summaryrefslogtreecommitdiffstats
path: root/contrib/bsnmp
Commit message (Collapse)AuthorAgeFilesLines
* MFC r328160:ae2018-02-026-36/+116
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add to bsnmpd(1) ability to specify multiple community strings with different access rights. By default there are two community strings with index 1 and 2, one for read-only access and second for read-write access: begemotSnmpdCommunityString.0.1 = $(read) begemotSnmpdCommunityString.0.2 = $(write) Now it is possible to define additional community strings using different indexes: begemotSnmpdCommunityString.0.3 = "SomeString1" begemotSnmpdCommunityPermission.0.3 = 1 begemotSnmpdCommunityString.0.4 = "SomeString2" begemotSnmpdCommunityPermission.0.4 = 2 begemotSnmpdCommunityString.0.5 = "SomeString3" begemotSnmpdCommunityString.0.6 = "SomeString4" New attribute begemotSnmpdCommunityPermission can be used to specify access rights: 1 means "read-only" access, 2 means "read-write" access. If attribute is not specified for some index this means "read-only" rights. Community strings must be unique, i.e. must not be the same for different indexes. Obtained from: Yandex LLC Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D13785 MFC r328171: Rename "index" variable to "idx" since gcc complains that it shadows index(3) function declaration.
* MFC r326510:ae2017-12-111-1/+1
| | | | Fix format string warning with enabled DEBUGGING.
* MFC r315641,r315642:ngie2017-03-271-2/+4
| | | | | | | | | | | | | r315641: bsnmp: don't leak snmp_client.fd in open_client_udp(..) on connect(2) failure r315642: bsnmp: explicitly test the return value for open_client_{local,udp} in snmp_open(..) open_client_* returns -1 on failure; 0 on success. Ensure that the return value is 0 -- otherwise exit snmp_open(..).
* MFC r315206:ngie2017-03-201-1/+1
| | | | | | | | | | | bsnmpd: fix segfault when trans_insert_port(..) is called with multiple out of order addresses Move `port->transport` initialization before the TAILQ_FOREACH(..) loop to ensure that the value is properly initialized before it's inserted into the TAILQ. PR: 217760
* MFC r311394:ngie2017-02-041-1/+5
| | | | | | | | | op_usm_users: don't deref uusers if it's NULL when SETting the value Add an XXX comment to note that the conditional seems suspect given how it's handled elsewhere in the SNMP_OP_SET case. CID: 1008573
* MFC r311263:ngie2017-02-041-3/+3
| | | | | | | | | | | | | | Use calloc instead of malloc with buffers in snmp_{recv,send}_packet This doesn't fix the issue noted in the PR, but at the very least it cleans up the error so it looks a bit more sane, and in the event that bsnmp did wander off into the weeds, the likelihood of it crashing with more sensible output is greater, in my opinion MFC counter set high so I have enough time to resolve the real underlying bug in bsnmpwalk PR: 215721
* MFC r312331:ngie2017-01-202-55/+30
| | | | | | | | | | | | | | | r312331 (by glebius): Fix regression from r310655, which broke operation of bsnmpd if it is bound to a non-wildcard address. As documented in ip(4), doing sendmsg(2) with IP_SENDSRCADDR on a socket that is bound to non-wildcard address is completely different to using this control message on a wildcard one. A fix is to add a bool to mark whether we did setsockopt(IP_RECVDSTADDR) on the socket, and use IP_SENDSRCADDR control message only if we did. While here, garbage collect absolutely useless udp_recv() function that establishes some structures on stack to never use them later.
* MFC r310656,r311221:ngie2017-01-161-1/+2
| | | | | | | | | | | | | | | r310656: style(9): sort alignment in udp_recv(..) r311221: Initialize msg.msg_flags to 0 This mutes a valid coverity warning about it being uninitialized when passed in to sendmsg(2). CID: 1368202
* MFC r310655:ngie2017-01-165-21/+39
| | | | | | | | | | | | | | | Fix bsnmpd sending/receiving with multi-homed configurations or INADDR_ANY used as the listening address in snmpd_input(..) Stash the IPv4 address of the receiver via the recv(..) callback and use it in the send(..) callback for the transport by specifying IP_SENDSRCADDR for the control message type. Add sendmsg logic to the UDP transport's send(..) callback and use the respective send(..) callback for the transport instead of calling sendto in snmpd_input(..). Obtained from: Isilon OneFS (^/onefs/branches/BR_8_0_0_DEV@r507595)
* MFC r311742:ngie2017-01-161-0/+3
| | | | | | | Add a REVISION section to track changes for the BEGEMOT-IP-MIB MIB file There haven't been any changes to the MIB definition, so the REVISION remains static at the version it was imported at
* MFC r311759,r311760:ngie2017-01-162-0/+6
| | | | | | | | | | | | | | | | r311759: Add a REVISION section to track changes for the FOKUS-MIB MIB file There haven't been any changes to the MIB definition, so the REVISION remains static at the version it was imported at r311760: Add a REVISION section to track changes for the BEGEMOT-MIB MIB file There haven't been any changes to the MIB definition, so the REVISION remains static at the version it was imported at
* MFC r311750,r311754,r311757:ngie2017-01-141-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | r311750: Check result from smiGetFirstNode and smiGetNodeByOID This avoids a segfault with malformed or unanticipated files, like IPV6-TC.txt (a file containing just TEXTUAL-CONVENTIONS). Found with: gensnmpdef /usr/local/share/snmp/mibs/IPV6-TC.txt r311754: Use calloc instead of malloc + memset(.., 0, ..) r311757: Similar to r311750, check for the result from smiGetModule to avoid a segfault when dereferencing a NULL pointer later on. Choose to just check for the NULL pointer in the next for-loop for now to fix the issue with a minimal amount of code churn sys/queue.h use here would make more sense than using a static table
* MFC r310950:ngie2017-01-142-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | MIB-II: use strlcpy when copying interface names to .ifr_name .ifra_name is assumed to be NUL terminated; using strlcpy(3) ensures that it's indeed NUL terminated whereas strncpy does not. Tested and verified as follows with a combination of ifconfig, snmpget, and snmpset: % ifconfig create lo1 127.0.0.2/8 % SNMPARGS="-v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des -X bsnmptest localhost" % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 2 IF-MIB::ifAdminStatus.4 = INTEGER: down(2) % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: down(2) % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 1 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) CID: 1009652-1009656, 1349850
* MFC r311381:ngie2017-01-131-6/+4
| | | | | | | | | | | | lsock_init_port: address issues with initializing sockaddr_un object - Use strlcpy to ensure p->name doesn't overflow sa.sun_path [*]. - Use SUN_LEN(..) instead of spelling out calculation longhand (inspired by comment by jmallett). Tested with: dgram and stream support with both bsnmpwalk and snmpwalk CID: 1006825
* MFC r310586,r310587,r310588:ngie2017-01-134-180/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r310586: Refactor transport sources a bit to facilitate changes coming down pipeline Add recv callback to transport layer to better facilitate code reuse and readability and for symmetry with send callback. Move recv_dgram and recv_stream to udp_recv and lsock_recv, respectively, and make the beforementioned functions recv callbacks for the udp and lsock transports, respectively. Consolidate the check_priv* functions in their relevant trans*.c source to limit scope/use. Note: this code is roughly based content from the submitter, although this was modified to be more of a direct move from snmpd/main.c to the trans_*.c sources, and to reduce unnecessary static function declarations. r310587: Fix definition for recv_dgram(..); it should be "ssize_t", not "int" I'm not sure why this wasn't flagged as an issue by the compiler, yet r310588: Fix return type for `ret` (recv callback) and sort variables by alignment Again, for reasons I don't yet understand, this is not being flagged by the compiler. Unlike the issue addressed in r310587, this problem existed prior to r310586
* MFC r311378:ngie2017-01-131-3/+2
| | | | | | | | | | | lm_load: fix string copying issues - Ensure `section` doesn't overrun section by using strlcpy instead of strcpy [*]. - Use strdup instead of malloc + strcpy (this wasn't flagged by Coverity, but is an opportunistic change). CID: 1006826 [*]
* MFC r311390:ngie2017-01-131-1/+4
| | | | | | snmp_table_fetch_async: don't leak `work` if snmp_pdu_send(..) fails CID: 1017276
* MFC r310729:ngie2017-01-131-1/+5
| | | | | | | | | | | | Prevent improper memory accesses after calling snmp_pdu_free and snmp_value_free snmp_pdu_free: set pdu->nbindings to 0 to limit the damage that could happen if a pdu was reused after calling the function, and as both stack and heap allocation types are used in contrib/bsnmp and usr.sbin/bsnmpd. snmp_value_free: NULL out value->v.octetstring.octets after calling free on it to prevent a double-free from occurring.
* MFC r311733:ngie2017-01-131-6/+6
| | | | Use nitems(mib) instead of hardcoding mib's length when calling sysctl(3)
* MFC r311282:ngie2017-01-131-1/+3
| | | | | | snmp_mibII(3) requires net/if.h and net/if_mib.h Document that requirement
* MFC r311505:ngie2017-01-091-1/+1
| | | | Remove unnecessary __unused attribute attached to `ctx` in op_begemot_mibII(..)
* MFC r311384:ngie2017-01-091-1/+1
| | | | op_usm_users: fix indentation in SNMP_OP_SET block
* MFC r311382:ngie2017-01-091-6/+3
| | | | Use calloc instead of malloc + memset(.., 0, ..)
* MFC r310501:ngie2017-01-071-18/+7
| | | | | | | | | | | | Be more strict about IpAddress type in snmp_value_parse(..) - Use inet_pton with AF_INET instead of doing longhand with sscanf. - Use gethostbyname2 with AF_INET to ensure that the hostname isn't accidentally parsed with another address family, e.g. AF_INET6. NB: IpAddress per RFC-2578 is IPv4 only. Work is in progress to add the InetAddress type and friends documented in RFC-4001 and elsewhere (which supports IPv4, IPv6, and more).
* MFC r310952:ngie2017-01-071-3/+3
| | | | | | | | | | | MIB-II: use strlcpy instead of strcpy when copying {descr,name} This is of course to avoid buffer overruns The remaining strcpy instance in the module needs to be audited for correctness CID: 1006827, 1006828
* MFC r310957,r310958,r310960:ngie2017-01-073-8/+12
| | | | | | | | | | | | | | | | | | | | | | | | | r310957: Use strlcpy when copying `com` to pdu->community to avoid potential buffer overruns CID: 1006823, 1006824 r310958: Initialize ret to SNMPD_INPUT_OK at the top of snmp_input_start(..) to avoid returning an uninitialized value There are some really complicated, snakey if-statements combined with switch statements that could result in an invalid value being returned as `ret` CID: 1006551 r310960: Similar to r310954, set .len to 0 on malloc failure and to `len` only on success
* MFC r310931,r310942,r310988:ngie2017-01-071-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | | r310931: Use strdup in snmp_parse_server(..) when possible instead of malloc+strcpy This simplifies the code and mutes a Coverity warning about sc->cport being improperly allocated CID: 1018247 r310942: Unbreak the build by passing the string to strdup, not its length Pointyhat to: ngie r310988: snmp_discover_engine: fix up req/resp (PDU object) handling a bit - Call snmp_pdu_free on req and resp when done with the objects - Call snmp_pdu_free on req before calling snmp_pdu_create on it again
* MFC r310873:ngie2017-01-061-5/+6
| | | | | | | | Guard against use-after-free after calling mibif_free(..) Set variables to NULL after calling free. Also, remove unnecessary if (x != NULL) checks before calling free(x)
* MFC r311003:ngie2017-01-041-3/+3
| | | | Fix spelling errors; bump .Dd for the change
* MFC r311001:ngie2017-01-041-1/+1
| | | | Bump .Dd for the spelling and .Nm updates
* MFC r310099,r311000,r311002:ngie2017-01-041-6/+6
| | | | | | | | | | r311000: Fix spelling errors r311002: Install bsnmpclient(3) as snmp_client_{init,set_host,set_port}(3)
* MFC r310865:ngie2017-01-021-3/+2
| | | | Fix whitespace in a comment and fixing a spelling error in a comment
* MFC r310763:ngie2017-01-011-2/+2
| | | | | | | | Use uint32_t instead of u_int32_t for or_last_change and services in "struct systemg" This is being done to match "struct systemg" in snmpmod(3) No functional change
* MFC r310498,r310591:ngie2017-01-014-21/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r310498: Allow SNMPv3 authNoPriv and noAuthNoPriv protocols to discover snmpEngineTime as discussed in RFC-5343 This fixes interoperability with net-snmp. Tested with the following invocations of snmpwalk (from net-snmp): - noAuthNoPriv: % snmpwalk -v 3 -n '' -u public localhost snmpEngineTime - authNoPriv: % snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authNoPriv -a sha localhost \ localhost snmpEngineTime - authPriv: % snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des \ -X bsnmptest localhost snmpEngineTime Obtained from: Isilon OneFS (5ec6d772cacbc, with minor tweaks) r310591: Update engine time using update_snmpd_engine_time(..)
* MFC r310500,r310660:ngie2016-12-312-6/+6
| | | | | | | | | | | | | | | r310500: Minor style(9) fixes - Trailing whitespace cleanup - Sort variables in snmp_dialog(..) by alignment No functional change r310660: style(9): fix whitespace in pdu_encode_secparams(..)
* MFC r310662,r310663:ngie2016-12-311-0/+1
| | | | | | | | | | r310662: style(9): snmp_send_packet(..): fix whitespace r310663: style(9): ip_get(..): clean up whitespace
* MFC r310648:ngie2016-12-3161-276/+276
| | | | style(9): clean up trailing whitespace
* MFC r310662:ngie2016-12-311-3/+3
| | | | style(9): snmp_send_packet(..): fix whitespace
* MFC r310455:ngie2016-12-311-2/+3
| | | | | | | | | | Clarify failure in snmp_output(..) with call to snmp_pdu_decode - Explicitly test snmp_pdu_encode against SNMP_CODE_OK instead of assuming any non-zero value is bad. - Print out the code before calling abort() to give the end-user something actionable to debug without having to recompile the binary, since the core might not have these details.
* MFC r310574:ngie2016-12-291-5/+5
| | | | | | | | | Fix style(9) - Sort #includes - Delete trailing whitespace No functional change
* MFC r310592:ngie2016-12-291-2/+2
| | | | style(9): fix trailing whitespace
* MFC r310499:ngie2016-12-281-4/+4
| | | | | | Sort #includes No functional change
* MFC r310503:ngie2016-12-281-1/+1
| | | | style(9): delete stray trailing whitespace after break statement
* MFC r310459:ngie2016-12-261-3/+3
| | | | | | Sort #includes per style(9) No functional change
* MFC r310202:ngie2016-12-261-25/+25
| | | | | | Clean up trailing and leading whitespace Fix variable type alignment in snmp_dialog(..)
* Revert r299830, it has couple of fatal errors.glebius2016-05-181-5/+5
| | | | | | | The CMSG_ family of macros take care of alignment, so we don't need r299830 at all, even if it was correct. Put NO_WCAST_ALIGN into Makefile. Together with: peter
* Fix .Ddngie2016-05-151-1/+1
| | | | | | | Today is the 14th, not the 10th of May Reported by: igor (derp) Sponsored by: EMC / Isilon Storage Division
* Fix fully canonicalized example for `myvariable.27...`ngie2016-05-151-2/+2
| | | | | | | | | `6` doesn't occur in the OID; it was spurious Bump .Dd for the change MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Remove trailing whitespace in license tortngie2016-05-151-2/+2
| | | | | | MFC after: 1 week Reported by: igor Sponsored by: EMC / Isilon Storage Division
* Fix -Wcast-align warningsngie2016-05-151-5/+5
| | | | | | | | | Use memcpy instead of using direct assignment of void* pointers with CMSG_DATA(..), which changes alignment MFC after: 3 weeks Reported by: clang Sponsored by: EMC / Isilon Storage Division
OpenPOWER on IntegriCloud