📄 key_chg.c
字号:
/* $Header: /usr/cvsroot/target/src/wrn/wm/demo/snmptalk/key_chg.c,v 1.3 2002/03/11 19:17:08 josh Exp $ *//* * Copyright (C) 1999-2005 Wind River Systems, Inc. * All rights reserved. Provided under license only. * Distribution or other use of this software is only * permitted pursuant to the terms of a license agreement * from Wind River Systems (and is otherwise prohibited). * Refer to that license agreement for terms of use. *//**************************************************************************** * Copyright 1998 Integrated Systems, Inc. * All rights reserved. ****************************************************************************//* * $Log: key_chg.c,v $ * Revision 1.3 2002/03/11 19:17:08 josh * snmptalk's destination address is now stored and passed around * as an ipaddr_t. This required changes to a lot of internal function * calls that used to expect an inaddr_t to be passed around. Also, * snmptalk is now capable of using IPv6 sockets * * Revision 1.2 2001/11/08 16:47:25 tneale * Updated for newset file layout * * Revision 1.1.1.1 2001/11/05 17:49:12 tneale * Tornado shuffle * * Revision 7.5 2001/01/19 22:24:46 paul * Update copyright. * * Revision 7.4 2000/03/17 00:14:33 meister * Update copyright message * * Revision 7.3 2000/03/13 21:22:22 paul * Removed some code that we are no longer working on. * * Revision 7.2 1998/10/19 21:15:47 sar * Added some "\" characters to allow strings to be longer * than a single line. * * Revision 7.1 1998/08/04 03:56:34 sar * Added key change code in key_chg.c and calls in snmptalk.c * *//* [clearcase]modification history-------------------01c,25jul05,job merge in Springboard code01b,19apr05,job update copyright notices01a,04aug04,job fix a minor syntax issue that some compilers dislike*//* routines to perfrom the key change operations, NOTE: this routine does not protect itself against packets being duplicated or lost very well. To do so it would perform a get of the usmUserSpinLock object and include that it in the set request. But this is only demo code to show you how you could change keys */#include <stdio.h>#include <wrn/wm/snmp/engine/asn1.h>#include <wrn/wm/snmp/engine/objectid.h>#include <wrn/wm/snmp/engine/snmp.h>#include <wrn/wm/snmp/engine/buildpkt.h>#include <wrn/wm/snmp/engine/v3_user.h>#include <wrn/wm/snmp/engine/auxfuncs.h>#include <wrn/wm/demo/snarklib.h>#include <wrn/wm/demo/snmpconf.h>#include "snmpint.h"int kc_which = 0;bits8_t kc_engineid[32];ALENGTH_T kc_engineid_len = 0;bits8_t kc_new_key[20];bits8_t kc_change[40];ALENGTH_T kc_key_len = 0;SNMP_USER_T *kc_user = 0;OIDC_T kc_oid[] = {1, 3, 6, 1, 6, 3, 15, 1, 2, 2, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};int kc_oid_len = 12;enum help_level { help_none, help_short, help_long };extern ALENGTH_T parse_engine_id(struct sty *, char, char *, bits8_t *, char *);/* finish routine, re-acquire the user and update the key information */void kc_response (struct sty *sty, SNMP_PKT_T *rcvd_pkt){/* if the set succeeded change my information */if (rcvd_pkt->pdu.std_pdu.error_status == NO_ERROR) { if (kc_which) SNMP_User_Set_PrivKey(kc_user, kc_new_key, kc_key_len); else SNMP_User_Set_AuthKey(kc_user, kc_new_key, kc_key_len); }else { sty_printf(sty, "unable to change key, error: %ld\n", rcvd_pkt->pdu.std_pdu.error_status); }SNMP_Free(rcvd_pkt);command_next(sty);}static void kc_error(struct sty *sty, char *error_msg){if (batch_mode) sty_putc(sty, '|');sty_printf(sty, "%s\n", error_msg);command_next(sty);}/* routine to actually try and do the key change stuff returns 1 on errors */int change_key(struct sty *sty, int own, bits8_t *id, ALENGTH_T id_len, char *name, char *pass, int which){SNMP_USER_T *user;SNMP_AUTH_T *auth;SNMP_PRIV_T *priv;bits8_t temp_key[20];SNMP_PKT_T *pktp;char *err_msg;int oid_len;/* find the user and make sure it has an auth protocol to use */user = SNMP_User_Lookup(id, id_len, (bits8_t *)name, STRLEN(name));if (user == 0) { sty_puts(sty, "No such user\n"); return(1); }auth = SNMP_User_Get_Auth(user);priv = SNMP_User_Get_Priv(user);if ((auth == 0) || ((which == 1) && (priv == 0))){ sty_puts(sty, "Needed auth or priv protocol missing\n"); return(1); }if (STRLEN(pass) < 8) { sty_puts(sty, "Incorrect password\n"); return(1); }/* digest the password into a key using the standard localization scheme and save the key for later */SNMP_V3_Pass2Key(SNMP_User_Get_Auth(user), (bits8_t *)pass, STRLEN(pass), kc_new_key, SNMP_Auth_Get_KeySize(auth), id, id_len, 1);if (which) { kc_key_len = SNMP_Priv_Get_KeySize(priv); MEMCPY(temp_key, SNMP_User_Get_PrivKey(user), kc_key_len); }else { kc_key_len = SNMP_Auth_Get_KeySize(auth); MEMCPY(temp_key, SNMP_User_Get_AuthKey(user), kc_key_len); }/* create the key change value, use 0 for the first part of the value */MEMSET(kc_change, 0, kc_key_len);MEMCPY(kc_change + kc_key_len, kc_new_key, kc_key_len);if (SNMP_V3_KeyChange(auth, temp_key, kc_key_len, kc_change, kc_key_len * 2)){ sty_puts(sty, "Memory allocation failure\n"); return(1); }MEMCPY(kc_change + kc_key_len, temp_key, kc_key_len);kc_user = user;kc_which = which;/* build the packet structure */if ((pktp = SNMPTalk_Create_Request(SET_REQUEST_PDU, 1, 0, 0)) == 0) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "No memory\n"); return 1; }oid_len = kc_oid_len;kc_oid[oid_len - 1] = 6 + (which ? 3 : 0) + own;string_to_oid(id_len, id, (int)(id_len + 1), kc_oid + oid_len, 0);oid_len += id_len + 1;string_to_oid(STRLEN(name), name, (int)(STRLEN(name) + 1), kc_oid + oid_len, 0);oid_len += STRLEN(name) + 1;SNMP_Bind_String(pktp, 0, oid_len, kc_oid, (OCTET_T)VT_STRING, kc_key_len * 2, kc_change, 1);/* send the packet */err_msg = snmp_send_rec(sty, pktp, &dest_addr, kc_response, kc_error);if (err_msg != 0) { if (batch_mode) sty_putc(sty, '|'); sty_printf(sty, "%s\n", err_msg); return(1); }return(0);}/* implements changing somebody else's key */boolean_t do_v3_key_change(struct sty *sty, enum help_level help, int argc, char *argv[]){bits8_t id[32];ALENGTH_T id_len;int which;switch (help) { case help_short: sty_puts(sty, "\key_chg <engineid> <username> <password> <auth (0) || priv (1)>\n"); break; case help_long: sty_puts(sty, "\The 'key_chg <engineid> <username> <password> <auth (0) || priv (1)>'\n\command changes one of the keys of the named user.\n"); break; case help_none: if (dest_addr.type == IPNONE) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify destination first.\n"); return(1); } if (argc < 5) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify <id> <user> <pass> <auth | priv>\n"); return(1); } id_len = parse_engine_id(sty, 'x', argv[1], id, "change_key"); which = atoi(argv[4]); if ((which != 0) && (which != 1)) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify 0 (auth) or 1 (priv)\n"); return(1); } if (change_key(sty, 0, id, id_len, argv[2], argv[3], which)) return(1); return(0); }return(1);}/* implements changing the key of the current user using the own key object */boolean_tdo_v3_own_key_change(struct sty *sty, enum help_level help, int argc, char *argv[]){int which;switch (help) { case help_short: sty_puts(sty, "\own_chg <password> <auth (0) || priv (1)>\n"); break; case help_long: sty_puts(sty, "\The 'own_chg <password> <auth (0) || priv (1)>'\n\command changes one of the keys of the current user.\n"); break; case help_none: if (dest_addr.type == IPNONE) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify destination first.\n"); return(1); } if (argc < 3) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify <pass> <auth | priv>\n"); return(1); } which = atoi(argv[2]); if ((which != 0) && (which != 1)) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify 0 (auth) or 1 (priv)\n"); return(1); } if (change_key(sty, 1, v3_sec_id, v3_sec_id_len, v3_sec_name, argv[1], which)) return(1); return(0); }return(1);}#if 0/* implements changing a key on the local side */boolean_t v3_do_password(struct sty *sty, enum help_level help, int argc, char *argv[]){SNMP_USER_T *user;SNMP_AUTH_T *auth;SNMP_PRIV_T *priv;bits8_t temp_key[20];int which;switch (help) { case help_short: sty_puts(sty, "\password <password> <auth (0) || priv (1)>\n"); break; case help_long: sty_puts(sty, "\The 'password <password> <auth (0) || priv (1)>' command changes one of the keys of the current user.\n"); break; case help_none: if (!dest_addr) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify destination first.\n"); return(1); } if (argc < 3) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify <pass> <auth | priv>\n"); return(1); } which = atoi(argv[2]); if ((which != 0) && (which != 1)) { if (batch_mode) sty_putc(sty, '|'); sty_puts(sty, "Need to specify 0 (auth) or 1 (priv)\n"); return(1); } /* find the user and make sure it has an auth protocol to use */ user = SNMP_User_Lookup(id, id_len, (bits8_t *)name, STRLEN(name)); if (user == 0) { sty_puts(sty, "No such user\n"); return(1); } auth = SNMP_User_Get_Auth(user); priv = SNMP_User_Get_Priv(user); if ((auth == 0) || ((which == 1) && (priv == 0))){ sty_puts(sty, "Needed auth or priv protocol missing\n"); return(1); } if (STRLEN(pass) < 8) { sty_puts(sty, "Incorrect password\n"); return(1); } /* digest the password into a key using the standard localization scheme and save the key for later */ SNMP_V3_Pass2Key(auth, (bits8_t *)pass, STRLEN(pass), temp_key, SNMP_Auth_Get_KeySize(auth), v3_sec_id, v3_sec_id_len, 1); if (which) SNMP_User_Set_PrivKey(user, temp_key, SNMP_Priv_Get_KeySize(priv)); else SNMP_User_Set_PrivKey(user, temp_key, SNMP_Auth_Get_KeySize(auth)); break; }return(1);}#endif⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -