int
init_snmpv3_post_premib_config(int majorid, int minorid, void *serverarg,
                               void *clientarg)
{
    if (!engineIDIsSet)
        setup_engineID(NULL, NULL);

    return SNMPERR_SUCCESS;
}
Esempio n. 2
0
int main(int argc, char **argv) {
  netsnmp_session *session = NULL;
  netsnmp_transport *transport = NULL;
  char *listening_address = "udp:5200";
  int local = 1;
  char *default_domain = "udp";
  program_name = basename(argv[0]);
  printf("%s: main\n", program_name);
  init_usm();
  netsnmp_udp_ctor();
  init_snmpv3(NULL);
  setup_engineID(NULL, NULL);
  usm_parse_create_usmUser("createUser", "-e 0x8000000001020304 traptest SHA mypassword AES");
  transport = netsnmp_tdomain_transport(listening_address, local, default_domain);
  if (transport == NULL) {
    printf("%s: failed to open server: %s\n", argv[0], strerror(errno));
    exit(EXIT_FAILURE);
  }
  session = snmptrapd_add_session(transport);
  select_loop();
  snmp_close(session);
  exit(EXIT_SUCCESS);
}
/*******************************************************************-o-******
 */
int
main(int argc, char **argv)
{
	int	  rval		= SNMPERR_SUCCESS;
	size_t	  oldKu_len	= SNMP_MAXBUF_SMALL,
		  newKu_len	= SNMP_MAXBUF_SMALL,
		  oldkul_len	= SNMP_MAXBUF_SMALL,
		  newkul_len	= SNMP_MAXBUF_SMALL,
		  keychange_len	= SNMP_MAXBUF_SMALL;

	char      *s = NULL;
	u_char	  oldKu[SNMP_MAXBUF_SMALL],
		  newKu[SNMP_MAXBUF_SMALL],
		  oldkul[SNMP_MAXBUF_SMALL],
		  newkul[SNMP_MAXBUF_SMALL],
		  keychange[SNMP_MAXBUF_SMALL];

	int       i;
	int       arg = 1;

 	local_progname = argv[0];


 
	/*
	 * Parse.
	 */
	for(; (arg < argc) && (argv[arg][0] == '-') ; arg++){
		switch(argv[arg][1]){
		case 'D':  snmp_set_do_debugging(1);	break;
		case 'E':  engineid = (u_char *)argv[++arg];	break;
		case 'f':  forcepassphrase = 1;		break;
		case 'N':  newpass = argv[++arg];	break;
		case 'O':  oldpass = argv[++arg];	break;
		case 'P':  promptindicator = 0;		break;
		case 't':  transform_type_input = argv[++arg];	break;
		case 'v':  verbose = 1;			break;
		case 'V':  visible = 1;			break;
		case 'h':
			rval = 0;
		default:
			usage_to_file(stdout);
			exit(rval);
		}
	}

	if ( !transform_type_input ) {
		fprintf(stderr, "The -t option is mandatory.\n");
		usage_synopsis(stdout);
		exit(1000);
	}



	/*
	 * Convert and error check transform_type.
	 */
	if ( !strcmp(transform_type_input, "md5") ) {
		transform_type = usmHMACMD5AuthProtocol;

	} else if ( !strcmp(transform_type_input, "sha1") ) {
		transform_type = usmHMACSHA1AuthProtocol;

	} else {
		fprintf(stderr,
			"Unrecognized hash transform: \"%s\".\n",
			transform_type_input);
		usage_synopsis(stderr);
		QUITFUN(rval = SNMPERR_GENERR, main_quit);
	}

	if (verbose) {
		fprintf(stderr, "Hash:\t\t%s\n",
			(transform_type == usmHMACMD5AuthProtocol)
				? "usmHMACMD5AuthProtocol"
				: "usmHMACSHA1AuthProtocol"
			);
	}



	/* 
	 * Build engineID.  Accept hex engineID as the bits
	 * "in-and-of-themselves", otherwise create an engineID with the
	 * given string as text.
	 *
	 * If no engineID is given, lookup the first IP address for the
	 * localhost and use that (see setup_engineID()).
	 */
	if ( engineid && (tolower(*(engineid+1)) == 'x') ) {
		engineid_len = hex_to_binary2(	engineid+2,
						strlen((char *)engineid)-2,
						(char **) &engineid);
                DEBUGMSGTL(("encode_keychange","engineIDLen: %d\n", engineid_len));
	} else {
		engineid_len = setup_engineID(&engineid, (char *)engineid);

	} 

#ifdef SNMP_TESTING_CODE
	if (verbose) {
		fprintf(stderr, "EngineID:\t%s\n",
			/* XXX = */ dump_snmpEngineID(engineid, &engineid_len));
	}
#endif


	/*
	 * Get passphrases from user.
	 */
	rval = get_user_passphrases();
	QUITFUN(rval, main_quit);

	if ( strlen(oldpass) < USM_LENGTH_P_MIN ) {
		fprintf(stderr, "Old passphrase must be greater than %d "
				"characters in length.\n",
				USM_LENGTH_P_MIN);
		QUITFUN(rval = SNMPERR_GENERR, main_quit);

	} else if ( strlen(newpass) < USM_LENGTH_P_MIN ) {
		fprintf(stderr, "New passphrase must be greater than %d "
				"characters in length.\n",
				USM_LENGTH_P_MIN);
		QUITFUN(rval = SNMPERR_GENERR, main_quit);
	}

	if (verbose) {
		fprintf(stderr,
			"Old passphrase:\t%s\nNew passphrase:\t%s\n",
			oldpass, newpass);
	}



	/* 
	 * Compute Ku and Kul's from old and new passphrases, then
	 * compute the keychange string & print it out.
	 */
	rval = sc_init();
	QUITFUN(rval, main_quit);


	rval = generate_Ku(	transform_type, USM_LENGTH_OID_TRANSFORM,
				(u_char *)oldpass, strlen(oldpass),
				oldKu, &oldKu_len);
	QUITFUN(rval, main_quit);


	rval = generate_Ku(	transform_type, USM_LENGTH_OID_TRANSFORM,
				(u_char *)newpass, strlen(newpass),
				newKu, &newKu_len);
	QUITFUN(rval, main_quit);


        DEBUGMSGTL(("encode_keychange", "EID (%d): ", engineid_len));
        for(i=0; i < (int)engineid_len; i++)
          DEBUGMSGTL(("encode_keychange", "%02x",(int) (engineid[i])));
        DEBUGMSGTL(("encode_keychange","\n"));

        DEBUGMSGTL(("encode_keychange", "old Ku (%d) (from %s): ", oldKu_len, oldpass));
        for(i=0; i < (int)oldKu_len; i++)
          DEBUGMSGTL(("encode_keychange", "%02x",(int) (oldKu[i])));
        DEBUGMSGTL(("encode_keychange","\n"));

	rval = generate_kul(	transform_type, USM_LENGTH_OID_TRANSFORM,
				engineid, engineid_len,
				oldKu, oldKu_len,
				oldkul, &oldkul_len);
	QUITFUN(rval, main_quit);


        DEBUGMSGTL(("encode_keychange", "generating old Kul (%d) (from Ku): ", oldkul_len));
        for(i=0; i < (int)oldkul_len; i++)
          DEBUGMSGTL(("encode_keychange", "%02x",(int) (oldkul[i])));
        DEBUGMSGTL(("encode_keychange","\n"));

	rval = generate_kul(	transform_type, USM_LENGTH_OID_TRANSFORM,
				engineid, engineid_len,
				newKu, newKu_len,
				newkul, &newkul_len);
	QUITFUN(rval, main_quit);
        
        DEBUGMSGTL(("encode_keychange", "generating new Kul (%d) (from Ku): ", oldkul_len));
        for(i=0; i < (int)newkul_len; i++)
          DEBUGMSGTL(("encode_keychange", "%02x",newkul[i]));
        DEBUGMSGTL(("encode_keychange","\n"));

	rval = encode_keychange(transform_type, USM_LENGTH_OID_TRANSFORM,
				oldkul, oldkul_len,
				newkul, newkul_len,
				keychange, &keychange_len);
	QUITFUN(rval, main_quit);



	binary_to_hex(keychange, keychange_len, &s);
	printf("%s%s\n",
		(verbose) ? "KeyChange string:\t" : "", /* XXX stdout */
		s);


	/*
	 * Cleanup.
	 */
main_quit:
	snmp_call_callbacks(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_SHUTDOWN,
                            NULL);
        

	SNMP_ZERO(oldpass,	strlen(oldpass));
	SNMP_ZERO(newpass,	strlen(newpass));

	SNMP_ZERO(oldKu,	oldKu_len);
	SNMP_ZERO(newKu,	newKu_len);

	SNMP_ZERO(oldkul,	oldkul_len);
	SNMP_ZERO(newkul,	newkul_len);

	SNMP_ZERO(s, strlen(s));

	return rval;

} /* end main() */
Esempio n. 4
0
int main (int argc, char *argv[])
{
    netsnmp_session session, *ss;

    netsnmp_pdu *pdu, *response;

    oid name[MAX_OID_LEN];

    size_t name_length;

    int arg;

    int status;

    char *trap = NULL;

    char *prognam;

    int exitval = 0;

#ifndef NETSNMP_DISABLE_SNMPV1
    char *specific = NULL, *description = NULL, *agent = NULL;

    in_addr_t *pdu_in_addr_t;
#endif

    prognam = strrchr (argv[0], '/');
    if (prognam)
        prognam++;
    else
        prognam = argv[0];

    putenv (strdup ("POSIXLY_CORRECT=1"));

    if (strcmp (prognam, "snmpinform") == 0)
        inform = 1;
    switch (arg = snmp_parse_args (argc, argv, &session, "C:", optProc))
    {
        case NETSNMP_PARSE_ARGS_ERROR:
            exit (1);
        case NETSNMP_PARSE_ARGS_SUCCESS_EXIT:
            exit (0);
        case NETSNMP_PARSE_ARGS_ERROR_USAGE:
            usage ();
            exit (1);
        default:
            break;
    }

    SOCK_STARTUP;

    session.callback = snmp_input;
    session.callback_magic = NULL;

    /*
     * setup the local engineID which may be for either or both of the
     * contextEngineID and/or the securityEngineID.
     */
    setup_engineID (NULL, NULL);

    /* if we don't have a contextEngineID set via command line
       arguments, use our internal engineID as the context. */
    if (session.contextEngineIDLen == 0 || session.contextEngineID == NULL)
    {
        session.contextEngineID = snmpv3_generate_engineID (&session.contextEngineIDLen);
    }

    if (session.version == SNMP_VERSION_3 && !inform)
    {
        /*
         * for traps, we use ourselves as the authoritative engine
         * which is really stupid since command line apps don't have a
         * notion of a persistent engine.  Hence, our boots and time
         * values are probably always really wacked with respect to what
         * a manager would like to see.
         * 
         * The following should be enough to:
         * 
         * 1) prevent the library from doing discovery for engineid & time.
         * 2) use our engineid instead of the remote engineid for
         * authoritative & privacy related operations.
         * 3) The remote engine must be configured with users for our engineID.
         * 
         * -- Wes 
         */

        /*
         * pick our own engineID 
         */
        if (session.securityEngineIDLen == 0 || session.securityEngineID == NULL)
        {
            session.securityEngineID = snmpv3_generate_engineID (&session.securityEngineIDLen);
        }

        /*
         * set boots and time, which will cause problems if this
         * machine ever reboots and a remote trap receiver has cached our
         * boots and time...  I'll cause a not-in-time-window report to
         * be sent back to this machine. 
         */
        if (session.engineBoots == 0)
            session.engineBoots = 1;
        if (session.engineTime == 0)    /* not really correct, */
            session.engineTime = get_uptime ();    /* but it'll work. Sort of. */
    }

    ss = snmp_add (&session, netsnmp_transport_open_client ("snmptrap", session.peername), NULL, NULL);
    if (ss == NULL)
    {
        /*
         * diagnose netsnmp_transport_open_client and snmp_add errors with
         * the input netsnmp_session pointer
         */
        snmp_sess_perror ("snmptrap", &session);
        SOCK_CLEANUP;
        exit (1);
    }

#ifndef NETSNMP_DISABLE_SNMPV1
    if (session.version == SNMP_VERSION_1)
    {
        if (inform)
        {
            fprintf (stderr, "Cannot send INFORM as SNMPv1 PDU\n");
            SOCK_CLEANUP;
            exit (1);
        }
        pdu = snmp_pdu_create (SNMP_MSG_TRAP);
        if (!pdu)
        {
            fprintf (stderr, "Failed to create trap PDU\n");
            SOCK_CLEANUP;
            exit (1);
        }
        pdu_in_addr_t = (in_addr_t *) pdu->agent_addr;
        if (arg == argc)
        {
            fprintf (stderr, "No enterprise oid\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        if (argv[arg][0] == 0)
        {
            pdu->enterprise = (oid *) malloc (sizeof (objid_enterprise));
            memcpy (pdu->enterprise, objid_enterprise, sizeof (objid_enterprise));
            pdu->enterprise_length = sizeof (objid_enterprise) / sizeof (oid);
        }
        else
        {
            name_length = MAX_OID_LEN;
            if (!snmp_parse_oid (argv[arg], name, &name_length))
            {
                snmp_perror (argv[arg]);
                usage ();
                SOCK_CLEANUP;
                exit (1);
            }
            pdu->enterprise = (oid *) malloc (name_length * sizeof (oid));
            memcpy (pdu->enterprise, name, name_length * sizeof (oid));
            pdu->enterprise_length = name_length;
        }
        if (++arg >= argc)
        {
            fprintf (stderr, "Missing agent parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        agent = argv[arg];
        if (agent != NULL && strlen (agent) != 0)
        {
            int ret = netsnmp_gethostbyname_v4 (agent, pdu_in_addr_t);

            if (ret < 0)
            {
                fprintf (stderr, "unknown host: %s\n", agent);
                exit (1);
            }
        }
        else
        {
            *pdu_in_addr_t = get_myaddr ();
        }
        if (++arg == argc)
        {
            fprintf (stderr, "Missing generic-trap parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        trap = argv[arg];
        pdu->trap_type = atoi (trap);
        if (++arg == argc)
        {
            fprintf (stderr, "Missing specific-trap parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        specific = argv[arg];
        pdu->specific_type = atoi (specific);
        if (++arg == argc)
        {
            fprintf (stderr, "Missing uptime parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        description = argv[arg];
        if (description == NULL || *description == 0)
            pdu->time = get_uptime ();
        else
            pdu->time = atol (description);
    }
    else
#endif
    {
        long sysuptime;

        char csysuptime[20];

        pdu = snmp_pdu_create (inform ? SNMP_MSG_INFORM : SNMP_MSG_TRAP2);
        if (!pdu)
        {
            fprintf (stderr, "Failed to create notification PDU\n");
            SOCK_CLEANUP;
            exit (1);
        }
        if (arg == argc)
        {
            fprintf (stderr, "Missing up-time parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        trap = argv[arg];
        if (*trap == 0)
        {
            sysuptime = get_uptime ();
            sprintf (csysuptime, "%ld", sysuptime);
            trap = csysuptime;
        }
        snmp_add_var (pdu, objid_sysuptime, sizeof (objid_sysuptime) / sizeof (oid), 't', trap);
        if (++arg == argc)
        {
            fprintf (stderr, "Missing trap-oid parameter\n");
            usage ();
            SOCK_CLEANUP;
            exit (1);
        }
        if (snmp_add_var (pdu, objid_snmptrap, sizeof (objid_snmptrap) / sizeof (oid), 'o', argv[arg]) != 0)
        {
            snmp_perror (argv[arg]);
            SOCK_CLEANUP;
            exit (1);
        }
    }
    arg++;

    while (arg < argc)
    {
        arg += 3;
        if (arg > argc)
        {
            fprintf (stderr, "%s: Missing type/value for variable\n", argv[arg - 3]);
            SOCK_CLEANUP;
            exit (1);
        }
        name_length = MAX_OID_LEN;
        if (!snmp_parse_oid (argv[arg - 3], name, &name_length))
        {
            snmp_perror (argv[arg - 3]);
            SOCK_CLEANUP;
            exit (1);
        }
        if (snmp_add_var (pdu, name, name_length, argv[arg - 2][0], argv[arg - 1]) != 0)
        {
            snmp_perror (argv[arg - 3]);
            SOCK_CLEANUP;
            exit (1);
        }
    }

    if (inform)
        status = snmp_synch_response (ss, pdu, &response);
    else
        status = snmp_send (ss, pdu) == 0;
    if (status)
    {
        snmp_sess_perror (inform ? "snmpinform" : "snmptrap", ss);
        if (!inform)
            snmp_free_pdu (pdu);
        exitval = 1;
    }
    else if (inform)
        snmp_free_pdu (response);

    snmp_close (ss);
    snmp_shutdown ("snmpapp");
    SOCK_CLEANUP;
    return exitval;
}
/*******************************************************************-o-******
 * engineID_conf
 *
 * Parameters:
 *	*word
 *	*cptr
 *
 * This function reads a string from the configuration file and uses that
 * string to initialize the engineID.  It's assumed to be human readable.
 */
void
engineID_conf(const char *word, char *cptr)
{
    setup_engineID(NULL, cptr);
    DEBUGMSGTL(("snmpv3", "initialized engineID with: %s\n", cptr));
}
Esempio n. 6
0
/*******************************************************************-o-******
 * init_snmpv3
 *
 * Parameters:
 *	*type	Label for the config file "type" used by calling entity.
 *      
 * Set time and engineID.
 * Set parsing functions for config file tokens.
 * Initialize SNMP Crypto API (SCAPI).
 */
void
init_snmpv3(const char *type) {
  gettimeofday(&snmpv3starttime, NULL);

  if (type == NULL)
     type = "snmpapp";

  if (type && !strcmp(type,"snmpapp")) {
     setup_engineID(NULL,"__snmpapp__");
  } else {
     setup_engineID(NULL, NULL);
  }

  /* initialize submodules */
  init_usm();

  /* we need to be called back later */
  snmp_register_callback(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_POST_READ_CONFIG,
                         init_snmpv3_post_config, NULL);
  /* we need to be called back later */
  snmp_register_callback(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_STORE_DATA,
                         snmpv3_store, (void *) type);


#if		!defined(USE_INTERNAL_MD5)
  /* doesn't belong here at all */
  sc_init();
#endif		/* !USE_INTERNAL_MD5 */

  /* register all our configuration handlers (ack, there's a lot) */

  /* handle engineID setup before everything else which may depend on it */
  register_premib_handler(type,"engineID", engineID_conf, NULL, "string");
  register_premib_handler(type,"oldEngineID", oldengineID_conf, NULL, NULL);
  register_config_handler(type,"engineBoots", engineBoots_conf, NULL, NULL);

  /* default store config entries */
  ds_register_config(ASN_OCTET_STR, "snmp", "defSecurityName", DS_LIBRARY_ID,
                     DS_LIB_SECNAME);
  ds_register_config(ASN_OCTET_STR, "snmp", "defContext", DS_LIBRARY_ID,
                     DS_LIB_CONTEXT);
  ds_register_config(ASN_OCTET_STR, "snmp", "defPassphrase", DS_LIBRARY_ID,
                     DS_LIB_PASSPHRASE);
  ds_register_config(ASN_OCTET_STR, "snmp", "defAuthPassphrase", DS_LIBRARY_ID,
                     DS_LIB_AUTHPASSPHRASE);
  ds_register_config(ASN_OCTET_STR, "snmp", "defPrivPassphrase", DS_LIBRARY_ID,
                     DS_LIB_PRIVPASSPHRASE);
  register_config_handler("snmp","defVersion", version_conf, NULL, "1|2c|3");

  register_config_handler("snmp","defAuthType", snmpv3_authtype_conf, NULL,
                          "MD5|SHA");
  register_config_handler("snmp","defPrivType", snmpv3_privtype_conf, NULL,
                          "DES (currently the only possible value)");
  register_config_handler("snmp","defSecurityLevel", snmpv3_secLevel_conf,
                          NULL, "noAuthNoPriv|authNoPriv|authPriv");
  register_config_handler(type,"userSetAuthPass", usm_set_password, NULL,
                          "secname engineIDLen engineID pass");
  register_config_handler(type,"userSetPrivPass", usm_set_password, NULL,
                          "secname engineIDLen engineID pass");
  register_config_handler(type,"userSetAuthKey", usm_set_password, NULL,
                          "secname engineIDLen engineID KuLen Ku");
  register_config_handler(type,"userSetPrivKey", usm_set_password, NULL,
                          "secname engineIDLen engineID KuLen Ku");
  register_config_handler(type,"userSetAuthLocalKey", usm_set_password, NULL,
                          "secname engineIDLen engineID KulLen Kul");
  register_config_handler(type,"userSetPrivLocalKey", usm_set_password, NULL,
                          "secname engineIDLen engineID KulLen Kul");
}