blob: aabb7ed86df8e8a814d67b8c8df0dd5cfdc9b242 [file] [log] [blame]
#ifndef SNMPSECMOD_H
#define SNMPSECMOD_H
#ifdef __cplusplus
extern "C" {
#endif
#include <net-snmp/library/snmp_transport.h>
/* Locally defined security models.
* (Net-SNMP enterprise number = 8072)*256 + local_num
*/
#define NETSNMP_SEC_MODEL_KSM 2066432
#define NETSNMP_KSM_SECURITY_MODEL NETSNMP_SEC_MODEL_KSM
#define NETSNMP_TSM_SECURITY_MODEL SNMP_SEC_MODEL_TSM
struct snmp_secmod_def;
/*
* parameter information passed to security model routines
*/
struct snmp_secmod_outgoing_params {
int msgProcModel;
u_char *globalData;
size_t globalDataLen;
int maxMsgSize;
int secModel;
u_char *secEngineID;
size_t secEngineIDLen;
char *secName;
size_t secNameLen;
int secLevel;
u_char *scopedPdu;
size_t scopedPduLen;
void *secStateRef;
u_char *secParams;
size_t *secParamsLen;
u_char **wholeMsg;
size_t *wholeMsgLen;
size_t *wholeMsgOffset;
netsnmp_pdu *pdu; /* IN - the pdu getting encoded */
netsnmp_session *session; /* IN - session sending the message */
};
struct snmp_secmod_incoming_params {
int msgProcModel; /* IN */
size_t maxMsgSize; /* IN - Used to calc maxSizeResponse. */
u_char *secParams; /* IN - BER encoded securityParameters. */
int secModel; /* IN */
int secLevel; /* IN - AuthNoPriv; authPriv etc. */
u_char *wholeMsg; /* IN - Original v3 message. */
size_t wholeMsgLen; /* IN - Msg length. */
u_char *secEngineID; /* OUT - Pointer snmpEngineID. */
size_t *secEngineIDLen; /* IN/OUT - Len available; len returned. */
/*
* NOTE: Memory provided by caller.
*/
char *secName; /* OUT - Pointer to securityName. */
size_t *secNameLen; /* IN/OUT - Len available; len returned. */
u_char **scopedPdu; /* OUT - Pointer to plaintext scopedPdu. */
size_t *scopedPduLen; /* IN/OUT - Len available; len returned. */
size_t *maxSizeResponse; /* OUT - Max size of Response PDU. */
void **secStateRef; /* OUT - Ref to security state. */
netsnmp_session *sess; /* IN - session which got the message */
netsnmp_pdu *pdu; /* IN - the pdu getting parsed */
u_char msg_flags; /* IN - v3 Message flags. */
};
/*
* function pointers:
*/
/*
* free's a given security module's data; called at unregistration time
*/
typedef int (SecmodSessionCallback) (netsnmp_session *);
typedef int (SecmodPduCallback) (netsnmp_pdu *);
typedef int (Secmod2PduCallback) (netsnmp_pdu *, netsnmp_pdu *);
typedef int (SecmodOutMsg) (struct snmp_secmod_outgoing_params *);
typedef int (SecmodInMsg) (struct snmp_secmod_incoming_params *);
typedef void (SecmodFreeState) (void *);
typedef void (SecmodHandleReport) (void *sessp,
netsnmp_transport *transport,
netsnmp_session *,
int result,
netsnmp_pdu *origpdu);
typedef int (SecmodDiscoveryMethod) (void *slp, netsnmp_session *session);
typedef int (SecmodPostDiscovery) (void *slp, netsnmp_session *session);
typedef int (SecmodSessionSetup) (netsnmp_session *in_session,
netsnmp_session *out_session);
/*
* definition of a security module
*/
/*
* all of these callback functions except the encoding and decoding
* routines are optional. The rest of them are available if need.
*/
struct snmp_secmod_def {
/*
* session maniplation functions
*/
SecmodSessionCallback *session_open; /* called in snmp_sess_open() */
SecmodSessionCallback *session_close; /* called in snmp_sess_close() */
SecmodSessionSetup *session_setup;
/*
* pdu manipulation routines
*/
SecmodPduCallback *pdu_free; /* called in free_pdu() */
Secmod2PduCallback *pdu_clone; /* called in snmp_clone_pdu() */
SecmodPduCallback *pdu_timeout; /* called when request timesout */
SecmodFreeState *pdu_free_state_ref; /* frees pdu->securityStateRef */
/*
* de/encoding routines: mandatory
*/
SecmodOutMsg *encode_reverse; /* encode packet back to front */
SecmodOutMsg *encode_forward; /* encode packet forward */
SecmodInMsg *decode; /* decode & validate incoming */
/*
* error and report handling
*/
SecmodHandleReport *handle_report;
/*
* default engineID discovery mechanism
*/
SecmodDiscoveryMethod *probe_engineid;
SecmodPostDiscovery *post_probe_engineid;
};
/*
* internal list
*/
struct snmp_secmod_list {
int securityModel;
struct snmp_secmod_def *secDef;
struct snmp_secmod_list *next;
};
/*
* register a security service
*/
int register_sec_mod(int, const char *,
struct snmp_secmod_def *);
/*
* find a security service definition
*/
NETSNMP_IMPORT
struct snmp_secmod_def *find_sec_mod(int);
/*
* register a security service
*/
int unregister_sec_mod(int); /* register a security service */
void init_secmod(void);
NETSNMP_IMPORT
void shutdown_secmod(void);
/*
* clears the sec_mod list
*/
NETSNMP_IMPORT
void clear_sec_mod(void);
#ifdef __cplusplus
}
#endif
#endif /* SNMPSECMOD_H */