netsnmp_session *get_target_sessions (char *taglist, TargetFilterFunction * filterfunct, void *filterArg)
{
netsnmp_session *ret = NULL, thissess;
struct targetAddrTable_struct *targaddrs;
char buf[SPRINT_MAX_LEN];
char tags[MAX_TAGS][SPRINT_MAX_LEN], *cp;
int numtags = 0, i;
#if defined(NETSNMP_TRANSPORT_DTLSUDP_DOMAIN) || defined(NETSNMP_TRANSPORT_TLSTCP_DOMAIN)
int tls = 0;
#endif
static struct targetParamTable_struct *param;
DEBUGMSGTL (("target_sessions", "looking for: %s\n", taglist));
for (cp = taglist; cp && numtags < MAX_TAGS;)
{
cp = copy_nword (cp, tags[numtags], sizeof (tags[numtags]));
DEBUGMSGTL (("target_sessions", " for: %d=%s\n", numtags, tags[numtags]));
numtags++;
}
for (targaddrs = get_addrTable (); targaddrs; targaddrs = targaddrs->next)
{
/*
* legal row?
*/
if (targaddrs->tDomain == NULL || targaddrs->tAddress == NULL || targaddrs->rowStatus != SNMP_ROW_ACTIVE)
{
DEBUGMSGTL (("target_sessions", " which is not ready yet\n"));
continue;
}
if (netsnmp_tdomain_support (targaddrs->tDomain, targaddrs->tDomainLen, NULL, NULL) == 0)
{
snmp_log (LOG_ERR, "unsupported domain for target address table entry %s\n", targaddrs->name);
}
/*
* check tag list to see if we match
*/
if (targaddrs->tagList)
{
int matched = 0;
/*
* loop through tag list looking for requested tags
*/
for (cp = targaddrs->tagList; cp && !matched;)
{
cp = copy_nword (cp, buf, sizeof (buf));
for (i = 0; i < numtags && !matched; i++)
{
if (strcmp (buf, tags[i]) == 0)
{
/*
* found a valid target table entry
*/
DEBUGMSGTL (("target_sessions", "found one: %s\n", tags[i]));
if (targaddrs->params)
{
param = get_paramEntry (targaddrs->params);
if (!param || param->rowStatus != SNMP_ROW_ACTIVE)
{
/*
* parameter entry must exist and be active
*/
continue;
}
}
else
{
/*
* parameter entry must be specified
*/
continue;
}
/*
* last chance for caller to opt-out. Call
* filtering function
*/
if (filterfunct && (*(filterfunct)) (targaddrs, param, filterArg))
{
continue;
}
/*
* Only one notification per TargetAddrEntry,
* rather than one per tag
*/
matched = 1;
if (targaddrs->storageType != ST_READONLY &&
targaddrs->sess && param->updateTime >= targaddrs->sessionCreationTime)
{
/*
* parameters have changed, nuke the old session
*/
snmp_close (targaddrs->sess);
targaddrs->sess = NULL;
}
/*
* target session already exists?
*/
if (targaddrs->sess == NULL)
{
/*
* create an appropriate snmp session and add
* it to our return list
*/
netsnmp_transport *t = NULL;
t = netsnmp_tdomain_transport_oid (targaddrs->tDomain,
targaddrs->tDomainLen,
targaddrs->tAddress, targaddrs->tAddressLen, 0);
if (t == NULL)
{
DEBUGMSGTL (("target_sessions", "bad dest \""));
DEBUGMSGOID (("target_sessions", targaddrs->tDomain, targaddrs->tDomainLen));
DEBUGMSG (("target_sessions", "\", \""));
DEBUGMSGHEX (("target_sessions", targaddrs->tAddress, targaddrs->tAddressLen));
DEBUGMSG (("target_sessions", "\n"));
continue;
}
else
{
char *dst_str = t->f_fmtaddr (t, NULL, 0);
if (dst_str != NULL)
{
DEBUGMSGTL (("target_sessions", " to: %s\n", dst_str));
free (dst_str);
}
}
/*
* if tDomain is tls related, check for tls config
*/
#ifdef NETSNMP_TRANSPORT_DTLSUDP_DOMAIN
tls = snmp_oid_compare (targaddrs->tDomain,
targaddrs->tDomainLen,
netsnmpDTLSUDPDomain, netsnmpDTLSUDPDomain_len);
#endif
#ifdef NETSNMP_TRANSPORT_TLSTCP_DOMAIN
if (tls)
tls = snmp_oid_compare (targaddrs->tDomain,
targaddrs->tDomainLen,
netsnmpTLSTCPDomain, netsnmpTLSTCPDomain_len);
#endif
#if defined(NETSNMP_TRANSPORT_DTLSUDP_DOMAIN) || defined(NETSNMP_TRANSPORT_TLSTCP_DOMAIN)
if (!tls)
{
netsnmp_cert *cert;
char *server_id = NULL;
DEBUGMSGTL (("target_sessions", " looking up our id: %s\n", targaddrs->params));
cert = netsnmp_cert_find (NS_CERT_IDENTITY, NS_CERTKEY_TARGET_PARAM, targaddrs->params);
netsnmp_assert (t->f_config);
if (cert)
{
DEBUGMSGTL (("target_sessions", " found fingerprint: %s\n", cert->fingerprint));
t->f_config (t, "localCert", cert->fingerprint);
}
DEBUGMSGTL (("target_sessions", " looking up their id: %s\n", targaddrs->name));
cert = netsnmp_cert_find (NS_CERT_REMOTE_PEER, NS_CERTKEY_TARGET_ADDR, targaddrs->name);
if (cert)
{
DEBUGMSGTL (("target_sessions", " found fingerprint: %s\n", cert->fingerprint));
t->f_config (t, "peerCert", cert->fingerprint);
}
#ifndef NETSNMP_FEATURE_REMOVE_TLSTMADDR_GET_SERVERID
server_id = netsnmp_tlstmAddr_get_serverId (targaddrs->name);
#endif /* NETSNMP_FEATURE_REMOVE_TLSTMADDR_GET_SERVERID */
if (server_id)
{
DEBUGMSGTL (("target_sessions", " found serverId: %s\n", server_id));
t->f_config (t, "their_hostname", server_id);
}
}
#endif
memset (&thissess, 0, sizeof (thissess));
thissess.timeout = (targaddrs->timeout) * 1000;
thissess.retries = targaddrs->retryCount;
DEBUGMSGTL (("target_sessions",
"timeout: %d -> %ld\n", targaddrs->timeout, thissess.timeout));
if (param->mpModel == SNMP_VERSION_3 &&
param->secModel != SNMP_SEC_MODEL_USM && param->secModel != SNMP_SEC_MODEL_TSM)
{
snmp_log (LOG_ERR,
"unsupported mpModel/secModel combo %d/%d for target %s\n",
param->mpModel, param->secModel, targaddrs->name);
/*
* XXX: memleak
*/
netsnmp_transport_free (t);
continue;
}
thissess.paramName = strdup (param->paramName);
thissess.version = param->mpModel;
if (param->mpModel == SNMP_VERSION_3)
{
thissess.securityName = strdup (param->secName);
thissess.securityNameLen = strlen (thissess.securityName);
thissess.securityLevel = param->secLevel;
thissess.securityModel = param->secModel;
#if !defined(NETSNMP_DISABLE_SNMPV1) || !defined(NETSNMP_DISABLE_SNMPV2C)
}
else
{
thissess.community = (u_char *) strdup (param->secName);
thissess.community_len = strlen ((char *) thissess.community);
#endif
}
thissess.flags |= SNMP_FLAGS_DONT_PROBE;
targaddrs->sess = snmp_add (&thissess, t, NULL, NULL);
thissess.flags &= ~SNMP_FLAGS_DONT_PROBE;
targaddrs->sessionCreationTime = time (NULL);
}
if (targaddrs->sess)
{
if (NULL == targaddrs->sess->paramName)
targaddrs->sess->paramName = strdup (param->paramName);
targaddrs->sess->next = ret;
ret = targaddrs->sess;
}
else
{
snmp_sess_perror ("target session", &thissess);
}
}
}
}
}
}
return ret;
}
void
usm_parse_create_usmUser(const char *token, char *line)
{
char *cp;
char buf[SNMP_MAXBUF_MEDIUM];
struct usmUser *newuser;
u_char userKey[SNMP_MAXBUF_SMALL], *tmpp;
size_t userKeyLen = SNMP_MAXBUF_SMALL;
size_t privKeyLen = 0;
size_t ret;
int ret2;
int testcase;
newuser = usm_create_user();
/*
* READ: Security Name
*/
cp = copy_nword(line, buf, sizeof(buf));
/*
* might be a -e ENGINEID argument
*/
if (strcmp(buf, "-e") == 0) {
size_t ebuf_len = 32, eout_len = 0;
u_char *ebuf = (u_char *) malloc(ebuf_len);
if (ebuf == NULL) {
config_perror("malloc failure processing -e flag");
usm_free_user(newuser);
return;
}
/*
* Get the specified engineid from the line.
*/
cp = copy_nword(cp, buf, sizeof(buf));
if (!snmp_hex_to_binary(&ebuf, &ebuf_len, &eout_len, 1, buf)) {
config_perror("invalid EngineID argument to -e");
usm_free_user(newuser);
SNMP_FREE(ebuf);
return;
}
newuser->engineID = ebuf;
newuser->engineIDLen = eout_len;
cp = copy_nword(cp, buf, sizeof(buf));
} else {
newuser->engineID = snmpv3_generate_engineID(&ret);
if (ret == 0) {
usm_free_user(newuser);
return;
}
newuser->engineIDLen = ret;
}
newuser->secName = strdup(buf);
newuser->name = strdup(buf);
if (!cp)
goto add; /* no authentication or privacy type */
/*
* READ: Authentication Type
*/
#ifndef NETSNMP_DISABLE_MD5
if (strncmp(cp, "MD5", 3) == 0) {
memcpy(newuser->authProtocol, usmHMACMD5AuthProtocol,
sizeof(usmHMACMD5AuthProtocol));
} else
#endif
if (strncmp(cp, "SHA", 3) == 0) {
memcpy(newuser->authProtocol, usmHMACSHA1AuthProtocol,
sizeof(usmHMACSHA1AuthProtocol));
} else {
config_perror("Unknown authentication protocol");
usm_free_user(newuser);
return;
}
cp = skip_token(cp);
/*
* READ: Authentication Pass Phrase or key
*/
if (!cp) {
config_perror("no authentication pass phrase");
usm_free_user(newuser);
return;
}
cp = copy_nword(cp, buf, sizeof(buf));
if (strcmp(buf,"-m") == 0) {
/* a master key is specified */
cp = copy_nword(cp, buf, sizeof(buf));
ret = sizeof(userKey);
tmpp = userKey;
userKeyLen = 0;
if (!snmp_hex_to_binary(&tmpp, &ret, &userKeyLen, 0, buf)) {
config_perror("invalid key value argument to -m");
usm_free_user(newuser);
return;
}
} else if (strcmp(buf,"-l") != 0) {
/* a password is specified */
userKeyLen = sizeof(userKey);
ret2 = generate_Ku(newuser->authProtocol, newuser->authProtocolLen,
(u_char *) buf, strlen(buf), userKey, &userKeyLen);
if (ret2 != SNMPERR_SUCCESS) {
config_perror("could not generate the authentication key from the "
"supplied pass phrase.");
usm_free_user(newuser);
return;
}
}
/*
* And turn it into a localized key
*/
ret2 = sc_get_properlength(newuser->authProtocol,
newuser->authProtocolLen);
if (ret2 <= 0) {
config_perror("Could not get proper authentication protocol key length");
return;
}
newuser->authKey = (u_char *) malloc(ret2);
if (strcmp(buf,"-l") == 0) {
/* a local key is directly specified */
cp = copy_nword(cp, buf, sizeof(buf));
newuser->authKeyLen = 0;
ret = ret2;
if (!snmp_hex_to_binary(&newuser->authKey, &ret,
&newuser->authKeyLen, 0, buf)) {
config_perror("invalid key value argument to -l");
usm_free_user(newuser);
return;
}
if (ret != newuser->authKeyLen) {
config_perror("improper key length to -l");
usm_free_user(newuser);
return;
}
} else {
newuser->authKeyLen = ret2;
ret2 = generate_kul(newuser->authProtocol, newuser->authProtocolLen,
newuser->engineID, newuser->engineIDLen,
userKey, userKeyLen,
newuser->authKey, &newuser->authKeyLen);
if (ret2 != SNMPERR_SUCCESS) {
config_perror("could not generate localized authentication key "
"(Kul) from the master key (Ku).");
usm_free_user(newuser);
return;
}
}
if (!cp)
goto add; /* no privacy type (which is legal) */
/*
* READ: Privacy Type
*/
testcase = 0;
#ifndef NETSNMP_DISABLE_DES
if (strncmp(cp, "DES", 3) == 0) {
memcpy(newuser->privProtocol, usmDESPrivProtocol,
sizeof(usmDESPrivProtocol));
testcase = 1;
/* DES uses a 128 bit key, 64 bits of which is a salt */
privKeyLen = 16;
}
#endif
#ifdef HAVE_AES
if (strncmp(cp, "AES128", 6) == 0 ||
strncmp(cp, "AES", 3) == 0) {
memcpy(newuser->privProtocol, usmAESPrivProtocol,
sizeof(usmAESPrivProtocol));
testcase = 1;
privKeyLen = 16;
}
#endif
if (testcase == 0) {
config_perror("Unknown privacy protocol");
usm_free_user(newuser);
return;
}
cp = skip_token(cp);
/*
* READ: Encryption Pass Phrase or key
*/
if (!cp) {
/*
* assume the same as the authentication key
*/
memdup(&newuser->privKey, newuser->authKey, newuser->authKeyLen);
newuser->privKeyLen = newuser->authKeyLen;
} else {
cp = copy_nword(cp, buf, sizeof(buf));
if (strcmp(buf,"-m") == 0) {
/* a master key is specified */
cp = copy_nword(cp, buf, sizeof(buf));
ret = sizeof(userKey);
tmpp = userKey;
userKeyLen = 0;
if (!snmp_hex_to_binary(&tmpp, &ret, &userKeyLen, 0, buf)) {
config_perror("invalid key value argument to -m");
usm_free_user(newuser);
return;
}
} else if (strcmp(buf,"-l") != 0) {
/* a password is specified */
userKeyLen = sizeof(userKey);
ret2 = generate_Ku(newuser->authProtocol, newuser->authProtocolLen,
(u_char *) buf, strlen(buf), userKey, &userKeyLen);
if (ret2 != SNMPERR_SUCCESS) {
config_perror("could not generate the privacy key from the "
"supplied pass phrase.");
usm_free_user(newuser);
return;
}
}
/*
* And turn it into a localized key
*/
ret2 = sc_get_properlength(newuser->authProtocol,
newuser->authProtocolLen);
if (ret2 < 0) {
config_perror("could not get proper key length to use for the "
"privacy algorithm.");
usm_free_user(newuser);
return;
}
newuser->privKey = (u_char *) malloc(ret2);
if (strcmp(buf,"-l") == 0) {
/* a local key is directly specified */
cp = copy_nword(cp, buf, sizeof(buf));
ret = ret2;
newuser->privKeyLen = 0;
if (!snmp_hex_to_binary(&newuser->privKey, &ret,
&newuser->privKeyLen, 0, buf)) {
config_perror("invalid key value argument to -l");
usm_free_user(newuser);
return;
}
} else {
newuser->privKeyLen = ret2;
ret2 = generate_kul(newuser->authProtocol, newuser->authProtocolLen,
newuser->engineID, newuser->engineIDLen,
userKey, userKeyLen,
newuser->privKey, &newuser->privKeyLen);
if (ret2 != SNMPERR_SUCCESS) {
config_perror("could not generate localized privacy key "
"(Kul) from the master key (Ku).");
usm_free_user(newuser);
return;
}
}
}
if ((newuser->privKeyLen >= privKeyLen) || (privKeyLen == 0)){
newuser->privKeyLen = privKeyLen;
}
else {
/* The privKey length is smaller than required by privProtocol */
usm_free_user(newuser);
return;
}
add:
usm_add_user(newuser);
DEBUGMSGTL(("usmUser", "created a new user %s at ", newuser->secName));
DEBUGMSGHEX(("usmUser", newuser->engineID, newuser->engineIDLen));
DEBUGMSG(("usmUser", "\n"));
}
static void
optProc(int argc, char *const *argv, int opt)
{
switch (opt) {
case 'C':
while (*optarg) {
switch (*optarg++) {
case 'a':
doauthkey = 1;
break;
case 'x':
doprivkey = 1;
break;
case 'k':
uselocalizedkey = 1;
break;
case 'p':
if (optind < argc) {
usmUserPublic_val = argv[optind];
} else {
fprintf(stderr, "Bad -Cp option: no argument given\n");
exit(1);
}
optind++;
break;
case 'w':
docreateandwait = 1;
break;
case 'E': {
size_t ebuf_len = MAX_ENGINEID_LENGTH;
u_char *ebuf;
if (optind < argc) {
if (argv[optind]) {
ebuf = (u_char *)malloc(ebuf_len);
if (ebuf == NULL) {
fprintf(stderr,
"malloc failure processing -CE option.\n");
exit(1);
}
if (!snmp_hex_to_binary(&ebuf, &ebuf_len,
&usmUserEngineIDLen, 1, argv[optind])) {
fprintf(stderr,
"Bad usmUserEngineID value after -CE option.\n");
free(ebuf);
exit(1);
}
usmUserEngineID = ebuf;
DEBUGMSGTL(("snmpusm", "usmUserEngineID set to: "));
DEBUGMSGHEX(("snmpusm", usmUserEngineID, usmUserEngineIDLen));
DEBUGMSG(("snmpusm", "\n"));
}
} else {
fprintf(stderr, "Bad -CE option: no argument given\n");
exit(1);
}
optind++;
break;
}
default:
fprintf(stderr, "Unknown flag passed to -C: %c\n",
optarg[-1]);
exit(1);
}
}
break;
}
}
/*******************************************************************-o-******
* get_enginetime
*
* Parameters:
* *engineID
* engineID_len
* *engineboot
* *engine_time
*
* Returns:
* SNMPERR_SUCCESS Success -- when a record for engineID is found.
* SNMPERR_GENERR Otherwise.
*
*
* Lookup engineID and return the recorded values for the
* <engine_time, engineboot> tuple adjusted to reflect the estimated time
* at the engine in question.
*
* Special case: if engineID is NULL or if engineID_len is 0 then
* the time tuple is returned immediately as zero.
*
* XXX What if timediff wraps? >shrug<
* XXX Then: you need to increment the boots value. Now. Detecting
* this is another matter.
*/
int
get_enginetime(u_char * engineID,
u_int engineID_len,
u_int * engineboot,
u_int * engine_time, u_int authenticated)
{
int rval = SNMPERR_SUCCESS;
time_t timediff = 0;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engine_time || !engineboot) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
/*
* Compute estimated current engine_time tuple at engineID if
* a record is cached for it.
*/
*engine_time = *engineboot = 0;
if (!engineID || (engineID_len <= 0)) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
if (!(e = search_enginetime_list(engineID, engineID_len))) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
#ifdef LCD_TIME_SYNC_OPT
if (!authenticated || e->authenticatedFlag) {
#endif
*engine_time = e->engineTime;
*engineboot = e->engineBoot;
timediff = snmpv3_local_snmpEngineTime() - e->lastReceivedEngineTime;
#ifdef LCD_TIME_SYNC_OPT
}
#endif
if (timediff > (int) (ENGINETIME_MAX - *engine_time)) {
*engine_time = (timediff - (ENGINETIME_MAX - *engine_time));
/*
* FIX -- move this check up... should not change anything
* * if engineboot is already locked. ???
*/
if (*engineboot < ENGINEBOOT_MAX) {
*engineboot += 1;
}
} else {
*engine_time += timediff;
}
DEBUGMSGTL(("lcd_get_enginetime", "engineID "));
DEBUGMSGHEX(("lcd_get_enginetime", engineID, engineID_len));
DEBUGMSG(("lcd_get_enginetime", ": boots=%d, time=%d\n", *engineboot,
*engine_time));
get_enginetime_quit:
return rval;
} /* end get_enginetime() */
/*******************************************************************-o-******
* set_enginetime
*
* Parameters:
* *engineID
* engineID_len
* engineboot
* engine_time
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR Otherwise.
*
*
* Lookup engineID and store the given <engine_time, engineboot> tuple
* and then stamp the record with a consistent source of local time.
* If the engineID record does not exist, create one.
*
* Special case: engineID is NULL or engineID_len is 0 defines an engineID
* that is "always set."
*
* XXX "Current time within the local engine" == time(NULL)...
*/
int
set_enginetime(u_char * engineID,
u_int engineID_len,
u_int engineboot, u_int engine_time, u_int authenticated)
{
int rval = SNMPERR_SUCCESS, iindex;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engineID || (engineID_len <= 0)) {
return rval;
}
/*
* Store the given <engine_time, engineboot> tuple in the record
* for engineID. Create a new record if necessary.
*/
if (!(e = search_enginetime_list(engineID, engineID_len))) {
if ((iindex = hash_engineID(engineID, engineID_len)) < 0) {
QUITFUN(SNMPERR_GENERR, set_enginetime_quit);
}
e = (Enginetime) calloc(1, sizeof(*e));
e->next = etimelist[iindex];
etimelist[iindex] = e;
e->engineID = (u_char *) calloc(1, engineID_len);
memcpy(e->engineID, engineID, engineID_len);
e->engineID_len = engineID_len;
}
#ifdef LCD_TIME_SYNC_OPT
if (authenticated || !e->authenticatedFlag) {
e->authenticatedFlag = authenticated;
#else
if (authenticated) {
#endif
e->engineTime = engine_time;
e->engineBoot = engineboot;
e->lastReceivedEngineTime = snmpv3_local_snmpEngineTime();
}
e = NULL; /* Indicates a successful update. */
DEBUGMSGTL(("lcd_set_enginetime", "engineID "));
DEBUGMSGHEX(("lcd_set_enginetime", engineID, engineID_len));
DEBUGMSG(("lcd_set_enginetime", ": boots=%d, time=%d\n", engineboot,
engine_time));
set_enginetime_quit:
SNMP_FREE(e);
return rval;
} /* end set_enginetime() */
/*******************************************************************-o-******
* search_enginetime_list
*
* Parameters:
* *engineID
* engineID_len
*
* Returns:
* Pointer to a etimelist record with engineID <engineID> -OR-
* NULL if no record exists.
*
*
* Search etimelist for an entry with engineID.
*
* ASSUMES that no engineID will have more than one record in the list.
*/
Enginetime
search_enginetime_list(u_char * engineID, u_int engineID_len)
{
int rval = SNMPERR_SUCCESS;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engineID || (engineID_len <= 0)) {
QUITFUN(SNMPERR_GENERR, search_enginetime_list_quit);
}
/*
* Find the entry for engineID if there be one.
*/
rval = hash_engineID(engineID, engineID_len);
if (rval < 0) {
QUITFUN(SNMPERR_GENERR, search_enginetime_list_quit);
}
e = etimelist[rval];
for ( /*EMPTY*/; e; e = e->next) {
if ((engineID_len == e->engineID_len)
&& !memcmp(e->engineID, engineID, engineID_len)) {
break;
}
}
search_enginetime_list_quit:
return e;
} /* end search_enginetime_list() */
netsnmp_session *
get_target_sessions(char *taglist, TargetFilterFunction * filterfunct,
void *filterArg)
{
netsnmp_session *ret = NULL, thissess;
struct targetAddrTable_struct *targaddrs;
char buf[SPRINT_MAX_LEN];
char tags[MAX_TAGS][SPRINT_MAX_LEN], *cp;
int numtags = 0, i;
static struct targetParamTable_struct *param;
DEBUGMSGTL(("target_sessions", "looking for: %s\n", taglist));
for (cp = taglist; cp && numtags < MAX_TAGS;) {
cp = copy_nword(cp, tags[numtags], sizeof(tags[numtags]));
DEBUGMSGTL(("target_sessions", " for: %d=%s\n", numtags,
tags[numtags]));
numtags++;
}
for (targaddrs = get_addrTable(); targaddrs;
targaddrs = targaddrs->next) {
/*
* legal row?
*/
if (targaddrs->tDomain == NULL ||
targaddrs->tAddress == NULL ||
targaddrs->rowStatus != SNMP_ROW_ACTIVE) {
DEBUGMSGTL(("target_sessions", " which is not ready yet\n"));
continue;
}
if (netsnmp_tdomain_support
(targaddrs->tDomain, targaddrs->tDomainLen, NULL, NULL) == 0) {
snmp_log(LOG_ERR,
"unsupported domain for target address table entry %s\n",
targaddrs->name);
}
/*
* check tag list to see if we match
*/
if (targaddrs->tagList) {
/*
* loop through tag list looking for requested tags
*/
for (cp = targaddrs->tagList; cp;) {
cp = copy_nword(cp, buf, sizeof(buf));
for (i = 0; i < numtags; i++) {
if (strcmp(buf, tags[i]) == 0) {
/*
* found a valid target table entry
*/
DEBUGMSGTL(("target_sessions", "found one: %s\n",
tags[i]));
if (targaddrs->params) {
param = get_paramEntry(targaddrs->params);
if (!param
|| param->rowStatus != SNMP_ROW_ACTIVE) {
/*
* parameter entry must exist and be active
*/
continue;
}
} else {
/*
* parameter entry must be specified
*/
continue;
}
/*
* last chance for caller to opt-out. Call
* filtering function
*/
if (filterfunct &&
(*(filterfunct)) (targaddrs, param,
filterArg)) {
continue;
}
if (targaddrs->storageType != ST_READONLY &&
targaddrs->sess &&
param->updateTime >=
targaddrs->sessionCreationTime) {
/*
* parameters have changed, nuke the old session
*/
snmp_close(targaddrs->sess);
targaddrs->sess = NULL;
}
/*
* target session already exists?
*/
if (targaddrs->sess == NULL) {
/*
* create an appropriate snmp session and add
* it to our return list
*/
netsnmp_transport *t = NULL;
t = netsnmp_tdomain_transport_oid(targaddrs->
tDomain,
targaddrs->
tDomainLen,
targaddrs->
tAddress,
targaddrs->
tAddressLen,
0);
if (t == NULL) {
DEBUGMSGTL(("target_sessions",
"bad dest \""));
DEBUGMSGOID(("target_sessions",
targaddrs->tDomain,
targaddrs->tDomainLen));
DEBUGMSG(("target_sessions", "\", \""));
DEBUGMSGHEX(("target_sessions",
targaddrs->tAddress,
targaddrs->tAddressLen));
DEBUGMSG(("target_sessions", "\n"));
continue;
} else {
char *dst_str =
t->f_fmtaddr(t, NULL, 0);
if (dst_str != NULL) {
DEBUGMSGTL(("target_sessions",
" to: %s\n", dst_str));
free(dst_str);
}
}
memset(&thissess, 0, sizeof(thissess));
thissess.timeout = (targaddrs->timeout) * 1000;
thissess.retries = targaddrs->retryCount;
DEBUGMSGTL(("target_sessions",
"timeout: %d -> %d\n",
targaddrs->timeout,
thissess.timeout));
if (param->mpModel == SNMP_VERSION_3 &&
param->secModel != 3) {
snmp_log(LOG_ERR,
"unsupported model/secmodel combo for target %s\n",
targaddrs->name);
/*
* XXX: memleak
*/
netsnmp_transport_free(t);
continue;
}
thissess.version = param->mpModel;
if (param->mpModel == SNMP_VERSION_3) {
thissess.securityName = param->secName;
thissess.securityNameLen =
strlen(thissess.securityName);
thissess.securityLevel = param->secLevel;
#if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C)
} else {
thissess.community =
(u_char *) strdup(param->secName);
thissess.community_len =
strlen((char *) thissess.community);
#endif
}
targaddrs->sess = snmp_add(&thissess, t,
NULL, NULL);
targaddrs->sessionCreationTime = time(NULL);
}
if (targaddrs->sess) {
if (ret) {
targaddrs->sess->next = ret;
}
ret = targaddrs->sess;
} else {
snmp_sess_perror("target session", &thissess);
}
}
}
}
}
}
return ret;
}
