int
header_system(struct variable *vp,
oid *name,
int *length,
int exact,
int *var_len,
WriteMethod **write_method)
{
#define SYSTEM_NAME_LENGTH 8
oid newname[MAX_OID_LEN];
int result;
char c_oid[SPRINT_MAX_LEN];
if (snmp_get_do_debugging()) {
sprint_objid (c_oid, name, *length);
DEBUGMSGTL(("mibII/system", "var_system: %s %d\n", c_oid, exact));
DEBUGMSGTL(("mibII/system", "vp len: %d / %d\n", vp->namelen, 8));
}
memcpy((char *)newname, (char *)vp->name, (int)vp->namelen * sizeof(oid));
newname[SYSTEM_NAME_LENGTH] = 0;
result = snmp_oid_compare(name, *length, newname, (int)vp->namelen + 1);
if ((exact && (result != 0)) || (!exact && (result >= 0)))
return(MATCH_FAILED);
memcpy( (char *)name,(char *)newname, ((int)vp->namelen + 1) * sizeof(oid));
*length = vp->namelen + 1;
*write_method = 0;
*var_len = sizeof(long); /* default to 'long' results */
return(MATCH_SUCCEEDED);
}
/** Reads kernel memory.
* Seeks to the specified location in kmem, then
* does a read of given amount ob bytes into target buffer.
*
* @param off The location to seek.
*
* @param target The target buffer to read into.
*
* @param siz Number of bytes to read.
*
* @return gives 1 on success and 0 on failure.
*/
int klookup (unsigned long off, void *target, size_t siz)
{
long retsiz;
if (kmem < 0)
return 0;
if ((retsiz = klseek ((off_t) off)) != off)
{
snmp_log (LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz);
snmp_log_perror ("klseek");
return (0);
}
if ((retsiz = klread (target, siz)) != siz)
{
if (snmp_get_do_debugging ())
{
/*
* these happen too often on too many architectures to print them
* unless we're in debugging mode. People get very full log files.
*/
snmp_log (LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz);
snmp_log_perror ("klread");
}
return (0);
}
DEBUGMSGTL (("verbose:kernel:klookup", "klookup(%lx, %p, %d) succeeded", off, target, siz));
return (1);
}
int
klookup(unsigned long off,
char *target,
int siz)
{
long retsiz;
if (kmem < 0) return 0;
if ((retsiz = klseek((off_t) off)) != off) {
snmp_log(LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz);
snmp_log_perror("klseek");
#ifdef EXIT_ON_BAD_KLREAD
exit(1);
#endif
return (0);
}
if ((retsiz = klread(target, siz)) != siz ) {
if (snmp_get_do_debugging()) {
/* these happen too often on too many architectures to print them
unless we're in debugging mode. People get very full log files. */
snmp_log(LOG_ERR, "klookup(%lx, %p, %d): ", off, target, siz);
snmp_log_perror("klread");
}
#ifdef EXIT_ON_BAD_KLREAD
exit(1);
#endif
return(0);
}
return (1);
}
int
handle_nsDebugOutputAll(netsnmp_mib_handler *handler,
netsnmp_handler_registration *reginfo,
netsnmp_agent_request_info *reqinfo,
netsnmp_request_info *requests)
{
long enabled;
netsnmp_request_info *request=NULL;
switch (reqinfo->mode) {
case MODE_GET:
enabled = snmp_get_do_debugging();
if ( enabled==0 )
enabled=2; /* false */
for (request = requests; request; request=request->next) {
if (request->processed != 0)
continue;
snmp_set_var_typed_value(request->requestvb, ASN_INTEGER,
(u_char*)&enabled, sizeof(enabled));
}
break;
#ifndef NETSNMP_NO_WRITE_SUPPORT
case MODE_SET_RESERVE1:
for (request = requests; request; request=request->next) {
if (request->processed != 0)
continue;
if ( request->status != 0 ) {
return SNMP_ERR_NOERROR; /* Already got an error */
}
if ( request->requestvb->type != ASN_INTEGER ) {
netsnmp_set_request_error(reqinfo, request, SNMP_ERR_WRONGTYPE);
return SNMP_ERR_WRONGTYPE;
}
if (( *request->requestvb->val.integer != 1 ) &&
( *request->requestvb->val.integer != 2 )) {
netsnmp_set_request_error(reqinfo, request, SNMP_ERR_WRONGVALUE);
return SNMP_ERR_WRONGVALUE;
}
}
break;
case MODE_SET_COMMIT:
enabled = *requests->requestvb->val.integer;
if (enabled == 2 ) /* false */
enabled = 0;
snmp_set_do_debugging( enabled );
break;
#endif /* !NETSNMP_NO_WRITE_SUPPORT */
}
return SNMP_ERR_NOERROR;
}
int
log_handler_callback(netsnmp_log_handler* logh, int pri, const char *str)
{
/*
* XXX - perhaps replace 'snmp_call_callbacks' processing
* with individual callback log_handlers ??
*/
struct snmp_log_message slm;
int dodebug = snmp_get_do_debugging();
slm.priority = pri;
slm.msg = str;
if (dodebug) /* turn off debugging inside the callbacks else will loop */
snmp_set_do_debugging(0);
snmp_call_callbacks(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_LOGGING, &slm);
if (dodebug)
snmp_set_do_debugging(dodebug);
return 1;
}
int
setPass(int action, u_char * var_val, u_char var_val_type,
size_t var_val_len, u_char * statP, oid * name, size_t name_len)
{
int i, rtest;
struct extensible *passthru;
char buf[SNMP_MAXBUF], buf2[SNMP_MAXBUF];
for (i = 1; i <= numpassthrus; i++) {
passthru = get_exten_instance(passthrus, i);
rtest = snmp_oidtree_compare(name, name_len,
passthru->miboid, passthru->miblen);
if (rtest <= 0) {
if (action != ACTION)
return SNMP_ERR_NOERROR;
/*
* setup args
*/
if (passthru->miblen >= name_len || rtest < 0)
sprint_mib_oid(buf, passthru->miboid, passthru->miblen);
else
sprint_mib_oid(buf, name, name_len);
snprintf(passthru->command, sizeof(passthru->command),
"%s -s %s ", passthru->name, buf);
passthru->command[ sizeof(passthru->command)-1 ] = 0;
netsnmp_internal_pass_set_format(buf, var_val, var_val_type, var_val_len);
strlcat(passthru->command, buf, sizeof(passthru->command));
DEBUGMSGTL(("ucd-snmp/pass", "pass-running: %s",
passthru->command));
exec_command(passthru);
DEBUGMSGTL(("ucd-snmp/pass", "pass-running returned: %s",
passthru->output));
return netsnmp_internal_pass_str_to_errno(passthru->output);
}
}
if (snmp_get_do_debugging()) {
sprint_mib_oid(buf2, name, name_len);
DEBUGMSGTL(("ucd-snmp/pass", "pass-notfound: %s\n", buf2));
}
return SNMP_ERR_NOSUCHNAME;
}
u_char *
var_extensible_version(struct variable *vp,
oid * name,
size_t * length,
int exact,
size_t * var_len, WriteMethod ** write_method)
{
static long long_ret;
static char errmsg[300];
char *cptr;
time_t curtime;
#ifdef CONFIGURE_OPTIONS
static char config_opts[] = CONFIGURE_OPTIONS;
#endif
DEBUGMSGTL(("ucd-snmp/versioninfo", "var_extensible_version: "));
DEBUGMSGOID(("ucd-snmp/versioninfo", name, *length));
DEBUGMSG(("ucd-snmp/versioninfo", " %d\n", exact));
if (header_generic(vp, name, length, exact, var_len, write_method))
return (NULL);
switch (vp->magic) {
case MIBINDEX:
long_ret = name[8];
return ((u_char *) (&long_ret));
case VERTAG:
sprintf(errmsg, netsnmp_get_version());
*var_len = strlen(errmsg);
return ((u_char *) errmsg);
case VERDATE:
sprintf(errmsg, "$Date: 2004/01/27 17:24:26 $");
*var_len = strlen(errmsg);
return ((u_char *) errmsg);
case VERCDATE:
curtime = time(NULL);
cptr = ctime(&curtime);
sprintf(errmsg, cptr);
*var_len = strlen(errmsg) - 1;
return ((u_char *) errmsg);
case VERIDENT:
sprintf(errmsg,
"$Id: versioninfo.c,v 5.2 2004/01/27 17:24:26 slif Exp $");
*var_len = strlen(errmsg);
return ((u_char *) errmsg);
case VERCONFIG:
#ifdef CONFIGURE_OPTIONS
*var_len = strlen(config_opts);
if (*var_len > 1024)
*var_len = 1024; /* mib imposed restriction */
return (u_char *) config_opts;
#else
sprintf(errmsg, "");
*var_len = strlen(errmsg);
return ((u_char *) errmsg);
#endif
case VERCLEARCACHE:
*write_method = clear_cache;
long_ret = 0;
return ((u_char *) & long_ret);
case VERUPDATECONFIG:
*write_method = update_hook;
long_ret = 0;
return ((u_char *) & long_ret);
case VERRESTARTAGENT:
*write_method = restart_hook;
long_ret = 0;
return ((u_char *) & long_ret);
case VERSAVEPERSISTENT:
*write_method = save_persistent;
long_ret = 0;
return ((u_char *) & long_ret);
case VERDEBUGGING:
*write_method = debugging_hook;
long_ret = snmp_get_do_debugging();
return ((u_char *) & long_ret);
}
return NULL;
}
/*
* Print a description of the network interfaces.
*/
void
intpro(int interval)
{
oid varname[MAX_OID_LEN], *instance, *ifentry;
size_t varname_len;
int ifnum, cfg_nnets;
oid curifip [4];
struct variable_list *var;
struct snmp_pdu *request, *response;
int status;
int ifindex, oldindex = 0;
struct _if_info {
int ifindex;
char name[128];
char ip[128], route[128];
char ioctets[20], ierrs[20], ooctets[20], oerrs[20], outqueue[20];
int operstatus;
u_long netmask;
struct in_addr ifip, ifroute;
} *if_table, *cur_if;
int max_name = 4, max_route = 7, max_ip = 7, max_ioctets = 7, max_ooctets = 7;
int i;
if (interval) {
sidewaysintpr((unsigned)interval);
return;
}
var = getvarbyname(Session, oid_cfg_nnets, sizeof(oid_cfg_nnets) / sizeof(oid));
if (var && var->val.integer) {
cfg_nnets = *var->val.integer;
snmp_free_var(var);
}
else {
fprintf (stderr, "No response when requesting number of interfaces.\n");
return;
}
DEBUGMSGTL (("netstat:if", "cfg_nnets = %d\n", cfg_nnets));
memset (curifip, 0, sizeof (curifip));
if_table = (struct _if_info *) calloc (cfg_nnets, sizeof (*if_table));
cur_if = if_table;
for (ifnum = 1; ifnum <= cfg_nnets; ifnum++) {
register char *cp;
request = snmp_pdu_create (SNMP_MSG_GETNEXT);
memmove (varname, oid_ipadentaddr, sizeof (oid_ipadentaddr));
varname_len = sizeof (oid_ipadentaddr) / sizeof (oid);
instance = varname + 9;
memmove (varname + 10, curifip, sizeof (curifip));
*instance = IPIFINDEX;
snmp_add_null_var (request, varname, varname_len);
*instance = IPADDR;
snmp_add_null_var (request, varname, varname_len);
*instance = IPNETMASK;
snmp_add_null_var (request, varname, varname_len);
status = snmp_synch_response (Session, request, &response);
if (status != STAT_SUCCESS || response->errstat != SNMP_ERR_NOERROR) {
fprintf (stderr, "SNMP request failed for interface %d, variable %ld out of %d interfaces (IP)\n", ifnum, response->errindex, cfg_nnets);
cfg_nnets = ifnum;
break;
}
for (var = response->variables; var; var = var->next_variable) {
if (snmp_get_do_debugging()) {
print_variable (var->name, var->name_length, var);
}
switch (var->name [9]) {
case IPIFINDEX:
ifindex = *var->val.integer;
for (cur_if = if_table; cur_if->ifindex != ifindex && cur_if->ifindex != 0; cur_if++);
cur_if->ifindex = ifindex;
break;
case IPADDR:
memmove (curifip, var->name+10, sizeof (curifip));
memmove (&cur_if->ifip, var->val.string, sizeof (u_long));
break;
case IPNETMASK:
memmove (&cur_if->netmask, var->val.string, sizeof (u_long));
}
}
cur_if->ifroute.s_addr = cur_if->ifip.s_addr & cur_if->netmask;
if (cur_if->ifroute.s_addr)
strcpy(cur_if->route, netname (cur_if->ifroute, cur_if->netmask));
else strcpy(cur_if->route, "none");
if ((i = strlen(cur_if->route)) > max_route) max_route = i;
if (cur_if->ifip.s_addr)
strcpy(cur_if->ip, routename (cur_if->ifip));
else strcpy(cur_if->ip, "none");
if ((i = strlen(cur_if->ip)) > max_ip) max_ip = i;
snmp_free_pdu (response);
memmove (varname, oid_ifname, sizeof(oid_ifname));
varname_len = sizeof(oid_ifname) / sizeof(oid);
ifentry = varname + 9;
instance = varname + 10;
request = snmp_pdu_create (SNMP_MSG_GETNEXT);
*instance = oldindex;
*ifentry = IFINDEX;
snmp_add_null_var (request, varname, varname_len);
*ifentry = IFNAME;
snmp_add_null_var (request, varname, varname_len);
*ifentry = IFOPERSTATUS;
snmp_add_null_var (request, varname, varname_len);
*ifentry = INOCTETS;
snmp_add_null_var (request, varname, varname_len);
*ifentry = OUTOCTETS;
snmp_add_null_var (request, varname, varname_len);
while ((status = snmp_synch_response (Session, request, &response)) == STAT_SUCCESS) {
if (response->errstat != SNMP_ERR_NOSUCHNAME)
break;
if ((request = snmp_fix_pdu(response, SNMP_MSG_GETNEXT)) == NULL)
break;
snmp_free_pdu(response);
}
if (status != STAT_SUCCESS || response->errstat != SNMP_ERR_NOERROR) {
fprintf (stderr, "SNMP request failed for interface %d, variable %ld out of %d interfaces (IF)\n", ifnum, response->errindex, cfg_nnets);
cfg_nnets = ifnum;
break;
}
for (var = response->variables; var; var = var->next_variable) {
if (snmp_get_do_debugging()) {
print_variable (var->name, var->name_length, var);
}
if (!var->val.integer) continue;
switch (var->name [9]) {
case IFINDEX:
ifindex = *var->val.integer;
for (cur_if = if_table; cur_if->ifindex != ifindex && cur_if->ifindex != 0; cur_if++);
cur_if->ifindex = ifindex;
break;
case INOCTETS:
sprintf(cur_if->ioctets, "%lu", *var->val.integer);
i = strlen(cur_if->ioctets);
if (i > max_ioctets) max_ioctets = i;
break;
case OUTOCTETS:
sprintf(cur_if->ooctets, "%lu", *var->val.integer);
i = strlen(cur_if->ooctets);
if (i > max_ooctets) max_ooctets = i;
break;
case IFNAME:
oldindex = var->name[10];
if (var->val_len >= sizeof(cur_if->name))
var->val_len = sizeof(cur_if->name) - 1;
memmove (cur_if->name, var->val.string, var->val_len);
cur_if->name [var->val_len] = 0;
if ((i = strlen(cur_if->name)+1) > max_name) max_name = i;
break;
case IFOPERSTATUS:
cur_if->operstatus = *var->val.integer; break;
}
}
snmp_free_pdu (response);
if (intrface != NULL && strcmp(cur_if->name, intrface) != 0) {
cur_if->name [0] = 0;
continue;
}
if (cur_if->operstatus != MIB_IFSTATUS_UP) {
cp = strchr(cur_if->name, '\0');
*cp++ = '*';
*cp = '\0';
}
}
printf("%*.*s %*.*s %*.*s %*.*s %*.*s ",
-max_name, max_name, "Name",
-max_route, max_route, "Network",
-max_ip, max_ip, "Address",
max_ioctets, max_ioctets, "Ioctets",
max_ooctets, max_ooctets, "Ooctets");
putchar('\n');
for (ifnum = 0, cur_if = if_table; ifnum < cfg_nnets; ifnum++, cur_if++) {
if (cur_if->name [0] == 0) continue;
printf("%*.*s ", -max_name, max_name, cur_if->name);
printf("%*.*s ", -max_route, max_route, cur_if->route);
printf("%*.*s ", -max_ip, max_ip, cur_if->ip);
printf("%*s %*s", max_ioctets, cur_if->ioctets,
max_ioctets, cur_if->ooctets);
putchar('\n');
}
free(if_table);
}
int
setPassPersist(int action,
u_char * var_val,
u_char var_val_type,
size_t var_val_len,
u_char * statP, oid * name, size_t name_len)
{
int i, rtest;
struct extensible *persistpassthru;
char buf[SNMP_MAXBUF], buf2[SNMP_MAXBUF];
/*
* Make sure that our basic pipe structure is malloced
*/
init_persist_pipes();
for (i = 1; i <= numpersistpassthrus; i++) {
persistpassthru = get_exten_instance(persistpassthrus, i);
rtest = snmp_oidtree_compare(name, name_len,
persistpassthru->miboid,
persistpassthru->miblen);
if (rtest <= 0) {
if (action != ACTION)
return SNMP_ERR_NOERROR;
/*
* setup args
*/
if (persistpassthru->miblen >= name_len || rtest < 0)
sprint_mib_oid(buf, persistpassthru->miboid,
persistpassthru->miblen);
else
sprint_mib_oid(buf, name, name_len);
snprintf(persistpassthru->command,
sizeof(persistpassthru->command), "set\n%s\n", buf);
persistpassthru->command[ sizeof(persistpassthru->command)-1 ] = 0;
netsnmp_internal_pass_set_format(buf, var_val, var_val_type, var_val_len);
strlcat(persistpassthru->command, buf,
sizeof(persistpassthru->command));
persistpassthru->command[ sizeof(persistpassthru->command)-2 ] = '\n';
persistpassthru->command[ sizeof(persistpassthru->command)-1 ] = 0;
if (!open_persist_pipe(i, persistpassthru->name)) {
return SNMP_ERR_NOTWRITABLE;
}
DEBUGMSGTL(("ucd-snmp/pass_persist",
"persistpass-writing: %s\n",
persistpassthru->command));
if (!write_persist_pipe(i, persistpassthru->command)) {
close_persist_pipe(i);
return SNMP_ERR_NOTWRITABLE;
}
if (fgets(buf, sizeof(buf), persist_pipes[i].fIn) == NULL) {
close_persist_pipe(i);
return SNMP_ERR_NOTWRITABLE;
}
return netsnmp_internal_pass_str_to_errno(buf);
}
}
if (snmp_get_do_debugging()) {
sprint_mib_oid(buf2, name, name_len);
DEBUGMSGTL(("ucd-snmp/pass_persist", "persistpass-notfound: %s\n",
buf2));
}
return SNMP_ERR_NOSUCHNAME;
}
int
header_hrdisk(struct variable *vp,
oid *name,
int *length,
int exact,
int *var_len,
WriteMethod **write_method)
{
#define HRDISK_ENTRY_NAME_LENGTH 11
oid newname[MAX_OID_LEN];
int disk_idx, LowIndex = -1;
int result;
char c_oid[SPRINT_MAX_LEN];
if (snmp_get_do_debugging()) {
sprint_objid (c_oid, name, *length);
DEBUGMSGTL(("host/hr_disk", "var_hrdisk: %s %d\n", c_oid, exact));
}
memcpy( (char *)newname,(char *)vp->name, (int)vp->namelen * sizeof(oid));
/* Find "next" disk entry */
Init_HR_Disk();
for ( ;; ) {
disk_idx = Get_Next_HR_Disk();
if ( disk_idx == -1 )
break;
newname[HRDISK_ENTRY_NAME_LENGTH] = disk_idx;
result = snmp_oid_compare(name, *length, newname, (int)vp->namelen + 1);
if (exact && (result == 0)) {
LowIndex = disk_idx;
Save_HR_Disk_Specific();
break;
}
if ((!exact && (result < 0)) &&
( LowIndex == -1 || disk_idx < LowIndex )) {
LowIndex = disk_idx;
Save_HR_Disk_Specific();
#ifdef HRD_MONOTONICALLY_INCREASING
break;
#endif
}
}
if ( LowIndex == -1 ) {
DEBUGMSGTL(("host/hr_disk", "... index out of range\n"));
return(MATCH_FAILED);
}
newname[HRDISK_ENTRY_NAME_LENGTH] = LowIndex;
memcpy( (char *)name,(char *)newname, ((int)vp->namelen + 1) * sizeof(oid));
*length = vp->namelen + 1;
*write_method = 0;
*var_len = sizeof(long); /* default to 'long' results */
if (snmp_get_do_debugging()) {
sprint_objid (c_oid, name, *length);
DEBUGMSGTL(("host/hr_disk", "... get disk stats %s\n", c_oid));
}
return LowIndex;
}
u_char *
var_rip2(struct variable *vp,
oid *name,
int *length,
int exact,
int *var_len,
WriteMethod **write_method)
{
u_char *var;
int result;
char c_oid[SPRINT_MAX_LEN];
if (snmp_get_do_debugging()) {
sprint_objid (c_oid, name, *length);
DEBUGMSGTL(("smux/snmp_rip2", "[var_rip2] var len %d, oid requested Len %d-%s\n",*var_len, *length,c_oid));
}
/*
* Pass on the request to Gated.
* If the request sent out was a get next, check to see if
* it lies in the rip2 range. If it doesn't, return NULL.
* In either case, make sure that errors are checked on the
* returned packets.
*/
/* No writes for now */
*write_method = NULL;
/*
* Donot allow access to the peer stuff as it crashes gated.
* However A GetNext on the last 23.3.1.9 variable will force gated into
* the peer stuff and cause it to crash.
* The only way to fix this is to either solve the Gated problem, or
* remove the peer variables from Gated itself and cause it to return
* NULL at the crossing. Currently doing the later.
*/
/* Reject GET and GETNEXT for anything above rip2ifconf range */
result = snmp_oid_compare(name, *length, max_rip_mib,
sizeof(max_rip_mib)/sizeof(u_int));
if (result >= 0) {
DEBUGMSGTL(("smux/snmp_rip2", "Over shot\n"));
return NULL;
}
/* for GETs we need to be in the rip2 range so reject anything below */
result = snmp_oid_compare(name, *length, min_rip_mib,
sizeof(min_rip_mib)/sizeof(u_int));
if (exact && (result < 0)) {
DEBUGMSGTL(("smux/snmp_rip2",
"Exact but doesn't match length %d, size %d\n",
*length, sizeof(min_rip_mib)));
return NULL;
}
/*
* On return, 'var' points to the value returned which is of length
* '*var_len'. 'name' points to the new (same as the one passed in for
* GETs) oid which has 'length' suboids.
* 'smux_type' contains the type of the variable.
*/
var = smux_snmp_process(exact, name, length, var_len);
if (snmp_get_do_debugging()) {
DEBUGMSGTL(("smux/snmp_rip2", "[var_rip2] var len %d, oid obtained Len %d-%s\n",*var_len, *length,c_oid));
}
vp->type = smux_type;
/* XXX Need a mechanism to return errors in gated's responses */
if (var == NULL)
return NULL;
/*
* Any resullt returned should be within the rip2 tree.
* rip_mib - static u_int rip_mib[] = {1, 3, 6, 1, 2, 1, 23};
*/
if (memcmp(rip_mib, name, sizeof(rip_mib)) != 0) {
return NULL;
}
else {
return var;
}
}
int
vacm_check_view_contents(netsnmp_pdu *pdu, oid * name, size_t namelen,
int check_subtree, int viewtype, int flags)
{
struct vacm_accessEntry *ap;
struct vacm_groupEntry *gp;
struct vacm_viewEntry *vp;
char vacm_default_context[1] = "";
const char *contextName = vacm_default_context;
const char *sn = NULL;
char *vn;
const char *pdu_community;
/*
* len defined by the vacmContextName object
*/
#define CONTEXTNAMEINDEXLEN 32
char contextNameIndex[CONTEXTNAMEINDEXLEN + 1];
#if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C)
#if defined(NETSNMP_DISABLE_SNMPV1)
if (pdu->version == SNMP_VERSION_2c)
#else
#if defined(NETSNMP_DISABLE_SNMPV2C)
if (pdu->version == SNMP_VERSION_1)
#else
if (pdu->version == SNMP_VERSION_1 || pdu->version == SNMP_VERSION_2c)
#endif
#endif
{
pdu_community = (const char *) pdu->community;
if (!pdu_community)
pdu_community = "";
if (snmp_get_do_debugging()) {
char *buf;
if (pdu->community) {
buf = (char *) malloc(1 + pdu->community_len);
memcpy(buf, pdu->community, pdu->community_len);
buf[pdu->community_len] = '\0';
} else {
DEBUGMSGTL(("mibII/vacm_vars", "NULL community"));
buf = strdup("NULL");
}
DEBUGMSGTL(("mibII/vacm_vars",
"vacm_in_view: ver=%ld, community=%s\n",
pdu->version, buf));
free(buf);
}
/*
* Okay, if this PDU was received from a UDP or a TCP transport then
* ask the transport abstraction layer to map its source address and
* community string to a security name for us.
*/
if (0) {
#ifdef NETSNMP_TRANSPORT_UDP_DOMAIN
} else if (pdu->tDomain == netsnmpUDPDomain
#ifdef NETSNMP_TRANSPORT_TCP_DOMAIN
|| pdu->tDomain == netsnmp_snmpTCPDomain
#endif
) {
if (!netsnmp_udp_getSecName(pdu->transport_data,
pdu->transport_data_length,
pdu_community,
pdu->community_len, &sn,
&contextName)) {
/*
* There are no com2sec entries.
*/
sn = NULL;
}
/* force the community -> context name mapping here */
SNMP_FREE(pdu->contextName);
pdu->contextName = strdup(contextName);
pdu->contextNameLen = strlen(contextName);
#endif
#ifdef NETSNMP_TRANSPORT_UDPIPV6_DOMAIN
} else if (pdu->tDomain == netsnmp_UDPIPv6Domain
#ifdef NETSNMP_TRANSPORT_TCPIPV6_DOMAIN
|| pdu->tDomain == netsnmp_TCPIPv6Domain
#endif
) {
if (!netsnmp_udp6_getSecName(pdu->transport_data,
pdu->transport_data_length,
pdu_community,
pdu->community_len, &sn,
&contextName)) {
/*
* There are no com2sec entries.
*/
sn = NULL;
}
/* force the community -> context name mapping here */
SNMP_FREE(pdu->contextName);
pdu->contextName = strdup(contextName);
pdu->contextNameLen = strlen(contextName);
#endif
#ifdef NETSNMP_TRANSPORT_UNIX_DOMAIN
} else if (pdu->tDomain == netsnmp_UnixDomain){
if (!netsnmp_unix_getSecName(pdu->transport_data,
pdu->transport_data_length,
pdu_community,
pdu->community_len, &sn,
&contextName)) {
sn = NULL;
}
/* force the community -> context name mapping here */
SNMP_FREE(pdu->contextName);
pdu->contextName = strdup(contextName);
pdu->contextNameLen = strlen(contextName);
#endif
} else {
/*
* Map other <community, transport-address> pairs to security names
* here. For now just let non-IPv4 transport always succeed.
*
* WHAAAATTTT. No, we don't let non-IPv4 transports
* succeed! You must fix this to make it usable, sorry.
* From a security standpoint this is insane. -- Wes
*/
/** @todo alternate com2sec mappings for non v4 transports.
Should be implemented via registration */
sn = NULL;
}
} else
#endif /* support for community based SNMP */
if (find_sec_mod(pdu->securityModel)) {
/*
* any legal defined v3 security model
*/
DEBUGMSG(("mibII/vacm_vars",
"vacm_in_view: ver=%ld, model=%d, secName=%s\n",
pdu->version, pdu->securityModel, pdu->securityName));
sn = pdu->securityName;
contextName = pdu->contextName;
} else {
sn = NULL;
}
if (sn == NULL) {
#if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C)
snmp_increment_statistic(STAT_SNMPINBADCOMMUNITYNAMES);
#endif
DEBUGMSGTL(("mibII/vacm_vars",
"vacm_in_view: No security name found\n"));
return VACM_NOSECNAME;
}
if (pdu->contextNameLen > CONTEXTNAMEINDEXLEN) {
DEBUGMSGTL(("mibII/vacm_vars",
"vacm_in_view: bad ctxt length %d\n",
(int)pdu->contextNameLen));
return VACM_NOSUCHCONTEXT;
}
/*
* NULL termination of the pdu field is ugly here. Do in PDU parsing?
*/
if (pdu->contextName)
memcpy(contextNameIndex, pdu->contextName, pdu->contextNameLen);
else
contextNameIndex[0] = '\0';
contextNameIndex[pdu->contextNameLen] = '\0';
if (!(flags & VACM_CHECK_VIEW_CONTENTS_DNE_CONTEXT_OK) &&
!netsnmp_subtree_find_first(contextNameIndex)) {
/*
* rfc 3415 section 3.2, step 1
* no such context here; return no such context error
*/
DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: no such ctxt \"%s\"\n",
contextNameIndex));
return VACM_NOSUCHCONTEXT;
}
DEBUGMSGTL(("mibII/vacm_vars", "vacm_in_view: sn=%s", sn));
gp = vacm_getGroupEntry(pdu->securityModel, sn);
if (gp == NULL) {
DEBUGMSG(("mibII/vacm_vars", "\n"));
return VACM_NOGROUP;
}
DEBUGMSG(("mibII/vacm_vars", ", gn=%s", gp->groupName));
ap = vacm_getAccessEntry(gp->groupName, contextNameIndex,
pdu->securityModel, pdu->securityLevel);
if (ap == NULL) {
DEBUGMSG(("mibII/vacm_vars", "\n"));
return VACM_NOACCESS;
}
if (name == NULL) { /* only check the setup of the vacm for the request */
DEBUGMSG(("mibII/vacm_vars", ", Done checking setup\n"));
return VACM_SUCCESS;
}
if (viewtype < 0 || viewtype >= VACM_MAX_VIEWS) {
DEBUGMSG(("mibII/vacm_vars", " illegal view type\n"));
return VACM_NOACCESS;
}
vn = ap->views[viewtype];
DEBUGMSG(("mibII/vacm_vars", ", vn=%s", vn));
if (check_subtree) {
DEBUGMSG(("mibII/vacm_vars", "\n"));
return vacm_checkSubtree(vn, name, namelen);
}
vp = vacm_getViewEntry(vn, name, namelen, VACM_MODE_FIND);
if (vp == NULL) {
DEBUGMSG(("mibII/vacm_vars", "\n"));
return VACM_NOVIEW;
}
DEBUGMSG(("mibII/vacm_vars", ", vt=%d\n", vp->viewType));
if (vp->viewType == SNMP_VIEW_EXCLUDED) {
#if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C)
#if defined(NETSNMP_DISABLE_SNMPV1)
if (pdu->version == SNMP_VERSION_2c)
#else
#if defined(NETSNMP_DISABLE_SNMPV2C)
if (pdu->version == SNMP_VERSION_1)
#else
if (pdu->version == SNMP_VERSION_1 || pdu->version == SNMP_VERSION_2c)
#endif
#endif
{
snmp_increment_statistic(STAT_SNMPINBADCOMMUNITYUSES);
}
#endif
return VACM_NOTINVIEW;
}
return VACM_SUCCESS;
} /* end vacm_in_view() */
