📄 pxy3_chk.c
字号:
if (pPkt->pdu_type != INFORM_REQUEST_PDU) continue; break; default: continue; } /* * Step 2: Check to see if the context engine id of the PDU * matches that of this proxy object */ if ((EBufferUsed (&contextEngineID) != SNMP_Proxy_Get_Context_Engine_ID_Len (pProxy)) || (MEMCMP (EBufferStart (&contextEngineID), SNMP_Proxy_Get_Context_Engine_ID (pProxy), EBufferUsed (&contextEngineID)) != 0)) continue; /* Step 3: Check to see if the context names match */ if ((EBufferUsed (&contextName) != SNMP_Proxy_Get_Context_Name_Len (pProxy)) || (MEMCMP_NULLOK (EBufferStart (&contextName), SNMP_Proxy_Get_Context_Name (pProxy), EBufferUsed (&contextName)) != 0)) continue; /* * Step 4: Look up the entry in the snmpTargetParamsTable * to check remaining parameters. */ pParams = SNMP_Target_Params_Lookup (SNMP_Proxy_Get_Target_Params_In (pProxy), SNMP_Proxy_Get_Target_Params_In_Len (pProxy)); if ((pParams == 0) || (SNMP_Target_Params_Get_Status (pParams) != ETC_RS_ACTIVE)) continue; /* * Step 5: Check the message processing model, security level, * security model, and security name. */ if ((mpModel != SNMP_Target_Params_Get_MP_Model (pParams)) || (secLevel != SNMP_Target_Params_Get_Sec_Level (pParams)) || (secModel != SNMP_Target_Params_Get_Sec_Model (pParams)) || (EBufferUsed (&secName) != SNMP_Target_Params_Get_Sec_Name_Len (pParams)) || (MEMCMP (EBufferStart (&secName), SNMP_Target_Params_Get_Sec_Name (pParams), EBufferUsed (&secName)) != 0)) continue; /* It may match, but it also has to point to targets! */ if (SNMP_Proxy_Get_Multiple_Target_Out_Len (pProxy) == 0) continue; /* * If we made it this far, we have a valid proxy object. * Now we need to look our list of targets and see if we * actually have any valid ones. */ for (pTaddr = root_target_addr; pTaddr != 0; pTaddr = SNMP_Target_Addr_Next_Addr (pTaddr)) { /* Does this target match the tag? */ if ((SNMP_Target_Addr_Get_Status (pTaddr) != ETC_RS_ACTIVE) || (taglist_check (&(pTaddr->tag_list), &(pProxy->multiple_target_out)) != 0)) continue; /* Does this target addr have a valid target params? */ pParams = SNMP_Target_Params_Lookup (SNMP_Target_Addr_Get_Params (pTaddr), SNMP_Target_Addr_Get_Params_Len (pTaddr)); /* * We reject a whole set of things here: * 1) Nonexistent or notInService snmpTargetParamsTable entries * 2) SNMPv1 targets if the notification contains Counter64s * 3) SNMPv1 targets if the notification is an Inform */ if ((pParams == 0) || (SNMP_Target_Params_Get_Status (pParams) != ETC_RS_ACTIVE) #if INSTALL_ENVOY_SNMP_COEXISTENCE || ((SNMP_Target_Params_Get_MP_Model (pParams) == SNMP_VERSION_1) && ((containsCounter64 == 1) || (pPkt->pdu_type == INFORM_REQUEST_PDU)))#endif ) continue; /* Do version-based rejection here */ switch (SNMP_Target_Params_Get_MP_Model (pParams)) {#if INSTALL_ENVOY_SNMP_COEXISTENCE#if INSTALL_ENVOY_SNMP_VERSION_1 case SNMP_VERSION_1: /* fall through... */#endif#if INSTALL_ENVOY_SNMP_VERSION_2 case SNMP_VERSION_2:#endif#endif case SNMP_VERSION_3: break; default: continue; } /* We need to look up the community object here */ if (SNMP_Target_Params_Get_MP_Model (pParams) != SNMP_VERSION_3) { for (pCommunity = SNMP_Community_Next_Community ((SNMP_COMMUNITY_T *) 0) ; pCommunity != 0; pCommunity = SNMP_Community_Next_Community (pCommunity)) { if ((SNMP_Community_Get_Sec_Name_Len (pCommunity) != SNMP_Target_Params_Get_Sec_Name_Len (pParams)) || (SNMP_Community_Get_Con_ID_Len (pCommunity) != EBufferUsed (&contextEngineID)) || (SNMP_Community_Get_Con_Name_Len (pCommunity) != EBufferUsed (&contextName)) || (MEMCMP (SNMP_Community_Get_Sec_Name (pCommunity), SNMP_Target_Params_Get_Sec_Name (pParams), SNMP_Community_Get_Sec_Name_Len (pCommunity)) != 0) || (MEMCMP (SNMP_Community_Get_Con_ID (pCommunity), EBufferStart (&contextEngineID), EBufferUsed (&contextEngineID)) != 0) || (MEMCMP_NULLOK (SNMP_Community_Get_Con_Name (pCommunity), EBufferStart (&contextName), EBufferUsed (&contextName)) != 0)) continue; } if (pCommunity == 0) continue; } pTargList = SNMP_memory_alloc (sizeof (TARGET_LIST_T)); if (pTargList == 0) { EBufferClean (&contextEngineID); EBufferClean (&contextName); EBufferClean (&secName);#if INSTALL_ENVOY_SNMP_COEXISTENCE EBufferClean (&communityString);#endif return (ENVOY_ERR_INSUFFICIENT_MEMORY); } init_target_list (pTargList); pTargList->next = pTargListHead; pTargListHead = pTargList; pTargList->target = 0; /* just to be safe */ pTargList->timeout = SNMP_Target_Addr_Get_Timeout (pTaddr); pTargList->mp_model = SNMP_Target_Params_Get_MP_Model (pParams); pTargList->sec_level = SNMP_Target_Params_Get_Sec_Level (pParams); pTargList->sec_model = SNMP_Target_Params_Get_Sec_Model (pParams); if (((pTargList->mp_model != SNMP_VERSION_3) && (EBufferAllocateLoad (BFL_IS_ALLOC, &(pTargList->context), SNMP_Community_Get_Name (pCommunity), SNMP_Community_Get_Name_Len (pCommunity)) != 0)) || (build_object_id (SNMP_Target_Addr_Get_TDomain (pTaddr)->num_components, SNMP_Target_Addr_Get_TDomain (pTaddr)->component_list, &(pTargList->tdomain)) != 0) || (EBufferAllocateLoad (BFL_IS_ALLOC, &(pTargList->taddress), SNMP_Target_Addr_Get_TAddress (pTaddr), SNMP_Target_Addr_Get_TAddress_Len (pTaddr)) != 0) || (EBufferAllocateLoad (BFL_IS_ALLOC, &(pTargList->sec_name), SNMP_Target_Params_Get_Sec_Name (pParams), SNMP_Target_Params_Get_Sec_Name_Len (pParams)) != 0)) { clean_target_list (pTargListHead); EBufferClean (&contextEngineID); EBufferClean (&contextName); EBufferClean (&secName);#if INSTALL_ENVOY_SNMP_COEXISTENCE EBufferClean (&communityString);#endif return (ENVOY_ERR_INSUFFICIENT_MEMORY); } } } #if (INSTALL_ENVOY_SNMP_LOCK) /* * We've loaded all the information we need to build the new * packet into pTargList. Now we can safely unlock the databases * and proceed with building the new packet. We're going to * release the coarse lock at this point. */ ENVOY_SNMP_RELEASE_READ_LOCK (SNMP_CoarseLock); /* And just to be safe, we clean the PDU's lock field */ pPkt->coarse_lock = 0;#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ if (pTargListHead == 0) { EBufferClean (&contextEngineID); EBufferClean (&contextName); EBufferClean (&secName);#if INSTALL_ENVOY_SNMP_COEXISTENCE EBufferClean (&communityString);#endif return (ENVOY_ERR_INSUFFICIENT_MEMORY); }#if INSTALL_ENVOY_SNMP_COEXISTENCE /* * Parameter conversion. If we are forwarding a v1 trap to a * v2c or v3 target, or a v2c or v3 notification to a v1 target, * we need to make sure all of the conversions have been performed. */ for (pTargList = pTargListHead; pTargList != 0; pTargList = pTargList->next) { switch (pPkt->snmp_version) { case SNMP_VERSION_1: version1Target = 1; default: version2Or3Target = 1; } } if (version1Target == 1) { /* OK, there's an SNMPv1 target. Get the proper parameters. */ switch (pPkt->snmp_version) { case SNMP_VERSION_1: timeStamp = pPkt->pdu.trap_pdu.trap_time_ticks; enterpriseOid.num_components = pPkt->pdu.trap_pdu.enterprise_objid.num_components; enterpriseOid.component_list = pPkt->pdu.trap_pdu.enterprise_objid.component_list; generic = pPkt->pdu.trap_pdu.generic_trap; specific = pPkt->pdu.trap_pdu.specific_trap; MEMCPY(agentIp, pPkt->pdu.trap_pdu.net_address, 4); break; default: if (((errorCode = SNMP_Convert_VB (&(pPkt->pdu.std_pdu.std_vbl), &enterpriseOid, &generic, &specific, &timeStamp)) == 0) || (ENVOY_SNMPADDR_TO_TADDRESS(&(pPkt->pkt_src), &agentTDomain, &agentTAddress) == 0)) { clean_target_list (pTargListHead); EBufferClean (&contextEngineID); EBufferClean (&contextName); EBufferClean (&secName); EBufferClean (&communityString); return (ENVOY_ERR_UNKNOWN); } MEMCPY (agentIp, EBufferStart (&agentTAddress), 4); Clean_Obj_ID (&agentTDomain); EBufferClean (&agentTAddress); } }#endif /* allocate a proxy control block */ pProxyBlock = SNMP_memory_alloc (sizeof (SNMP_PROXY_CB_T)); if (pProxyBlock == 0) { clean_target_list (pTargList); EBufferClean (&contextEngineID); EBufferClean (&contextName); EBufferClean (&secName);#if INSTALL_ENVOY_SNMP_COEXISTENCE EBufferClean (&communityString);#endif return (ENVOY_ERR_INSUFFICIENT_MEMORY); } /* * We have a proxy block, so let's dump responsibility for these * EBuffers we've been carrying around onto them. */ MEMCPY (&(pProxyBlock->contextEngineID), &contextEngineID, sizeof (EBUFFER_T)); MEMCPY (&(pProxyBlock->contextName), &contextName, sizeof (EBUFFER_T)); MEMCPY (&(pProxyBlock->secName), &secName, sizeof (EBUFFER_T));#if INSTALL_ENVOY_SNMP_COEXISTENCE MEMCPY (&(pProxyBlock->communityString), &communityString, sizeof (EBUFFER_T));#endif /* grab the retrans lock briefly to get a new msgid */#if (INSTALL_ENVOY_SNMP_LOCK) if (ENVOY_SNMP_GET_WRITE_LOCK (SNMP_V3_Retrans_Lock)) { BUG (BUG_ENVOY_LOCKING, BUG_CONTINUABLE, 0, (BUG_OUT, "snmpProxyV3Notify: retrans lock broken", 0)); clean_target_list (pTargList); return (ENVOY_ERR_LOCK_FAILED); }#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ ENVOY_SET_PROXY_MSGID (pProxyBlock); #if (INSTALL_ENVOY_SNMP_LOCK) ENVOY_SNMP_RELEASE_WRITE_LOCK (SNMP_V3_Retrans_Lock);#endif /* #if (INSTALL_ENVOY_SNMP_LOCK) */ pProxyBlock->expires = 0; pProxyBlock->targetList = pTargListHead; pProxyBlock->flags = 0; /* * Since we're forwarding a notification, we know we're copying * the varbind list. */ pProxyBlock->flags = SNMP_PROXY_FLAGS_VBLIST_COPIED; for (pTargList = pTargListHead; pTargList != 0; pTargList = pTargList->next) { /* * For each entry in the target list, create a * request packet. We do this using information * that's been safely placed into pTargList, so that * we can call the Create function without holding * any locks. */ switch (pTargList->mp_model) {#if INSTALL_ENVOY_SNMP_COEXISTENCE#if INSTALL_ENVOY_SNMP_VERSION_1 case SNMP_VERSION_1: if (pPkt->snmp_version == SNMP_VERSION_1) vbCount = pPkt->pdu.trap_pdu.trap_vbl.vbl_count; else vbCount = pPkt->pdu.std_pdu.std_vbl.vbl_count - 2; pNewPkt = SNMP_Create_Trap (SNMP_VERSION_1, EBufferUsed (&pTargList->context), (sbits8_t *) EBufferStart (&pTargList->context), enterpriseOid.num_components, enterpriseOid.component_list,⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -