89374efa5244dbf39c78765e52e11.tar.gz | |
MFC r310498,r310591:
r310498:
Allow SNMPv3 authNoPriv and noAuthNoPriv protocols to discover snmpEngineTime
as discussed in RFC-5343
This fixes interoperability with net-snmp.
Tested with the following invocations of snmpwalk (from net-snmp):
- noAuthNoPriv:
% snmpwalk -v 3 -n '' -u public localhost snmpEngineTime
- authNoPriv:
% snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authNoPriv -a sha localhost \
localhost snmpEngineTime
- authPriv:
% snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des \
-X bsnmptest localhost snmpEngineTime
Obtained from: Isilon OneFS (5ec6d772cacbc, with minor tweaks)
r310591:
Update engine time using update_snmpd_engine_time(..)
| -rw-r--r-- | contrib/bsnmp/snmpd/action.c | 18 | ||||
| -rw-r--r-- | contrib/bsnmp/snmpd/main.c | 15 | ||||
| -rw-r--r-- | contrib/bsnmp/snmpd/snmpd.h | 1 | ||||
| -rw-r--r-- | contrib/bsnmp/snmpd/trap.c | 10 |
4 files changed, 23 insertions, 21 deletions
diff --git a/contrib/bsnmp/snmpd/action.c b/contrib/bsnmp/snmpd/action.c index 4f6f817..54a5d29 100644 --- a/contrib/bsnmp/snmpd/action.c +++ b/contrib/bsnmp/snmpd/action.c @@ -40,6 +40,7 @@ #include <sys/utsname.h> #include <ctype.h> #include <errno.h> +#include <inttypes.h> #include <stdarg.h> #include <stdio.h> #include <stdlib.h> @@ -219,6 +220,21 @@ save_boots: return (0); } +void +update_snmpd_engine_time(void) +{ + uint64_t etime; + + etime = (get_ticks() - start_tick) / 100ULL; + if (etime < INT32_MAX) + snmpd_engine.engine_time = etime; + else { + start_tick = get_ticks(); + (void)set_snmpd_engine(); + snmpd_engine.engine_time = start_tick; + } +} + /************************************************************* * * System group @@ -1118,7 +1134,7 @@ op_snmp_engine(struct snmp_context *ctx __unused, struct snmp_value *value, value->v.integer = snmpd_engine.engine_boots; break; case LEAF_snmpEngineTime: - snmpd_engine.engine_time = (get_ticks() - start_tick) / 100ULL; + update_snmpd_engine_time(); value->v.integer = snmpd_engine.engine_time; break; case LEAF_snmpEngineMaxMessageSize: diff --git a/contrib/bsnmp/snmpd/main.c b/contrib/bsnmp/snmpd/main.c index 3c4ded4..8ba78f8 100644 --- a/contrib/bsnmp/snmpd/main.c +++ b/contrib/bsnmp/snmpd/main.c @@ -53,7 +53,6 @@ #include <unistd.h> #include <signal.h> #include <dlfcn.h> -#include <inttypes.h> #ifdef USE_TCPWRAPPERS #include <arpa/inet.h> @@ -304,7 +303,6 @@ snmp_output(struct snmp_pdu *pdu, u_char *sndbuf, size_t *sndlen, static enum snmp_code snmp_pdu_auth_user(struct snmp_pdu *pdu) { - uint64_t etime; usm_user = NULL; /* un-authenticated snmpEngineId discovery */ @@ -312,6 +310,7 @@ snmp_pdu_auth_user(struct snmp_pdu *pdu) pdu->engine.engine_len = snmpd_engine.engine_len; memcpy(pdu->engine.engine_id, snmpd_engine.engine_id, snmpd_engine.engine_len); + update_snmpd_engine_time(); pdu->engine.engine_boots = snmpd_engine.engine_boots; pdu->engine.engine_time = snmpd_engine.engine_time; pdu->flags |= SNMP_MSG_AUTODISCOVER; @@ -334,21 +333,14 @@ snmp_pdu_auth_user(struct snmp_pdu *pdu) /* authenticated snmpEngineId discovery */ if ((pdu->flags & SNMP_MSG_AUTH_FLAG) != 0) { - etime = (get_ticks() - start_tick) / 100ULL; - if (etime < INT32_MAX) - snmpd_engine.engine_time = etime; - else { - start_tick = get_ticks(); - set_snmpd_engine(); - snmpd_engine.engine_time = start_tick; - } - + update_snmpd_engine_time(); pdu->user.auth_proto = usm_user->suser.auth_proto; memcpy(pdu->user.auth_key, usm_user->suser.auth_key, sizeof(pdu->user.auth_key)); if (pdu->engine.engine_boots == 0 && pdu->engine.engine_time == 0) { + update_snmpd_engine_time(); pdu->flags |= SNMP_MSG_AUTODISCOVER; return (SNMP_CODE_OK); } @@ -643,6 +635,7 @@ decoded: pdu->engine.engine_time == 0) { asn_append_oid(&(pdu->bindings[pdu->nbindings++].var), &oid_usmNotInTimeWindows); + update_snmpd_engine_time(); pdu->engine.engine_boots = snmpd_engine.engine_boots; pdu->engine.engine_time = snmpd_engine.engine_time; } diff --git a/contrib/bsnmp/snmpd/snmpd.h b/contrib/bsnmp/snmpd/snmpd.h index 1ebb8c1..009b2e7 100644 --- a/contrib/bsnmp/snmpd/snmpd.h +++ b/contrib/bsnmp/snmpd/snmpd.h @@ -332,6 +332,7 @@ int init_actvals(void); extern char engine_file[]; int init_snmpd_engine(void); int set_snmpd_engine(void); +void update_snmpd_engine_time(void); int read_config(const char *, struct lmodule *); int define_macro(const char *name, const char *value); diff --git a/contrib/bsnmp/snmpd/trap.c b/contrib/bsnmp/snmpd/trap.c index a0f95d2..cead6b5 100644 --- a/contrib/bsnmp/snmpd/trap.c +++ b/contrib/bsnmp/snmpd/trap.c @@ -464,7 +464,6 @@ static void snmp_create_v3_trap(struct snmp_pdu *pdu, struct target_param *target, const struct asn_oid *trap_oid) { - uint64_t etime; struct usm_user *usmuser; memset(pdu, 0, sizeof(*pdu)); @@ -487,14 +486,7 @@ snmp_create_v3_trap(struct snmp_pdu *pdu, struct target_param *target, pdu->nbindings = 2; - etime = (get_ticks() - start_tick) / 100ULL; - if (etime < INT32_MAX) - snmpd_engine.engine_time = etime; - else { - start_tick = get_ticks(); - set_snmpd_engine(); - snmpd_engine.engine_time = start_tick; - } + update_snmpd_engine_time(); memcpy(pdu->engine.engine_id, snmpd_engine.engine_id, snmpd_engine.engine_len); |
