| /* Portions of this file are subject to the following copyright(s). See |
| * the Net-SNMP's COPYING file for more details and other copyrights |
| * that may apply: |
| */ |
| /* |
| * Portions of this file are copyrighted by: |
| * Copyright Copyright 2003 Sun Microsystems, Inc. All rights reserved. |
| * Use is subject to license terms specified in the COPYING file |
| * distributed with the Net-SNMP package. |
| */ |
| |
| #include <net-snmp/net-snmp-config.h> |
| |
| #include <stdio.h> |
| #include <sys/types.h> |
| #include <ctype.h> |
| #include <errno.h> |
| |
| #if HAVE_STRING_H |
| #include <string.h> |
| #else |
| #include <strings.h> |
| #endif |
| #if HAVE_STDLIB_H |
| #include <stdlib.h> |
| #endif |
| #if HAVE_UNISTD_H |
| #include <unistd.h> |
| #endif |
| #if HAVE_SYS_SOCKET_H |
| #include <sys/socket.h> |
| #endif |
| #if HAVE_NETINET_IN_H |
| #include <netinet/in.h> |
| #endif |
| #if HAVE_ARPA_INET_H |
| #include <arpa/inet.h> |
| #endif |
| #if HAVE_NETDB_H |
| #include <netdb.h> |
| #endif |
| |
| #if HAVE_WINSOCK_H |
| #include <winsock2.h> |
| #include <ws2tcpip.h> |
| #endif |
| |
| #if HAVE_DMALLOC_H |
| #include <dmalloc.h> |
| #endif |
| |
| #include <net-snmp/types.h> |
| #include <net-snmp/output_api.h> |
| #include <net-snmp/config_api.h> |
| |
| #include <net-snmp/library/snmp_transport.h> |
| #include <net-snmp/library/snmpUDPDomain.h> |
| #include <net-snmp/library/system.h> |
| #include <net-snmp/library/tools.h> |
| |
| #ifndef INADDR_NONE |
| #define INADDR_NONE -1 |
| #endif |
| |
| static netsnmp_tdomain udpDomain; |
| |
| /* |
| * not static, since snmpUDPIPv6Domain needs it, but not public, either. |
| * (ie don't put it in a public header.) |
| */ |
| void _netsnmp_udp_sockopt_set(int fd, int server); |
| |
| /* |
| * Return a string representing the address in data, or else the "far end" |
| * address if data is NULL. |
| */ |
| |
| static char * |
| netsnmp_udp_fmtaddr(netsnmp_transport *t, void *data, int len) |
| { |
| struct sockaddr_in *to = NULL; |
| |
| if (data != NULL && len == sizeof(struct sockaddr_in)) { |
| to = (struct sockaddr_in *) data; |
| } else if (t != NULL && t->data != NULL) { |
| to = (struct sockaddr_in *) t->data; |
| } |
| if (to == NULL) { |
| return strdup("UDP: unknown"); |
| } else { |
| char tmp[64]; |
| |
| sprintf(tmp, "UDP: [%s]:%hu", |
| inet_ntoa(to->sin_addr), ntohs(to->sin_port)); |
| return strdup(tmp); |
| } |
| } |
| |
| |
| |
| /* |
| * You can write something into opaque that will subsequently get passed back |
| * to your send function if you like. For instance, you might want to |
| * remember where a PDU came from, so that you can send a reply there... |
| */ |
| |
| static int |
| netsnmp_udp_recv(netsnmp_transport *t, void *buf, int size, |
| void **opaque, int *olength) |
| { |
| int rc = -1; |
| socklen_t fromlen = sizeof(struct sockaddr); |
| struct sockaddr *from; |
| |
| if (t != NULL && t->sock >= 0) { |
| from = (struct sockaddr *) malloc(sizeof(struct sockaddr_in)); |
| if (from == NULL) { |
| *opaque = NULL; |
| *olength = 0; |
| return -1; |
| } else { |
| memset(from, 0, fromlen); |
| } |
| |
| while (rc < 0) { |
| rc = recvfrom(t->sock, buf, size, 0, from, &fromlen); |
| if (rc < 0 && errno != EINTR) { |
| break; |
| } |
| } |
| |
| if (rc >= 0) { |
| char *str = netsnmp_udp_fmtaddr(NULL, from, fromlen); |
| DEBUGMSGTL(("netsnmp_udp", |
| "recvfrom fd %d got %d bytes (from %s)\n", |
| t->sock, rc, str)); |
| free(str); |
| } else { |
| DEBUGMSGTL(("netsnmp_udp", "recvfrom fd %d err %d (\"%s\")\n", |
| t->sock, errno, strerror(errno))); |
| } |
| *opaque = (void *)from; |
| *olength = sizeof(struct sockaddr_in); |
| } |
| return rc; |
| } |
| |
| |
| |
| static int |
| netsnmp_udp_send(netsnmp_transport *t, void *buf, int size, |
| void **opaque, int *olength) |
| { |
| int rc = -1; |
| struct sockaddr *to = NULL; |
| |
| if (opaque != NULL && *opaque != NULL && |
| *olength == sizeof(struct sockaddr_in)) { |
| to = (struct sockaddr *) (*opaque); |
| } else if (t != NULL && t->data != NULL && |
| t->data_length == sizeof(struct sockaddr_in)) { |
| to = (struct sockaddr *) (t->data); |
| } |
| |
| if (to != NULL && t != NULL && t->sock >= 0) { |
| char *str = netsnmp_udp_fmtaddr(NULL, (void *) to, |
| sizeof(struct sockaddr_in)); |
| DEBUGMSGTL(("netsnmp_udp", "send %d bytes from %p to %s on fd %d\n", |
| size, buf, str, t->sock)); |
| free(str); |
| while (rc < 0) { |
| rc = sendto(t->sock, buf, size, 0, to, sizeof(struct sockaddr)); |
| if (rc < 0 && errno != EINTR) { |
| DEBUGMSGTL(("netsnmp_udp", "sendto error, rc %d (errno %d)\n", |
| rc, errno)); |
| break; |
| } |
| } |
| } |
| return rc; |
| } |
| |
| |
| |
| static int |
| netsnmp_udp_close(netsnmp_transport *t) |
| { |
| int rc = -1; |
| if (t->sock >= 0) { |
| #ifndef HAVE_CLOSESOCKET |
| rc = close(t->sock); |
| #else |
| rc = closesocket(t->sock); |
| #endif |
| t->sock = -1; |
| } |
| return rc; |
| } |
| |
| /* |
| * find largest possible buffer between current size and specified size. |
| * |
| * Try to maximize the current buffer of type "optname" |
| * to the maximum allowable size by the OS (as close to |
| * size as possible) |
| */ |
| static int |
| _sock_buffer_maximize(int s, int optname, const char *buftype, int size) |
| { |
| int curbuf = 0, curbuflen = sizeof(int); |
| int lo, mid, hi; |
| |
| /* |
| * First we need to determine our current buffer |
| */ |
| if ((getsockopt(s, SOL_SOCKET, optname, (void *) &curbuf, |
| &curbuflen) == 0) |
| && (curbuflen == sizeof(int))) { |
| |
| DEBUGMSGTL(("verbose:socket:buffer:max", "Current %s is %d\n", |
| buftype, curbuf)); |
| |
| /* |
| * Let's not be stupid ... if we were asked for less than what we |
| * already have, then forget about it |
| */ |
| if (size <= curbuf) { |
| DEBUGMSGTL(("verbose:socket:buffer:max", |
| "Requested %s <= current buffer\n", buftype)); |
| return curbuf; |
| } |
| |
| /* |
| * Do a binary search the optimal buffer within 1k of the point of |
| * failure. This is rather bruteforce, but simple |
| */ |
| hi = size; |
| lo = curbuf; |
| |
| while (hi - lo > 1024) { |
| mid = (lo + hi) / 2; |
| if (setsockopt(s, SOL_SOCKET, optname, (void *) &mid, |
| sizeof(int)) == 0) { |
| lo = mid; /* Success: search between mid and hi */ |
| } else { |
| hi = mid; /* Failed: search between lo and mid */ |
| } |
| } |
| |
| /* |
| * Now print if this optimization helped or not |
| */ |
| if (getsockopt(s,SOL_SOCKET, optname, (void *) &curbuf, |
| &curbuflen) == 0) { |
| DEBUGMSGTL(("socket:buffer:max", |
| "Maximized %s: %d\n",buftype, curbuf)); |
| } |
| } else { |
| /* |
| * There is really not a lot we can do anymore. |
| * If the OS doesn't give us the current buffer, then what's the |
| * point in trying to make it better |
| */ |
| DEBUGMSGTL(("socket:buffer:max", "Get %s failed ... giving up!\n", |
| buftype)); |
| curbuf = -1; |
| } |
| |
| return curbuf; |
| } |
| |
| |
| static const char * |
| _sock_buf_type_get(int optname, int local) |
| { |
| if (optname == SO_SNDBUF) { |
| if (local) |
| return "server send buffer"; |
| else |
| return "client send buffer"; |
| } else if (optname == SO_RCVBUF) { |
| if (local) |
| return "server receive buffer"; |
| else |
| return "client receive buffer"; |
| } |
| |
| return "unknown buffer"; |
| } |
| |
| /* |
| * |
| * Get the requested buffersize, based on |
| * - sockettype : client (local = 0) or server (local = 1) |
| * - buffertype : send (optname = SO_SNDBUF) or recv (SO_RCVBUF) |
| * |
| * In case a compile time buffer was specified, then use that one |
| * if there was no runtime configuration override |
| */ |
| static int |
| _sock_buffer_size_get(int optname, int local, const char **buftype) |
| { |
| int size; |
| |
| if (NULL != buftype) |
| *buftype = _sock_buf_type_get(optname, local); |
| |
| if (optname == SO_SNDBUF) { |
| if (local) { |
| size = netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_SERVERSENDBUF); |
| #ifdef DEFAULT_SERVER_SEND_BUF |
| if (size <= 0) |
| size = DEFAULT_SERVER_SEND_BUF; |
| #endif |
| } else { |
| size = netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_CLIENTSENDBUF); |
| #ifdef DEFAULT_CLIENT_SEND_BUF |
| if (size <= 0) |
| size = DEFAULT_CLIENT_SEND_BUF; |
| #endif |
| } |
| } else if (optname == SO_RCVBUF) { |
| if (local) { |
| size = netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_SERVERRECVBUF); |
| #ifdef DEFAULT_SERVER_RECV_BUF |
| if (size <= 0) |
| size = DEFAULT_SERVER_RECV_BUF; |
| #endif |
| } else { |
| size = netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_CLIENTRECVBUF); |
| #ifdef DEFAULT_CLIENT_RECV_BUF |
| if (size <= 0) |
| size = DEFAULT_CLIENT_RECV_BUF; |
| #endif |
| } |
| } else { |
| size = 0; |
| } |
| |
| DEBUGMSGTL(("socket:buffer", "Requested %s is %d\n", |
| (buftype) ? *buftype : "unknown buffer", size)); |
| |
| return(size); |
| } |
| |
| /* |
| * set socket buffer size |
| * |
| * @param ss : socket |
| * @param optname: SO_SNDBUF or SO_RCVBUF |
| * @param local : 1 for server, 0 for client |
| * @param reqbuf : requested size, or 0 for default |
| * |
| * @retval -1 : error |
| * @retval >0 : new buffer size |
| */ |
| int |
| netsnmp_sock_buffer_set(int s, int optname, int local, int size) |
| { |
| #if ! defined(SO_SNDBUF) && ! defined(SO_RCVBUF) |
| DEBUGMSGTL(("socket:buffer", "Changing socket buffer is not supported\n")); |
| return -1; |
| #else |
| const char *buftype; |
| int curbuf = 0, curbuflen = sizeof(int); |
| |
| # ifndef SO_SNDBUF |
| if (SO_SNDBUF == optname) { |
| DEBUGMSGTL(("socket:buffer", |
| "Changing socket send buffer is not supported\n")); |
| return -1; |
| } |
| # endif /*SO_SNDBUF */ |
| # ifndef SO_RCVBUF |
| if (SO_RCVBUF == optname) { |
| DEBUGMSGTL(("socket:buffer", |
| "Changing socket receive buffer is not supported\n")); |
| return -1; |
| } |
| # endif /*SO_RCVBUF */ |
| |
| /* |
| * What is the requested buffer size ? |
| */ |
| if (0 == size) |
| size = _sock_buffer_size_get(optname, local, &buftype); |
| else { |
| buftype = _sock_buf_type_get(optname, local); |
| DEBUGMSGT(("verbose:socket:buffer", "Requested %s is %d\n", |
| buftype, size)); |
| } |
| |
| if ((getsockopt(s, SOL_SOCKET, optname, (void *) &curbuf, |
| &curbuflen) == 0) |
| && (curbuflen == sizeof(int))) { |
| |
| DEBUGMSGT(("verbose:socket:buffer", "Original %s is %d\n", |
| buftype, curbuf)); |
| if (curbuf >= size) { |
| DEBUGMSGT(("verbose:socket:buffer", |
| "New %s size is smaller than original!\n", buftype)); |
| } |
| } |
| |
| /* |
| * If the buffersize was not specified or it was a negative value |
| * then don't change the OS buffers at all |
| */ |
| if (size <= 0) { |
| DEBUGMSGT(("socket:buffer", |
| "%s not valid or not specified; using OS default(%d)\n", |
| buftype,curbuf)); |
| return curbuf; |
| } |
| |
| /* |
| * Try to set the requested send buffer |
| */ |
| if (setsockopt(s, SOL_SOCKET, optname, (void *) &size, sizeof(int)) == 0) { |
| /* |
| * Because some platforms lie about the actual buffer that has been |
| * set (Linux will always say it worked ...), we print some |
| * diagnostic output for debugging |
| */ |
| DEBUGIF("socket:buffer") { |
| DEBUGMSGT(("socket:buffer", "Set %s to %d\n", |
| buftype, size)); |
| if ((getsockopt(s, SOL_SOCKET, optname, (void *) &curbuf, |
| &curbuflen) == 0) |
| && (curbuflen == sizeof(int))) { |
| |
| DEBUGMSGT(("verbose:socket:buffer", |
| "Now %s is %d\n", buftype, curbuf)); |
| } |
| } |
| /* |
| * If the new buffer is smaller than the size we requested, we will |
| * try to increment the new buffer with 1k increments |
| * (this will sometime allow us to reach a more optimal buffer.) |
| * For example : On Solaris, if the max OS buffer is 100k and you |
| * request 110k, you end up with the default 8k :-( |
| */ |
| if (curbuf < size) { |
| curbuf = _sock_buffer_maximize(s, optname, buftype, size); |
| if(-1 != curbuf) |
| size = curbuf; |
| } |
| |
| } else { |
| /* |
| * Obviously changing the buffer failed, most like like because we |
| * requested a buffer greater than the OS limit. |
| * Therefore we need to search for an optimal buffer that is close |
| * enough to the point of failure. |
| * This will allow us to reach a more optimal buffer. |
| * For example : On Solaris, if the max OS buffer is 100k and you |
| * request 110k, you end up with the default 8k :-( |
| * After this quick seach we would get 1k close to 100k (the max) |
| */ |
| DEBUGMSGTL(("socket:buffer", "couldn't set %s to %d\n", |
| buftype, size)); |
| |
| curbuf = _sock_buffer_maximize(s, optname, buftype, size); |
| if(-1 != curbuf) |
| size = curbuf; |
| } |
| |
| return size; |
| #endif |
| } |
| |
| /* |
| * Open a UDP-based transport for SNMP. Local is TRUE if addr is the local |
| * address to bind to (i.e. this is a server-type session); otherwise addr is |
| * the remote address to send things to. |
| */ |
| |
| netsnmp_transport * |
| netsnmp_udp_transport(struct sockaddr_in *addr, int local) |
| { |
| netsnmp_transport *t = NULL; |
| int rc = 0; |
| char *str = NULL; |
| char *client_socket = NULL; |
| |
| if (addr == NULL || addr->sin_family != AF_INET) { |
| return NULL; |
| } |
| |
| t = (netsnmp_transport *) malloc(sizeof(netsnmp_transport)); |
| if (t == NULL) { |
| return NULL; |
| } |
| |
| str = netsnmp_udp_fmtaddr(NULL, (void *)addr, |
| sizeof(struct sockaddr_in)); |
| DEBUGMSGTL(("netsnmp_udp", "open %s %s:%d\n", local ? "local" : "remote", |
| str,addr->sin_port)); |
| free(str); |
| |
| memset(t, 0, sizeof(netsnmp_transport)); |
| |
| t->domain = netsnmpUDPDomain; |
| t->domain_length = netsnmpUDPDomain_len; |
| |
| t->sock = socket(PF_INET, SOCK_DGRAM, 0); |
| if (t->sock < 0) { |
| netsnmp_transport_free(t); |
| return NULL; |
| } |
| |
| _netsnmp_udp_sockopt_set(t->sock, local); |
| |
| if (local) { |
| /* |
| * This session is inteneded as a server, so we must bind on to the |
| * given IP address, which may include an interface address, or could |
| * be INADDR_ANY, but certainly includes a port number. |
| */ |
| |
| t->local = malloc(6); |
| if (t->local == NULL) { |
| netsnmp_transport_free(t); |
| return NULL; |
| } |
| memcpy(t->local, (u_char *) & (addr->sin_addr.s_addr), 4); |
| t->local[4] = (htons(addr->sin_port) & 0xff00) >> 8; |
| t->local[5] = (htons(addr->sin_port) & 0x00ff) >> 0; |
| t->local_length = 6; |
| |
| rc = bind(t->sock, (struct sockaddr *) addr, |
| sizeof(struct sockaddr)); |
| if (rc != 0) { |
| netsnmp_udp_close(t); |
| netsnmp_transport_free(t); |
| return NULL; |
| } |
| t->data = NULL; |
| t->data_length = 0; |
| } else { |
| /* |
| * This is a client session. If we've been given a |
| * client address to send from, then bind to that. |
| * Otherwise the send will use "something sensible". |
| */ |
| client_socket = netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_CLIENT_ADDR); |
| if (client_socket) { |
| struct sockaddr_in client_addr; |
| netsnmp_sockaddr_in( &client_addr, client_socket, 0); |
| client_addr.sin_port = 0; |
| bind(t->sock, (struct sockaddr *)&client_addr, |
| sizeof(struct sockaddr)); |
| } |
| /* |
| * Save the (remote) address in the |
| * transport-specific data pointer for later use by netsnmp_udp_send. |
| */ |
| |
| t->data = malloc(sizeof(struct sockaddr_in)); |
| t->remote = malloc(6); |
| if (t->data == NULL || t->remote == NULL) { |
| netsnmp_transport_free(t); |
| return NULL; |
| } |
| memcpy(t->remote, (u_char *) & (addr->sin_addr.s_addr), 4); |
| t->remote[4] = (htons(addr->sin_port) & 0xff00) >> 8; |
| t->remote[5] = (htons(addr->sin_port) & 0x00ff) >> 0; |
| t->remote_length = 6; |
| memcpy(t->data, addr, sizeof(struct sockaddr_in)); |
| t->data_length = sizeof(struct sockaddr_in); |
| } |
| |
| /* |
| * 16-bit length field, 8 byte UDP header, 20 byte IPv4 header |
| */ |
| |
| t->msgMaxSize = 0xffff - 8 - 20; |
| t->f_recv = netsnmp_udp_recv; |
| t->f_send = netsnmp_udp_send; |
| t->f_close = netsnmp_udp_close; |
| t->f_accept = NULL; |
| t->f_fmtaddr = netsnmp_udp_fmtaddr; |
| |
| return t; |
| } |
| |
| |
| void |
| _netsnmp_udp_sockopt_set(int fd, int local) |
| { |
| #ifdef SO_BSDCOMPAT |
| /* |
| * Patch for Linux. Without this, UDP packets that fail get an ICMP |
| * response. Linux turns the failed ICMP response into an error message |
| * and return value, unlike all other OS's. |
| */ |
| if (0 == netsnmp_os_prematch("Linux","2.4")) |
| { |
| int one = 1; |
| DEBUGMSGTL(("socket:option", "setting socket option SO_BSDCOMPAT\n")); |
| setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, (void *) &one, |
| sizeof(one)); |
| } |
| #endif /*SO_BSDCOMPAT */ |
| /* |
| * SO_REUSEADDR will allow multiple apps to open the same port at |
| * the same time. Only the last one to open the socket will get |
| * data. Obviously, for an agent, this is a bad thing. There should |
| * only be one listener. |
| */ |
| #ifdef ALLOW_PORT_HIJACKING |
| #ifdef SO_REUSEADDR |
| /* |
| * Allow the same port to be specified multiple times without failing. |
| * (useful for a listener) |
| */ |
| { |
| int one = 1; |
| DEBUGMSGTL(("socket:option", "setting socket option SO_REUSEADDR\n")); |
| setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (void *) &one, |
| sizeof(one)); |
| } |
| #endif /*SO_REUSEADDR */ |
| #endif |
| |
| /* |
| * Try to set the send and receive buffers to a reasonably large value, so |
| * that we can send and receive big PDUs (defaults to 8192 bytes (!) on |
| * Solaris, for instance). Don't worry too much about errors -- just |
| * plough on regardless. |
| */ |
| netsnmp_sock_buffer_set(fd, SO_SNDBUF, local, 0); |
| netsnmp_sock_buffer_set(fd, SO_RCVBUF, local, 0); |
| } |
| |
| int |
| netsnmp_sockaddr_in(struct sockaddr_in *addr, |
| const char *inpeername, int remote_port) |
| { |
| char *cp = NULL, *peername = NULL; |
| |
| if (addr == NULL) { |
| return 0; |
| } |
| memset(addr, 0, sizeof(struct sockaddr_in)); |
| |
| DEBUGMSGTL(("netsnmp_sockaddr_in", "addr %p, peername \"%s\"\n", |
| addr, inpeername ? inpeername : "[NIL]")); |
| |
| addr->sin_addr.s_addr = htonl(INADDR_ANY); |
| addr->sin_family = AF_INET; |
| if (remote_port > 0) { |
| addr->sin_port = htons((u_short)remote_port); |
| } else if (netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_DEFAULT_PORT) > 0) { |
| addr->sin_port = htons((u_short)netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID, |
| NETSNMP_DS_LIB_DEFAULT_PORT)); |
| } else { |
| addr->sin_port = htons(SNMP_PORT); |
| } |
| |
| if (inpeername != NULL) { |
| /* |
| * Duplicate the peername because we might want to mank around with |
| * it. |
| */ |
| |
| peername = strdup(inpeername); |
| if (peername == NULL) { |
| return 0; |
| } |
| |
| /* |
| * Try and extract an appended port number. |
| */ |
| cp = strchr(peername, ':'); |
| if (cp != NULL) { |
| *cp = '\0'; |
| cp++; |
| if (atoi(cp) != 0) { |
| DEBUGMSGTL(("netsnmp_sockaddr_in", |
| "port number suffix :%d\n", atoi(cp))); |
| addr->sin_port = htons((u_short)atoi(cp)); |
| } |
| } |
| |
| for (cp = peername; *cp && isdigit((int) *cp); cp++); |
| if (!*cp && atoi(peername) != 0) { |
| /* |
| * Okay, it looks like just a port number. |
| */ |
| DEBUGMSGTL(("netsnmp_sockaddr_in", "totally numeric: %d\n", |
| atoi(peername))); |
| addr->sin_port = htons((u_short)atoi(peername)); |
| } else if (inet_addr(peername) != INADDR_NONE) { |
| /* |
| * It looks like an IP address. |
| */ |
| DEBUGMSGTL(("netsnmp_sockaddr_in", "IP address\n")); |
| addr->sin_addr.s_addr = inet_addr(peername); |
| } else { |
| /* |
| * Well, it must be a hostname then. |
| */ |
| #ifdef HAVE_GETHOSTBYNAME |
| struct hostent *hp = gethostbyname(peername); |
| if (hp == NULL) { |
| DEBUGMSGTL(("netsnmp_sockaddr_in", |
| "hostname (couldn't resolve)\n")); |
| free(peername); |
| return 0; |
| } else { |
| if (hp->h_addrtype != AF_INET) { |
| DEBUGMSGTL(("netsnmp_sockaddr_in", |
| "hostname (not AF_INET!)\n")); |
| free(peername); |
| return 0; |
| } else { |
| DEBUGMSGTL(("netsnmp_sockaddr_in", |
| "hostname (resolved okay)\n")); |
| memcpy(&(addr->sin_addr), hp->h_addr, hp->h_length); |
| } |
| } |
| #else /*HAVE_GETHOSTBYNAME */ |
| DEBUGMSGTL(("netsnmp_sockaddr_in", |
| "hostname (no gethostbyname)\n")); |
| free(peername); |
| return 0; |
| #endif /*HAVE_GETHOSTBYNAME */ |
| } |
| } else { |
| DEBUGMSGTL(("netsnmp_sockaddr_in", "NULL peername")); |
| return 0; |
| } |
| DEBUGMSGTL(("netsnmp_sockaddr_in", "return { AF_INET, %s:%hu }\n", |
| inet_ntoa(addr->sin_addr), ntohs(addr->sin_port))); |
| free(peername); |
| return 1; |
| } |
| |
| |
| |
| #if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C) |
| /* |
| * The following functions provide the "com2sec" configuration token |
| * functionality for compatibility. |
| */ |
| |
| #define EXAMPLE_NETWORK "NETWORK" |
| #define EXAMPLE_COMMUNITY "COMMUNITY" |
| |
| typedef struct _com2SecEntry { |
| char community[VACMSTRINGLEN]; |
| unsigned long network; |
| unsigned long mask; |
| char secName[VACMSTRINGLEN]; |
| char contextName[VACMSTRINGLEN]; |
| struct _com2SecEntry *next; |
| } com2SecEntry; |
| |
| com2SecEntry *com2SecList = NULL, *com2SecListLast = NULL; |
| |
| void |
| netsnmp_udp_parse_security(const char *token, char *param) |
| { |
| char secName[VACMSTRINGLEN]; |
| char contextName[VACMSTRINGLEN]; |
| char community[VACMSTRINGLEN]; |
| char source[SNMP_MAXBUF_SMALL]; |
| char *cp = NULL; |
| const char *strmask = NULL; |
| com2SecEntry *e = NULL; |
| in_addr_t network = 0, mask = 0; |
| |
| /* |
| * Get security, source address/netmask and community strings. |
| */ |
| |
| cp = copy_nword( param, secName, sizeof(secName)); |
| if (strcmp(secName, "-Cn") == 0) { |
| if (!cp) { |
| config_perror("missing CONTEXT_NAME parameter"); |
| return; |
| } |
| cp = copy_nword( cp, contextName, sizeof(contextName)); |
| cp = copy_nword( cp, secName, sizeof(secName)); |
| } else { |
| contextName[0] = '\0'; |
| } |
| if (secName[0] == '\0') { |
| config_perror("missing NAME parameter"); |
| return; |
| } else if (strlen(secName) > (VACMSTRINGLEN - 1)) { |
| config_perror("security name too long"); |
| return; |
| } |
| cp = copy_nword( cp, source, sizeof(source)); |
| if (source[0] == '\0') { |
| config_perror("missing SOURCE parameter"); |
| return; |
| } else if (strncmp(source, EXAMPLE_NETWORK, strlen(EXAMPLE_NETWORK)) == |
| 0) { |
| config_perror("example config NETWORK not properly configured"); |
| return; |
| } |
| cp = copy_nword( cp, community, sizeof(community)); |
| if (community[0] == '\0') { |
| config_perror("missing COMMUNITY parameter\n"); |
| return; |
| } else |
| if (strncmp |
| (community, EXAMPLE_COMMUNITY, strlen(EXAMPLE_COMMUNITY)) |
| == 0) { |
| config_perror("example config COMMUNITY not properly configured"); |
| return; |
| } else if (strlen(community) > (VACMSTRINGLEN - 1)) { |
| config_perror("community name too long"); |
| return; |
| } |
| |
| /* |
| * Process the source address/netmask string. |
| */ |
| |
| cp = strchr(source, '/'); |
| if (cp != NULL) { |
| /* |
| * Mask given. |
| */ |
| *cp = '\0'; |
| strmask = cp + 1; |
| } |
| |
| /* |
| * Deal with the network part first. |
| */ |
| |
| if ((strcmp(source, "default") == 0) |
| || (strcmp(source, "0.0.0.0") == 0)) { |
| network = 0; |
| strmask = "0.0.0.0"; |
| } else { |
| /* |
| * Try interpreting as a dotted quad. |
| */ |
| network = inet_addr(source); |
| |
| if (network == (in_addr_t) -1) { |
| /* |
| * Nope, wasn't a dotted quad. Must be a hostname. |
| */ |
| #ifdef HAVE_GETHOSTBYNAME |
| struct hostent *hp = gethostbyname(source); |
| if (hp == NULL) { |
| config_perror("bad source address"); |
| return; |
| } else { |
| if (hp->h_addrtype != AF_INET) { |
| config_perror("no IP address for source hostname"); |
| return; |
| } |
| network = *((in_addr_t *) hp->h_addr); |
| } |
| #else /*HAVE_GETHOSTBYNAME */ |
| /* |
| * Oh dear. |
| */ |
| config_perror("cannot resolve source hostname"); |
| return; |
| #endif /*HAVE_GETHOSTBYNAME */ |
| } |
| } |
| |
| /* |
| * Now work out the mask. |
| */ |
| |
| if (strmask == NULL || *strmask == '\0') { |
| /* |
| * No mask was given. Use 255.255.255.255. |
| */ |
| mask = 0xffffffffL; |
| } else { |
| if (strchr(strmask, '.')) { |
| /* |
| * Try to interpret mask as a dotted quad. |
| */ |
| mask = inet_addr(strmask); |
| if (mask == (in_addr_t) -1 && |
| strncmp(strmask, "255.255.255.255", 15) != 0) { |
| config_perror("bad mask"); |
| return; |
| } |
| } else { |
| /* |
| * Try to interpret mask as a "number of 1 bits". |
| */ |
| int maskLen = atoi(strmask), maskBit = 0x80000000L; |
| if (maskLen <= 0 || maskLen > 32) { |
| config_perror("bad mask length"); |
| return; |
| } |
| while (maskLen--) { |
| mask |= maskBit; |
| maskBit >>= 1; |
| } |
| mask = htonl(mask); |
| } |
| } |
| |
| /* |
| * Check that the network and mask are consistent. |
| */ |
| |
| if (network & ~mask) { |
| config_perror("source/mask mismatch"); |
| return; |
| } |
| |
| e = (com2SecEntry *) malloc(sizeof(com2SecEntry)); |
| if (e == NULL) { |
| config_perror("memory error"); |
| return; |
| } |
| |
| /* |
| * Everything is okay. Copy the parameters to the structure allocated |
| * above and add it to END of the list. |
| */ |
| |
| DEBUGMSGTL(("netsnmp_udp_parse_security", |
| "<\"%s\", 0x%08x/0x%08x> => \"%s\"\n", community, network, |
| mask, secName)); |
| |
| strcpy(e->contextName, contextName); |
| strcpy(e->secName, secName); |
| strcpy(e->community, community); |
| e->network = network; |
| e->mask = mask; |
| e->next = NULL; |
| |
| if (com2SecListLast != NULL) { |
| com2SecListLast->next = e; |
| com2SecListLast = e; |
| } else { |
| com2SecListLast = com2SecList = e; |
| } |
| } |
| |
| |
| void |
| netsnmp_udp_com2SecList_free(void) |
| { |
| com2SecEntry *e = com2SecList; |
| while (e != NULL) { |
| com2SecEntry *tmp = e; |
| e = e->next; |
| free(tmp); |
| } |
| com2SecList = com2SecListLast = NULL; |
| } |
| #endif /* support for community based SNMP */ |
| |
| void |
| netsnmp_udp_agent_config_tokens_register(void) |
| { |
| #if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C) |
| register_app_config_handler("com2sec", netsnmp_udp_parse_security, |
| netsnmp_udp_com2SecList_free, |
| "[-Cn CONTEXT] secName IPv4-network-address[/netmask] community"); |
| #endif /* support for community based SNMP */ |
| } |
| |
| |
| |
| /* |
| * Return 0 if there are no com2sec entries, or return 1 if there ARE com2sec |
| * entries. On return, if a com2sec entry matched the passed parameters, |
| * then *secName points at the appropriate security name, or is NULL if the |
| * parameters did not match any com2sec entry. |
| */ |
| |
| #if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C) |
| int |
| netsnmp_udp_getSecName(void *opaque, int olength, |
| const char *community, |
| size_t community_len, char **secName, |
| char **contextName) |
| { |
| com2SecEntry *c; |
| struct sockaddr_in *from = (struct sockaddr_in *) opaque; |
| char *ztcommunity = NULL; |
| |
| if (secName != NULL) { |
| *secName = NULL; /* Haven't found anything yet */ |
| } |
| |
| /* |
| * Special case if there are NO entries (as opposed to no MATCHING |
| * entries). |
| */ |
| |
| if (com2SecList == NULL) { |
| DEBUGMSGTL(("netsnmp_udp_getSecName", "no com2sec entries\n")); |
| return 0; |
| } |
| |
| /* |
| * If there is no IPv4 source address, then there can be no valid security |
| * name. |
| */ |
| |
| if (opaque == NULL || olength != sizeof(struct sockaddr_in) || |
| from->sin_family != AF_INET) { |
| DEBUGMSGTL(("netsnmp_udp_getSecName", |
| "no IPv4 source address in PDU?\n")); |
| return 1; |
| } |
| |
| DEBUGIF("netsnmp_udp_getSecName") { |
| ztcommunity = (char *)malloc(community_len + 1); |
| if (ztcommunity != NULL) { |
| memcpy(ztcommunity, community, community_len); |
| ztcommunity[community_len] = '\0'; |
| } |
| |
| DEBUGMSGTL(("netsnmp_udp_getSecName", "resolve <\"%s\", 0x%08x>\n", |
| ztcommunity ? ztcommunity : "<malloc error>", |
| from->sin_addr.s_addr)); |
| } |
| |
| for (c = com2SecList; c != NULL; c = c->next) { |
| DEBUGMSGTL(("netsnmp_udp_getSecName","compare <\"%s\", 0x%08x/0x%08x>", |
| c->community, c->network, c->mask)); |
| if ((community_len == strlen(c->community)) && |
| (memcmp(community, c->community, community_len) == 0) && |
| ((from->sin_addr.s_addr & c->mask) == c->network)) { |
| DEBUGMSG(("netsnmp_udp_getSecName", "... SUCCESS\n")); |
| if (secName != NULL) { |
| *secName = c->secName; |
| *contextName = c->contextName; |
| } |
| break; |
| } |
| DEBUGMSG(("netsnmp_udp_getSecName", "... nope\n")); |
| } |
| if (ztcommunity != NULL) { |
| free(ztcommunity); |
| } |
| return 1; |
| } |
| #endif /* support for community based SNMP */ |
| |
| |
| netsnmp_transport * |
| netsnmp_udp_create_tstring(const char *str, int local) |
| { |
| struct sockaddr_in addr; |
| |
| if (netsnmp_sockaddr_in(&addr, str, 0)) { |
| return netsnmp_udp_transport(&addr, local); |
| } else { |
| return NULL; |
| } |
| } |
| |
| |
| netsnmp_transport * |
| netsnmp_udp_create_ostring(const u_char * o, size_t o_len, int local) |
| { |
| struct sockaddr_in addr; |
| |
| if (o_len == 6) { |
| unsigned short porttmp = (o[4] << 8) + o[5]; |
| addr.sin_family = AF_INET; |
| memcpy((u_char *) & (addr.sin_addr.s_addr), o, 4); |
| addr.sin_port = htons(porttmp); |
| return netsnmp_udp_transport(&addr, local); |
| } |
| return NULL; |
| } |
| |
| |
| void |
| netsnmp_udp_ctor(void) |
| { |
| udpDomain.name = netsnmpUDPDomain; |
| udpDomain.name_length = netsnmpUDPDomain_len; |
| udpDomain.prefix = calloc(2, sizeof(char *)); |
| udpDomain.prefix[0] = "udp"; |
| |
| udpDomain.f_create_from_tstring = netsnmp_udp_create_tstring; |
| udpDomain.f_create_from_ostring = netsnmp_udp_create_ostring; |
| |
| netsnmp_tdomain_register(&udpDomain); |
| } |