| 338311 |
25-Aug-2018 |
eugen |
MFC 338013: bsnmpd(8): fix and optimize interface description processing
* correctly prepare a buffer to obtain interface description from a kernel
and truncate long description instead of dropping it altogether and
spamming logs;
* skip calling strlen() for each description and each SNMP request
for MIB-II/ifXTable's ifAlias.
* teach bsnmpd to allocate memory dynamically for interface descriptions
to decrease memory usage for common case and not to break
if long description occurs;
PR: 217763
Reviewed by: harti and others
Differential Revision: https://reviews.freebsd.org/D16459 |
| 312261 |
16-Jan-2017 |
ngie |
MFC r311742:
Add a REVISION section to track changes for the BEGEMOT-IP-MIB MIB file
There haven't been any changes to the MIB definition, so the REVISION
remains static at the version it was imported at |
| 312089 |
14-Jan-2017 |
ngie |
MFC r310950:
MIB-II: use strlcpy when copying interface names to .ifr_name
.ifra_name is assumed to be NUL terminated; using strlcpy(3)
ensures that it's indeed NUL terminated whereas strncpy does
not.
Tested and verified as follows with a combination of ifconfig,
snmpget, and snmpset:
% ifconfig create lo1 127.0.0.2/8
% SNMPARGS="-v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des -X bsnmptest localhost"
% snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
% snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 2
IF-MIB::ifAdminStatus.4 = INTEGER: down(2)
% snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
IF-MIB::ifAdminStatus.4 = INTEGER: down(2)
% snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 1
IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
% snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
CID: 1009652-1009656, 1349850 |
| 312045 |
13-Jan-2017 |
ngie |
MFC r311733:
Use nitems(mib) instead of hardcoding mib's length when calling sysctl(3) |
| 312042 |
13-Jan-2017 |
ngie |
MFC r311282:
snmp_mibII(3) requires net/if.h and net/if_mib.h
Document that requirement |
| 311725 |
09-Jan-2017 |
ngie |
MFC r311505:
Remove unnecessary __unused attribute attached to `ctx` in op_begemot_mibII(..) |
| 311598 |
07-Jan-2017 |
ngie |
MFC r310952:
MIB-II: use strlcpy instead of strcpy when copying {descr,name}
This is of course to avoid buffer overruns
The remaining strcpy instance in the module needs to be audited for
correctness
CID: 1006827, 1006828 |
| 311468 |
06-Jan-2017 |
ngie |
MFstable/11 r311467:
MFC r310873:
Guard against use-after-free after calling mibif_free(..)
Set variables to NULL after calling free.
Also, remove unnecessary if (x != NULL) checks before calling free(x) |
| 311139 |
02-Jan-2017 |
ngie |
MFstable/11 r311107:
MFC r310865:
Fix whitespace in a comment and fixing a spelling error in a comment |
| 310903 |
31-Dec-2016 |
ngie |
MFstable/11 r310901:
MFC r310648:
style(9): clean up trailing whitespace |
| 301663 |
08-Jun-2016 |
ngie |
MFC r294507,r294567,r299466:
r294507 (by harti):
Fill the ifAlias leaf of the ifXTable with the interface description
if there is one available and it fits into the maximum size (64 characters).
r294567 (by bz):
Change the variable to a #define in order to make gcc happy which
otherwise will complain about "variably modified 'alias' at file scope".
Unbreaks the build on gcc platforms.
r299466 (by cem):
bsnmpd: Fix size of trapsink::comm to match other community arrays
This fixes a number of possible strcpy() buffer overruns between the various
community strings in trap.c.
CIDs: 1006820, 1006821, 1006822 |
| 301661 |
08-Jun-2016 |
ngie |
MFC r256678,r256680,r260986,r272878,r286402:
r256678 (by syrinx):
Fix SNMP Error response PDUs and properly encode them when using v3 auth/encryption.
r256680 (by syrinx):
Fix the -Wconversion warnings produced when compiling the SNMP agent.
r260986 (by harti):
Fix a problem with OBJECT IDENTIFIER encoding: need to check the
second subid to be less than 40, not the first when the first
subid is 0 or 1.
r272878 (by syrinx):
Fix a bug in decoding string indexes in snmp_target(3), thus causing
bsnmpd(1) to not send v3 notifications properly; while here add two
missing return statements which could lead to abort() in case of a
rollback
r286402 (by araujo):
Fix variable 'old' is used uninitialized whenever '&&' condition is false.
Spotted by clang. |
| 299638 |
13-May-2016 |
ngie |
MFC r298462:
Return `ret` in op_ifentry(..) to mute a -Wunused-but-set-variable warning
This will also now detect error conditions with
value->var.subs[sub - 1] == LEAF_ifPhysAddress where `string_get(..)`
could fail if iifp->physaddr and/or iifp->physaddrlen were deemed
invalid.
CID: 1006551 |
| 295386 |
07-Feb-2016 |
bz |
MFC r295202:
Try to fix a bug introduced in r228623 (head).
We started to copy the ifa_msghdr as otherwise platforms with strict
alignment would break. It is unclear to me if there's also a problem with
access to the address list following the structure.
However we never copied the address list after the structure and thus are
pointing at random memory. For now just use a pointer to the original
memory for accessing the address list making it at least work on
platforms with weak memory access.
PR: 195445
Reported by: wolfgang lyxys.ka.sub.org
Tested by: wolfgang lyxys.ka.sub.org (x86)
Approved by: re (marius) |
| 256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| 249896 |
25-Apr-2013 |
glebius |
Restore the ipNetToMedia MIB, that was broken with new ARP commit
in the r186119.
Submitted by: Konstantin Kukushkin <dark rambler-co.ru>
|
| 241685 |
18-Oct-2012 |
glebius |
Looks like support.h is really not needed here.
|
| 241656 |
18-Oct-2012 |
emax |
put another bandaid on the build until i figure out bsnmp headers
|
| 241654 |
17-Oct-2012 |
emax |
fix build
MFC after: 1 week
|
| 236693 |
06-Jun-2012 |
emax |
Count both IPv4 and IPv6 TCP connections in tcpCurrEstab
Timeout from: current, syrinx
MFC after: 1 week
|
| 228623 |
17-Dec-2011 |
bz |
Adter r228571 unbreak architectures with strict alignment rules
by copying rather than casting.
|
| 221373 |
03-May-2011 |
ru |
Properly detect interface's state in the LINK_STATE_UNKNOWN case.
MFC after: 1 week
|
| 210946 |
06-Aug-2010 |
yongari |
Fix a typo introduced in r210936 which broke build.
|
| 210936 |
06-Aug-2010 |
jhb |
Ethernet vlan(4) interfaces have valid Ethernet link layer addresses but
use a different interface type (IFT_L2VLAN vs IFT_ETHER). Treat IFT_L2VLAN
interfaces like IFT_ETHER interfaces when handling link layer addresses.
Reviewed by: syrinx (bsnmpd)
MFC after: 1 week
|
| 208483 |
24-May-2010 |
uqs |
mdoc: consistently spell our email addresses <foo@FreeBSD.org>
Reviewed by: ru
Approved by: harti
|
| 200063 |
03-Dec-2009 |
syrinx |
Fix a problem with high CPU consumption (up to 30%) by bsnmpd on a loaded system.
Instead of constantly calling the mibII_idle function when the server is not busy
call the function only once every 10 seconds to avoid bsnmpd constantly doing
gettimeofday syscalls. Make the idle polling interval confugurable via
begemotIfDataPoll.
Reported and tested by: misho (at) aitbg (dot) com
Oked by: harti
MFC after: 1 week
|
| 188760 |
18-Feb-2009 |
imp |
Add an extra (void *) cast. The struct if_msghdr has an 8 byte
alignment requirement, while rt_msghdr has a 4 byte alignment
requirement. The root cause is that if_msghdr has an struct if_data
which has an 8-byte alignment requirement due to a time_t that's
embedded in it. On MIPS, time_t is a 64-bit number, so must be 64-bit
aligned.
Since we don't access ifm_data.ifi_epoch, a simple cast is all that's
necessary here. It is likely the case that ifi_epoch should *NOT* be
a time_t because it is an uptime (time delta) an not an absolute time
since 1970. u_long is likely sufficient there since that gives an
uptime of 136 years will suffice for the foreseeable future.
|
| 186119 |
15-Dec-2008 |
qingli |
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
|
| 163800 |
30-Oct-2006 |
harti |
This commit was generated by cvs2svn to compensate for changes in r163799,
which included commits to RCS files with non-trunk default branches.
|
| 156067 |
27-Feb-2006 |
harti |
This commit was generated by cvs2svn to compensate for changes in r156066,
which included commits to RCS files with non-trunk default branches.
|
| 155603 |
13-Feb-2006 |
harti |
This commit was generated by cvs2svn to compensate for changes in r155602,
which included commits to RCS files with non-trunk default branches.
|
| 155507 |
10-Feb-2006 |
harti |
This commit was generated by cvs2svn to compensate for changes in r155506,
which included commits to RCS files with non-trunk default branches.
|
| 154185 |
10-Jan-2006 |
harti |
This commit was generated by cvs2svn to compensate for changes in r154184,
which included commits to RCS files with non-trunk default branches.
|
| 151971 |
02-Nov-2005 |
harti |
This commit was generated by cvs2svn to compensate for changes in r151970,
which included commits to RCS files with non-trunk default branches.
|
| 150921 |
04-Oct-2005 |
harti |
This commit was generated by cvs2svn to compensate for changes in r150920,
which included commits to RCS files with non-trunk default branches.
|
| 146610 |
25-May-2005 |
harti |
This commit was generated by cvs2svn to compensate for changes in r146609,
which included commits to RCS files with non-trunk default branches.
|
| 146526 |
23-May-2005 |
harti |
This commit was generated by cvs2svn to compensate for changes in r146525,
which included commits to RCS files with non-trunk default branches.
|
| 142811 |
28-Feb-2005 |
harti |
This commit was generated by cvs2svn to compensate for changes in r142810,
which included commits to RCS files with non-trunk default branches.
|
| 133212 |
06-Aug-2004 |
harti |
This commit was generated by cvs2svn to compensate for changes in r133211,
which included commits to RCS files with non-trunk default branches.
|
| 128238 |
14-Apr-2004 |
harti |
This commit was generated by cvs2svn to compensate for changes in r128237,
which included commits to RCS files with non-trunk default branches.
|
| 124862 |
23-Jan-2004 |
harti |
This commit was generated by cvs2svn to compensate for changes in r124861,
which included commits to RCS files with non-trunk default branches.
|
| 122395 |
10-Nov-2003 |
harti |
This commit was generated by cvs2svn to compensate for changes in r122394,
which included commits to RCS files with non-trunk default branches.
|