8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $Begemot: bsnmp/snmpd/snmpmod.h,v 1.32 2006/02/14 09:04:20 brandt_h Exp $
30 *
31 * SNMP daemon data and functions exported to modules.
32 */
33#ifndef snmpmod_h_
34#define snmpmod_h_
35
36#include <sys/types.h>
37#include <sys/socket.h>
38#include <net/if.h>
39#include <netinet/in.h>
40#include "asn1.h"
41#include "snmp.h"
42#include "snmpagent.h"
43
44#define MAX_MOD_ARGS 16
45
46/*
47 * These macros help to handle object lists for SNMP tables. They use
48 * tail queues to hold the objects in ascending order in the list.
49 * ordering can be done either on an integer/unsigned field, an asn_oid
50 * or an ordering function.
51 */
52#define INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \
53 __typeof (PTR) _lelem; \
54 \
55 TAILQ_FOREACH(_lelem, (LIST), LINK) \
56 if (asn_compare_oid(&_lelem->INDEX, &(PTR)->INDEX) > 0) \
57 break; \
58 if (_lelem == NULL) \
59 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
60 else \
61 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
62 } while (0)
63
64#define INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \
65 __typeof (PTR) _lelem; \
66 \
67 TAILQ_FOREACH(_lelem, (LIST), LINK) \
68 if ((asn_subid_t)_lelem->INDEX > (asn_subid_t)(PTR)->INDEX)\
69 break; \
70 if (_lelem == NULL) \
71 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
72 else \
73 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
74 } while (0)
75
76#define INSERT_OBJECT_FUNC_LINK(PTR, LIST, LINK, FUNC) do { \
77 __typeof (PTR) _lelem; \
78 \
79 TAILQ_FOREACH(_lelem, (LIST), LINK) \
80 if ((FUNC)(_lelem, (PTR)) > 0) \
81 break; \
82 if (_lelem == NULL) \
83 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
84 else \
85 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
86 } while (0)
87
88#define INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, LINK, FUNC) do { \
89 __typeof (PTR) _lelem; \
90 \
91 TAILQ_FOREACH_REVERSE(_lelem, (LIST), HEAD, LINK) \
92 if ((FUNC)(_lelem, (PTR)) < 0) \
93 break; \
94 if (_lelem == NULL) \
95 TAILQ_INSERT_HEAD((LIST), (PTR), LINK); \
96 else \
97 TAILQ_INSERT_AFTER((LIST), _lelem, (PTR), LINK); \
98 } while (0)
99
100#define FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
101 __typeof (TAILQ_FIRST(LIST)) _lelem; \
102 \
103 TAILQ_FOREACH(_lelem, (LIST), LINK) \
104 if (index_compare(OID, SUB, &_lelem->INDEX) == 0) \
105 break; \
106 (_lelem); \
107 })
108
109#define NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
110 __typeof (TAILQ_FIRST(LIST)) _lelem; \
111 \
112 TAILQ_FOREACH(_lelem, (LIST), LINK) \
113 if (index_compare(OID, SUB, &_lelem->INDEX) < 0) \
114 break; \
115 (_lelem); \
116 })
117
118#define FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
119 __typeof (TAILQ_FIRST(LIST)) _lelem; \
120 \
121 if ((OID)->len - SUB != 1) \
122 _lelem = NULL; \
123 else \
124 TAILQ_FOREACH(_lelem, (LIST), LINK) \
125 if ((OID)->subs[SUB] == (asn_subid_t)_lelem->INDEX)\
126 break; \
127 (_lelem); \
128 })
129
130#define NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
131 __typeof (TAILQ_FIRST(LIST)) _lelem; \
132 \
133 if ((OID)->len - SUB == 0) \
134 _lelem = TAILQ_FIRST(LIST); \
135 else \
136 TAILQ_FOREACH(_lelem, (LIST), LINK) \
137 if ((OID)->subs[SUB] < (asn_subid_t)_lelem->INDEX)\
138 break; \
139 (_lelem); \
140 })
141
142#define FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \
143 __typeof (TAILQ_FIRST(LIST)) _lelem; \
144 \
145 TAILQ_FOREACH(_lelem, (LIST), LINK) \
146 if ((FUNC)(OID, SUB, _lelem) == 0) \
147 break; \
148 (_lelem); \
149 })
150
151#define NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \
152 __typeof (TAILQ_FIRST(LIST)) _lelem; \
153 \
154 TAILQ_FOREACH(_lelem, (LIST), LINK) \
155 if ((FUNC)(OID, SUB, _lelem) < 0) \
156 break; \
157 (_lelem); \
158 })
159
160/*
161 * Macros for the case where the index field is called 'index'
162 */
163#define INSERT_OBJECT_OID_LINK(PTR, LIST, LINK) \
164 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, index)
165
166#define INSERT_OBJECT_INT_LINK(PTR, LIST, LINK) do { \
167 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, index)
168
169#define FIND_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \
170 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index)
171
172#define NEXT_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \
173 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index)
174
175#define FIND_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \
176 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index)
177
178#define NEXT_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \
179 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index)
180
181/*
182 * Macros for the case where the index field is called 'index' and the
183 * link field 'link'.
184 */
185#define INSERT_OBJECT_OID(PTR, LIST) \
186 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, link, index)
187
188#define INSERT_OBJECT_INT(PTR, LIST) \
189 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, link, index)
190
191#define INSERT_OBJECT_FUNC_REV(PTR, LIST, HEAD, FUNC) \
192 INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, link, FUNC)
193
194#define FIND_OBJECT_OID(LIST, OID, SUB) \
195 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index)
196
197#define FIND_OBJECT_INT(LIST, OID, SUB) \
198 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index)
199
200#define FIND_OBJECT_FUNC(LIST, OID, SUB, FUNC) \
201 FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC)
202
203#define NEXT_OBJECT_OID(LIST, OID, SUB) \
204 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index)
205
206#define NEXT_OBJECT_INT(LIST, OID, SUB) \
207 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index)
208
209#define NEXT_OBJECT_FUNC(LIST, OID, SUB, FUNC) \
210 NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC)
211
212struct lmodule;
213
214/* The tick when the program was started. This is the absolute time of
215 * the start in 100th of a second. */
216extern uint64_t start_tick;
217
218/* The tick when the current packet was received. This is the absolute
219 * time in 100th of second. */
220extern uint64_t this_tick;
221
222/* Get the current absolute time in 100th of a second. */
223uint64_t get_ticks(void);
224
225/*
226 * Return code for proxy function
227 */
228enum snmpd_proxy_err {
229 /* proxy code will process the PDU */
230 SNMPD_PROXY_OK,
231 /* proxy code does not process PDU */
232 SNMPD_PROXY_REJ,
233 /* drop this PDU */
234 SNMPD_PROXY_DROP,
235 /* drop because of bad community */
236 SNMPD_PROXY_BADCOMM,
237 /* drop because of bad community use */
238 SNMPD_PROXY_BADCOMMUSE
239};
240
241/*
242 * Input handling
243 */
244enum snmpd_input_err {
245 /* proceed with packet */
246 SNMPD_INPUT_OK,
247 /* fatal error in packet, ignore it */
248 SNMPD_INPUT_FAILED,
249 /* value encoding has wrong length in a SET operation */
250 SNMPD_INPUT_VALBADLEN,
251 /* value encoding is out of range */
252 SNMPD_INPUT_VALRANGE,
253 /* value has bad encoding */
254 SNMPD_INPUT_VALBADENC,
255 /* need more data (truncated packet) */
256 SNMPD_INPUT_TRUNC,
257 /* unknown community */
258 SNMPD_INPUT_BAD_COMM,
259};
260
261/*
262 * Every loadable module must have one of this structures with
263 * the external name 'config'.
264 */
265struct snmp_module {
266 /* a comment describing what this module implements */
267 const char *comment;
268
269 /* the initialization function */
270 int (*init)(struct lmodule *, int argc, char *argv[]);
271
272 /* the finalisation function */
273 int (*fini)(void);
274
275 /* the idle function */
276 void (*idle)(void);
277
278 /* the dump function */
279 void (*dump)(void);
280
281 /* re-configuration function */
282 void (*config)(void);
283
284 /* start operation */
285 void (*start)(void);
286
287 /* proxy a PDU */
288 enum snmpd_proxy_err (*proxy)(struct snmp_pdu *, void *,
289 const struct asn_oid *, const struct sockaddr *, socklen_t,
290 enum snmpd_input_err, int32_t, int);
291
292 /* the tree this module is going to server */
293 const struct snmp_node *tree;
294 u_int tree_size;
295
296 /* function called, when another module was unloaded/loaded */
297 void (*loading)(const struct lmodule *, int);
298};
299
300/*
301 * Stuff exported to modules
302 */
303
304/*
305 * The system group.
306 */
307struct systemg {
308 u_char *descr;
309 struct asn_oid object_id;
310 u_char *contact;
311 u_char *name;
312 u_char *location;
313 u_int32_t services;
314 u_int32_t or_last_change;
315};
316extern struct systemg systemg;
317
318/*
319 * Community support.
320 *
321 * We have 2 fixed communities for SNMP read and write access. Modules
322 * can create their communities dynamically. They are deleted automatically
323 * if the module is unloaded.
324 */
325#define COMM_INITIALIZE 0
326#define COMM_READ 1
327#define COMM_WRITE 2
328
329u_int comm_define(u_int, const char *descr, struct lmodule *, const char *str);
330const char * comm_string(u_int);
331
332/* community for current packet */
333extern u_int community;
334
335/*
336 * SNMP User-based Security Model data. Modified via the snmp_usm(3) module.
337 */
338struct snmpd_usmstat {
339 uint32_t unsupported_seclevels;
340 uint32_t not_in_time_windows;
341 uint32_t unknown_users;
342 uint32_t unknown_engine_ids;
343 uint32_t wrong_digests;
344 uint32_t decrypt_errors;
345};
346
347extern struct snmpd_usmstat snmpd_usmstats;
348struct snmpd_usmstat *bsnmpd_get_usm_stats(void);
349void bsnmpd_reset_usm_stats(void);
350
351struct usm_user {
352 struct snmp_user suser;
353 uint8_t user_engine_id[SNMP_ENGINE_ID_SIZ];
354 uint32_t user_engine_len;
355 char user_public[SNMP_ADM_STR32_SIZ];
356 uint32_t user_public_len;
357 int32_t status;
358 int32_t type;
359 SLIST_ENTRY(usm_user) up;
360};
361
362SLIST_HEAD(usm_userlist, usm_user);
363struct usm_user *usm_first_user(void);
364struct usm_user *usm_next_user(struct usm_user *);
365struct usm_user *usm_find_user(uint8_t *, uint32_t, char *);
366struct usm_user *usm_new_user(uint8_t *, uint32_t, char *);
367void usm_delete_user(struct usm_user *);
368void usm_flush_users(void);
369
370/* USM user for current packet */
371extern struct usm_user *usm_user;
372
373/*
374 * SNMP View-based Access Control Model data. Modified via the snmp_vacm(3) module.
375 */
376struct vacm_group;
377
378struct vacm_user {
379 /* Security user name from USM */
380 char secname[SNMP_ADM_STR32_SIZ];
381 int32_t sec_model;
382 /* Back pointer to user assigned group name */
383 struct vacm_group *group;
384 int32_t type;
385 int32_t status;
386 SLIST_ENTRY(vacm_user) vvu;
387 SLIST_ENTRY(vacm_user) vvg;
388};
389
390SLIST_HEAD(vacm_userlist, vacm_user);
391
392struct vacm_group {
393 char groupname[SNMP_ADM_STR32_SIZ];
394 struct vacm_userlist group_users;
395 SLIST_ENTRY(vacm_group) vge;
396};
397
398SLIST_HEAD(vacm_grouplist, vacm_group);
399
400struct vacm_access {
401 /* The group name is index, not a column in the table */
402 struct vacm_group *group;
403 char ctx_prefix[SNMP_ADM_STR32_SIZ];
404 int32_t sec_model;
405 int32_t sec_level;
406 int32_t ctx_match;
407 struct vacm_view *read_view;
408 struct vacm_view *write_view;
409 struct vacm_view *notify_view;
410 int32_t type;
411 int32_t status;
412 TAILQ_ENTRY(vacm_access) vva;
413};
414
415TAILQ_HEAD(vacm_accesslist, vacm_access);
416
417struct vacm_view {
418 char viewname[SNMP_ADM_STR32_SIZ]; /* key */
419 struct asn_oid subtree; /* key */
420 uint8_t mask[16];
421 uint8_t exclude;
422 int32_t type;
423 int32_t status;
424 SLIST_ENTRY(vacm_view) vvl;
425};
426
427SLIST_HEAD(vacm_viewlist, vacm_view);
428
429struct vacm_context {
430 /* The ID of the module that registered this context */
431 int32_t regid;
432 char ctxname[SNMP_ADM_STR32_SIZ];
433 SLIST_ENTRY(vacm_context) vcl;
434};
435
436SLIST_HEAD(vacm_contextlist, vacm_context);
437
438void vacm_groups_init(void);
439struct vacm_user *vacm_first_user(void);
440struct vacm_user *vacm_next_user(struct vacm_user *);
441struct vacm_user *vacm_new_user(int32_t, char *);
442int vacm_delete_user(struct vacm_user *);
443int vacm_user_set_group(struct vacm_user *, u_char *, u_int);
444struct vacm_access *vacm_first_access_rule(void);
445struct vacm_access *vacm_next_access_rule(struct vacm_access *);
446struct vacm_access *vacm_new_access_rule(char *, char *, int32_t, int32_t);
447int vacm_delete_access_rule(struct vacm_access *);
448struct vacm_view *vacm_first_view(void);
449struct vacm_view *vacm_next_view(struct vacm_view *);
450struct vacm_view *vacm_new_view(char *, struct asn_oid *);
451int vacm_delete_view(struct vacm_view *);
452struct vacm_context *vacm_first_context(void);
453struct vacm_context *vacm_next_context(struct vacm_context *);
454struct vacm_context *vacm_add_context(char *, int32_t);
455void vacm_flush_contexts(int32_t);
456
457/*
| 14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 *
23 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * $Begemot: bsnmp/snmpd/snmpmod.h,v 1.32 2006/02/14 09:04:20 brandt_h Exp $
36 *
37 * SNMP daemon data and functions exported to modules.
38 */
39#ifndef snmpmod_h_
40#define snmpmod_h_
41
42#include <sys/types.h>
43#include <sys/socket.h>
44#include <net/if.h>
45#include <netinet/in.h>
46#include "asn1.h"
47#include "snmp.h"
48#include "snmpagent.h"
49
50#define MAX_MOD_ARGS 16
51
52/*
53 * These macros help to handle object lists for SNMP tables. They use
54 * tail queues to hold the objects in ascending order in the list.
55 * ordering can be done either on an integer/unsigned field, an asn_oid
56 * or an ordering function.
57 */
58#define INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \
59 __typeof (PTR) _lelem; \
60 \
61 TAILQ_FOREACH(_lelem, (LIST), LINK) \
62 if (asn_compare_oid(&_lelem->INDEX, &(PTR)->INDEX) > 0) \
63 break; \
64 if (_lelem == NULL) \
65 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
66 else \
67 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
68 } while (0)
69
70#define INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \
71 __typeof (PTR) _lelem; \
72 \
73 TAILQ_FOREACH(_lelem, (LIST), LINK) \
74 if ((asn_subid_t)_lelem->INDEX > (asn_subid_t)(PTR)->INDEX)\
75 break; \
76 if (_lelem == NULL) \
77 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
78 else \
79 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
80 } while (0)
81
82#define INSERT_OBJECT_FUNC_LINK(PTR, LIST, LINK, FUNC) do { \
83 __typeof (PTR) _lelem; \
84 \
85 TAILQ_FOREACH(_lelem, (LIST), LINK) \
86 if ((FUNC)(_lelem, (PTR)) > 0) \
87 break; \
88 if (_lelem == NULL) \
89 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \
90 else \
91 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \
92 } while (0)
93
94#define INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, LINK, FUNC) do { \
95 __typeof (PTR) _lelem; \
96 \
97 TAILQ_FOREACH_REVERSE(_lelem, (LIST), HEAD, LINK) \
98 if ((FUNC)(_lelem, (PTR)) < 0) \
99 break; \
100 if (_lelem == NULL) \
101 TAILQ_INSERT_HEAD((LIST), (PTR), LINK); \
102 else \
103 TAILQ_INSERT_AFTER((LIST), _lelem, (PTR), LINK); \
104 } while (0)
105
106#define FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
107 __typeof (TAILQ_FIRST(LIST)) _lelem; \
108 \
109 TAILQ_FOREACH(_lelem, (LIST), LINK) \
110 if (index_compare(OID, SUB, &_lelem->INDEX) == 0) \
111 break; \
112 (_lelem); \
113 })
114
115#define NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
116 __typeof (TAILQ_FIRST(LIST)) _lelem; \
117 \
118 TAILQ_FOREACH(_lelem, (LIST), LINK) \
119 if (index_compare(OID, SUB, &_lelem->INDEX) < 0) \
120 break; \
121 (_lelem); \
122 })
123
124#define FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
125 __typeof (TAILQ_FIRST(LIST)) _lelem; \
126 \
127 if ((OID)->len - SUB != 1) \
128 _lelem = NULL; \
129 else \
130 TAILQ_FOREACH(_lelem, (LIST), LINK) \
131 if ((OID)->subs[SUB] == (asn_subid_t)_lelem->INDEX)\
132 break; \
133 (_lelem); \
134 })
135
136#define NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \
137 __typeof (TAILQ_FIRST(LIST)) _lelem; \
138 \
139 if ((OID)->len - SUB == 0) \
140 _lelem = TAILQ_FIRST(LIST); \
141 else \
142 TAILQ_FOREACH(_lelem, (LIST), LINK) \
143 if ((OID)->subs[SUB] < (asn_subid_t)_lelem->INDEX)\
144 break; \
145 (_lelem); \
146 })
147
148#define FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \
149 __typeof (TAILQ_FIRST(LIST)) _lelem; \
150 \
151 TAILQ_FOREACH(_lelem, (LIST), LINK) \
152 if ((FUNC)(OID, SUB, _lelem) == 0) \
153 break; \
154 (_lelem); \
155 })
156
157#define NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \
158 __typeof (TAILQ_FIRST(LIST)) _lelem; \
159 \
160 TAILQ_FOREACH(_lelem, (LIST), LINK) \
161 if ((FUNC)(OID, SUB, _lelem) < 0) \
162 break; \
163 (_lelem); \
164 })
165
166/*
167 * Macros for the case where the index field is called 'index'
168 */
169#define INSERT_OBJECT_OID_LINK(PTR, LIST, LINK) \
170 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, index)
171
172#define INSERT_OBJECT_INT_LINK(PTR, LIST, LINK) do { \
173 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, index)
174
175#define FIND_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \
176 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index)
177
178#define NEXT_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \
179 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index)
180
181#define FIND_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \
182 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index)
183
184#define NEXT_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \
185 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index)
186
187/*
188 * Macros for the case where the index field is called 'index' and the
189 * link field 'link'.
190 */
191#define INSERT_OBJECT_OID(PTR, LIST) \
192 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, link, index)
193
194#define INSERT_OBJECT_INT(PTR, LIST) \
195 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, link, index)
196
197#define INSERT_OBJECT_FUNC_REV(PTR, LIST, HEAD, FUNC) \
198 INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, link, FUNC)
199
200#define FIND_OBJECT_OID(LIST, OID, SUB) \
201 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index)
202
203#define FIND_OBJECT_INT(LIST, OID, SUB) \
204 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index)
205
206#define FIND_OBJECT_FUNC(LIST, OID, SUB, FUNC) \
207 FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC)
208
209#define NEXT_OBJECT_OID(LIST, OID, SUB) \
210 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index)
211
212#define NEXT_OBJECT_INT(LIST, OID, SUB) \
213 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index)
214
215#define NEXT_OBJECT_FUNC(LIST, OID, SUB, FUNC) \
216 NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC)
217
218struct lmodule;
219
220/* The tick when the program was started. This is the absolute time of
221 * the start in 100th of a second. */
222extern uint64_t start_tick;
223
224/* The tick when the current packet was received. This is the absolute
225 * time in 100th of second. */
226extern uint64_t this_tick;
227
228/* Get the current absolute time in 100th of a second. */
229uint64_t get_ticks(void);
230
231/*
232 * Return code for proxy function
233 */
234enum snmpd_proxy_err {
235 /* proxy code will process the PDU */
236 SNMPD_PROXY_OK,
237 /* proxy code does not process PDU */
238 SNMPD_PROXY_REJ,
239 /* drop this PDU */
240 SNMPD_PROXY_DROP,
241 /* drop because of bad community */
242 SNMPD_PROXY_BADCOMM,
243 /* drop because of bad community use */
244 SNMPD_PROXY_BADCOMMUSE
245};
246
247/*
248 * Input handling
249 */
250enum snmpd_input_err {
251 /* proceed with packet */
252 SNMPD_INPUT_OK,
253 /* fatal error in packet, ignore it */
254 SNMPD_INPUT_FAILED,
255 /* value encoding has wrong length in a SET operation */
256 SNMPD_INPUT_VALBADLEN,
257 /* value encoding is out of range */
258 SNMPD_INPUT_VALRANGE,
259 /* value has bad encoding */
260 SNMPD_INPUT_VALBADENC,
261 /* need more data (truncated packet) */
262 SNMPD_INPUT_TRUNC,
263 /* unknown community */
264 SNMPD_INPUT_BAD_COMM,
265};
266
267/*
268 * Every loadable module must have one of this structures with
269 * the external name 'config'.
270 */
271struct snmp_module {
272 /* a comment describing what this module implements */
273 const char *comment;
274
275 /* the initialization function */
276 int (*init)(struct lmodule *, int argc, char *argv[]);
277
278 /* the finalisation function */
279 int (*fini)(void);
280
281 /* the idle function */
282 void (*idle)(void);
283
284 /* the dump function */
285 void (*dump)(void);
286
287 /* re-configuration function */
288 void (*config)(void);
289
290 /* start operation */
291 void (*start)(void);
292
293 /* proxy a PDU */
294 enum snmpd_proxy_err (*proxy)(struct snmp_pdu *, void *,
295 const struct asn_oid *, const struct sockaddr *, socklen_t,
296 enum snmpd_input_err, int32_t, int);
297
298 /* the tree this module is going to server */
299 const struct snmp_node *tree;
300 u_int tree_size;
301
302 /* function called, when another module was unloaded/loaded */
303 void (*loading)(const struct lmodule *, int);
304};
305
306/*
307 * Stuff exported to modules
308 */
309
310/*
311 * The system group.
312 */
313struct systemg {
314 u_char *descr;
315 struct asn_oid object_id;
316 u_char *contact;
317 u_char *name;
318 u_char *location;
319 u_int32_t services;
320 u_int32_t or_last_change;
321};
322extern struct systemg systemg;
323
324/*
325 * Community support.
326 *
327 * We have 2 fixed communities for SNMP read and write access. Modules
328 * can create their communities dynamically. They are deleted automatically
329 * if the module is unloaded.
330 */
331#define COMM_INITIALIZE 0
332#define COMM_READ 1
333#define COMM_WRITE 2
334
335u_int comm_define(u_int, const char *descr, struct lmodule *, const char *str);
336const char * comm_string(u_int);
337
338/* community for current packet */
339extern u_int community;
340
341/*
342 * SNMP User-based Security Model data. Modified via the snmp_usm(3) module.
343 */
344struct snmpd_usmstat {
345 uint32_t unsupported_seclevels;
346 uint32_t not_in_time_windows;
347 uint32_t unknown_users;
348 uint32_t unknown_engine_ids;
349 uint32_t wrong_digests;
350 uint32_t decrypt_errors;
351};
352
353extern struct snmpd_usmstat snmpd_usmstats;
354struct snmpd_usmstat *bsnmpd_get_usm_stats(void);
355void bsnmpd_reset_usm_stats(void);
356
357struct usm_user {
358 struct snmp_user suser;
359 uint8_t user_engine_id[SNMP_ENGINE_ID_SIZ];
360 uint32_t user_engine_len;
361 char user_public[SNMP_ADM_STR32_SIZ];
362 uint32_t user_public_len;
363 int32_t status;
364 int32_t type;
365 SLIST_ENTRY(usm_user) up;
366};
367
368SLIST_HEAD(usm_userlist, usm_user);
369struct usm_user *usm_first_user(void);
370struct usm_user *usm_next_user(struct usm_user *);
371struct usm_user *usm_find_user(uint8_t *, uint32_t, char *);
372struct usm_user *usm_new_user(uint8_t *, uint32_t, char *);
373void usm_delete_user(struct usm_user *);
374void usm_flush_users(void);
375
376/* USM user for current packet */
377extern struct usm_user *usm_user;
378
379/*
380 * SNMP View-based Access Control Model data. Modified via the snmp_vacm(3) module.
381 */
382struct vacm_group;
383
384struct vacm_user {
385 /* Security user name from USM */
386 char secname[SNMP_ADM_STR32_SIZ];
387 int32_t sec_model;
388 /* Back pointer to user assigned group name */
389 struct vacm_group *group;
390 int32_t type;
391 int32_t status;
392 SLIST_ENTRY(vacm_user) vvu;
393 SLIST_ENTRY(vacm_user) vvg;
394};
395
396SLIST_HEAD(vacm_userlist, vacm_user);
397
398struct vacm_group {
399 char groupname[SNMP_ADM_STR32_SIZ];
400 struct vacm_userlist group_users;
401 SLIST_ENTRY(vacm_group) vge;
402};
403
404SLIST_HEAD(vacm_grouplist, vacm_group);
405
406struct vacm_access {
407 /* The group name is index, not a column in the table */
408 struct vacm_group *group;
409 char ctx_prefix[SNMP_ADM_STR32_SIZ];
410 int32_t sec_model;
411 int32_t sec_level;
412 int32_t ctx_match;
413 struct vacm_view *read_view;
414 struct vacm_view *write_view;
415 struct vacm_view *notify_view;
416 int32_t type;
417 int32_t status;
418 TAILQ_ENTRY(vacm_access) vva;
419};
420
421TAILQ_HEAD(vacm_accesslist, vacm_access);
422
423struct vacm_view {
424 char viewname[SNMP_ADM_STR32_SIZ]; /* key */
425 struct asn_oid subtree; /* key */
426 uint8_t mask[16];
427 uint8_t exclude;
428 int32_t type;
429 int32_t status;
430 SLIST_ENTRY(vacm_view) vvl;
431};
432
433SLIST_HEAD(vacm_viewlist, vacm_view);
434
435struct vacm_context {
436 /* The ID of the module that registered this context */
437 int32_t regid;
438 char ctxname[SNMP_ADM_STR32_SIZ];
439 SLIST_ENTRY(vacm_context) vcl;
440};
441
442SLIST_HEAD(vacm_contextlist, vacm_context);
443
444void vacm_groups_init(void);
445struct vacm_user *vacm_first_user(void);
446struct vacm_user *vacm_next_user(struct vacm_user *);
447struct vacm_user *vacm_new_user(int32_t, char *);
448int vacm_delete_user(struct vacm_user *);
449int vacm_user_set_group(struct vacm_user *, u_char *, u_int);
450struct vacm_access *vacm_first_access_rule(void);
451struct vacm_access *vacm_next_access_rule(struct vacm_access *);
452struct vacm_access *vacm_new_access_rule(char *, char *, int32_t, int32_t);
453int vacm_delete_access_rule(struct vacm_access *);
454struct vacm_view *vacm_first_view(void);
455struct vacm_view *vacm_next_view(struct vacm_view *);
456struct vacm_view *vacm_new_view(char *, struct asn_oid *);
457int vacm_delete_view(struct vacm_view *);
458struct vacm_context *vacm_first_context(void);
459struct vacm_context *vacm_next_context(struct vacm_context *);
460struct vacm_context *vacm_add_context(char *, int32_t);
461void vacm_flush_contexts(int32_t);
462
463/*
|