usm_v3.cpp

来自「JdonFramework need above jdk 1.4.0 This」· C++ 代码 · 共 2,118 行 · 第 1/5 页

			 name_table_entry->usmUserPrivProtocol,
			 name_table_entry->authPassword,
			 name_table_entry->authPasswordLength,
			 name_table_entry->privPassword,
			 name_table_entry->privPasswordLength,
			 authKey, &authKeyLength,
			 privKey, &privKeyLength);

      if (res != SNMPv3_USM_OK)
      {
	LOG_BEGIN(ERROR_LOG | 4);
	LOG("Cannot add User: error code");
	LOG(res);
	LOG_END;

	usm_user_name_table->delete_cloned_entry(name_table_entry);
        return 0;
      }

      OctetStr akey(authKey, authKeyLength);
      OctetStr pkey(privKey, privKeyLength);
      add_localized_user(
        engine_id,
        name_table_entry->usmUserName,
        name_table_entry->usmUserSecurityName,
        name_table_entry->usmUserAuthProtocol, akey,
        name_table_entry->usmUserPrivProtocol, pkey);

      if (usm_add_user_cb)
      {
        // inform agent++ about new user
        debugprintf(5, "Informing agent++ about newly created user");
        usm_add_user_cb(engine_id,
                        name_table_entry->usmUserName,
                        name_table_entry->usmUserSecurityName,
                        name_table_entry->usmUserAuthProtocol, akey,
                        name_table_entry->usmUserPrivProtocol, pkey);
      }
      akey.clear();
      pkey.clear();

      user_table_entry = usm_user_table->get_cloned_entry(engine_id,
							  security_name);
      if (!user_table_entry)
      {
	LOG_BEGIN(ERROR_LOG | 1);
	LOG("Get of just added localized entry failed (sec name) (engine id)");
	LOG(security_name.get_printable());
	LOG(engine_id.get_printable());
	LOG_END;
	usm_user_name_table->delete_cloned_entry(name_table_entry);
        return 0;
      }
    }
    usm_user_name_table->delete_cloned_entry(name_table_entry);
  }
  struct UsmUser *res = new UsmUser;
  if (!res)
  {
    usm_user_table->delete_cloned_entry(user_table_entry);
    return 0;
  }
  res->engineID           = user_table_entry->usmUserEngineID;
  res->engineIDLength     = user_table_entry->usmUserEngineIDLength;
  res->usmUserName        = user_table_entry->usmUserName;
  res->usmUserNameLength  = user_table_entry->usmUserNameLength;
  res->securityName       = user_table_entry->usmUserSecurityName;
  res->securityNameLength = user_table_entry->usmUserSecurityNameLength;
  res->authProtocol       = user_table_entry->usmUserAuthProtocol;
  res->authKey            = user_table_entry->usmUserAuthKey;
  res->authKeyLength      = user_table_entry->usmUserAuthKeyLength;
  res->privProtocol       = user_table_entry->usmUserPrivProtocol;
  res->privKey            = user_table_entry->usmUserPrivKey;
  res->privKeyLength      = user_table_entry->usmUserPrivKeyLength;

  user_table_entry->usmUserEngineID = 0;
  user_table_entry->usmUserName = 0;
  user_table_entry->usmUserSecurityName = 0;
  user_table_entry->usmUserAuthKey = 0;
  user_table_entry->usmUserPrivKey = 0;

  usm_user_table->delete_cloned_entry(user_table_entry);
 
  return res;
}

// Free the structure returned from get_user().
void USM::free_user(struct UsmUser *&user)
{
  if (!user) return;

  if (user->engineID)     delete [] user->engineID;
  if (user->usmUserName)  delete [] user->usmUserName;
  if (user->securityName) delete [] user->securityName;

  if (user->authKey)
  {
    memset(user->authKey, 0, user->authKeyLength);
    delete [] user->authKey;
  }

  if (user->privKey)
  {
    memset(user->privKey, 0, user->privKeyLength);
    delete [] user->privKey;
  }

  delete user;

  user = 0;
}

int USM::delete_usm_user(const OctetStr& security_name)
{
  usm_user_name_table->delete_security_name(security_name);

  unsigned char username[MAXLEN_USMUSERNAME + 1];
  long int length = MAXLEN_USMUSERNAME;

  if ((get_user_name(username, &length,
		     security_name.data(), security_name.len()))
      == SNMPv3_USM_OK)
    return delete_localized_user(OctetStr(username, length));
  return SNMPv3_USM_ERROR;
}

int USM::get_security_name(const unsigned char *user_name,
			   const long int user_name_len,
			   OctetStr &security_name)
{
  debugprintf(20,"USM::get_security_name: get  user (%s)",
              OctetStr(user_name,user_name_len).get_printable());

  int result;

  result = usm_user_name_table->get_security_name(user_name, user_name_len,
                                                  security_name);
  if (result == SNMPv3_USM_OK)
    return SNMPv3_USM_OK;

  result = usm_user_table->get_security_name(user_name, user_name_len,
                                             security_name);
  if (result == SNMPv3_USM_OK)
    return SNMPv3_USM_OK;

  debugprintf(1, "USM::get_security_name: User unknown");
  return SNMPv3_USM_ERROR;
}

int USM::get_user_name(unsigned char *user_name, long int *user_name_len,
		       const unsigned char *security_name,
		       const long int security_name_len)
{
  int result;
  long int  buf_len = *user_name_len;

  result = usm_user_name_table->get_user_name(user_name, user_name_len,
                                              security_name,
					      security_name_len);

  if (result == SNMPv3_USM_OK)
    return SNMPv3_USM_OK;

  *user_name_len = buf_len;

  result = usm_user_table->get_user_name(user_name, user_name_len,
                                         security_name, security_name_len);

  if (result == SNMPv3_USM_OK)
    return SNMPv3_USM_OK;

  debugprintf(1, "usmGetUsmUserName: User unknown");
  return SNMPv3_USM_ERROR;
}


void USM::delete_sec_parameters( struct UsmSecurityParameters *usp)
{
  usp->msgAuthoritativeEngineID[0] = 0;
  usp->msgAuthoritativeEngineIDLength = 0;
  usp->msgAuthoritativeEngineBoots = 0;
  usp->msgAuthoritativeEngineTime = 0;
  usp->msgUserName[0] = 0;
  usp->msgUserNameLength = 0;

  if (usp->msgAuthenticationParameters) {
    delete [] usp->msgAuthenticationParameters;
    usp->msgAuthenticationParameters = NULL;
  }
  usp->msgAuthenticationParametersLength = 0;
  if (usp->msgPrivacyParameters) {
    delete [] usp->msgPrivacyParameters;
    usp->msgPrivacyParameters = NULL;
  }
  usp->msgPrivacyParametersLength = 0;
}


const struct UsmUserTableEntry *USM::get_user(int number)
{
  return usm_user_table->get_entry(number);
}

const struct UsmUserNameTableEntry *USM::get_user(const OctetStr &security_name)
{
  return usm_user_name_table->get_entry(security_name);
}

int USM::get_user_count() const
{
  return usm_user_table->size();
}

DLLOPT void USM::add_user_added_callback(const usm_add_user_callback cb)
{
 usm_add_user_cb = cb;
}

int USM::get_time(const OctetStr &engine_id,
		  long int *engine_boots, long int *engine_time)
{
  return usm_time_table->get_time(engine_id, *engine_boots, *engine_time);
}

int USM::get_local_time(long int *engine_boots, long int *engine_time) const
{
  return usm_time_table->get_local_time(*engine_boots, *engine_time);
}

AuthPriv *USM::get_auth_priv()
{
  return auth_priv;
}

struct UsmKeyUpdate* USM::key_update_prepare(const OctetStr& securityName,
					     SnmpTarget& target,
					     const OctetStr& newPassword,
					     Pdu& pdu, int type,
					     int &status,
					     const OctetStr& oldpass,
					     const OctetStr& oldengid,
					     const OctetStr& newengid)
{
  // check address

  GenAddress genaddress;
  target.get_address(genaddress);
  UdpAddress udp_address(genaddress);
  if (!udp_address.valid()) {
    debugprintf(0, "usmPrepareKeyUpdate: Address invalid.");
    status = SNMPv3_USM_ADDRESS_ERROR;
    return NULL;
  }

  OctetStr engineID = "";
  // get engineID
  if (v3mp->get_from_engine_id_table(engineID,
				     (char*)udp_address.get_printable())
      != SNMPv3_MP_OK ) {
    debugprintf(0, "usmPrepareKeyUpdate: Could not find engineID of given address.");
    status = SNMPv3_USM_ADDRESS_ERROR;
    return NULL;
  }

  // get user
  struct UsmUser* user;
  user = get_user(engineID, securityName);

  if (user == NULL) {
    debugprintf(0, "usmPrepareKeyUpdate: Could not find user in usmTables.");
    status =  SNMPv3_USM_UNKNOWN_SECURITY_NAME;
    return NULL;
  }

  /* set old and new key */
  unsigned char key[SNMPv3_USM_MAX_KEY_LEN];
  unsigned int  key_len = SNMPv3_USM_MAX_KEY_LEN;
  OctetStr      newKey;
  OctetStr      oldKey;

  switch (type) {
    case AUTHKEY:
    case OWNAUTHKEY: {
      status = auth_priv->password_to_key_auth(
                                         user->authProtocol,
                                         newPassword.data(), newPassword.len(),
                                         engineID.data(), engineID.len(),
                                         key, &key_len);
      oldKey = OctetStr(user->authKey, user->authKeyLength);
      break;
    }
    case PRIVKEY:
    case OWNPRIVKEY: {
      status = auth_priv->password_to_key_priv(
                                         user->authProtocol,
                                         user->privProtocol,
                                         newPassword.data(), newPassword.len(),
                                         engineID.data(), engineID.len(),
                                         key, &key_len);
      oldKey = OctetStr(user->privKey, user->privKeyLength);
      break;
    }
    default: {
      debugprintf(0, "usmPrepareKeyUpdate: wrong type specified.");
      status = SNMPv3_USM_ERROR;
      free_user(user);
      return NULL;
    }
  }

  if (status != SNMPv3_USM_OK)
  {
    debugprintf(0, "usmPrepareKeyUpdate: password_to_key failed (code %i).",
                status);
    free_user(user);
    return NULL;
  }

  newKey = OctetStr(key, key_len);

  /* get value to set and random value */
  OctetStr newValue;
  OctetStr random_value;

  auth_priv->get_keychange_value(user->authProtocol,
                                 oldKey, newKey, newValue);

  char tmp_rand;
  for (int i = 0; i<30; i++) {
    tmp_rand = rand();
    random_value += tmp_rand;
  }

  // Oid in usmUserTable
  Oid userOid = Oid(oidUsmUserEntry);
  Oid publicOid  = Oid(oidUsmUserEntry);

  publicOid += "11";

  switch (type) {
    case AUTHKEY: {
      userOid += "6";
      break;
    }
    case OWNAUTHKEY: {
      userOid += "7";
      break;
    }
    case PRIVKEY: {
       userOid += "9";
       break;
    }
    case OWNPRIVKEY: {
      userOid += "10";
      break;
    }
    default: {
      debugprintf(0, "KeyChange error: wrong type:");
      status = SNMPv3_USM_ERROR;
      free_user(user);
      return NULL;
    }
  }

  userOid += engineID.len();
  publicOid += engineID.len();

  for (unsigned int j=0; j<engineID.len(); j++) {
    userOid += (engineID)[j];
    publicOid += (engineID)[j];
  }

  OctetStr os = securityName;
  userOid += os.len();
  publicOid += os.len();

  for (unsigned int k=0; k<os.len(); k++) {
    userOid += os[k];
    publicOid += os[k];
  }

  Vb vb;
  vb.set_oid(userOid);
  vb.set_value(newValue);
  pdu += vb;

  vb.set_oid(publicOid);
  vb.set_value(random_value);
  pdu += vb;

  struct UsmKeyUpdate *uku = new struct UsmKeyUpdate;
  uku->engineID = engineID;
  uku->securityName = securityName;
  uku->newPassword = newPassword;
  uku->newKey = newKey;
  uku->type = type;

  free_user(user);
  status = SNMPv3_USM_OK;
  return uku;
}

void USM::key_update_abort(struct UsmKeyUpdate *uku)
{
  delete uku;
}

int USM::key_update_commit(struct UsmKeyUpdate *uku, int update_type)
{
  if (!uku) return SNMPv3_USM_ERROR;

  int result;
  OctetStr userName;

  switch (update_type)
  {
    case USM_KeyUpdate: {
      result = update_key(uku->securityName.data(), uku->securityName.len(),
			  uku->engineID.data(), uku->engineID.len(),
			  uku->newKey.data(), uku->newKey.len(),
			  uku->type);
      delete uku;
      return result;
    }