8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $Begemot: bsnmp/snmpd/snmpmod.h,v 1.32 2006/02/14 09:04:20 brandt_h Exp $ 30 * 31 * SNMP daemon data and functions exported to modules. 32 */ 33#ifndef snmpmod_h_ 34#define snmpmod_h_ 35 36#include <sys/types.h> 37#include <sys/socket.h> 38#include <net/if.h> 39#include <netinet/in.h> 40#include "asn1.h" 41#include "snmp.h" 42#include "snmpagent.h" 43 44#define MAX_MOD_ARGS 16 45 46/* 47 * These macros help to handle object lists for SNMP tables. They use 48 * tail queues to hold the objects in ascending order in the list. 49 * ordering can be done either on an integer/unsigned field, an asn_oid 50 * or an ordering function. 51 */ 52#define INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \ 53 __typeof (PTR) _lelem; \ 54 \ 55 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 56 if (asn_compare_oid(&_lelem->INDEX, &(PTR)->INDEX) > 0) \ 57 break; \ 58 if (_lelem == NULL) \ 59 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 60 else \ 61 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 62 } while (0) 63 64#define INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \ 65 __typeof (PTR) _lelem; \ 66 \ 67 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 68 if ((asn_subid_t)_lelem->INDEX > (asn_subid_t)(PTR)->INDEX)\ 69 break; \ 70 if (_lelem == NULL) \ 71 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 72 else \ 73 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 74 } while (0) 75 76#define INSERT_OBJECT_FUNC_LINK(PTR, LIST, LINK, FUNC) do { \ 77 __typeof (PTR) _lelem; \ 78 \ 79 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 80 if ((FUNC)(_lelem, (PTR)) > 0) \ 81 break; \ 82 if (_lelem == NULL) \ 83 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 84 else \ 85 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 86 } while (0) 87 88#define INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, LINK, FUNC) do { \ 89 __typeof (PTR) _lelem; \ 90 \ 91 TAILQ_FOREACH_REVERSE(_lelem, (LIST), HEAD, LINK) \ 92 if ((FUNC)(_lelem, (PTR)) < 0) \ 93 break; \ 94 if (_lelem == NULL) \ 95 TAILQ_INSERT_HEAD((LIST), (PTR), LINK); \ 96 else \ 97 TAILQ_INSERT_AFTER((LIST), _lelem, (PTR), LINK); \ 98 } while (0) 99 100#define FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 101 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 102 \ 103 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 104 if (index_compare(OID, SUB, &_lelem->INDEX) == 0) \ 105 break; \ 106 (_lelem); \ 107 }) 108 109#define NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 110 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 111 \ 112 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 113 if (index_compare(OID, SUB, &_lelem->INDEX) < 0) \ 114 break; \ 115 (_lelem); \ 116 }) 117 118#define FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 119 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 120 \ 121 if ((OID)->len - SUB != 1) \ 122 _lelem = NULL; \ 123 else \ 124 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 125 if ((OID)->subs[SUB] == (asn_subid_t)_lelem->INDEX)\ 126 break; \ 127 (_lelem); \ 128 }) 129 130#define NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 131 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 132 \ 133 if ((OID)->len - SUB == 0) \ 134 _lelem = TAILQ_FIRST(LIST); \ 135 else \ 136 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 137 if ((OID)->subs[SUB] < (asn_subid_t)_lelem->INDEX)\ 138 break; \ 139 (_lelem); \ 140 }) 141 142#define FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \ 143 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 144 \ 145 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 146 if ((FUNC)(OID, SUB, _lelem) == 0) \ 147 break; \ 148 (_lelem); \ 149 }) 150 151#define NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \ 152 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 153 \ 154 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 155 if ((FUNC)(OID, SUB, _lelem) < 0) \ 156 break; \ 157 (_lelem); \ 158 }) 159 160/* 161 * Macros for the case where the index field is called 'index' 162 */ 163#define INSERT_OBJECT_OID_LINK(PTR, LIST, LINK) \ 164 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, index) 165 166#define INSERT_OBJECT_INT_LINK(PTR, LIST, LINK) do { \ 167 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, index) 168 169#define FIND_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \ 170 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index) 171 172#define NEXT_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \ 173 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index) 174 175#define FIND_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \ 176 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index) 177 178#define NEXT_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \ 179 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index) 180 181/* 182 * Macros for the case where the index field is called 'index' and the 183 * link field 'link'. 184 */ 185#define INSERT_OBJECT_OID(PTR, LIST) \ 186 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, link, index) 187 188#define INSERT_OBJECT_INT(PTR, LIST) \ 189 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, link, index) 190 191#define INSERT_OBJECT_FUNC_REV(PTR, LIST, HEAD, FUNC) \ 192 INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, link, FUNC) 193 194#define FIND_OBJECT_OID(LIST, OID, SUB) \ 195 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index) 196 197#define FIND_OBJECT_INT(LIST, OID, SUB) \ 198 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index) 199 200#define FIND_OBJECT_FUNC(LIST, OID, SUB, FUNC) \ 201 FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC) 202 203#define NEXT_OBJECT_OID(LIST, OID, SUB) \ 204 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index) 205 206#define NEXT_OBJECT_INT(LIST, OID, SUB) \ 207 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index) 208 209#define NEXT_OBJECT_FUNC(LIST, OID, SUB, FUNC) \ 210 NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC) 211 212struct lmodule; 213 214/* The tick when the program was started. This is the absolute time of 215 * the start in 100th of a second. */ 216extern uint64_t start_tick; 217 218/* The tick when the current packet was received. This is the absolute 219 * time in 100th of second. */ 220extern uint64_t this_tick; 221 222/* Get the current absolute time in 100th of a second. */ 223uint64_t get_ticks(void); 224 225/* 226 * Return code for proxy function 227 */ 228enum snmpd_proxy_err { 229 /* proxy code will process the PDU */ 230 SNMPD_PROXY_OK, 231 /* proxy code does not process PDU */ 232 SNMPD_PROXY_REJ, 233 /* drop this PDU */ 234 SNMPD_PROXY_DROP, 235 /* drop because of bad community */ 236 SNMPD_PROXY_BADCOMM, 237 /* drop because of bad community use */ 238 SNMPD_PROXY_BADCOMMUSE 239}; 240 241/* 242 * Input handling 243 */ 244enum snmpd_input_err { 245 /* proceed with packet */ 246 SNMPD_INPUT_OK, 247 /* fatal error in packet, ignore it */ 248 SNMPD_INPUT_FAILED, 249 /* value encoding has wrong length in a SET operation */ 250 SNMPD_INPUT_VALBADLEN, 251 /* value encoding is out of range */ 252 SNMPD_INPUT_VALRANGE, 253 /* value has bad encoding */ 254 SNMPD_INPUT_VALBADENC, 255 /* need more data (truncated packet) */ 256 SNMPD_INPUT_TRUNC, 257 /* unknown community */ 258 SNMPD_INPUT_BAD_COMM, 259}; 260 261/* 262 * Every loadable module must have one of this structures with 263 * the external name 'config'. 264 */ 265struct snmp_module { 266 /* a comment describing what this module implements */ 267 const char *comment; 268 269 /* the initialization function */ 270 int (*init)(struct lmodule *, int argc, char *argv[]); 271 272 /* the finalisation function */ 273 int (*fini)(void); 274 275 /* the idle function */ 276 void (*idle)(void); 277 278 /* the dump function */ 279 void (*dump)(void); 280 281 /* re-configuration function */ 282 void (*config)(void); 283 284 /* start operation */ 285 void (*start)(void); 286 287 /* proxy a PDU */ 288 enum snmpd_proxy_err (*proxy)(struct snmp_pdu *, void *, 289 const struct asn_oid *, const struct sockaddr *, socklen_t, 290 enum snmpd_input_err, int32_t, int); 291 292 /* the tree this module is going to server */ 293 const struct snmp_node *tree; 294 u_int tree_size; 295 296 /* function called, when another module was unloaded/loaded */ 297 void (*loading)(const struct lmodule *, int); 298}; 299 300/* 301 * Stuff exported to modules 302 */ 303 304/* 305 * The system group. 306 */ 307struct systemg { 308 u_char *descr; 309 struct asn_oid object_id; 310 u_char *contact; 311 u_char *name; 312 u_char *location; 313 u_int32_t services; 314 u_int32_t or_last_change; 315}; 316extern struct systemg systemg; 317 318/* 319 * Community support. 320 * 321 * We have 2 fixed communities for SNMP read and write access. Modules 322 * can create their communities dynamically. They are deleted automatically 323 * if the module is unloaded. 324 */ 325#define COMM_INITIALIZE 0 326#define COMM_READ 1 327#define COMM_WRITE 2 328 329u_int comm_define(u_int, const char *descr, struct lmodule *, const char *str); 330const char * comm_string(u_int); 331 332/* community for current packet */ 333extern u_int community; 334 335/* 336 * SNMP User-based Security Model data. Modified via the snmp_usm(3) module. 337 */ 338struct snmpd_usmstat { 339 uint32_t unsupported_seclevels; 340 uint32_t not_in_time_windows; 341 uint32_t unknown_users; 342 uint32_t unknown_engine_ids; 343 uint32_t wrong_digests; 344 uint32_t decrypt_errors; 345}; 346 347extern struct snmpd_usmstat snmpd_usmstats; 348struct snmpd_usmstat *bsnmpd_get_usm_stats(void); 349void bsnmpd_reset_usm_stats(void); 350 351struct usm_user { 352 struct snmp_user suser; 353 uint8_t user_engine_id[SNMP_ENGINE_ID_SIZ]; 354 uint32_t user_engine_len; 355 char user_public[SNMP_ADM_STR32_SIZ]; 356 uint32_t user_public_len; 357 int32_t status; 358 int32_t type; 359 SLIST_ENTRY(usm_user) up; 360}; 361 362SLIST_HEAD(usm_userlist, usm_user); 363struct usm_user *usm_first_user(void); 364struct usm_user *usm_next_user(struct usm_user *); 365struct usm_user *usm_find_user(uint8_t *, uint32_t, char *); 366struct usm_user *usm_new_user(uint8_t *, uint32_t, char *); 367void usm_delete_user(struct usm_user *); 368void usm_flush_users(void); 369 370/* USM user for current packet */ 371extern struct usm_user *usm_user; 372 373/* 374 * SNMP View-based Access Control Model data. Modified via the snmp_vacm(3) module. 375 */ 376struct vacm_group; 377 378struct vacm_user { 379 /* Security user name from USM */ 380 char secname[SNMP_ADM_STR32_SIZ]; 381 int32_t sec_model; 382 /* Back pointer to user assigned group name */ 383 struct vacm_group *group; 384 int32_t type; 385 int32_t status; 386 SLIST_ENTRY(vacm_user) vvu; 387 SLIST_ENTRY(vacm_user) vvg; 388}; 389 390SLIST_HEAD(vacm_userlist, vacm_user); 391 392struct vacm_group { 393 char groupname[SNMP_ADM_STR32_SIZ]; 394 struct vacm_userlist group_users; 395 SLIST_ENTRY(vacm_group) vge; 396}; 397 398SLIST_HEAD(vacm_grouplist, vacm_group); 399 400struct vacm_access { 401 /* The group name is index, not a column in the table */ 402 struct vacm_group *group; 403 char ctx_prefix[SNMP_ADM_STR32_SIZ]; 404 int32_t sec_model; 405 int32_t sec_level; 406 int32_t ctx_match; 407 struct vacm_view *read_view; 408 struct vacm_view *write_view; 409 struct vacm_view *notify_view; 410 int32_t type; 411 int32_t status; 412 TAILQ_ENTRY(vacm_access) vva; 413}; 414 415TAILQ_HEAD(vacm_accesslist, vacm_access); 416 417struct vacm_view { 418 char viewname[SNMP_ADM_STR32_SIZ]; /* key */ 419 struct asn_oid subtree; /* key */ 420 uint8_t mask[16]; 421 uint8_t exclude; 422 int32_t type; 423 int32_t status; 424 SLIST_ENTRY(vacm_view) vvl; 425}; 426 427SLIST_HEAD(vacm_viewlist, vacm_view); 428 429struct vacm_context { 430 /* The ID of the module that registered this context */ 431 int32_t regid; 432 char ctxname[SNMP_ADM_STR32_SIZ]; 433 SLIST_ENTRY(vacm_context) vcl; 434}; 435 436SLIST_HEAD(vacm_contextlist, vacm_context); 437 438void vacm_groups_init(void); 439struct vacm_user *vacm_first_user(void); 440struct vacm_user *vacm_next_user(struct vacm_user *); 441struct vacm_user *vacm_new_user(int32_t, char *); 442int vacm_delete_user(struct vacm_user *); 443int vacm_user_set_group(struct vacm_user *, u_char *, u_int); 444struct vacm_access *vacm_first_access_rule(void); 445struct vacm_access *vacm_next_access_rule(struct vacm_access *); 446struct vacm_access *vacm_new_access_rule(char *, char *, int32_t, int32_t); 447int vacm_delete_access_rule(struct vacm_access *); 448struct vacm_view *vacm_first_view(void); 449struct vacm_view *vacm_next_view(struct vacm_view *); 450struct vacm_view *vacm_new_view(char *, struct asn_oid *); 451int vacm_delete_view(struct vacm_view *); 452struct vacm_context *vacm_first_context(void); 453struct vacm_context *vacm_next_context(struct vacm_context *); 454struct vacm_context *vacm_add_context(char *, int32_t); 455void vacm_flush_contexts(int32_t); 456 457/*
| 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 23 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 * $Begemot: bsnmp/snmpd/snmpmod.h,v 1.32 2006/02/14 09:04:20 brandt_h Exp $ 36 * 37 * SNMP daemon data and functions exported to modules. 38 */ 39#ifndef snmpmod_h_ 40#define snmpmod_h_ 41 42#include <sys/types.h> 43#include <sys/socket.h> 44#include <net/if.h> 45#include <netinet/in.h> 46#include "asn1.h" 47#include "snmp.h" 48#include "snmpagent.h" 49 50#define MAX_MOD_ARGS 16 51 52/* 53 * These macros help to handle object lists for SNMP tables. They use 54 * tail queues to hold the objects in ascending order in the list. 55 * ordering can be done either on an integer/unsigned field, an asn_oid 56 * or an ordering function. 57 */ 58#define INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \ 59 __typeof (PTR) _lelem; \ 60 \ 61 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 62 if (asn_compare_oid(&_lelem->INDEX, &(PTR)->INDEX) > 0) \ 63 break; \ 64 if (_lelem == NULL) \ 65 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 66 else \ 67 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 68 } while (0) 69 70#define INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, INDEX) do { \ 71 __typeof (PTR) _lelem; \ 72 \ 73 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 74 if ((asn_subid_t)_lelem->INDEX > (asn_subid_t)(PTR)->INDEX)\ 75 break; \ 76 if (_lelem == NULL) \ 77 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 78 else \ 79 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 80 } while (0) 81 82#define INSERT_OBJECT_FUNC_LINK(PTR, LIST, LINK, FUNC) do { \ 83 __typeof (PTR) _lelem; \ 84 \ 85 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 86 if ((FUNC)(_lelem, (PTR)) > 0) \ 87 break; \ 88 if (_lelem == NULL) \ 89 TAILQ_INSERT_TAIL((LIST), (PTR), LINK); \ 90 else \ 91 TAILQ_INSERT_BEFORE(_lelem, (PTR), LINK); \ 92 } while (0) 93 94#define INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, LINK, FUNC) do { \ 95 __typeof (PTR) _lelem; \ 96 \ 97 TAILQ_FOREACH_REVERSE(_lelem, (LIST), HEAD, LINK) \ 98 if ((FUNC)(_lelem, (PTR)) < 0) \ 99 break; \ 100 if (_lelem == NULL) \ 101 TAILQ_INSERT_HEAD((LIST), (PTR), LINK); \ 102 else \ 103 TAILQ_INSERT_AFTER((LIST), _lelem, (PTR), LINK); \ 104 } while (0) 105 106#define FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 107 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 108 \ 109 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 110 if (index_compare(OID, SUB, &_lelem->INDEX) == 0) \ 111 break; \ 112 (_lelem); \ 113 }) 114 115#define NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 116 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 117 \ 118 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 119 if (index_compare(OID, SUB, &_lelem->INDEX) < 0) \ 120 break; \ 121 (_lelem); \ 122 }) 123 124#define FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 125 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 126 \ 127 if ((OID)->len - SUB != 1) \ 128 _lelem = NULL; \ 129 else \ 130 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 131 if ((OID)->subs[SUB] == (asn_subid_t)_lelem->INDEX)\ 132 break; \ 133 (_lelem); \ 134 }) 135 136#define NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, INDEX) ({ \ 137 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 138 \ 139 if ((OID)->len - SUB == 0) \ 140 _lelem = TAILQ_FIRST(LIST); \ 141 else \ 142 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 143 if ((OID)->subs[SUB] < (asn_subid_t)_lelem->INDEX)\ 144 break; \ 145 (_lelem); \ 146 }) 147 148#define FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \ 149 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 150 \ 151 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 152 if ((FUNC)(OID, SUB, _lelem) == 0) \ 153 break; \ 154 (_lelem); \ 155 }) 156 157#define NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, LINK, FUNC) ({ \ 158 __typeof (TAILQ_FIRST(LIST)) _lelem; \ 159 \ 160 TAILQ_FOREACH(_lelem, (LIST), LINK) \ 161 if ((FUNC)(OID, SUB, _lelem) < 0) \ 162 break; \ 163 (_lelem); \ 164 }) 165 166/* 167 * Macros for the case where the index field is called 'index' 168 */ 169#define INSERT_OBJECT_OID_LINK(PTR, LIST, LINK) \ 170 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, LINK, index) 171 172#define INSERT_OBJECT_INT_LINK(PTR, LIST, LINK) do { \ 173 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, LINK, index) 174 175#define FIND_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \ 176 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index) 177 178#define NEXT_OBJECT_OID_LINK(LIST, OID, SUB, LINK) \ 179 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, LINK, index) 180 181#define FIND_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \ 182 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index) 183 184#define NEXT_OBJECT_INT_LINK(LIST, OID, SUB, LINK) \ 185 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, LINK, index) 186 187/* 188 * Macros for the case where the index field is called 'index' and the 189 * link field 'link'. 190 */ 191#define INSERT_OBJECT_OID(PTR, LIST) \ 192 INSERT_OBJECT_OID_LINK_INDEX(PTR, LIST, link, index) 193 194#define INSERT_OBJECT_INT(PTR, LIST) \ 195 INSERT_OBJECT_INT_LINK_INDEX(PTR, LIST, link, index) 196 197#define INSERT_OBJECT_FUNC_REV(PTR, LIST, HEAD, FUNC) \ 198 INSERT_OBJECT_FUNC_LINK_REV(PTR, LIST, HEAD, link, FUNC) 199 200#define FIND_OBJECT_OID(LIST, OID, SUB) \ 201 FIND_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index) 202 203#define FIND_OBJECT_INT(LIST, OID, SUB) \ 204 FIND_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index) 205 206#define FIND_OBJECT_FUNC(LIST, OID, SUB, FUNC) \ 207 FIND_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC) 208 209#define NEXT_OBJECT_OID(LIST, OID, SUB) \ 210 NEXT_OBJECT_OID_LINK_INDEX(LIST, OID, SUB, link, index) 211 212#define NEXT_OBJECT_INT(LIST, OID, SUB) \ 213 NEXT_OBJECT_INT_LINK_INDEX(LIST, OID, SUB, link, index) 214 215#define NEXT_OBJECT_FUNC(LIST, OID, SUB, FUNC) \ 216 NEXT_OBJECT_FUNC_LINK(LIST, OID, SUB, link, FUNC) 217 218struct lmodule; 219 220/* The tick when the program was started. This is the absolute time of 221 * the start in 100th of a second. */ 222extern uint64_t start_tick; 223 224/* The tick when the current packet was received. This is the absolute 225 * time in 100th of second. */ 226extern uint64_t this_tick; 227 228/* Get the current absolute time in 100th of a second. */ 229uint64_t get_ticks(void); 230 231/* 232 * Return code for proxy function 233 */ 234enum snmpd_proxy_err { 235 /* proxy code will process the PDU */ 236 SNMPD_PROXY_OK, 237 /* proxy code does not process PDU */ 238 SNMPD_PROXY_REJ, 239 /* drop this PDU */ 240 SNMPD_PROXY_DROP, 241 /* drop because of bad community */ 242 SNMPD_PROXY_BADCOMM, 243 /* drop because of bad community use */ 244 SNMPD_PROXY_BADCOMMUSE 245}; 246 247/* 248 * Input handling 249 */ 250enum snmpd_input_err { 251 /* proceed with packet */ 252 SNMPD_INPUT_OK, 253 /* fatal error in packet, ignore it */ 254 SNMPD_INPUT_FAILED, 255 /* value encoding has wrong length in a SET operation */ 256 SNMPD_INPUT_VALBADLEN, 257 /* value encoding is out of range */ 258 SNMPD_INPUT_VALRANGE, 259 /* value has bad encoding */ 260 SNMPD_INPUT_VALBADENC, 261 /* need more data (truncated packet) */ 262 SNMPD_INPUT_TRUNC, 263 /* unknown community */ 264 SNMPD_INPUT_BAD_COMM, 265}; 266 267/* 268 * Every loadable module must have one of this structures with 269 * the external name 'config'. 270 */ 271struct snmp_module { 272 /* a comment describing what this module implements */ 273 const char *comment; 274 275 /* the initialization function */ 276 int (*init)(struct lmodule *, int argc, char *argv[]); 277 278 /* the finalisation function */ 279 int (*fini)(void); 280 281 /* the idle function */ 282 void (*idle)(void); 283 284 /* the dump function */ 285 void (*dump)(void); 286 287 /* re-configuration function */ 288 void (*config)(void); 289 290 /* start operation */ 291 void (*start)(void); 292 293 /* proxy a PDU */ 294 enum snmpd_proxy_err (*proxy)(struct snmp_pdu *, void *, 295 const struct asn_oid *, const struct sockaddr *, socklen_t, 296 enum snmpd_input_err, int32_t, int); 297 298 /* the tree this module is going to server */ 299 const struct snmp_node *tree; 300 u_int tree_size; 301 302 /* function called, when another module was unloaded/loaded */ 303 void (*loading)(const struct lmodule *, int); 304}; 305 306/* 307 * Stuff exported to modules 308 */ 309 310/* 311 * The system group. 312 */ 313struct systemg { 314 u_char *descr; 315 struct asn_oid object_id; 316 u_char *contact; 317 u_char *name; 318 u_char *location; 319 u_int32_t services; 320 u_int32_t or_last_change; 321}; 322extern struct systemg systemg; 323 324/* 325 * Community support. 326 * 327 * We have 2 fixed communities for SNMP read and write access. Modules 328 * can create their communities dynamically. They are deleted automatically 329 * if the module is unloaded. 330 */ 331#define COMM_INITIALIZE 0 332#define COMM_READ 1 333#define COMM_WRITE 2 334 335u_int comm_define(u_int, const char *descr, struct lmodule *, const char *str); 336const char * comm_string(u_int); 337 338/* community for current packet */ 339extern u_int community; 340 341/* 342 * SNMP User-based Security Model data. Modified via the snmp_usm(3) module. 343 */ 344struct snmpd_usmstat { 345 uint32_t unsupported_seclevels; 346 uint32_t not_in_time_windows; 347 uint32_t unknown_users; 348 uint32_t unknown_engine_ids; 349 uint32_t wrong_digests; 350 uint32_t decrypt_errors; 351}; 352 353extern struct snmpd_usmstat snmpd_usmstats; 354struct snmpd_usmstat *bsnmpd_get_usm_stats(void); 355void bsnmpd_reset_usm_stats(void); 356 357struct usm_user { 358 struct snmp_user suser; 359 uint8_t user_engine_id[SNMP_ENGINE_ID_SIZ]; 360 uint32_t user_engine_len; 361 char user_public[SNMP_ADM_STR32_SIZ]; 362 uint32_t user_public_len; 363 int32_t status; 364 int32_t type; 365 SLIST_ENTRY(usm_user) up; 366}; 367 368SLIST_HEAD(usm_userlist, usm_user); 369struct usm_user *usm_first_user(void); 370struct usm_user *usm_next_user(struct usm_user *); 371struct usm_user *usm_find_user(uint8_t *, uint32_t, char *); 372struct usm_user *usm_new_user(uint8_t *, uint32_t, char *); 373void usm_delete_user(struct usm_user *); 374void usm_flush_users(void); 375 376/* USM user for current packet */ 377extern struct usm_user *usm_user; 378 379/* 380 * SNMP View-based Access Control Model data. Modified via the snmp_vacm(3) module. 381 */ 382struct vacm_group; 383 384struct vacm_user { 385 /* Security user name from USM */ 386 char secname[SNMP_ADM_STR32_SIZ]; 387 int32_t sec_model; 388 /* Back pointer to user assigned group name */ 389 struct vacm_group *group; 390 int32_t type; 391 int32_t status; 392 SLIST_ENTRY(vacm_user) vvu; 393 SLIST_ENTRY(vacm_user) vvg; 394}; 395 396SLIST_HEAD(vacm_userlist, vacm_user); 397 398struct vacm_group { 399 char groupname[SNMP_ADM_STR32_SIZ]; 400 struct vacm_userlist group_users; 401 SLIST_ENTRY(vacm_group) vge; 402}; 403 404SLIST_HEAD(vacm_grouplist, vacm_group); 405 406struct vacm_access { 407 /* The group name is index, not a column in the table */ 408 struct vacm_group *group; 409 char ctx_prefix[SNMP_ADM_STR32_SIZ]; 410 int32_t sec_model; 411 int32_t sec_level; 412 int32_t ctx_match; 413 struct vacm_view *read_view; 414 struct vacm_view *write_view; 415 struct vacm_view *notify_view; 416 int32_t type; 417 int32_t status; 418 TAILQ_ENTRY(vacm_access) vva; 419}; 420 421TAILQ_HEAD(vacm_accesslist, vacm_access); 422 423struct vacm_view { 424 char viewname[SNMP_ADM_STR32_SIZ]; /* key */ 425 struct asn_oid subtree; /* key */ 426 uint8_t mask[16]; 427 uint8_t exclude; 428 int32_t type; 429 int32_t status; 430 SLIST_ENTRY(vacm_view) vvl; 431}; 432 433SLIST_HEAD(vacm_viewlist, vacm_view); 434 435struct vacm_context { 436 /* The ID of the module that registered this context */ 437 int32_t regid; 438 char ctxname[SNMP_ADM_STR32_SIZ]; 439 SLIST_ENTRY(vacm_context) vcl; 440}; 441 442SLIST_HEAD(vacm_contextlist, vacm_context); 443 444void vacm_groups_init(void); 445struct vacm_user *vacm_first_user(void); 446struct vacm_user *vacm_next_user(struct vacm_user *); 447struct vacm_user *vacm_new_user(int32_t, char *); 448int vacm_delete_user(struct vacm_user *); 449int vacm_user_set_group(struct vacm_user *, u_char *, u_int); 450struct vacm_access *vacm_first_access_rule(void); 451struct vacm_access *vacm_next_access_rule(struct vacm_access *); 452struct vacm_access *vacm_new_access_rule(char *, char *, int32_t, int32_t); 453int vacm_delete_access_rule(struct vacm_access *); 454struct vacm_view *vacm_first_view(void); 455struct vacm_view *vacm_next_view(struct vacm_view *); 456struct vacm_view *vacm_new_view(char *, struct asn_oid *); 457int vacm_delete_view(struct vacm_view *); 458struct vacm_context *vacm_first_context(void); 459struct vacm_context *vacm_next_context(struct vacm_context *); 460struct vacm_context *vacm_add_context(char *, int32_t); 461void vacm_flush_contexts(int32_t); 462 463/*
|