int header_system(struct variable *vp, oid *name, int *length, int exact, int *var_len, WriteMethod **write_method) { #define SYSTEM_NAME_LENGTH 8 oid newname[MAX_OID_LEN]; int result; char c_oid[SPRINT_MAX_LEN]; if (snmp_get_do_debugging()) { sprint_objid (c_oid, name, *length); DEBUGMSGTL(("mibII/system", "var_system: %s %d\n", c_oid, exact)); DEBUGMSGTL(("mibII/system", "vp len: %d / %d\n", vp->namelen, 8)); } memcpy((char *)newname, (char *)vp->name, (int)vp->namelen * sizeof(oid)); newname[SYSTEM_NAME_LENGTH] = 0; result = snmp_oid_compare(name, *length, newname, (int)vp->namelen + 1); if ((exact && (result != 0)) || (!exact && (result >= 0))) return(MATCH_FAILED); memcpy( (char *)name,(char *)newname, ((int)vp->namelen + 1) * sizeof(oid)); *length = vp->namelen + 1; *write_method = 0; *var_len = sizeof(long); /* default to 'long' results */ return(MATCH_SUCCEEDED); }
/** Reads kernel memory. * Seeks to the specified location in kmem, then * does a read of given amount ob bytes into target buffer. * * @param off The location to seek. * * @param target The target buffer to read into. * * @param siz Number of bytes to read. * * @return gives 1 on success and 0 on failure. */ int klookup (unsigned long off, void *target, size_t siz) { long retsiz; if (kmem < 0) return 0; if ((retsiz = klseek ((off_t) off)) != off) { snmp_log (LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz); snmp_log_perror ("klseek"); return (0); } if ((retsiz = klread (target, siz)) != siz) { if (snmp_get_do_debugging ()) { /* * these happen too often on too many architectures to print them * unless we're in debugging mode. People get very full log files. */ snmp_log (LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz); snmp_log_perror ("klread"); } return (0); } DEBUGMSGTL (("verbose:kernel:klookup", "klookup(%lx, %p, %d) succeeded", off, target, siz)); return (1); }
int klookup(unsigned long off, char *target, int siz) { long retsiz; if (kmem < 0) return 0; if ((retsiz = klseek((off_t) off)) != off) { snmp_log(LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz); snmp_log_perror("klseek"); #ifdef EXIT_ON_BAD_KLREAD exit(1); #endif return (0); } if ((retsiz = klread(target, siz)) != siz ) { if (snmp_get_do_debugging()) { /* these happen too often on too many architectures to print them unless we're in debugging mode. People get very full log files. */ snmp_log(LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz); snmp_log_perror("klread"); } #ifdef EXIT_ON_BAD_KLREAD exit(1); #endif return(0); } return (1); }
int handle_nsDebugOutputAll(netsnmp_mib_handler *handler, netsnmp_handler_registration *reginfo, netsnmp_agent_request_info *reqinfo, netsnmp_request_info *requests) { long enabled; netsnmp_request_info *request=NULL; switch (reqinfo->mode) { case MODE_GET: enabled = snmp_get_do_debugging(); if ( enabled==0 ) enabled=2; /* false */ for (request = requests; request; request=request->next) { if (request->processed != 0) continue; snmp_set_var_typed_value(request->requestvb, ASN_INTEGER, (u_char*)&enabled, sizeof(enabled)); } break; #ifndef NETSNMP_NO_WRITE_SUPPORT case MODE_SET_RESERVE1: for (request = requests; request; request=request->next) { if (request->processed != 0) continue; if ( request->status != 0 ) { return SNMP_ERR_NOERROR; /* Already got an error */ } if ( request->requestvb->type != ASN_INTEGER ) { netsnmp_set_request_error(reqinfo, request, SNMP_ERR_WRONGTYPE); return SNMP_ERR_WRONGTYPE; } if (( *request->requestvb->val.integer != 1 ) && ( *request->requestvb->val.integer != 2 )) { netsnmp_set_request_error(reqinfo, request, SNMP_ERR_WRONGVALUE); return SNMP_ERR_WRONGVALUE; } } break; case MODE_SET_COMMIT: enabled = *requests->requestvb->val.integer; if (enabled == 2 ) /* false */ enabled = 0; snmp_set_do_debugging( enabled ); break; #endif /* !NETSNMP_NO_WRITE_SUPPORT */ } return SNMP_ERR_NOERROR; }
int log_handler_callback(netsnmp_log_handler* logh, int pri, const char *str) { /* * XXX - perhaps replace 'snmp_call_callbacks' processing * with individual callback log_handlers ?? */ struct snmp_log_message slm; int dodebug = snmp_get_do_debugging(); slm.priority = pri; slm.msg = str; if (dodebug) /* turn off debugging inside the callbacks else will loop */ snmp_set_do_debugging(0); snmp_call_callbacks(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_LOGGING, &slm); if (dodebug) snmp_set_do_debugging(dodebug); return 1; }
int setPass(int action, u_char * var_val, u_char var_val_type, size_t var_val_len, u_char * statP, oid * name, size_t name_len) { int i, rtest; struct extensible *passthru; char buf[SNMP_MAXBUF], buf2[SNMP_MAXBUF]; for (i = 1; i <= numpassthrus; i++) { passthru = get_exten_instance(passthrus, i); rtest = snmp_oidtree_compare(name, name_len, passthru->miboid, passthru->miblen); if (rtest <= 0) { if (action != ACTION) return SNMP_ERR_NOERROR; /* * setup args */ if (passthru->miblen >= name_len || rtest < 0) sprint_mib_oid(buf, passthru->miboid, passthru->miblen); else sprint_mib_oid(buf, name, name_len); snprintf(passthru->command, sizeof(passthru->command), "%s -s %s ", passthru->name, buf); passthru->command[ sizeof(passthru->command)-1 ] = 0; netsnmp_internal_pass_set_format(buf, var_val, var_val_type, var_val_len); strlcat(passthru->command, buf, sizeof(passthru->command)); DEBUGMSGTL(("ucd-snmp/pass", "pass-running: %s", passthru->command)); exec_command(passthru); DEBUGMSGTL(("ucd-snmp/pass", "pass-running returned: %s", passthru->output)); return netsnmp_internal_pass_str_to_errno(passthru->output); } } if (snmp_get_do_debugging()) { sprint_mib_oid(buf2, name, name_len); DEBUGMSGTL(("ucd-snmp/pass", "pass-notfound: %s\n", buf2)); } return SNMP_ERR_NOSUCHNAME; }
u_char * var_extensible_version(struct variable *vp, oid * name, size_t * length, int exact, size_t * var_len, WriteMethod ** write_method) { static long long_ret; static char errmsg[300]; char *cptr; time_t curtime; #ifdef CONFIGURE_OPTIONS static char config_opts[] = CONFIGURE_OPTIONS; #endif DEBUGMSGTL(("ucd-snmp/versioninfo", "var_extensible_version: ")); DEBUGMSGOID(("ucd-snmp/versioninfo", name, *length)); DEBUGMSG(("ucd-snmp/versioninfo", " %d\n", exact)); if (header_generic(vp, name, length, exact, var_len, write_method)) return (NULL); switch (vp->magic) { case MIBINDEX: long_ret = name[8]; return ((u_char *) (&long_ret)); case VERTAG: sprintf(errmsg, netsnmp_get_version()); *var_len = strlen(errmsg); return ((u_char *) errmsg); case VERDATE: sprintf(errmsg, "$Date: 2004/01/27 17:24:26 $"); *var_len = strlen(errmsg); return ((u_char *) errmsg); case VERCDATE: curtime = time(NULL); cptr = ctime(&curtime); sprintf(errmsg, cptr); *var_len = strlen(errmsg) - 1; return ((u_char *) errmsg); case VERIDENT: sprintf(errmsg, "$Id: versioninfo.c,v 5.2 2004/01/27 17:24:26 slif Exp $"); *var_len = strlen(errmsg); return ((u_char *) errmsg); case VERCONFIG: #ifdef CONFIGURE_OPTIONS *var_len = strlen(config_opts); if (*var_len > 1024) *var_len = 1024; /* mib imposed restriction */ return (u_char *) config_opts; #else sprintf(errmsg, ""); *var_len = strlen(errmsg); return ((u_char *) errmsg); #endif case VERCLEARCACHE: *write_method = clear_cache; long_ret = 0; return ((u_char *) & long_ret); case VERUPDATECONFIG: *write_method = update_hook; long_ret = 0; return ((u_char *) & long_ret); case VERRESTARTAGENT: *write_method = restart_hook; long_ret = 0; return ((u_char *) & long_ret); case VERSAVEPERSISTENT: *write_method = save_persistent; long_ret = 0; return ((u_char *) & long_ret); case VERDEBUGGING: *write_method = debugging_hook; long_ret = snmp_get_do_debugging(); return ((u_char *) & long_ret); } return NULL; }
/* * Print a description of the network interfaces. */ void intpro(int interval) { oid varname[MAX_OID_LEN], *instance, *ifentry; size_t varname_len; int ifnum, cfg_nnets; oid curifip [4]; struct variable_list *var; struct snmp_pdu *request, *response; int status; int ifindex, oldindex = 0; struct _if_info { int ifindex; char name[128]; char ip[128], route[128]; char ioctets[20], ierrs[20], ooctets[20], oerrs[20], outqueue[20]; int operstatus; u_long netmask; struct in_addr ifip, ifroute; } *if_table, *cur_if; int max_name = 4, max_route = 7, max_ip = 7, max_ioctets = 7, max_ooctets = 7; int i; if (interval) { sidewaysintpr((unsigned)interval); return; } var = getvarbyname(Session, oid_cfg_nnets, sizeof(oid_cfg_nnets) / sizeof(oid)); if (var && var->val.integer) { cfg_nnets = *var->val.integer; snmp_free_var(var); } else { fprintf (stderr, "No response when requesting number of interfaces.\n"); return; } DEBUGMSGTL (("netstat:if", "cfg_nnets = %d\n", cfg_nnets)); memset (curifip, 0, sizeof (curifip)); if_table = (struct _if_info *) calloc (cfg_nnets, sizeof (*if_table)); cur_if = if_table; for (ifnum = 1; ifnum <= cfg_nnets; ifnum++) { register char *cp; request = snmp_pdu_create (SNMP_MSG_GETNEXT); memmove (varname, oid_ipadentaddr, sizeof (oid_ipadentaddr)); varname_len = sizeof (oid_ipadentaddr) / sizeof (oid); instance = varname + 9; memmove (varname + 10, curifip, sizeof (curifip)); *instance = IPIFINDEX; snmp_add_null_var (request, varname, varname_len); *instance = IPADDR; snmp_add_null_var (request, varname, varname_len); *instance = IPNETMASK; snmp_add_null_var (request, varname, varname_len); status = snmp_synch_response (Session, request, &response); if (status != STAT_SUCCESS || response->errstat != SNMP_ERR_NOERROR) { fprintf (stderr, "SNMP request failed for interface %d, variable %ld out of %d interfaces (IP)\n", ifnum, response->errindex, cfg_nnets); cfg_nnets = ifnum; break; } for (var = response->variables; var; var = var->next_variable) { if (snmp_get_do_debugging()) { print_variable (var->name, var->name_length, var); } switch (var->name [9]) { case IPIFINDEX: ifindex = *var->val.integer; for (cur_if = if_table; cur_if->ifindex != ifindex && cur_if->ifindex != 0; cur_if++); cur_if->ifindex = ifindex; break; case IPADDR: memmove (curifip, var->name+10, sizeof (curifip)); memmove (&cur_if->ifip, var->val.string, sizeof (u_long)); break; case IPNETMASK: memmove (&cur_if->netmask, var->val.string, sizeof (u_long)); } } cur_if->ifroute.s_addr = cur_if->ifip.s_addr & cur_if->netmask; if (cur_if->ifroute.s_addr) strcpy(cur_if->route, netname (cur_if->ifroute, cur_if->netmask)); else strcpy(cur_if->route, "none"); if ((i = strlen(cur_if->route)) > max_route) max_route = i; if (cur_if->ifip.s_addr) strcpy(cur_if->ip, routename (cur_if->ifip)); else strcpy(cur_if->ip, "none"); if ((i = strlen(cur_if->ip)) > max_ip) max_ip = i; snmp_free_pdu (response); memmove (varname, oid_ifname, sizeof(oid_ifname)); varname_len = sizeof(oid_ifname) / sizeof(oid); ifentry = varname + 9; instance = varname + 10; request = snmp_pdu_create (SNMP_MSG_GETNEXT); *instance = oldindex; *ifentry = IFINDEX; snmp_add_null_var (request, varname, varname_len); *ifentry = IFNAME; snmp_add_null_var (request, varname, varname_len); *ifentry = IFOPERSTATUS; snmp_add_null_var (request, varname, varname_len); *ifentry = INOCTETS; snmp_add_null_var (request, varname, varname_len); *ifentry = OUTOCTETS; snmp_add_null_var (request, varname, varname_len); while ((status = snmp_synch_response (Session, request, &response)) == STAT_SUCCESS) { if (response->errstat != SNMP_ERR_NOSUCHNAME) break; if ((request = snmp_fix_pdu(response, SNMP_MSG_GETNEXT)) == NULL) break; snmp_free_pdu(response); } if (status != STAT_SUCCESS || response->errstat != SNMP_ERR_NOERROR) { fprintf (stderr, "SNMP request failed for interface %d, variable %ld out of %d interfaces (IF)\n", ifnum, response->errindex, cfg_nnets); cfg_nnets = ifnum; break; } for (var = response->variables; var; var = var->next_variable) { if (snmp_get_do_debugging()) { print_variable (var->name, var->name_length, var); } if (!var->val.integer) continue; switch (var->name [9]) { case IFINDEX: ifindex = *var->val.integer; for (cur_if = if_table; cur_if->ifindex != ifindex && cur_if->ifindex != 0; cur_if++); cur_if->ifindex = ifindex; break; case INOCTETS: sprintf(cur_if->ioctets, "%lu", *var->val.integer); i = strlen(cur_if->ioctets); if (i > max_ioctets) max_ioctets = i; break; case OUTOCTETS: sprintf(cur_if->ooctets, "%lu", *var->val.integer); i = strlen(cur_if->ooctets); if (i > max_ooctets) max_ooctets = i; break; case IFNAME: oldindex = var->name[10]; if (var->val_len >= sizeof(cur_if->name)) var->val_len = sizeof(cur_if->name) - 1; memmove (cur_if->name, var->val.string, var->val_len); cur_if->name [var->val_len] = 0; if ((i = strlen(cur_if->name)+1) > max_name) max_name = i; break; case IFOPERSTATUS: cur_if->operstatus = *var->val.integer; break; } } snmp_free_pdu (response); if (intrface != NULL && strcmp(cur_if->name, intrface) != 0) { cur_if->name [0] = 0; continue; } if (cur_if->operstatus != MIB_IFSTATUS_UP) { cp = strchr(cur_if->name, '\0'); *cp++ = '*'; *cp = '\0'; } } printf("%*.*s %*.*s %*.*s %*.*s %*.*s ", -max_name, max_name, "Name", -max_route, max_route, "Network", -max_ip, max_ip, "Address", max_ioctets, max_ioctets, "Ioctets", max_ooctets, max_ooctets, "Ooctets"); putchar('\n'); for (ifnum = 0, cur_if = if_table; ifnum < cfg_nnets; ifnum++, cur_if++) { if (cur_if->name [0] == 0) continue; printf("%*.*s ", -max_name, max_name, cur_if->name); printf("%*.*s ", -max_route, max_route, cur_if->route); printf("%*.*s ", -max_ip, max_ip, cur_if->ip); printf("%*s %*s", max_ioctets, cur_if->ioctets, max_ioctets, cur_if->ooctets); putchar('\n'); } free(if_table); }
int setPassPersist(int action, u_char * var_val, u_char var_val_type, size_t var_val_len, u_char * statP, oid * name, size_t name_len) { int i, rtest; struct extensible *persistpassthru; char buf[SNMP_MAXBUF], buf2[SNMP_MAXBUF]; /* * Make sure that our basic pipe structure is malloced */ init_persist_pipes(); for (i = 1; i <= numpersistpassthrus; i++) { persistpassthru = get_exten_instance(persistpassthrus, i); rtest = snmp_oidtree_compare(name, name_len, persistpassthru->miboid, persistpassthru->miblen); if (rtest <= 0) { if (action != ACTION) return SNMP_ERR_NOERROR; /* * setup args */ if (persistpassthru->miblen >= name_len || rtest < 0) sprint_mib_oid(buf, persistpassthru->miboid, persistpassthru->miblen); else sprint_mib_oid(buf, name, name_len); snprintf(persistpassthru->command, sizeof(persistpassthru->command), "set\n%s\n", buf); persistpassthru->command[ sizeof(persistpassthru->command)-1 ] = 0; netsnmp_internal_pass_set_format(buf, var_val, var_val_type, var_val_len); strlcat(persistpassthru->command, buf, sizeof(persistpassthru->command)); persistpassthru->command[ sizeof(persistpassthru->command)-2 ] = '\n'; persistpassthru->command[ sizeof(persistpassthru->command)-1 ] = 0; if (!open_persist_pipe(i, persistpassthru->name)) { return SNMP_ERR_NOTWRITABLE; } DEBUGMSGTL(("ucd-snmp/pass_persist", "persistpass-writing: %s\n", persistpassthru->command)); if (!write_persist_pipe(i, persistpassthru->command)) { close_persist_pipe(i); return SNMP_ERR_NOTWRITABLE; } if (fgets(buf, sizeof(buf), persist_pipes[i].fIn) == NULL) { close_persist_pipe(i); return SNMP_ERR_NOTWRITABLE; } return netsnmp_internal_pass_str_to_errno(buf); } } if (snmp_get_do_debugging()) { sprint_mib_oid(buf2, name, name_len); DEBUGMSGTL(("ucd-snmp/pass_persist", "persistpass-notfound: %s\n", buf2)); } return SNMP_ERR_NOSUCHNAME; }
int header_hrdisk(struct variable *vp, oid *name, int *length, int exact, int *var_len, WriteMethod **write_method) { #define HRDISK_ENTRY_NAME_LENGTH 11 oid newname[MAX_OID_LEN]; int disk_idx, LowIndex = -1; int result; char c_oid[SPRINT_MAX_LEN]; if (snmp_get_do_debugging()) { sprint_objid (c_oid, name, *length); DEBUGMSGTL(("host/hr_disk", "var_hrdisk: %s %d\n", c_oid, exact)); } memcpy( (char *)newname,(char *)vp->name, (int)vp->namelen * sizeof(oid)); /* Find "next" disk entry */ Init_HR_Disk(); for ( ;; ) { disk_idx = Get_Next_HR_Disk(); if ( disk_idx == -1 ) break; newname[HRDISK_ENTRY_NAME_LENGTH] = disk_idx; result = snmp_oid_compare(name, *length, newname, (int)vp->namelen + 1); if (exact && (result == 0)) { LowIndex = disk_idx; Save_HR_Disk_Specific(); break; } if ((!exact && (result < 0)) && ( LowIndex == -1 || disk_idx < LowIndex )) { LowIndex = disk_idx; Save_HR_Disk_Specific(); #ifdef HRD_MONOTONICALLY_INCREASING break; #endif } } if ( LowIndex == -1 ) { DEBUGMSGTL(("host/hr_disk", "... index out of range\n")); return(MATCH_FAILED); } newname[HRDISK_ENTRY_NAME_LENGTH] = LowIndex; memcpy( (char *)name,(char *)newname, ((int)vp->namelen + 1) * sizeof(oid)); *length = vp->namelen + 1; *write_method = 0; *var_len = sizeof(long); /* default to 'long' results */ if (snmp_get_do_debugging()) { sprint_objid (c_oid, name, *length); DEBUGMSGTL(("host/hr_disk", "... get disk stats %s\n", c_oid)); } return LowIndex; }
u_char * var_rip2(struct variable *vp, oid *name, int *length, int exact, int *var_len, WriteMethod **write_method) { u_char *var; int result; char c_oid[SPRINT_MAX_LEN]; if (snmp_get_do_debugging()) { sprint_objid (c_oid, name, *length); DEBUGMSGTL(("smux/snmp_rip2", "[var_rip2] var len %d, oid requested Len %d-%s\n",*var_len, *length,c_oid)); } /* * Pass on the request to Gated. * If the request sent out was a get next, check to see if * it lies in the rip2 range. If it doesn't, return NULL. * In either case, make sure that errors are checked on the * returned packets. */ /* No writes for now */ *write_method = NULL; /* * Donot allow access to the peer stuff as it crashes gated. * However A GetNext on the last 23.3.1.9 variable will force gated into * the peer stuff and cause it to crash. * The only way to fix this is to either solve the Gated problem, or * remove the peer variables from Gated itself and cause it to return * NULL at the crossing. Currently doing the later. */ /* Reject GET and GETNEXT for anything above rip2ifconf range */ result = snmp_oid_compare(name, *length, max_rip_mib, sizeof(max_rip_mib)/sizeof(u_int)); if (result >= 0) { DEBUGMSGTL(("smux/snmp_rip2", "Over shot\n")); return NULL; } /* for GETs we need to be in the rip2 range so reject anything below */ result = snmp_oid_compare(name, *length, min_rip_mib, sizeof(min_rip_mib)/sizeof(u_int)); if (exact && (result < 0)) { DEBUGMSGTL(("smux/snmp_rip2", "Exact but doesn't match length %d, size %d\n", *length, sizeof(min_rip_mib))); return NULL; } /* * On return, 'var' points to the value returned which is of length * '*var_len'. 'name' points to the new (same as the one passed in for * GETs) oid which has 'length' suboids. * 'smux_type' contains the type of the variable. */ var = smux_snmp_process(exact, name, length, var_len); if (snmp_get_do_debugging()) { DEBUGMSGTL(("smux/snmp_rip2", "[var_rip2] var len %d, oid obtained Len %d-%s\n",*var_len, *length,c_oid)); } vp->type = smux_type; /* XXX Need a mechanism to return errors in gated's responses */ if (var == NULL) return NULL; /* * Any resullt returned should be within the rip2 tree. * rip_mib - static u_int rip_mib[] = {1, 3, 6, 1, 2, 1, 23}; */ if (memcmp(rip_mib, name, sizeof(rip_mib)) != 0) { return NULL; } else { return var; } }
int vacm_check_view_contents(netsnmp_pdu *pdu, oid * name, size_t namelen, int check_subtree, int viewtype, int flags) { struct vacm_accessEntry *ap; struct vacm_groupEntry *gp; struct vacm_viewEntry *vp; char vacm_default_context[1] = ""; const char *contextName = vacm_default_context; const char *sn = NULL; char *vn; const char *pdu_community; /* * len defined by the vacmContextName object */ #define CONTEXTNAMEINDEXLEN 32 char contextNameIndex[CONTEXTNAMEINDEXLEN + 1]; #if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C) #if defined(NETSNMP_DISABLE_SNMPV1) if (pdu->version == SNMP_VERSION_2c) #else #if defined(NETSNMP_DISABLE_SNMPV2C) if (pdu->version == SNMP_VERSION_1) #else if (pdu->version == SNMP_VERSION_1 || pdu->version == SNMP_VERSION_2c) #endif #endif { pdu_community = (const char *) pdu->community; if (!pdu_community) pdu_community = ""; if (snmp_get_do_debugging()) { char *buf; if (pdu->community) { buf = (char *) malloc(1 + pdu->community_len); memcpy(buf, pdu->community, pdu->community_len); buf[pdu->community_len] = '\0'; } else { DEBUGMSGTL(("mibII/vacm_vars", "NULL community")); buf = strdup("NULL"); } DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: ver=%ld, community=%s\n", pdu->version, buf)); free(buf); } /* * Okay, if this PDU was received from a UDP or a TCP transport then * ask the transport abstraction layer to map its source address and * community string to a security name for us. */ if (0) { #ifdef NETSNMP_TRANSPORT_UDP_DOMAIN } else if (pdu->tDomain == netsnmpUDPDomain #ifdef NETSNMP_TRANSPORT_TCP_DOMAIN || pdu->tDomain == netsnmp_snmpTCPDomain #endif ) { if (!netsnmp_udp_getSecName(pdu->transport_data, pdu->transport_data_length, pdu_community, pdu->community_len, &sn, &contextName)) { /* * There are no com2sec entries. */ sn = NULL; } /* force the community -> context name mapping here */ SNMP_FREE(pdu->contextName); pdu->contextName = strdup(contextName); pdu->contextNameLen = strlen(contextName); #endif #ifdef NETSNMP_TRANSPORT_UDPIPV6_DOMAIN } else if (pdu->tDomain == netsnmp_UDPIPv6Domain #ifdef NETSNMP_TRANSPORT_TCPIPV6_DOMAIN || pdu->tDomain == netsnmp_TCPIPv6Domain #endif ) { if (!netsnmp_udp6_getSecName(pdu->transport_data, pdu->transport_data_length, pdu_community, pdu->community_len, &sn, &contextName)) { /* * There are no com2sec entries. */ sn = NULL; } /* force the community -> context name mapping here */ SNMP_FREE(pdu->contextName); pdu->contextName = strdup(contextName); pdu->contextNameLen = strlen(contextName); #endif #ifdef NETSNMP_TRANSPORT_UNIX_DOMAIN } else if (pdu->tDomain == netsnmp_UnixDomain){ if (!netsnmp_unix_getSecName(pdu->transport_data, pdu->transport_data_length, pdu_community, pdu->community_len, &sn, &contextName)) { sn = NULL; } /* force the community -> context name mapping here */ SNMP_FREE(pdu->contextName); pdu->contextName = strdup(contextName); pdu->contextNameLen = strlen(contextName); #endif } else { /* * Map other <community, transport-address> pairs to security names * here. For now just let non-IPv4 transport always succeed. * * WHAAAATTTT. No, we don't let non-IPv4 transports * succeed! You must fix this to make it usable, sorry. * From a security standpoint this is insane. -- Wes */ /** @todo alternate com2sec mappings for non v4 transports. Should be implemented via registration */ sn = NULL; } } else #endif /* support for community based SNMP */ if (find_sec_mod(pdu->securityModel)) { /* * any legal defined v3 security model */ DEBUGMSG(("mibII/vacm_vars", "vacm_in_view: ver=%ld, model=%d, secName=%s\n", pdu->version, pdu->securityModel, pdu->securityName)); sn = pdu->securityName; contextName = pdu->contextName; } else { sn = NULL; } if (sn == NULL) { #if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C) snmp_increment_statistic(STAT_SNMPINBADCOMMUNITYNAMES); #endif DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: No security name found\n")); return VACM_NOSECNAME; } if (pdu->contextNameLen > CONTEXTNAMEINDEXLEN) { DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: bad ctxt length %d\n", (int)pdu->contextNameLen)); return VACM_NOSUCHCONTEXT; } /* * NULL termination of the pdu field is ugly here. Do in PDU parsing? */ if (pdu->contextName) memcpy(contextNameIndex, pdu->contextName, pdu->contextNameLen); else contextNameIndex[0] = '\0'; contextNameIndex[pdu->contextNameLen] = '\0'; if (!(flags & VACM_CHECK_VIEW_CONTENTS_DNE_CONTEXT_OK) && !netsnmp_subtree_find_first(contextNameIndex)) { /* * rfc 3415 section 3.2, step 1 * no such context here; return no such context error */ DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: no such ctxt \"%s\"\n", contextNameIndex)); return VACM_NOSUCHCONTEXT; } DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: sn=%s", sn)); gp = vacm_getGroupEntry(pdu->securityModel, sn); if (gp == NULL) { DEBUGMSG(("mibII/vacm_vars", "\n")); return VACM_NOGROUP; } DEBUGMSG(("mibII/vacm_vars", ", gn=%s", gp->groupName)); ap = vacm_getAccessEntry(gp->groupName, contextNameIndex, pdu->securityModel, pdu->securityLevel); if (ap == NULL) { DEBUGMSG(("mibII/vacm_vars", "\n")); return VACM_NOACCESS; } if (name == NULL) { /* only check the setup of the vacm for the request */ DEBUGMSG(("mibII/vacm_vars", ", Done checking setup\n")); return VACM_SUCCESS; } if (viewtype < 0 || viewtype >= VACM_MAX_VIEWS) { DEBUGMSG(("mibII/vacm_vars", " illegal view type\n")); return VACM_NOACCESS; } vn = ap->views[viewtype]; DEBUGMSG(("mibII/vacm_vars", ", vn=%s", vn)); if (check_subtree) { DEBUGMSG(("mibII/vacm_vars", "\n")); return vacm_checkSubtree(vn, name, namelen); } vp = vacm_getViewEntry(vn, name, namelen, VACM_MODE_FIND); if (vp == NULL) { DEBUGMSG(("mibII/vacm_vars", "\n")); return VACM_NOVIEW; } DEBUGMSG(("mibII/vacm_vars", ", vt=%d\n", vp->viewType)); if (vp->viewType == SNMP_VIEW_EXCLUDED) { #if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C) #if defined(NETSNMP_DISABLE_SNMPV1) if (pdu->version == SNMP_VERSION_2c) #else #if defined(NETSNMP_DISABLE_SNMPV2C) if (pdu->version == SNMP_VERSION_1) #else if (pdu->version == SNMP_VERSION_1 || pdu->version == SNMP_VERSION_2c) #endif #endif { snmp_increment_statistic(STAT_SNMPINBADCOMMUNITYUSES); } #endif return VACM_NOTINVIEW; } return VACM_SUCCESS; } /* end vacm_in_view() */