📄 v3mt_usr.c
字号:
} tempuser.priv = priv; } } else { if (priv_vb) { if ((priv != 0) && (priv != tempuser.priv)) { testproc_error(pktp, priv_vb, INCONSISTENT_VALUE); return; } tempuser.priv = priv; } if (auth_vb) { if (((auth != 0) && (auth != tempuser.auth)) || ((auth == 0) && (tempuser.priv != 0))) { testproc_error(pktp, auth_vb, INCONSISTENT_VALUE); return; } tempuser.auth = auth; } } }/* See if the user table keys can be changed and if the size info is correct. Note that we allow any length keys for use with no auth or no priv but then 0 the pointer to avoid doing any work for them */if (authkey) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, authkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if (EBufferUsed(&authkey->value_u.v_string) != (2 * SNMP_Auth_Get_KeySize(tempuser.auth))) { testproc_error(pktp, authkey, WRONG_LENGTH); return; } } else authkey = 0; tempuser.flags |= ETC_USER_AUTHED;}if (ownauthkey) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, ownauthkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if (EBufferUsed(&ownauthkey->value_u.v_string) != (2 * SNMP_Auth_Get_KeySize(tempuser.auth))) { testproc_error(pktp, ownauthkey, WRONG_LENGTH); return; } } else ownauthkey = 0; }if (privkey) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, privkey, INCONSISTENT_NAME); return; } if (tempuser.priv) { if (EBufferUsed(&privkey->value_u.v_string) != (2 * SNMP_Priv_Get_KeySize(tempuser.priv))) { testproc_error(pktp, privkey, WRONG_LENGTH); return; } } else privkey = 0; tempuser.flags |= ETC_USER_PRIVED; }if (ownprivkey) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, ownprivkey, INCONSISTENT_NAME); return; } if (tempuser.priv) { if (EBufferUsed(&ownprivkey->value_u.v_string) != (2 * SNMP_Priv_Get_KeySize(tempuser.priv))) { testproc_error(pktp, ownprivkey, WRONG_LENGTH); return; } } else ownprivkey = 0; }#if INSTALL_SNMP_V3_DIFFIE_HELLMAN/* Make sure that the DH user keys can be changed. Validate the *//* public key we've recieved and make sure size is reasonable. */ if (DHauthkey) { DHvalues = user -> DH_keys.DHauthValues; vStr = &DHauthkey -> value_u.v_string; if (user -> flags & ETC_USER_VALID_AUTHKEY) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, DHauthkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if ((pubKeySize = SNMP_bn2bin (DHvalues -> pub_key, &pubKey)) == 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHauthkey, WRONG_LENGTH); return; } if (MEMCMP (EBufferStart(vStr), pubKey, pubKeySize) != 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHauthkey, WRONG_VALUE); return; } if (EBufferUsed (vStr) < BN_num_bytes (DHvalues -> pub_key) + DH_MINKEYCHG) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHauthkey, WRONG_LENGTH); return; } if (pubKey) SNMP_memory_free (pubKey); } else DHauthkey = 0; } else { testproc_error(pktp, DHauthkey, INCONSISTENT_VALUE); return; }}if (DHownauthkey) { DHvalues = user -> DH_keys.DHauthValues; vStr = &DHownauthkey -> value_u.v_string; if (user -> flags & ETC_USER_VALID_AUTHKEY) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, DHownauthkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if ((pubKeySize = SNMP_bn2bin (DHvalues -> pub_key, &pubKey)) == 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownauthkey, WRONG_LENGTH); return; } if (MEMCMP (EBufferStart(vStr), pubKey, pubKeySize) != 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownauthkey, WRONG_VALUE); return; } if (EBufferUsed (vStr) < BN_num_bytes (DHvalues -> pub_key) + DH_MINKEYCHG) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownauthkey, WRONG_LENGTH); return; } if (pubKey) SNMP_memory_free (pubKey); } else DHownauthkey = 0; } else { testproc_error(pktp, DHownauthkey, INCONSISTENT_VALUE); return; }}if (DHprivkey) { DHvalues = user -> DH_keys.DHprivValues; vStr = &DHprivkey -> value_u.v_string; if (user -> flags & ETC_USER_VALID_PRIVKEY) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, DHprivkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if ((pubKeySize = SNMP_bn2bin (DHvalues -> pub_key, &pubKey)) == 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHprivkey, WRONG_LENGTH); return; } if (MEMCMP (EBufferStart(vStr), pubKey, pubKeySize) != 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHprivkey, WRONG_VALUE); return; } if (EBufferUsed (vStr) < BN_num_bytes (DHvalues -> pub_key) + DH_MINKEYCHG) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHprivkey, WRONG_LENGTH); return; } if (pubKey) SNMP_memory_free (pubKey); } else DHprivkey = 0; } else { testproc_error(pktp, DHprivkey, INCONSISTENT_VALUE); return; }}if (DHownprivkey) { DHvalues = user -> DH_keys.DHprivValues; vStr = &DHprivkey -> value_u.v_string; if (user -> flags & ETC_USER_VALID_PRIVKEY) { if (((tempuser.flags & ETC_USER_CLONED) == 0) && ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY))) { testproc_error(pktp, DHownprivkey, INCONSISTENT_NAME); return; } if (tempuser.auth) { if ((pubKeySize = SNMP_bn2bin (DHvalues -> pub_key, &pubKey)) == 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownprivkey, WRONG_LENGTH); return; } if (MEMCMP (EBufferStart(vStr), pubKey, pubKeySize) != 0) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownprivkey, WRONG_VALUE); return; } if (EBufferUsed (vStr) < BN_num_bytes (DHvalues -> pub_key) + DH_MINKEYCHG) { if (pubKey) SNMP_memory_free (pubKey); testproc_error(pktp, DHownprivkey, WRONG_LENGTH); return; } if (pubKey) SNMP_memory_free (pubKey); } else DHprivkey = 0; } else { testproc_error(pktp, DHownprivkey, INCONSISTENT_VALUE); return; }}#endif /* INSTALL_SNMP_V3_DIFFIE_HELLMAN *//* check on status, to go to nis or active we need to have done a cloning and an auth and priv key change */if ((user == 0) || (SNMP_User_Get_Status(user) == ETC_RS_NREADY)) { if (tempuser.auth) check_flags |= ETC_USER_AUTHED; if (tempuser.priv) check_flags |= ETC_USER_PRIVED; if ((tempuser.flags & check_flags) == check_flags) { if (SNMP_User_Get_Status(&tempuser) == ETC_RS_NREADY) SNMP_User_Set_Status(&tempuser, ETC_RS_NIS); } else if (SNMP_User_Get_Status(&tempuser) != ETC_RS_NREADY) { testproc_error(pktp, rs_vbp ? rs_vbp : vbp, INCONSISTENT_VALUE); return; } }/* See if anything actually changed, if it didn't we can mark the vbp as done and not have to do any more work. If we are creating an entry mark the public field as having changed so it will get copied */if (user) { if (SNMP_User_Get_Auth(user) != SNMP_User_Get_Auth(&tempuser)) auth_chg = 1; if (SNMP_User_Get_Priv(user) != SNMP_User_Get_Priv(&tempuser)) priv_chg = 1; if ((SNMP_User_Get_Public(user) != SNMP_User_Get_Public(&tempuser)) && ((SNMP_User_Get_Public_Len(user) != SNMP_User_Get_Public_Len(&tempuser)) || MEMCMP_NULLOK(SNMP_User_Get_Public(user), SNMP_User_Get_Public(&tempuser), SNMP_User_Get_Public_Len(user)))) { public_chg = 1; } if ((public_chg == 0) && (cl_user == 0) && (auth_chg == 0) && (priv_chg == 0) && (authkey == 0) && (ownauthkey == 0) && (privkey == 0) && (ownprivkey == 0) &&#if INSTALL_SNMP_V3_DIFFIE_HELLMAN (DHauthkey == 0) && (DHownauthkey == 0) && (DHprivkey == 0) && (DHownprivkey == 0) &&#endif (SNMP_User_Get_Status(user) == SNMP_User_Get_Status(&tempuser)) && (SNMP_User_Get_Storage(user) == SNMP_User_Get_Storage(&tempuser))) { setproc_all_bits(pktp, vbp); return; } }else public_chg = 1;/* Because of how we do the backout stuff we always allocate a new user and set it up */auth = SNMP_User_Get_Auth(&tempuser);priv = SNMP_User_Get_Priv(&tempuser);newuser = SNMP_User_Create(auth, priv);if (newuser == 0) { testproc_error(pktp, vbp, RESOURCE_UNAVAILABLE); return; }SNMP_User_Set_Status(newuser, SNMP_User_Get_Status(&tempuser));SNMP_User_Set_Storage(newuser, SNMP_User_Get_Storage(&tempuser));SNMP_User_Set_Flags(newuser, SNMP_User_Get_Flags(&tempuser));if (public_chg) { if (EBufferClone(&tempuser.public_data, &newuser->public_data) != 0) { SNMP_User_Destroy(newuser); testproc_error(pktp, vbp, RESOURCE_UNAVAILABLE); return; } }else{ EBufferPreLoad(BFL_IS_STATIC, &newuser->public_data, SNMP_User_Get_Public(user), SNMP_User_Get_Public_Len(user)); }if ((user) || (cl_user)) { if (auth) { SNMP_User_Set_AuthKey(newuser, SNMP_User_Get_AuthKey(&tempuser), SNMP_Auth_Get_KeySize(auth)); } if (priv) { SNMP_User_Set_PrivKey(newuser, SNMP_User_Get_PrivKey(&tempuser), SNMP_Priv_Get_KeySize(priv)); } }#if INSTALL_SNMP_V3_DIFFIE_HELLMANBN_copy (newuser -> DH_keys.DHauthValues -> p, SNMP_DH_params.prime);BN_copy (newuser -> DH_keys.DHauthValues -> g, SNMP_DH_params.base);BN_copy (newuser -> DH_keys.DHauthValues -> pub_key, tempuser.DH_keys.DHauthValues -> pub_key);BN_copy (newuser -> DH_keys.DHauthValues -> priv_key, tempuser.DH_keys.DHauthValues -> priv_key);if (EBufferStart (&(tempuser.DH_keys.DHpubAuthKey))) EBufferClone (&(tempuser.DH_keys.DHpubAuthKey), &(newuser -> DH_keys.DHpubAuthKey));⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -