v3mt_usr.c

wm PNE 3.3 source code, running at more than vxworks6.x version.

/*
 *  Copyright 2000-2005 Wind River Systems, Inc.
 *  All rights reserved.  Provided under license only.
 *  Distribution or other use of this software is only
 *  permitted pursuant to the terms of a license agreement
 *  from Wind River Systems (and is otherwise prohibited).
 *  Refer to that license agreement for terms of use.
 */

/*
 *  Copyright 1998 Integrated Systems, Inc.
 *  All rights reserved.
 */

/*
 * $Log: v3mt_usr.c,v $
 * Revision 1.6  2003/01/15 14:05:10  josh
 * directory structure shifting
 *
 * Revision 1.5  2002/03/15 17:14:06  josh
 * if you try setting the storageType to readOnly as part of an
 * initial set and the user has authentication or privacy configured,
 * you must return inconsistentValue instead of wrongValue
 *
 * Revision 1.4  2002/03/15 16:13:31  josh
 * if auth or priv protocols are not set, allow key changes to
 * succeed automatically
 *
 * Revision 1.3  2001/11/06 21:50:52  josh
 * second (and hopefully final) pass of new path hacking
 *
 * Revision 1.2  2001/11/06 21:20:34  josh
 * revised new path hacking
 *
 * Revision 1.1.1.1  2001/11/05 17:47:41  tneale
 * Tornado shuffle
 *
 * Revision 9.11.4.2  2001/09/28 20:49:07  josh
 * method routines will now allow rows to be created as permanent or
 * read-only rows.  It will also prevent the deletion of such rows.
 *
 * Revision 9.11.4.1  2001/09/11 15:57:24  meister
 * changes for dynamic component config; this one missed getting checked
 * in last time.
 *
 * Revision 9.11  2001/01/19 22:22:01  paul
 * Update copyright.
 *
 * Revision 9.10  2000/03/17 00:17:50  meister
 * Update copyright message
 *
 * Revision 9.9  2000/03/10 15:02:40  josh
 * fixes to the setproc/cleanup/undoprocs regarding row creation,
 * so we can back out gracefully but still not shoot ourselves in
 * foot while doing regular cleanups.
 *
 * Revision 9.8  2000/02/16 19:59:30  josh
 * more WRONG_LENGTH/WRONG_VALUE changes
 *
 * Revision 9.7  2000/02/04 21:56:13  josh
 * functions which are clearly static have been declared as such.
 * this makes the vxWorks compiler happy.
 *
 * Revision 9.6  1999/12/17 15:46:11  josh
 * make sure keys always get copied to new user
 *
 * Revision 9.5  1999/12/16 22:43:31  josh
 * modifying testproc so that it correctly copies protocols when
 * cloning into an already-created user.
 *
 * Revision 9.4  1999/11/02 20:55:16  josh
 * bringing usmUserTable into line with new spec: RFC 2574
 * allows changing of auth and priv protocols after clone,
 * allows row creation without initial clone, and allows enabling of rows
 * without keychange for unused protocols (no authkeychange required if
 * not using auth, etc.)
 *
 * Revision 9.3  1999/09/30 21:56:13  josh
 * change public field to public_data so as not to conflict with
 * C++ compilers
 *
 * Revision 9.2  1999/09/24 18:57:24  sar
 * Allow sets of 0 length passwords for no auth and no priv
 * but tag them as not requiring any changes to the user.  This
 * also disallows setting non-zero length passwords for no auth and no priv.
 *
 * Revision 9.1  1999/05/18 19:23:22  sar
 * Added code to copy the flags when doing a set to a user entry this
 * allows dribble creation to pass the consistency and requirement checks.
 *
 * Revision 9.0  1998/10/16 22:09:58  sar
 * Update version stamp to match release
 *
 * Revision 1.17  1998/09/04 15:11:08  sar
 * Added some casts to try and keep the msc compiler happy and not
 * complaining about signed/unsigned mismatches.
 *
 * Revision 1.16  1998/08/12 04:55:41  sar
 * Use the lookup routine to find the def val for the auth
 * protocol.  Note that this may go away in the future due
 * to modifications to the v3 specs.
 *
 * Revision 1.15  1998/08/01 18:17:35  sar
 * Add check on object name portion of clone from object id
 * Use ownpriv instead of ownauth
 * Remove check_id flag from user lookup calls
 *
 * Revision 1.14  1998/07/20 02:04:39  sar
 * Changed the *_FINISHED calls to *_FINISHED()
 *
 * Revision 1.13  1998/07/02 00:53:01  sar
 * When modifying the auth or priv keys we only return an inconsistent name
 * if it hasn't been cloned only if we are creating it or it wasn't ready
 * yet.
 *
 * Revision 1.12  1998/07/01 01:46:15  sar
 * fixes to set type code
 * in the set cleanup routines check the vb_priv pointer rather.
 * than the vbp itself
 * in the test routines mark strings as being changed if we are
 * creating an entry so they will get properly copied
 * and other minor cleanups
 *
 * Revision 1.11  1998/06/30 00:30:13  sar
 * When doing a test we shouldn't mark all the vbs as having been done.
 * In v3mt_usr.c arrange to only check the user flags if this entry wasn't
 * already finished (nis or active).
 *
 * Revision 1.10  1998/06/22 03:34:24  sar
 * Cast some things to unsigned ints to try and keep compilers happy
 *
 * Revision 1.9  1998/06/19 20:18:58  sar
 * Make all files include asn1conf.h and snmp.h to make sure we get the
 * common code
 *
 * Revision 1.8  1998/06/17 02:05:06  sar
 * In the get routine add a check to make sure we don't have
 * any extra subids.
 *
 * Revision 1.7  1998/06/16 05:32:11  sar
 * clean up some type info
 * rearrange the handling of the instance info for the next routine
 *
 * Revision 1.6  1998/06/09 21:36:52  sar
 * Cleaned up some problems with alloc and memcmp and arguments of 0
 *
 * Revision 1.5  1998/05/30 03:07:32  sar
 * Updated names used for max lengths of strings for clarity
 * Update user_lookup
 *
 * Revision 1.4  1998/05/29 17:09:06  josh
 * call to ...Get_MyID() should be a call to ...Get_My_ID()
 *
 * Revision 1.3  1998/05/27 22:54:31  sar
 * Start using the auth_find and priv_find routines
 *
 * Revision 1.2  1998/05/23 20:32:05  sar
 * Correct copyright statement
 *
 * Revision 1.1  1998/05/22 19:47:02  sar
 * Method routines for use with snmp v3 tables.  The tables are:
 * access, group, context, user and views.
 *
 */

/* [clearcase]
modification history
-------------------
01f,17may05,job  fix up the DH code
01e,06may05,asl  Fix non-DH build issues
01d,29apr05,asl  Diffie-Hellman work
01c,15apr05,asl  Diffie-Hellman work
01b,13apr05,asl  Diffie-Hellman work
01a,24nov03,job  update copyright information
*/

#include <wrn/wm/snmp/engine/asn1.h>
#include <wrn/wm/snmp/engine/snmp.h>
#include <wrn/wm/snmp/engine/buffer.h>
#include <wrn/wm/snmp/engine/v3_user.h>
#if INSTALL_SNMP_V3_DIFFIE_HELLMAN
#include <wrn/wm/snmp/engine/v3_dh.h>
#endif /* INSTALL_SNMP_V3_DIFFIE_HELLMAN */
#include <wrn/wm/snmp/engine/snmpdefs.h>
#include <wrn/wm/snmp/engine/auxfuncs.h>
#include <wrn/wm/snmp/engine/v3_auth.h>
#include <wrn/wm/snmp/engine/v3_priv.h>
#include <wrn/wm/common/dyncfg.h>
DYNCFG_VBL_DECLARE_EXTERN(snmpv3_component)

/* default values for the macros to map the method routines
   to the users non volatile storage */

#if !defined(SNMP_V3_USER_DESTROY_BACKOUT)
#define SNMP_V3_USER_DESTROY_BACKOUT(CUR, NEW)
#endif
#if !defined(SNMP_V3_USER_CREATE_BACKOUT)
#define SNMP_V3_USER_CREATE_BACKOUT(CUR, NEW)
#endif
#if !defined(SNMP_V3_USER_UPDATE_BACKOUT)
#define SNMP_V3_USER_UPDATE_BACKOUT(CUR, NEW)
#endif

#if !defined(SNMP_V3_USER_FINISHED)
#define SNMP_V3_USER_FINISHED()
#endif

#if !defined(SNMP_V3_USER_DESTROY_TEST)
#define SNMP_V3_USER_DESTROY_TEST(PKT, VBP, CUR, NEW) NO_ERROR
#endif
#if !defined(SNMP_V3_USER_CREATE_TEST)
#define SNMP_V3_USER_CREATE_TEST(PKT, VBP, CUR, NEW) NO_ERROR
#endif
#if !defined(SNMP_V3_USER_UPDATE_TEST)
#define SNMP_V3_USER_UPDATE_TEST(PKT, VBP, CUR, NEW) NO_ERROR
#endif

#if !defined(SNMP_V3_USER_DESTROY_SET)
#define SNMP_V3_USER_DESTROY_SET(PKT, VBP, CUR, NEW)
#endif
#if !defined(SNMP_V3_USER_CREATE_SET)
#define SNMP_V3_USER_CREATE_SET(PKT, VBP, CUR, NEW)
#endif
#if !defined(SNMP_V3_USER_UPDATE_SET)
#define SNMP_V3_USER_UPDATE_SET(PKT, VBP, CUR, NEW)
#endif

/* these aren't defined by default */
/*
#define SNMP_V3_USER_DESTROY_UNDO(PKT, VBP, CUR, SAV)
#define SNMP_V3_USER_CREATE_UNDO(PKT, VBP, CUR, SAV)
#define SNMP_V3_USER_UPDATE_UNDO(PKT, VBP, CUR, SAV)
*/


#define LM_userSecurityName      3
#define LM_userCloneFrom         4
#define LM_userAuthProtocol      5
#define LM_userAuthKeyChange     6
#define LM_userOwnAuthKeyChange  7
#define LM_userPrivProtocol      8
#define LM_userPrivKeyChange     9
#define LM_userOwnPrivKeyChange 10
#define LM_userPublic           11
#define LM_userStorage          12
#define LM_userStatus           13

#define LM_userDHAuthKeyChange      1
#define LM_userDHOwnAuthKeyChange   2
#define LM_userDHPrivKeyChange      3
#define LM_userDHOwnPrivKeyChange   4

static OIDC_T zero_oidc[] = {0, 0};

static OIDC_T clone_oidc[] = {1,3,6,1,6,3,15,1,2,2,1,3};
static int    clone_len = sizeof(clone_oidc)/sizeof(OIDC_T);

static OIDC_T md5_obj[] = {1, 3, 6, 1, 6, 3, 10, 1, 1, 2};


/****************************************************************************
NAME:  get_user_data

PURPOSE:  install data into a vbp.  this routine will be called
          from usertable_get and usertable_next, they will have
          already found the proper user we just find the right
          field in that user and stuff it into the vbp

PARAMETERS:
        SNMP_PKT_T  *   SNMP packet currently being processed.
        VB_T        *   Variable being processed.
        SNMP_USER_T *   the user to extract inforamtion from

RETURNS: void

****************************************************************************/
static void
  get_user_data(SNMP_PKT_T  *pktp,
                VB_T        *vbp,
                SNMP_USER_T *user)
{
OBJ_ID_T *objid;
ALENGTH_T name_len;
bits8_t *name;

for(; vbp; vbp = vbp->vb_link) {

    /* Is this a user table object? */

    if (STRCMP (VB_TO_COOKIE (vbp), "_usmUserTable") == 0) {

        switch(vbp->vb_ml.ml_last_match) {
        
            case LM_userSecurityName:
                name_len = 0;
                name = 0;
                SNMP_User_Get_Sec_Name(user, name, &name_len);
                if (name_len) {
                    name = SNMP_memory_alloc(name_len);
                    if (name == 0) {
                        getproc_error(pktp, vbp, GEN_ERR);
                        break;
                        }
                    SNMP_User_Get_Sec_Name(user, name, &name_len);
                    getproc_got_string(pktp, vbp, name_len, name, 1, VT_STRING);
                    }
                else
                    getproc_error(pktp, vbp, GEN_ERR);
                break;

            case LM_userCloneFrom:
                getproc_got_object_id(pktp, vbp, sizeof(zero_oidc)/sizeof(OIDC_T),
                                      zero_oidc, 0);
                break;

            case LM_userAuthProtocol:
                {
                SNMP_AUTH_T *auth;
                auth = SNMP_User_Get_Auth(user);
                if (auth) {
                    objid = SNMP_Auth_Get_Name(auth);
                    getproc_got_object_id(pktp, vbp, objid->num_components,
                                          objid->component_list, 0);
                    }
                else {
                    getproc_got_object_id(pktp, vbp, v3_auth_noauth_size,
                                          v3_auth_noauth, 0);
                    }
                break;
                }

          case LM_userPrivProtocol:
                {
                SNMP_PRIV_T *priv;
                priv = SNMP_User_Get_Priv(user);
                if (priv) {
                    objid = SNMP_Priv_Get_Name(priv);
                    getproc_got_object_id(pktp, vbp, objid->num_components,
                                          objid->component_list, 0);
                    }
                else {
                    getproc_got_object_id(pktp, vbp, v3_priv_nopriv_size,
                                          v3_priv_nopriv, 0);
                    }
                break;
                }

            case LM_userAuthKeyChange:
            case LM_userOwnAuthKeyChange:
            case LM_userPrivKeyChange:
            case LM_userOwnPrivKeyChange:
                getproc_got_string(pktp, vbp, 0, 0, 0, VT_STRING);
                break;

            case LM_userPublic:
                getproc_got_string(pktp, vbp, SNMP_User_Get_Public_Len(user),
                                   SNMP_User_Get_Public(user), 0, VT_STRING);
                break;