blob: aabb7ed86df8e8a814d67b8c8df0dd5cfdc9b242 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
#ifndef SNMPSECMOD_H
#define SNMPSECMOD_H
#ifdef __cplusplus
extern "C" {
#endif
#include <net-snmp/library/snmp_transport.h>
/* Locally defined security models.
* (Net-SNMP enterprise number = 8072)*256 + local_num
*/
#define NETSNMP_SEC_MODEL_KSM 2066432
#define NETSNMP_KSM_SECURITY_MODEL NETSNMP_SEC_MODEL_KSM
#define NETSNMP_TSM_SECURITY_MODEL SNMP_SEC_MODEL_TSM
struct snmp_secmod_def;
/*
* parameter information passed to security model routines
*/
struct snmp_secmod_outgoing_params {
int msgProcModel;
u_char *globalData;
size_t globalDataLen;
int maxMsgSize;
int secModel;
u_char *secEngineID;
size_t secEngineIDLen;
char *secName;
size_t secNameLen;
int secLevel;
u_char *scopedPdu;
size_t scopedPduLen;
void *secStateRef;
u_char *secParams;
size_t *secParamsLen;
u_char **wholeMsg;
size_t *wholeMsgLen;
size_t *wholeMsgOffset;
netsnmp_pdu *pdu; /* IN - the pdu getting encoded */
netsnmp_session *session; /* IN - session sending the message */
};
struct snmp_secmod_incoming_params {
int msgProcModel; /* IN */
size_t maxMsgSize; /* IN - Used to calc maxSizeResponse. */
u_char *secParams; /* IN - BER encoded securityParameters. */
int secModel; /* IN */
int secLevel; /* IN - AuthNoPriv; authPriv etc. */
u_char *wholeMsg; /* IN - Original v3 message. */
size_t wholeMsgLen; /* IN - Msg length. */
u_char *secEngineID; /* OUT - Pointer snmpEngineID. */
size_t *secEngineIDLen; /* IN/OUT - Len available; len returned. */
/*
* NOTE: Memory provided by caller.
*/
char *secName; /* OUT - Pointer to securityName. */
size_t *secNameLen; /* IN/OUT - Len available; len returned. */
u_char **scopedPdu; /* OUT - Pointer to plaintext scopedPdu. */
size_t *scopedPduLen; /* IN/OUT - Len available; len returned. */
size_t *maxSizeResponse; /* OUT - Max size of Response PDU. */
void **secStateRef; /* OUT - Ref to security state. */
netsnmp_session *sess; /* IN - session which got the message */
netsnmp_pdu *pdu; /* IN - the pdu getting parsed */
u_char msg_flags; /* IN - v3 Message flags. */
};
/*
* function pointers:
*/
/*
* free's a given security module's data; called at unregistration time
*/
typedef int (SecmodSessionCallback) (netsnmp_session *);
typedef int (SecmodPduCallback) (netsnmp_pdu *);
typedef int (Secmod2PduCallback) (netsnmp_pdu *, netsnmp_pdu *);
typedef int (SecmodOutMsg) (struct snmp_secmod_outgoing_params *);
typedef int (SecmodInMsg) (struct snmp_secmod_incoming_params *);
typedef void (SecmodFreeState) (void *);
typedef void (SecmodHandleReport) (void *sessp,
netsnmp_transport *transport,
netsnmp_session *,
int result,
netsnmp_pdu *origpdu);
typedef int (SecmodDiscoveryMethod) (void *slp, netsnmp_session *session);
typedef int (SecmodPostDiscovery) (void *slp, netsnmp_session *session);
typedef int (SecmodSessionSetup) (netsnmp_session *in_session,
netsnmp_session *out_session);
/*
* definition of a security module
*/
/*
* all of these callback functions except the encoding and decoding
* routines are optional. The rest of them are available if need.
*/
struct snmp_secmod_def {
/*
* session maniplation functions
*/
SecmodSessionCallback *session_open; /* called in snmp_sess_open() */
SecmodSessionCallback *session_close; /* called in snmp_sess_close() */
SecmodSessionSetup *session_setup;
/*
* pdu manipulation routines
*/
SecmodPduCallback *pdu_free; /* called in free_pdu() */
Secmod2PduCallback *pdu_clone; /* called in snmp_clone_pdu() */
SecmodPduCallback *pdu_timeout; /* called when request timesout */
SecmodFreeState *pdu_free_state_ref; /* frees pdu->securityStateRef */
/*
* de/encoding routines: mandatory
*/
SecmodOutMsg *encode_reverse; /* encode packet back to front */
SecmodOutMsg *encode_forward; /* encode packet forward */
SecmodInMsg *decode; /* decode & validate incoming */
/*
* error and report handling
*/
SecmodHandleReport *handle_report;
/*
* default engineID discovery mechanism
*/
SecmodDiscoveryMethod *probe_engineid;
SecmodPostDiscovery *post_probe_engineid;
};
/*
* internal list
*/
struct snmp_secmod_list {
int securityModel;
struct snmp_secmod_def *secDef;
struct snmp_secmod_list *next;
};
/*
* register a security service
*/
int register_sec_mod(int, const char *,
struct snmp_secmod_def *);
/*
* find a security service definition
*/
NETSNMP_IMPORT
struct snmp_secmod_def *find_sec_mod(int);
/*
* register a security service
*/
int unregister_sec_mod(int); /* register a security service */
void init_secmod(void);
NETSNMP_IMPORT
void shutdown_secmod(void);
/*
* clears the sec_mod list
*/
NETSNMP_IMPORT
void clear_sec_mod(void);
#ifdef __cplusplus
}
#endif
#endif /* SNMPSECMOD_H */
|
