diff options
Diffstat (limited to 'contrib/bsnmp/lib')
-rw-r--r-- | contrib/bsnmp/lib/bsnmplib.3 | 38 | ||||
-rw-r--r-- | contrib/bsnmp/lib/snmp.c | 17 | ||||
-rw-r--r-- | contrib/bsnmp/lib/snmp.h | 5 | ||||
-rw-r--r-- | contrib/bsnmp/lib/snmpagent.c | 4 | ||||
-rw-r--r-- | contrib/bsnmp/lib/snmpclient.c | 17 | ||||
-rw-r--r-- | contrib/bsnmp/lib/snmppriv.h | 3 | ||||
-rwxr-xr-x | contrib/bsnmp/lib/tc.def | 40 |
7 files changed, 98 insertions, 26 deletions
diff --git a/contrib/bsnmp/lib/bsnmplib.3 b/contrib/bsnmp/lib/bsnmplib.3 index af36879..fbb956d 100644 --- a/contrib/bsnmp/lib/bsnmplib.3 +++ b/contrib/bsnmp/lib/bsnmplib.3 @@ -37,7 +37,7 @@ .\" .\" $Begemot: bsnmp/lib/bsnmplib.3,v 1.9 2005/10/04 08:46:51 brandt_h Exp $ .\" -.Dd September 9, 2010 +.Dd December 19, 2010 .Dt BSNMPLIB 3 .Os .Sh NAME @@ -50,6 +50,7 @@ .Nm snmp_pdu_decode_header , .Nm snmp_pdu_decode_scoped , .Nm snmp_pdu_decode_secmode , +.Nm snmp_pdu_init_secparams , .Nm snmp_pdu_dump , .Nm snmp_passwd_to_keys , .Nm snmp_get_local_keys , @@ -83,6 +84,8 @@ Begemot SNMP library .Ft enum snmp_code .Fn snmp_pdu_decode_secmode "struct asn_buf *buf" "struct snmp_pdu *pdu" .Ft void +.Fn snmp_pdu_init_secparams "struct snmp_pdu *pdu" +.Ft void .Fn snmp_pdu_dump "const struct snmp_pdu *pdu" .Ft enum snmp_code .Fn snmp_passwd_to_keys "struct snmp_user *user" "char *passwd" @@ -175,12 +178,18 @@ This structure represents an SNMP engine as specified by the SNMP Management Architecture described in RFC 3411. .Pp .Bd -literal -offset indent -#define SNMP_USM_NAME_SIZ (32 + 1) +#define SNMP_ADM_STR32_SIZ (32 + 1) #define SNMP_AUTH_KEY_SIZ 40 #define SNMP_PRIV_KEY_SIZ 32 +enum snmp_usm_level { + SNMP_noAuthNoPriv = 1, + SNMP_authNoPriv = 2, + SNMP_authPriv = 3 +}; + struct snmp_user { - char sec_name[SNMP_USM_NAME_SIZ]; + char sec_name[SNMP_ADM_STR32_SIZ]; enum snmp_authentication auth_proto; enum snmp_privacy priv_proto; uint8_t auth_key[SNMP_AUTH_KEY_SIZ]; @@ -230,7 +239,9 @@ contain the authentication and privacy keys for the user. #define SNMP_MSG_PRIV_FLAG 0x2 #define SNMP_MSG_REPORT_FLAG 0x4 -#define SNMP_SECMODEL_USM 3 +#define SNMP_MPM_SNMP_V1 0 +#define SNMP_MPM_SNMP_V2c 1 +#define SNMP_MPM_SNMP_V3 3 struct snmp_pdu { char community[SNMP_COMMUNITY_MAXLEN + 1]; @@ -296,7 +307,17 @@ and is the type of the PDU. .Fa security_model is the security model used for SNMPv3 PDUs. The only supported -value currently is 3 (User-based Security Model). +value currently is 3 (User-based Security Model). Additional values for any, +unknown, SNMPv1 and SNMPv2c security models are also enumerated +.Bd -literal -offset indent +enum snmp_secmodel { + SNMP_SECMODEL_ANY = 0, + SNMP_SECMODEL_SNMPv1 = 1, + SNMP_SECMODEL_SNMPv2c = 2, + SNMP_SECMODEL_USM = 3, + SNMP_SECMODEL_UNKNOWN +}; +.Ed .Pp The function .Fn snmp_value_free @@ -366,6 +387,13 @@ if the PDU is encrypted, decrypts the PDU contents pointed to by If successfull, a plain text scoped PDU is stored in the buffer. .Pp The function +.Fn snmp_pdu_init_secparams +calculates the initialization vector for the privacy protocol in use before +the PDU pointed to by +.Fa pdu +may be encrypted or decrypted. +.Pp +The function .Fn snmp_pdu_dump dumps the PDU in a human readable form by calling .Fn snmp_printf . diff --git a/contrib/bsnmp/lib/snmp.c b/contrib/bsnmp/lib/snmp.c index 633d10e..744510c 100644 --- a/contrib/bsnmp/lib/snmp.c +++ b/contrib/bsnmp/lib/snmp.c @@ -764,6 +764,7 @@ snmp_pdu_encode_header(struct asn_buf *b, struct snmp_pdu *pdu) if (pdu->type != SNMP_PDU_RESPONSE && pdu->type != SNMP_PDU_TRAP && + pdu->type != SNMP_PDU_TRAP2 && pdu->type != SNMP_PDU_REPORT) pdu->flags |= SNMP_MSG_REPORT_FLAG; @@ -1176,23 +1177,19 @@ snmp_value_copy(struct snmp_value *to, const struct snmp_value *from) } void -snmp_pdu_init_secparams(struct snmp_pdu *pdu, struct snmp_engine *eng, - struct snmp_user *user) +snmp_pdu_init_secparams(struct snmp_pdu *pdu) { int32_t rval; - memcpy(&pdu->engine, eng, sizeof(pdu->engine)); - memcpy(&pdu->user, user, sizeof(pdu->user)); - - if (user->auth_proto != SNMP_AUTH_NOAUTH) + if (pdu->user.auth_proto != SNMP_AUTH_NOAUTH) pdu->flags |= SNMP_MSG_AUTH_FLAG; - switch (user->priv_proto) { + switch (pdu->user.priv_proto) { case SNMP_PRIV_DES: - memcpy(pdu->msg_salt, &eng->engine_boots, - sizeof(eng->engine_boots)); + memcpy(pdu->msg_salt, &pdu->engine.engine_boots, + sizeof(pdu->engine.engine_boots)); rval = random(); - memcpy(pdu->msg_salt + sizeof(eng->engine_boots), &rval, + memcpy(pdu->msg_salt + sizeof(pdu->engine.engine_boots), &rval, sizeof(int32_t)); pdu->flags |= SNMP_MSG_PRIV_FLAG; break; diff --git a/contrib/bsnmp/lib/snmp.h b/contrib/bsnmp/lib/snmp.h index 3a6cec7..631d2f2 100644 --- a/contrib/bsnmp/lib/snmp.h +++ b/contrib/bsnmp/lib/snmp.h @@ -89,6 +89,10 @@ enum snmp_version { SNMP_V3, }; +#define SNMP_MPM_SNMP_V1 0 +#define SNMP_MPM_SNMP_V2c 1 +#define SNMP_MPM_SNMP_V3 3 + #define SNMP_ADM_STR32_SIZ (32 + 1) #define SNMP_AUTH_KEY_SIZ 40 #define SNMP_PRIV_KEY_SIZ 32 @@ -255,6 +259,7 @@ int snmp_value_parse(const char *, enum snmp_syntax, union snmp_values *); int snmp_value_copy(struct snmp_value *, const struct snmp_value *); void snmp_pdu_free(struct snmp_pdu *); +void snmp_pdu_init_secparams(struct snmp_pdu *); enum snmp_code snmp_pdu_decode(struct asn_buf *b, struct snmp_pdu *pdu, int32_t *); enum snmp_code snmp_pdu_decode_header(struct asn_buf *, struct snmp_pdu *); enum snmp_code snmp_pdu_decode_scoped(struct asn_buf *, struct snmp_pdu *, int32_t *); diff --git a/contrib/bsnmp/lib/snmpagent.c b/contrib/bsnmp/lib/snmpagent.c index 9cd9676..888d622 100644 --- a/contrib/bsnmp/lib/snmpagent.c +++ b/contrib/bsnmp/lib/snmpagent.c @@ -178,7 +178,9 @@ snmp_pdu_create_response(struct snmp_pdu *pdu, struct snmp_pdu *resp) if (resp->version != SNMP_V3) return; - snmp_pdu_init_secparams(resp, &pdu->engine, &pdu->user); + memcpy(&resp->engine, &pdu->engine, sizeof(pdu->engine)); + memcpy(&resp->user, &pdu->user, sizeof(pdu->user)); + snmp_pdu_init_secparams(resp); resp->identifier = pdu->identifier; resp->security_model = pdu->security_model; resp->context_engine_len = pdu->context_engine_len; diff --git a/contrib/bsnmp/lib/snmpclient.c b/contrib/bsnmp/lib/snmpclient.c index 103ea69..8610a4d 100644 --- a/contrib/bsnmp/lib/snmpclient.c +++ b/contrib/bsnmp/lib/snmpclient.c @@ -1160,10 +1160,11 @@ snmp_pdu_create(struct snmp_pdu *pdu, u_int op) pdu->flags = 0; pdu->security_model = snmp_client.security_model; - if (snmp_client.security_model == SNMP_SECMODEL_USM) - snmp_pdu_init_secparams(pdu, &snmp_client.engine, - &snmp_client.user); - else + if (snmp_client.security_model == SNMP_SECMODEL_USM) { + memcpy(&pdu->engine, &snmp_client.engine, sizeof(pdu->engine)); + memcpy(&pdu->user, &snmp_client.user, sizeof(pdu->user)); + snmp_pdu_init_secparams(pdu); + } else seterr(&snmp_client, "unknown security model"); if (snmp_client.clen > 0) { @@ -1440,9 +1441,11 @@ snmp_receive_packet(struct snmp_pdu *pdu, struct timeval *tv) abuf.asn_len = ret; memset(pdu, 0, sizeof(*pdu)); - if (snmp_client.security_model == SNMP_SECMODEL_USM) - snmp_pdu_init_secparams(pdu, &snmp_client.engine, - &snmp_client.user); + if (snmp_client.security_model == SNMP_SECMODEL_USM) { + memcpy(&pdu->engine, &snmp_client.engine, sizeof(pdu->engine)); + memcpy(&pdu->user, &snmp_client.user, sizeof(pdu->user)); + snmp_pdu_init_secparams(pdu); + } if (SNMP_CODE_OK != (ret = snmp_pdu_decode(&abuf, pdu, &ip))) { seterr(&snmp_client, "snmp_decode_pdu: failed %d", ret); diff --git a/contrib/bsnmp/lib/snmppriv.h b/contrib/bsnmp/lib/snmppriv.h index 56441cc..c0e4479 100644 --- a/contrib/bsnmp/lib/snmppriv.h +++ b/contrib/bsnmp/lib/snmppriv.h @@ -38,9 +38,6 @@ enum snmp_code snmp_fix_encoding(struct asn_buf *, struct snmp_pdu *); enum asn_err snmp_parse_pdus_hdr(struct asn_buf *b, struct snmp_pdu *pdu, asn_len_t *lenp); -void snmp_pdu_init_secparams(struct snmp_pdu *, struct snmp_engine *, - struct snmp_user *); - enum snmp_code snmp_pdu_calc_digest(const struct snmp_pdu *, uint8_t *); enum snmp_code snmp_pdu_encrypt(const struct snmp_pdu *); enum snmp_code snmp_pdu_decrypt(const struct snmp_pdu *); diff --git a/contrib/bsnmp/lib/tc.def b/contrib/bsnmp/lib/tc.def new file mode 100755 index 0000000..65f6972 --- /dev/null +++ b/contrib/bsnmp/lib/tc.def @@ -0,0 +1,40 @@ +#- +# Copyright (C) 2010 The FreeBSD Foundation +# All rights reserved. +# +# This software was developed by Shteryana Sotirova Shopova under +# sponsorship from the FreeBSD Foundation. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# + +typedef RowStatus ENUM ( + 1 active + 2 notInService + 3 notReady + 4 createAndGo + 5 createAndWait + 6 destroy +) + |