v3_creq.c

wm PNE 3.3 source code, running at more than vxworks6.x version.

/* v3_creq.c - v3_creq.c routines */

/*
 *  Copyright 2000-2005 Wind River Systems, Inc.
 *  All rights reserved.  Provided under license only.
 *  Distribution or other use of this software is only
 *  permitted pursuant to the terms of a license agreement
 *  from Wind River Systems (and is otherwise prohibited).
 *  Refer to that license agreement for terms of use.
 */

/*
 *  Copyright 1988-1997 Epilogue Technology Corporation.
 *  Copyright 1998 Integrated Systems, Inc.
 *  All rights reserved.
 */

/*
 * $Log: v3_creq.c,v $
 * Revision 1.4  2003/01/15 14:05:09  josh
 * directory structure shifting
 *
 * Revision 1.3  2001/11/06 21:50:51  josh
 * second (and hopefully final) pass of new path hacking
 *
 * Revision 1.2  2001/11/06 21:20:30  josh
 * revised new path hacking
 *
 * Revision 1.1.1.1  2001/11/05 17:47:44  tneale
 * Tornado shuffle
 *
 * Revision 1.1.2.1  2001/08/07 18:37:00  meister
 * Break out SNMP_Create_Request_V3{,_Lockable}() out of creatreq.c into
 * v3_creq.c. Change static create_request() into non-static _snmp_create_request()
 *
 */

/* [clearcase]
modification history
-------------------
01e,12may05,job  fix apigen comments
01d,18apr05,job  update copyright notices
01c,25feb05,job  apigen update
01b,16feb05,job  apigen for documented APIs
01a,24nov03,job  update copyright information
*/

/*
DESCRIPTION
This library contains v3_creq.c routines.

INCLUDE FILES: snmp.h, buildpkt.h
*/

#include <wrn/wm/snmp/engine/asn1conf.h>
#include <wrn/wm/snmp/engine/asn1.h>
#include <wrn/wm/snmp/engine/buffer.h>
#include <wrn/wm/snmp/engine/snmpdefs.h>
#include <wrn/wm/snmp/engine/snmp.h>
#include <wrn/wm/snmp/engine/buildpkt.h>

#include <wrn/wm/common/bug.h>

#include <wrn/wm/snmp/engine/v3_eng.h>
#include <wrn/wm/snmp/engine/v3_user.h>
#include <wrn/wm/snmp/engine/v3_auth.h>
#include <wrn/wm/snmp/engine/v3_priv.h>

extern SNMP_PKT_T *_snmp_create_request(int num_vb); /* in creatreq.c */

/****************************************************************************
\NOMANUAL
NAME:  SNMP_Create_Request_V3_Lockable

PURPOSE: Begin building an SNMP request packet.  This function is a
          temporary kludge to deal with the fact that the notify code
          attempts to create requests while holding the CoarseLock.
          Ultimately, the correct solution will be a rewrite of the
          offending notify code, but for now this will have to do.
          Customers shouldn't call this function directly.  Instead,
          the standard, documented API call, SNMP_Create_Request_V3(),
          should be used.  This function is going to go away very,
          very quickly.

PARAMETERS:
	int		Packet type:
			For version 3 GET_REQUEST_PDU, GET_NEXT_REQUEST_PDU,
				      SET_REQUEST_PDU, GET_BULK_REQUEST_PDU,
				      INFORM_REQUEST_PDU, TRAP2_PDU
			as defined in snmpdefs.h
	int		Protocol version -- SNMP_VERSION_3
			as defined in snmpdefs.h
	bits32_t	message id (not request id)
	bits32_t	max message size (for responses)
	bits8_t         message flags, currenlty security stuff 
			as defined in snmpdefs.h
	bits32_t        security model
	bits8_t	  *	context engine id
	ALENGTH_T       context engine id length
	bits8_t	  *	context name
	ALENGTH_T       context name id length
	bits8_t	  *	engine id
	ALENGTH_T       engine id length
	bits8_t	  *	user name
	ALENGTH_T       user name len
	sbits32_t	Request ID
	int		Number of VarBindList elements needed (may be 0)
	int		nonreps - for use with getbulk, number of non repeaters
	int		maxreps - for use with getbulk, max repetitions
        int             lockable -- if 0, don't try to grab CoarseLock again

RETURNS:  SNMP_PKT_T *	SNMP Packet structure, 0 on failure
****************************************************************************/
SNMP_PKT_T *
  SNMP_Create_Request_V3_Lockable(int	      ptype,
				  int	      version,
				  bits32_t    msg_id,
				  bits32_t    max_size,
				  bits8_t     msg_flags,
				  bits32_t    sec_model,
				  bits8_t    *con_id,
				  ALENGTH_T   con_id_len,
				  bits8_t    *con_name,
				  ALENGTH_T   con_name_len,
				  bits8_t    *sec_id,
				  ALENGTH_T   sec_id_len,
				  bits8_t    *sec_name,
				  ALENGTH_T   sec_name_len,
				  sbits32_t   request_id,
				  int	      num_vb,
				  int	      nonreps,
				  int	      maxreps,
				  int         lockable)

{
SNMP_PKT_T *rp;
SNMP_USER_T *user;
ENGINE_LEAF_T *engine;

/* check the version number currently we only allow v3 */
if (version != SNMP_VERSION_3)
    return(0);

/* check the flags */
if ((msg_flags >= ETC_V3_REPORT) || (msg_flags == ETC_V3_PRIV))
    return(0);

/* check the pdu type and set up other arguments as necessary */
switch(ptype) {
    case GET_REQUEST_PDU:
    case GET_NEXT_REQUEST_PDU:
    case SET_REQUEST_PDU:
    case INFORM_REQUEST_PDU:
	msg_flags |= ETC_V3_REPORT;
	/* no break, drop into the next case */
    case TRAP2_PDU:
	nonreps = 0;
	maxreps = 0;
	break;

    case GET_BULK_REQUEST_PDU:
	msg_flags |= ETC_V3_REPORT;
	break;

    default:
	return(0);
    }

if ((rp = _snmp_create_request(num_vb)) == 0)
    return 0;

rp->snmp_version 		= version;
rp->pdu_type 			= (ATVALUE_T)ptype;
rp->pdu.std_pdu.request_id 	= request_id;
rp->pdu.std_pdu.error_status    = nonreps;
rp->pdu.std_pdu.error_index     = maxreps;

rp->msg_id			= msg_id;
rp->msg_flags			= msg_flags;
rp->msg_sec_model		= sec_model;

/* We only need to lookup the engine and user information
   if we are planning to authenticate the message.

   We lookup the engine structure in order to get the
   boots and time information.  If we don't know the engine
   or we aren't doing authentication we leave the info zeroed.

   We lookup the user to get the auth and priv information.
   If we don't have a user or the user doesn't allow either
   auth or, if requested by the flags, priv we return an error.
   Otherwise we copy the auth and priv info to the packet */

if (msg_flags & ETC_V3_AUTH) {
#if (INSTALL_ENVOY_SNMP_LOCK)
    /* if necessary get the coarse lock to protect the various lists */
    if (lockable) {
        if (ENVOY_SNMP_GET_READ_LOCK(SNMP_CoarseLock)) {
	    BUG(BUG_ENVOY_LOCKING, BUG_CONTINUABLE, 0,
		(BUG_OUT, "Create Request: coarse lock is broken", 0));
	    SNMP_Free(rp);
	    return(0);
            }
        }
#endif

    /* lookup the engine id, if we don't find it drop the packet */
    engine = SNMP_Engine_Lookup(sec_id, sec_id_len);
    if (engine == 0) {
#if (INSTALL_ENVOY_SNMP_LOCK)
        if (lockable)
            ENVOY_SNMP_RELEASE_READ_LOCK(SNMP_CoarseLock);
#endif
        SNMP_Free(rp);
	return(0);
        }

    /* we only need the lock if the boots and time info isn't
       ours, but as that is the normal case and it doesn't
       harm us to get the lock if the info is ours we always
       get the lock */
#if (INSTALL_ENVOY_SNMP_LOCK)
    /* get the boots lock to protect the boot and time information */
    if (ENVOY_SNMP_GET_READ_LOCK(SNMP_V3_Boots_Lock)) {
        BUG(BUG_ENVOY_LOCKING, BUG_CONTINUABLE, 0,
	    (BUG_OUT, "Create Request: boots lock is broken", 0));
	if (lockable)
	    ENVOY_SNMP_RELEASE_READ_LOCK(SNMP_CoarseLock);
	SNMP_Free(rp);
	return(0);
        }
#endif	
    rp->msg_sec_boots = SNMP_Engine_Get_Boots(engine);
    rp->msg_sec_time  = SNMP_Engine_Get_Time(engine);

    ENVOY_SNMP_RELEASE_READ_LOCK(SNMP_V3_Boots_Lock);

    user = SNMP_User_Lookup(sec_id, sec_id_len, sec_name, sec_name_len);
    if ((user == 0) || (SNMP_User_Get_Status(user) != ETC_RS_ACTIVE) ||
	(SNMP_User_Get_Auth(user) == 0) ||
	((msg_flags & ETC_V3_PRIV) && (SNMP_User_Get_Priv(user) == 0))) {
#if (INSTALL_ENVOY_SNMP_LOCK)
        if (lockable)
	    ENVOY_SNMP_RELEASE_READ_LOCK(SNMP_CoarseLock);
#endif
        SNMP_Free(rp);        
        return(0);
        }
    rp->auth = SNMP_User_Get_Auth(user);
    MEMCPY(rp->msg_sec_auth, SNMP_User_Get_AuthKey(user),
	   SNMP_Auth_Get_KeySize(rp->auth));
    if (msg_flags & ETC_V3_PRIV) {
        rp->priv = SNMP_User_Get_Priv(user);
        MEMCPY(rp->msg_sec_priv, SNMP_User_Get_PrivKey(user),
	       SNMP_Priv_Get_KeySize(rp->priv));
        }
#if (INSTALL_ENVOY_SNMP_LOCK)
    if (lockable)
        ENVOY_SNMP_RELEASE_READ_LOCK(SNMP_CoarseLock);
#endif
    }

if (sec_id_len) {
    if (EBufferAllocateLoad(BFL_IS_ALLOC, &rp->msg_sec_id,
			    sec_id, sec_id_len)){
        SNMP_Free(rp);
	return(0);
        }        
    }

if (sec_name_len) {
    if (EBufferAllocateLoad(BFL_IS_ALLOC, &rp->msg_sec_name,
			    sec_name, sec_name_len)){
        SNMP_Free(rp);
	return(0);
        }        
    }

if (con_id_len) {
    if (EBufferAllocateLoad(BFL_IS_ALLOC, &rp->msg_con_id,
			    con_id, con_id_len)){
        SNMP_Free(rp);
	return(0);
        }        
    }
else {
    EBufferPreLoad(BFL_IS_STATIC, &rp->msg_con_id,
		   EBufferStart(&rp->msg_sec_id),
		   EBufferUsed(&rp->msg_sec_id));
    }

if (con_name_len) {
    if (EBufferAllocateLoad(BFL_IS_ALLOC, &rp->community,
			    con_name, con_name_len)){
        SNMP_Free(rp);
	return(0);
        }        
    }

return rp;
}


/*******************************************************************************
*
* SNMP_Create_Request_V3 - build SNMPv3 packets
* SYNOPSIS
*
* \cs
* SNMP_PKT_T * SNMP_Create_Request_V3 
*     ( 
*     int           ptype, 
*     int           version, 
*     bits32_t      msg_id, 
*     bits32_t      max_size, 
*     bits8_t       msg_flags, 
*     bits32_t      sec_model, 
*     bits8_t    *  con_id, 
*     ALENGTH_T     con_id_length, 
*     bits8_t    *  con_name, 
*     ALENGTH_T     con_name_length, 
*     bits8_t    *  sec_id, 
*     ALENGTH_T     sec_id_length, 
*     bits8_t    *  sec_name, 
*     ALENGTH_T     sec_name_length, 
*     sbits32_t     request_id, 
*     int           num_vb, 
*     int           nonreps, 
*     int           maxreps 
*     )
* \ce
*
* DESCRIPTION
*
* This routine builds SNMPv3 packets. It allocates and initializes a new packet 
* structure of type 'SNMP_PKT_T' for a SNMP message. Use 
* SNMP_Create_Request_V3() for SNMPv3 manager/client scenarios. If you are 
* writing an SNMPv3 agent, you can use this routine to build an SNMPv2 style 
* trap ('TRAP2') or an 'INFORM' in an SNMPv3 wrapper or use 
* SNMP_Send_Notify_Name().
* If you are building a multi-lingual agent, you also may need to call 
* SNMP_Create_Request2() and SNMP_Create_Trap() to build appropriate SNMPv1 and 
* SNMPv2 'TRAP' PDUs.
*
* \&NOTE: After you have created this structure, call the appropriate bind 
* procedures to bind specific entries into the VarBindList before calling 
* SNMP_Encode_Packet() to encode the packet for transmission.
*
* PARAMETERS
* \is
* \i <ptype>
* Specify the SNMP PDU type as one of the following PDU types: 
* 'GET_REQUEST_PDU', 'GET_NEXT_REQUEST_PDU', 'SET_REQUEST_PDU', 
* 'INFORM_REQUEST_PDU', 'GET_BULK_REQUEST_PDU', or 'TRAP2_PDU'.
* \i <version>
* Specify the SNMP protocol version. Currently the only available version is 
* 'SNMP_VERSION_3'.
* \i <msg_id>
* Specify the SNMP v3 engine杢o杄ngine identifier for the packet.
* \i <max_size>
* Specify the largest size SNMPv3 packet this entity is prepared to process.
* \i <msg_flags>
* Indicate how the message should be handled. If the message should be 
* authenticated, use the value 'ETC_V3_AUTH'. If the message should be 
* authenticated and encrypted, use the value 'ETC_V3_PRIV'. The actual 
* algorithms used depend on the user and security model information.
* \i <sec_model>
* Specify which security model to use. At this release, the only available 
* option is 'ETC_SEC_MODEL_USM'.
* \i <*con_id>
* Specify the context engine identifier. For non-proxied agents, this is the 
* same as the security engine identifier.
* \i <con_id_length>
* Specify the length in bytes of the context engine identifier.
* \i <*con_name>
* Specify the name of the context to use when processing the request. The 
* default context for agents is the empty (zero-length) string.
* \i <con_name_length>
* Specify the length in bytes of the context to use when processing the 
* request.
* \i <*sec_id>
* Specify the identifier of engine that is authoritative for the security data 
* (boots and time). It is also used as an index for some tables.
* \i <sec_id_length>
* Specify the length in bytes of the security engine identifier.
* \i <*sec_name>
* Specify the security user name. If authentication and encryption are 
* selected, the values of <sec_name> and <sec_id> are used directly in the 
* packet as an index.
* \i <sec_name_length>
* Specify the length in bytes of the security user name.
* \i <request_id>
* Specify the PDU transaction identifier.
* \i <num_vb>
* Indicate how many 'VarBind' entries to place in the 'VarBindList'.
* \i <nonreps>
* Specify number to put into the non-repeaters field in PDUs of type 'GET BULK 
* REQUEST'.
* \i <maxreps>
* Specify number to put into the max-repetitions field in PDUs of type 'GET 
* BULK REQUEST'.
* \ie
*
* RETURNS: If successful, this routine returns a pointer to the newly created 
* packet. Otherwise, it returns 0.
*
* ERRNO: N/A
*
* SEE ALSO: 'SNMP_Create_Request2(),' 'SNMP_Create_Trap(),' 
* SNMP_Encode_Packet(), SNMP_Create_Trap()
*/
SNMP_PKT_T *
  SNMP_Create_Request_V3(int	      ptype,
			 int	      version,
			 bits32_t     msg_id,
			 bits32_t     max_size,
			 bits8_t      msg_flags,
			 bits32_t     sec_model,
			 bits8_t     *con_id,
			 ALENGTH_T    con_id_len,
			 bits8_t     *con_name,
			 ALENGTH_T    con_name_len,
			 bits8_t     *sec_id,
			 ALENGTH_T    sec_id_len,
			 bits8_t     *sec_name,
			 ALENGTH_T    sec_name_len,
			 sbits32_t    request_id,
			 int	      num_vb,
			 int	      nonreps,
			 int	      maxreps)

{
return(SNMP_Create_Request_V3_Lockable(ptype, version, msg_id, max_size,
				       msg_flags, sec_model, con_id, 
				       con_id_len, con_name, con_name_len,
				       sec_id, sec_id_len, sec_name,
				       sec_name_len, request_id, num_vb,
				       nonreps, maxreps, 1));
}