📄 vacm.c
字号:
/* * vacm.c * * SNMPv3 View-based Access Control Model */#include <net-snmp/net-snmp-config.h>#if HAVE_STDLIB_H#include <stdlib.h>#endif#if HAVE_STRING_H#include <string.h>#else#include <strings.h>#endif#if HAVE_UNISTD_H#include <unistd.h>#endif#include <sys/types.h>#include <stdio.h>#if TIME_WITH_SYS_TIME# ifdef WIN32# include <sys/timeb.h># else# include <sys/time.h># endif# include <time.h>#else# if HAVE_SYS_TIME_H# include <sys/time.h># else# include <time.h># endif#endif#if HAVE_WINSOCK_H#include <winsock.h>#endif#if HAVE_NETINET_IN_H#include <netinet/in.h>#endif#if HAVE_DMALLOC_H#include <dmalloc.h>#endif#include <net-snmp/types.h>#include <net-snmp/output_api.h>#include <net-snmp/config_api.h>#include <net-snmp/library/snmp_api.h>#include <net-snmp/library/vacm.h>static struct vacm_viewEntry *viewList = NULL, *viewScanPtr = NULL;static struct vacm_accessEntry *accessList = NULL, *accessScanPtr = NULL;static struct vacm_groupEntry *groupList = NULL, *groupScanPtr = NULL;voidvacm_save(const char *token, const char *type){ struct vacm_viewEntry *vptr; struct vacm_accessEntry *aptr; struct vacm_groupEntry *gptr; for (vptr = viewList; vptr != NULL; vptr = vptr->next) { if (vptr->viewStorageType == ST_NONVOLATILE) vacm_save_view(vptr, token, type); } for (aptr = accessList; aptr != NULL; aptr = aptr->next) { if (aptr->storageType == ST_NONVOLATILE) vacm_save_access(aptr, token, type); } for (gptr = groupList; gptr != NULL; gptr = gptr->next) { if (gptr->storageType == ST_NONVOLATILE) vacm_save_group(gptr, token, type); }}/* * vacm_save_view(): saves a view entry to the persistent cache */voidvacm_save_view(struct vacm_viewEntry *view, const char *token, const char *type){ char line[4096]; char *cptr; memset(line, 0, sizeof(line)); snprintf(line, sizeof(line), "%s%s %d %d %d ", token, "View", view->viewStatus, view->viewStorageType, view->viewType); line[ sizeof(line)-1 ] = 0; cptr = &line[strlen(line)]; /* the NULL */ cptr = read_config_save_octet_string(cptr, (u_char *) view->viewName + 1, view->viewName[0] + 1); *cptr++ = ' '; cptr = read_config_save_objid(cptr, view->viewSubtree, view->viewSubtreeLen); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) view->viewMask, view->viewMaskLen); read_config_store(type, line);}voidvacm_parse_config_view(const char *token, char *line){ struct vacm_viewEntry view; struct vacm_viewEntry *vptr; char *viewName = (char *) &view.viewName; oid *viewSubtree = (oid *) & view.viewSubtree; u_char *viewMask; size_t len; view.viewStatus = atoi(line); line = skip_token(line); view.viewStorageType = atoi(line); line = skip_token(line); view.viewType = atoi(line); line = skip_token(line); line = read_config_read_octet_string(line, (u_char **) & viewName, &len); view.viewSubtreeLen = MAX_OID_LEN; line = read_config_read_objid(line, (oid **) & viewSubtree, &view.viewSubtreeLen); vptr = vacm_createViewEntry(view.viewName, view.viewSubtree, view.viewSubtreeLen); if (!vptr) return; vptr->viewStatus = view.viewStatus; vptr->viewStorageType = view.viewStorageType; vptr->viewType = view.viewType; viewMask = (u_char *) vptr->viewMask; line = read_config_read_octet_string(line, (u_char **) & viewMask, &vptr->viewMaskLen);}/* * vacm_save_access(): saves an access entry to the persistent cache */voidvacm_save_access(struct vacm_accessEntry *access_entry, const char *token, const char *type){ char line[4096]; char *cptr; memset(line, 0, sizeof(line)); snprintf(line, sizeof(line), "%s%s %d %d %d %d %d ", token, "Access", access_entry->status, access_entry->storageType, access_entry->securityModel, access_entry->securityLevel, access_entry->contextMatch); line[ sizeof(line)-1 ] = 0; cptr = &line[strlen(line)]; /* the NULL */ cptr = read_config_save_octet_string(cptr, (u_char *) access_entry->groupName + 1, access_entry->groupName[0] + 1); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) access_entry->contextPrefix + 1, access_entry->contextPrefix[0] + 1); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) access_entry->readView, strlen(access_entry->readView) + 1); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) access_entry->writeView, strlen(access_entry->writeView) + 1); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) access_entry->notifyView, strlen(access_entry->notifyView) + 1); read_config_store(type, line);}voidvacm_parse_config_access(const char *token, char *line){ struct vacm_accessEntry access; struct vacm_accessEntry *aptr; char *contextPrefix = (char *) &access.contextPrefix; char *groupName = (char *) &access.groupName; char *readView, *writeView, *notifyView; size_t len; access.status = atoi(line); line = skip_token(line); access.storageType = atoi(line); line = skip_token(line); access.securityModel = atoi(line); line = skip_token(line); access.securityLevel = atoi(line); line = skip_token(line); access.contextMatch = atoi(line); line = skip_token(line); line = read_config_read_octet_string(line, (u_char **) & groupName, &len); line = read_config_read_octet_string(line, (u_char **) & contextPrefix, &len); aptr = vacm_createAccessEntry(access.groupName, access.contextPrefix, access.securityModel, access.securityLevel); if (!aptr) return; aptr->status = access.status; aptr->storageType = access.storageType; aptr->securityModel = access.securityModel; aptr->securityLevel = access.securityLevel; aptr->contextMatch = access.contextMatch; readView = (char *) aptr->readView; line = read_config_read_octet_string(line, (u_char **) & readView, &len); writeView = (char *) aptr->writeView; line = read_config_read_octet_string(line, (u_char **) & writeView, &len); notifyView = (char *) aptr->notifyView; line = read_config_read_octet_string(line, (u_char **) & notifyView, &len);}/* * vacm_save_group(): saves a group entry to the persistent cache */voidvacm_save_group(struct vacm_groupEntry *group_entry, const char *token, const char *type){ char line[4096]; char *cptr; memset(line, 0, sizeof(line)); snprintf(line, sizeof(line), "%s%s %d %d %d ", token, "Group", group_entry->status, group_entry->storageType, group_entry->securityModel); line[ sizeof(line)-1 ] = 0; cptr = &line[strlen(line)]; /* the NULL */ cptr = read_config_save_octet_string(cptr, (u_char *) group_entry->securityName + 1, group_entry->securityName[0] + 1); *cptr++ = ' '; cptr = read_config_save_octet_string(cptr, (u_char *) group_entry->groupName, strlen(group_entry->groupName) + 1); read_config_store(type, line);}voidvacm_parse_config_group(const char *token, char *line){ struct vacm_groupEntry group; struct vacm_groupEntry *gptr; char *securityName = (char *) &group.securityName; char *groupName; size_t len; group.status = atoi(line); line = skip_token(line); group.storageType = atoi(line); line = skip_token(line); group.securityModel = atoi(line); line = skip_token(line); line = read_config_read_octet_string(line, (u_char **) & securityName, &len); gptr = vacm_createGroupEntry(group.securityModel, group.securityName); if (!gptr) return; gptr->status = group.status; gptr->storageType = group.storageType; groupName = (char *) gptr->groupName; line = read_config_read_octet_string(line, (u_char **) & groupName, &len);}struct vacm_viewEntry *vacm_getViewEntry(const char *viewName, oid * viewSubtree, size_t viewSubtreeLen, int mode){ struct vacm_viewEntry *vp, *vpret = NULL; char view[VACMSTRINGLEN]; int found, glen; int count=0; glen = (int) strlen(viewName); if (glen < 0 || glen >= VACM_MAX_STRING) return NULL; view[0] = glen; strcpy(view + 1, viewName); for (vp = viewList; vp; vp = vp->next) { if (!memcmp(view, vp->viewName, glen + 1) && viewSubtreeLen >= (vp->viewSubtreeLen - 1)) { int mask = 0x80, maskpos = 0; int oidpos; found = 1; if (mode != VACM_MODE_IGNORE_MASK) { /* check the mask */ for (oidpos = 0; found && oidpos < (int) vp->viewSubtreeLen - 1; oidpos++) { if ((vp->viewMask[maskpos] & mask) != 0) { if (viewSubtree[oidpos] != vp->viewSubtree[oidpos + 1]) found = 0; } if (mask == 1) { mask = 0x80; maskpos++; } else mask >>= 1; } } if (found) { /* * match successful, keep this node if its longer than * the previous or (equal and lexicographically greater * than the previous). */ count++; if (mode == VACM_MODE_CHECK_SUBTREE) { vpret = vp; } else if (vpret == NULL || vp->viewSubtreeLen > vpret->viewSubtreeLen || (vp->viewSubtreeLen == vpret->viewSubtreeLen && snmp_oid_compare(vp->viewSubtree + 1, vp->viewSubtreeLen - 1, vpret->viewSubtree + 1, vpret->viewSubtreeLen - 1) > 0)) { vpret = vp; } } } } DEBUGMSGTL(("vacm:getView", ", %s\n", (vpret) ? "found" : "none")); if (mode == VACM_MODE_CHECK_SUBTREE && count > 1) { return NULL; } return vpret;}voidvacm_scanViewInit(void){ viewScanPtr = viewList;}struct vacm_viewEntry *vacm_scanViewNext(void){ struct vacm_viewEntry *returnval = viewScanPtr; if (viewScanPtr) viewScanPtr = viewScanPtr->next; return returnval;}struct vacm_viewEntry *vacm_createViewEntry(const char *viewName, oid * viewSubtree, size_t viewSubtreeLen){ struct vacm_viewEntry *vp, *lp, *op = NULL; int cmp, cmp2, glen; glen = (int) strlen(viewName); if (glen < 0 || glen >= VACM_MAX_STRING) return NULL; vp = (struct vacm_viewEntry *) calloc(1, sizeof(struct vacm_viewEntry)); if (vp == NULL) return NULL; vp->reserved =⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -