📄 usmuser.c
字号:
struct usmUser *uptr; unsigned char buf[SNMP_MAXBUF_SMALL]; size_t buflen = SNMP_MAXBUF_SMALL; const char fnAuthKey[] = "write_usmUserAuthKeyChange"; const char fnOwnAuthKey[] = "write_usmUserOwnAuthKeyChange"; const char *fname; static unsigned char *oldkey; static size_t oldkeylen; static int resetOnFail; if (name[USM_MIB_LENGTH - 1] == 6) { fname = fnAuthKey; } else { fname = fnOwnAuthKey; } if (action == RESERVE1) { resetOnFail = 0; if (var_val_type != ASN_OCTET_STR) { DEBUGMSGTL(("usmUser", "write to %s not ASN_OCTET_STR\n", fname)); return SNMP_ERR_WRONGTYPE; } if (var_val_len == 0) { return SNMP_ERR_WRONGLENGTH; } } else if (action == RESERVE2) { if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_INCONSISTENTNAME; } else {#ifndef DISABLE_MD5 if (snmp_oid_compare(uptr->authProtocol, uptr->authProtocolLen, usmHMACMD5AuthProtocol, sizeof(usmHMACMD5AuthProtocol) / sizeof(oid)) == 0) { if (var_val_len != 0 && var_val_len != 32) { return SNMP_ERR_WRONGLENGTH; } } else#endif if (snmp_oid_compare (uptr->authProtocol, uptr->authProtocolLen, usmHMACSHA1AuthProtocol, sizeof(usmHMACSHA1AuthProtocol) / sizeof(oid)) == 0) { if (var_val_len != 0 && var_val_len != 40) { return SNMP_ERR_WRONGLENGTH; } } } } else if (action == ACTION) { if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_INCONSISTENTNAME; } if (uptr->cloneFrom == NULL) { return SNMP_ERR_INCONSISTENTNAME; } if (snmp_oid_compare(uptr->authProtocol, uptr->authProtocolLen, usmNoAuthProtocol, sizeof(usmNoAuthProtocol) / sizeof(oid)) == 0) { /* * "When the value of the corresponding usmUserAuthProtocol is * usmNoAuthProtocol, then a set is successful, but effectively * is a no-op." */ DEBUGMSGTL(("usmUser", "%s: noAuthProtocol keyChange... success!\n", fname)); return SNMP_ERR_NOERROR; } /* * Change the key. */ DEBUGMSGTL(("usmUser", "%s: changing auth key for user %s\n", fname, uptr->secName)); if (decode_keychange(uptr->authProtocol, uptr->authProtocolLen, uptr->authKey, uptr->authKeyLen, var_val, var_val_len, buf, &buflen) != SNMPERR_SUCCESS) { DEBUGMSGTL(("usmUser", "%s: ... failed\n", fname)); return SNMP_ERR_GENERR; } DEBUGMSGTL(("usmUser", "%s: ... succeeded\n", fname)); resetOnFail = 1; oldkey = uptr->authKey; oldkeylen = uptr->authKeyLen; memdup(&uptr->authKey, buf, buflen); if (uptr->authKey == NULL) { return SNMP_ERR_RESOURCEUNAVAILABLE; } uptr->authKeyLen = buflen; } else if (action == COMMIT) { SNMP_FREE(oldkey); oldkey = NULL; } else if (action == UNDO) { if ((uptr = usm_parse_user(name, name_len)) != NULL && resetOnFail) { SNMP_FREE(uptr->authKey); uptr->authKey = oldkey; uptr->authKeyLen = oldkeylen; } } return SNMP_ERR_NOERROR;} /* end write_usmUserAuthKeyChange() */intwrite_usmUserPrivProtocol(int action, u_char * var_val, u_char var_val_type, size_t var_val_len, u_char * statP, oid * name, size_t name_len){ static oid *optr; static size_t olen; static int resetOnFail; struct usmUser *uptr; if (action == RESERVE1) { resetOnFail = 0; if (var_val_type != ASN_OBJECT_ID) { DEBUGMSGTL(("usmUser", "write to usmUserPrivProtocol not ASN_OBJECT_ID\n")); return SNMP_ERR_WRONGTYPE; } if (var_val_len > USM_LENGTH_OID_MAX * sizeof(oid) || var_val_len % sizeof(oid) != 0) { DEBUGMSGTL(("usmUser", "write to usmUserPrivProtocol: bad length\n")); return SNMP_ERR_WRONGLENGTH; } } else if (action == RESERVE2) { if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_INCONSISTENTNAME; } if (uptr->userStatus == RS_ACTIVE || uptr->userStatus == RS_NOTREADY || uptr->userStatus == RS_NOTINSERVICE) { /* * The privProtocol is already set. It is only legal to CHANGE it * to usmNoPrivProtocol. */ if (snmp_oid_compare ((oid *) var_val, var_val_len / sizeof(oid), usmNoPrivProtocol, sizeof(usmNoPrivProtocol) / sizeof(oid)) == 0) { resetOnFail = 1; optr = uptr->privProtocol; olen = uptr->privProtocolLen; uptr->privProtocol = snmp_duplicate_objid((oid *) var_val, var_val_len / sizeof(oid)); if (uptr->privProtocol == NULL) { return SNMP_ERR_RESOURCEUNAVAILABLE; } uptr->privProtocolLen = var_val_len / sizeof(oid); } else if (snmp_oid_compare ((oid *) var_val, var_val_len / sizeof(oid), uptr->privProtocol, uptr->privProtocolLen) == 0) { /* * But it's also okay to set it to the same thing as it * currently is. */ return SNMP_ERR_NOERROR; } else { return SNMP_ERR_INCONSISTENTVALUE; } } else { /* * This row is under creation. It's okay to set * usmUserPrivProtocol to any valid privProtocol with the proviso * that if usmUserAuthProtocol is set to usmNoAuthProtocol, it may * only be set to usmNoPrivProtocol. The value will be overwritten * when usmUserCloneFrom is set (so don't write it if that has * already been set). */ if (snmp_oid_compare(uptr->authProtocol, uptr->authProtocolLen, usmNoAuthProtocol, sizeof(usmNoAuthProtocol) / sizeof(oid)) == 0) { if (snmp_oid_compare ((oid *) var_val, var_val_len / sizeof(oid), usmNoPrivProtocol, sizeof(usmNoPrivProtocol) / sizeof(oid)) != 0) { return SNMP_ERR_INCONSISTENTVALUE; } } else { if (snmp_oid_compare ((oid *) var_val, var_val_len / sizeof(oid), usmNoPrivProtocol, sizeof(usmNoPrivProtocol) / sizeof(oid)) != 0#ifndef DISABLE_DES && snmp_oid_compare((oid *) var_val, var_val_len / sizeof(oid), usmDESPrivProtocol, sizeof(usmDESPrivProtocol) / sizeof(oid) != 0)#endif && snmp_oid_compare((oid *) var_val, var_val_len / sizeof(oid), usmAESPrivProtocol, sizeof(usmAESPrivProtocol) / sizeof(oid) != 0)) { return SNMP_ERR_WRONGVALUE; } } resetOnFail = 1; optr = uptr->privProtocol; olen = uptr->privProtocolLen; uptr->privProtocol = snmp_duplicate_objid((oid *) var_val, var_val_len / sizeof(oid)); if (uptr->privProtocol == NULL) { return SNMP_ERR_RESOURCEUNAVAILABLE; } uptr->privProtocolLen = var_val_len / sizeof(oid); } } else if (action == COMMIT) { SNMP_FREE(optr); optr = NULL; } else if (action == FREE || action == UNDO) { if ((uptr = usm_parse_user(name, name_len)) != NULL) { if (resetOnFail) { SNMP_FREE(uptr->privProtocol); uptr->privProtocol = optr; uptr->privProtocolLen = olen; } } } return SNMP_ERR_NOERROR;} /* end write_usmUserPrivProtocol() *//* * Note: This function handles both the usmUserPrivKeyChange and * usmUserOwnPrivKeyChange objects. We are not passed the name * of the user requseting the keychange, so we leave this to the * calling module to verify when and if we should be called. To * change this would require a change in the mib module API to * pass in the securityName requesting the change. * */intwrite_usmUserPrivKeyChange(int action, u_char * var_val, u_char var_val_type, size_t var_val_len, u_char * statP, oid * name, size_t name_len){ struct usmUser *uptr; unsigned char buf[SNMP_MAXBUF_SMALL]; size_t buflen = SNMP_MAXBUF_SMALL; const char fnPrivKey[] = "write_usmUserPrivKeyChange"; const char fnOwnPrivKey[] = "write_usmUserOwnPrivKeyChange"; const char *fname; static unsigned char *oldkey; static size_t oldkeylen; static int resetOnFail; if (name[USM_MIB_LENGTH - 1] == 9) { fname = fnPrivKey; } else { fname = fnOwnPrivKey; } if (action == RESERVE1) { resetOnFail = 0; if (var_val_type != ASN_OCTET_STR) { DEBUGMSGTL(("usmUser", "write to %s not ASN_OCTET_STR\n", fname)); return SNMP_ERR_WRONGTYPE; } if (var_val_len == 0) { return SNMP_ERR_WRONGLENGTH; } } else if (action == RESERVE2) { if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_INCONSISTENTNAME; } else {#ifndef DISABLE_DES if (snmp_oid_compare(uptr->privProtocol, uptr->privProtocolLen, usmDESPrivProtocol, sizeof(usmDESPrivProtocol) / sizeof(oid)) == 0) { if (var_val_len != 0 && var_val_len != 32) { return SNMP_ERR_WRONGLENGTH; } }#endif if (snmp_oid_compare(uptr->privProtocol, uptr->privProtocolLen, usmAESPrivProtocol, sizeof(usmAESPrivProtocol) / sizeof(oid)) == 0) { if (var_val_len != 0 && var_val_len != 32) { return SNMP_ERR_WRONGLENGTH; } } } } else if (action == ACTION) { if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_INCONSISTENTNAME; } if (uptr->cloneFrom == NULL) { return SNMP_ERR_INCONSISTENTNAME; } if (snmp_oid_compare(uptr->privProtocol, uptr->privProtocolLen, usmNoPrivProtocol, sizeof(usmNoPrivProtocol) / sizeof(oid)) == 0) { /* * "When the value of the corresponding usmUserPrivProtocol is * usmNoPrivProtocol, then a set is successful, but effectively * is a no-op." */ DEBUGMSGTL(("usmUser", "%s: noPrivProtocol keyChange... success!\n", fname)); return SNMP_ERR_NOERROR; } /* * Change the key. */ DEBUGMSGTL(("usmUser", "%s: changing priv key for user %s\n", fname, uptr->secName)); if (decode_keychange(uptr->authProtocol, uptr->authProtocolLen, uptr->privKey, uptr->privKeyLen, var_val, var_val_len, buf, &buflen) != SNMPERR_SUCCESS) { DEBUGMSGTL(("usmUser", "%s: ... failed\n", fname)); return SNMP_ERR_GENERR; } DEBUGMSGTL(("usmUser", "%s: ... succeeded\n", fname)); resetOnFail = 1; oldkey = uptr->privKey; oldkeylen = uptr->privKeyLen; memdup(&uptr->privKey, buf, buflen); if (uptr->privKey == NULL) { return SNMP_ERR_RESOURCEUNAVAILABLE; } uptr->privKeyLen = buflen; } else if (action == COMMIT) { SNMP_FREE(oldkey); oldkey = NULL; } else if (action == UNDO) { if ((uptr = usm_parse_user(name, name_len)) != NULL && resetOnFail) { SNMP_FREE(uptr->privKey); uptr->privKey = oldkey; uptr->privKeyLen = oldkeylen; } } return SNMP_ERR_NOERROR;} /* end write_usmUserPrivKeyChange() */intwrite_usmUserPublic(int action, u_char * var_val, u_char var_val_type, size_t var_val_len, u_char * statP, oid * name, size_t name_len){ struct usmUser *uptr = NULL; if (var_val_type != ASN_OCTET_STR) { DEBUGMSGTL(("usmUser", "write to usmUserPublic not ASN_OCTET_STR\n")); return SNMP_ERR_WRONGTYPE; } if (var_val_len < 0 || var_val_len > 32) { DEBUGMSGTL(("usmUser", "write to usmUserPublic: bad length\n")); return SNMP_ERR_WRONGLENGTH; } if (action == COMMIT) { /* * don't allow creations here */ if ((uptr = usm_parse_user(name, name_len)) == NULL) { return SNMP_ERR_NOSUCHNAME; } if (uptr->userPublicString) free(uptr->userPublicString); uptr->userPublicString = (u_char *) malloc(var_val_len + 1); if (uptr->userPublicString == NULL) { return SNMP_ERR_GENERR; } memcpy(uptr->userPublicString, var_val, var_val_len); uptr->userPublicString[var_val_len] = 0; DEBUGMSG(("usmUser", "setting public string: %d - %s\n", var_val_len, uptr->userPublicString)); } return SNMP_ERR_NOERROR;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -