📄 pxy3_chk.c
字号:
} else { EBufferClean (&pNewPkt->community); EBufferAllocateLoad (BFL_IS_ALLOC, &pNewPkt->community, EBufferStart (&pProxyBlock->communityString), EBufferUsed (&pProxyBlock->communityString)); } MEMCPY (&(pNewPkt->pdu.std_pdu.std_vbl), &(pPkt->pdu.std_pdu.std_vbl), sizeof (VBL_T)); pTargList->pktp = pNewPkt; break; case SNMP_VERSION_2: pNewPkt = SNMP_Create_Request2 (pPkt->pdu_type, pTargList->mp_model, EBufferUsed (&pProxyBlock->communityString), (sbits8_t *) EBufferStart (&pProxyBlock->communityString), pProxyBlock->msgID, 0, pPkt->pdu.std_pdu.error_status, pPkt->pdu.std_pdu.error_index); if (pNewPkt == 0) { proxyBlockClean (pProxyBlock); return (ENVOY_ERR_UNKNOWN); } else { EBufferClean (&pNewPkt->community); EBufferAllocateLoad (BFL_IS_ALLOC, &pNewPkt->community, EBufferStart (&pProxyBlock->communityString), EBufferUsed (&pProxyBlock->communityString)); } MEMCPY (&(pNewPkt->pdu.std_pdu.std_vbl), &(pPkt->pdu.std_pdu.std_vbl), sizeof (VBL_T)); pTargList->pktp = pNewPkt; break;#endif case SNMP_VERSION_3: msgFlags = 0; switch (pTargList->sec_level) { case ETC_SEC_LEVEL_PRIV: msgFlags |= ETC_V3_PRIV; /* fall through... */ case ETC_SEC_LEVEL_AUTH: msgFlags |= ETC_V3_AUTH; /* fall through... */ default: break; } /* * We have to look up the security engine id -- we * can't assume that the security engine id will * match the context engine id -- there could be a * proxy chain... */ secID = 0; secIDLen = 0; SNMP_Find_Matching_Engine_ID(&(pTargList->tdomain), &(pTargList->taddress), &secID, &secIDLen); if (secID == 0) { /* * We can't proceed yet as we don't have a securityEngineID * to build the packet with. This means we have to send a * probe to the target in question and wait for a response. */ pNewPkt = SNMP_Create_Request_V3 (pPkt->pdu_type, pTargList->mp_model, pProxyBlock->msgID, 0, 0, pTargList->sec_model, EBufferStart (&pProxyBlock->contextEngineID), EBufferUsed (&pProxyBlock->contextEngineID), EBufferStart (&pProxyBlock->contextName), EBufferUsed (&pProxyBlock->contextName), 0, 0, 0, 0, pProxyBlock->msgID, 0, 0, 0); pTargList->flags |= SNMP_TARGET_LIST_SEND_PROXY_PROBE; } else { pNewPkt = SNMP_Create_Request_V3 (pPkt->pdu_type, pTargList->mp_model, pProxyBlock->msgID, 0, msgFlags, pTargList->sec_model, EBufferStart (&pProxyBlock->contextEngineID), EBufferUsed (&pProxyBlock->contextEngineID), EBufferStart (&pProxyBlock->contextName), EBufferUsed (&pProxyBlock->contextName), secID, secIDLen, EBufferStart (&pProxyBlock->targetList->sec_name), EBufferUsed (&pProxyBlock->targetList->sec_name), pProxyBlock->msgID, 0, pPkt->pdu.std_pdu.error_status, pPkt->pdu.std_pdu.error_index); /* borrow the original packet's varbind list */ if (pNewPkt != 0) MEMCPY (&(pNewPkt->pdu.std_pdu.std_vbl), &(pPkt->pdu.std_pdu.std_vbl), sizeof (VBL_T)); } if (pNewPkt == 0) { proxyBlockClean (pProxyBlock); return (ENVOY_ERR_UNKNOWN); } pTargList->pktp = pNewPkt; break; default: proxyBlockClean (pProxyBlock); return (ENVOY_ERR_UNKNOWN); } /* Set up the addresses. */ MEMSET (&locAddr, 0, sizeof (SNMPADDR_T)); if (ENVOY_TADDRESS_TO_SNMPADDR (&(pTargList->for_addr), &(pTargList->tdomain), &(pTargList->taddress)) != 0) { proxyBlockClean (pProxyBlock); return (ENVOY_ERR_UNKNOWN); } /* grab the retrans lock to insert the proxy block into the list */#if (INSTALL_ENVOY_SNMP_LOCK) if (ENVOY_SNMP_GET_WRITE_LOCK (SNMP_V3_Retrans_Lock)) { BUG (BUG_ENVOY_LOCKING, BUG_CONTINUABLE, 0, (BUG_OUT, "snmpProxyV3Request: retrans lock broken", 0)); proxyBlockClean (pProxyBlock); return (ENVOY_ERR_LOCK_FAILED); }#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ pProxyBlock->next = root_proxy_block.pcb; root_proxy_block.pcb = pProxyBlock;#if (INSTALL_ENVOY_SNMP_LOCK) ENVOY_SNMP_RELEASE_WRITE_LOCK (SNMP_V3_Retrans_Lock);#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ /* And now we're ready to forward the packet */ ENVOY_SNMP_SEND_PROXY (&(pTargList->for_addr), &locAddr, pNewPkt, SNMP_Bufsize_For_Packet (pNewPkt)); /* * And now we update the proxy block with the information * we need to make sure that the packet gets properly timed out. */ #if (INSTALL_ENVOY_SNMP_LOCK) if (ENVOY_SNMP_GET_WRITE_LOCK (SNMP_V3_Retrans_Lock)) { BUG (BUG_ENVOY_LOCKING, BUG_CONTINUABLE, 0, (BUG_OUT, "snmpProxyV3Request: retrans lock broken", 0)); proxyBlockClean (pProxyBlock); return (ENVOY_ERR_LOCK_FAILED); }#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ pProxyBlock->originalPkt = pPkt; pProxyBlock->expires = ENVOY_NOW() + (pTargList->timeout * 10); /* kick the timer */ proxy_timer_update();#if (INSTALL_ENVOY_SNMP_LOCK) ENVOY_SNMP_RELEASE_WRITE_LOCK (SNMP_V3_Retrans_Lock);#endif return (ENVOY_ERR_NOERR); }/***************************************************************************** snmpProxyV3Notify - determine whether a given Notify PDU* should be forwarded according to proxy rules** This function will scan the proxy object list to determine whether* the passed-in Request-PDU should be forwarded according to the rules* of RFC 2573.** RETURNS: ENVOY_ERR_NOERR if a proper target was found* ENVOY_ERR_NO_TARGET if no valid target was found* ENVOY_ERR_INSUFFICIENT_MEMORY if an allocation error occurred* ENVOY_ERR_LOCK_FAILED if a locking error occurred**/envoy_err_t snmpProxyV3Notify ( SNMP_PKT_T * pPkt ) { SNMP_PKT_T * pNewPkt; SNMP_PROXY_T * pProxy; SNMP_TARGET_ADDR_T * pTaddr; SNMP_TARGET_PARAMS_T * pParams; TARGET_LIST_T * pTargList = 0; TARGET_LIST_T ** ppNextTargList; TARGET_LIST_T ** ppTargList; TARGET_LIST_T * pTargListHead = 0; SNMP_PROXY_CB_T * pProxyBlock; EBUFFER_T contextEngineID; EBUFFER_T contextName; bits8_t msgFlags; bits32_t mpModel; sbits32_t secModel; bits32_t secLevel; EBUFFER_T secName; bits8_t * secID; ALENGTH_T secIDLen; SNMPADDR_T locAddr; bits8_t saveList = 0; bits32_t longestTimeout = 0; int errorCode; int vbCount;#if INSTALL_ENVOY_SNMP_COEXISTENCE SNMP_COMMUNITY_T * pCommunity = 0; EBUFFER_T communityString; VB_T * pVb; int containsCounter64 = 0; int version1Target = 0; int version2Or3Target = 0; bits32_t timeStamp; OBJ_ID_T enterpriseOid; int generic; sbits32_t specific; unsigned char agentIp[4]; OBJ_ID_T agentTDomain; EBUFFER_T agentTAddress;#endif EBufferInitialize (&contextEngineID); EBufferInitialize (&contextName); EBufferInitialize (&secName);#if INSTALL_ENVOY_SNMP_COEXISTENCE EBufferInitialize (&communityString);#endif /* * We load information into local variables for the sake of * coexistence */ switch (pPkt->snmp_version) {#if INSTALL_ENVOY_SNMP_COEXISTENCE#if INSTALL_ENVOY_SNMP_VERSION_1 case SNMP_VERSION_1:#endif#if INSTALL_ENVOY_SNMP_VERSION_2 case SNMP_VERSION_2:#endif pCommunity = SNMP_Community_Lookup (EBufferStart (&pPkt->comm_entry), EBufferUsed (&pPkt->comm_entry)); if (pCommunity == 0) return (ENVOY_ERR_NO_TARGET); EBufferAllocateLoad (BFL_IS_ALLOC, &contextEngineID, SNMP_Community_Get_Con_ID (pCommunity), SNMP_Community_Get_Con_ID_Len (pCommunity)); EBufferAllocateLoad (BFL_IS_ALLOC, &contextName, SNMP_Community_Get_Con_Name (pCommunity), SNMP_Community_Get_Con_Name_Len (pCommunity)); mpModel = pPkt->snmp_version; secModel = ((pPkt->snmp_version == SNMP_VERSION_1) ? ETC_SEC_MODEL_V1 : ETC_SEC_MODEL_V2); EBufferAllocateLoad (BFL_IS_ALLOC, &secName, SNMP_Community_Get_Sec_Name (pCommunity), SNMP_Community_Get_Sec_Name_Len (pCommunity)); secLevel = ETC_SEC_LEVEL_NONE; EBufferAllocateLoad (BFL_IS_STATIC, &communityString, EBufferStart (&pPkt->community), EBufferUsed (&pPkt->community)); break;#endif case SNMP_VERSION_3: EBufferAllocateLoad (BFL_IS_STATIC, &contextEngineID, EBufferStart (&pPkt->msg_con_id), EBufferUsed (&pPkt->msg_con_id)); EBufferAllocateLoad (BFL_IS_STATIC, &contextName, EBufferStart (&pPkt->community), EBufferUsed (&pPkt->community)); mpModel = SNMP_VERSION_3; secModel = pPkt->msg_sec_model; EBufferAllocateLoad (BFL_IS_STATIC, &secName, EBufferStart (&pPkt->msg_sec_name), EBufferUsed (&pPkt->msg_sec_name)); if ((pPkt->msg_flags & ETC_V3_AUTH) != 0) { if ((pPkt->msg_flags & ETC_V3_PRIV) != 0) secLevel = ETC_SEC_LEVEL_PRIV; else secLevel = ETC_SEC_LEVEL_AUTH; } else secLevel = ETC_SEC_LEVEL_NONE; break; default: return (ENVOY_ERR_NO_TARGET); }#if INSTALL_ENVOY_SNMP_COEXISTENCE && !INSTALL_ENVOY_SNMP_USE_V2_TYPES /* Scan the packet and find out if it contains any Counter64 objects */ if (pPkt->snmp_version != SNMP_VERSION_1) { for (vbCount = 0, pVb = pPkt->pdu.std_pdu.std_vbl.vblist ; vbCount < pPkt->pdu.std_pdu.std_vbl.vbl_count ; vbCount++, pVb++) { if (pVb->vb_data_flags_n_type == VT_COUNTER64) containsCounter64 = 1; } }#endif for (pProxy = root_proxy; pProxy != 0; pProxy = SNMP_Proxy_Next_Proxy (pProxy)) { /* Step 0: Skip inactive proxy objects */ if (SNMP_Proxy_Get_Status (pProxy) != ETC_RS_ACTIVE) continue; /* Step 1: Check to see if the PDU type matches this proxy object */ switch (SNMP_Proxy_Get_Proxy_Type (pProxy)) { case PROXY_TYPE_TRAP: if ((pPkt->pdu_type != TRAP2_PDU) && (pPkt->pdu_type != TRAP_PDU)) continue; break; case PROXY_TYPE_INFORM:⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -