Lines Matching +full:sub +full:- +full:module
1 /*-
79 uint32_t sub __unused, uint32_t iidx __unused, enum snmp_op op) in op_usm_stats()
90 switch (val->var.subs[sub - 1]) { in op_usm_stats()
92 val->v.uint32 = usmstats->unsupported_seclevels; in op_usm_stats()
95 val->v.uint32 = usmstats->not_in_time_windows; in op_usm_stats()
98 val->v.uint32 = usmstats->unknown_users; in op_usm_stats()
101 val->v.uint32 = usmstats->unknown_engine_ids; in op_usm_stats()
104 val->v.uint32 = usmstats->wrong_digests; in op_usm_stats()
107 val->v.uint32 = usmstats->decrypt_errors; in op_usm_stats()
119 uint32_t sub, uint32_t iidx __unused, enum snmp_op op) in op_usm_lock() argument
121 if (val->var.subs[sub - 1] != LEAF_usmUserSpinLock) in op_usm_lock()
128 val->v.integer = usm_lock; in op_usm_lock()
133 if (val->v.integer != usm_lock) in op_usm_lock()
147 uint32_t sub, uint32_t iidx __unused, enum snmp_op op) in op_usm_users() argument
156 if ((uuser = usm_get_user(&val->var, sub)) == NULL) in op_usm_users()
161 if ((uuser = usm_get_next_user(&val->var, sub)) == NULL) in op_usm_users()
163 usm_append_userindex(&val->var, sub, uuser); in op_usm_users()
167 if ((uuser = usm_get_user(&val->var, sub)) == NULL && in op_usm_users()
168 val->var.subs[sub - 1] != LEAF_usmUserStatus && in op_usm_users()
169 val->var.subs[sub - 1] != LEAF_usmUserCloneFrom) in op_usm_users()
177 uuser != NULL && uuser->type == StorageType_readOnly) in op_usm_users()
180 switch (val->var.subs[sub - 1]) { in op_usm_users()
185 if (uuser != NULL || usm_user_index_decode(&val->var, in op_usm_users()
186 sub, eid, &elen, uname) < 0 || in op_usm_users()
187 !(asn_is_suboid(&oid_usmUserSecurityName, &val->v.oid))) in op_usm_users()
189 if ((clone = usm_get_user(&val->v.oid, sub)) == NULL) in op_usm_users()
193 uuser->status = RowStatus_notReady; in op_usm_users()
195 uuser->type = StorageType_volatile; in op_usm_users()
197 uuser->type = StorageType_readOnly; in op_usm_users()
199 uuser->suser.auth_proto = clone->suser.auth_proto; in op_usm_users()
200 uuser->suser.priv_proto = clone->suser.priv_proto; in op_usm_users()
201 memcpy(uuser->suser.auth_key, clone->suser.auth_key, in op_usm_users()
202 sizeof(uuser->suser.auth_key)); in op_usm_users()
203 memcpy(uuser->suser.priv_key, clone->suser.priv_key, in op_usm_users()
204 sizeof(uuser->suser.priv_key)); in op_usm_users()
205 ctx->scratch->int1 = RowStatus_createAndWait; in op_usm_users()
209 ctx->scratch->int1 = uuser->suser.auth_proto; in op_usm_users()
211 &val->v.oid) == 0) in op_usm_users()
212 uuser->suser.auth_proto = SNMP_AUTH_NOAUTH; in op_usm_users()
214 &val->v.oid) == 0) in op_usm_users()
215 uuser->suser.auth_proto = SNMP_AUTH_HMAC_MD5; in op_usm_users()
217 &val->v.oid) == 0) in op_usm_users()
218 uuser->suser.auth_proto = SNMP_AUTH_HMAC_SHA; in op_usm_users()
225 if (val->var.subs[sub - 1] == in op_usm_users()
227 (usm_user == NULL || strcmp(uuser->suser.sec_name, in op_usm_users()
228 usm_user->suser.sec_name) != 0)) in op_usm_users()
230 if (val->v.octetstring.len > SNMP_AUTH_KEY_SIZ) in op_usm_users()
232 ctx->scratch->ptr1 = malloc(SNMP_AUTH_KEY_SIZ); in op_usm_users()
233 if (ctx->scratch->ptr1 == NULL) in op_usm_users()
235 memcpy(ctx->scratch->ptr1, uuser->suser.auth_key, in op_usm_users()
237 memcpy(uuser->suser.auth_key, val->v.octetstring.octets, in op_usm_users()
238 val->v.octetstring.len); in op_usm_users()
242 ctx->scratch->int1 = uuser->suser.priv_proto; in op_usm_users()
244 &val->v.oid) == 0) in op_usm_users()
245 uuser->suser.priv_proto = SNMP_PRIV_NOPRIV; in op_usm_users()
247 &val->v.oid) == 0) in op_usm_users()
248 uuser->suser.priv_proto = SNMP_PRIV_DES; in op_usm_users()
250 &val->v.oid) == 0) in op_usm_users()
251 uuser->suser.priv_proto = SNMP_PRIV_AES; in op_usm_users()
258 if (val->var.subs[sub - 1] == in op_usm_users()
260 (usm_user == NULL || strcmp(uuser->suser.sec_name, in op_usm_users()
261 usm_user->suser.sec_name) != 0)) in op_usm_users()
263 if (val->v.octetstring.len > SNMP_PRIV_KEY_SIZ) in op_usm_users()
265 ctx->scratch->ptr1 = malloc(SNMP_PRIV_KEY_SIZ); in op_usm_users()
266 if (ctx->scratch->ptr1 == NULL) in op_usm_users()
268 memcpy(ctx->scratch->ptr1, uuser->suser.priv_key, in op_usm_users()
269 sizeof(uuser->suser.priv_key)); in op_usm_users()
270 memcpy(uuser->suser.priv_key, val->v.octetstring.octets, in op_usm_users()
271 val->v.octetstring.len); in op_usm_users()
275 if (val->v.octetstring.len > SNMP_ADM_STR32_SIZ) in op_usm_users()
277 if (uuser->user_public_len > 0) { in op_usm_users()
278 ctx->scratch->ptr2 = in op_usm_users()
279 malloc(uuser->user_public_len); in op_usm_users()
280 if (ctx->scratch->ptr2 == NULL) in op_usm_users()
282 memcpy(ctx->scratch->ptr2, uuser->user_public, in op_usm_users()
283 uuser->user_public_len); in op_usm_users()
284 ctx->scratch->int2 = uuser->user_public_len; in op_usm_users()
286 if (val->v.octetstring.len > 0) { in op_usm_users()
287 memcpy(uuser->user_public, in op_usm_users()
288 val->v.octetstring.octets, in op_usm_users()
289 val->v.octetstring.len); in op_usm_users()
290 uuser->user_public_len = val->v.octetstring.len; in op_usm_users()
292 memset(uuser->user_public, 0, in op_usm_users()
293 sizeof(uuser->user_public)); in op_usm_users()
294 uuser->user_public_len = 0; in op_usm_users()
303 if (val->v.integer != RowStatus_createAndWait || in op_usm_users()
304 usm_user_index_decode(&val->var, sub, eid, in op_usm_users()
310 uuser->status = RowStatus_notReady; in op_usm_users()
312 uuser->type = StorageType_volatile; in op_usm_users()
314 uuser->type = StorageType_readOnly; in op_usm_users()
315 } else if (val->v.integer != RowStatus_active && in op_usm_users()
316 val->v.integer != RowStatus_destroy) in op_usm_users()
319 uuser->status = val->v.integer; in op_usm_users()
325 switch (val->var.subs[sub - 1]) { in op_usm_users()
330 free(ctx->scratch->ptr1); in op_usm_users()
333 if (ctx->scratch->ptr2 != NULL) in op_usm_users()
334 free(ctx->scratch->ptr2); in op_usm_users()
337 if (val->v.integer != RowStatus_destroy) in op_usm_users()
339 if ((uuser = usm_get_user(&val->var, sub)) == NULL) in op_usm_users()
349 if ((uuser = usm_get_user(&val->var, sub)) == NULL) in op_usm_users()
351 switch (val->var.subs[sub - 1]) { in op_usm_users()
353 uuser->suser.auth_proto = ctx->scratch->int1; in op_usm_users()
357 memcpy(uuser->suser.auth_key, ctx->scratch->ptr1, in op_usm_users()
358 sizeof(uuser->suser.auth_key)); in op_usm_users()
359 free(ctx->scratch->ptr1); in op_usm_users()
362 uuser->suser.priv_proto = ctx->scratch->int1; in op_usm_users()
366 memcpy(uuser->suser.priv_key, ctx->scratch->ptr1, in op_usm_users()
367 sizeof(uuser->suser.priv_key)); in op_usm_users()
368 free(ctx->scratch->ptr1); in op_usm_users()
371 if (ctx->scratch->ptr2 != NULL) { in op_usm_users()
372 memcpy(uuser->user_public, ctx->scratch->ptr2, in op_usm_users()
373 ctx->scratch->int2); in op_usm_users()
374 uuser->user_public_len = ctx->scratch->int2; in op_usm_users()
375 free(ctx->scratch->ptr2); in op_usm_users()
377 memset(uuser->user_public, 0, in op_usm_users()
378 sizeof(uuser->user_public)); in op_usm_users()
379 uuser->user_public_len = 0; in op_usm_users()
384 if (ctx->scratch->int1 == RowStatus_createAndWait) in op_usm_users()
396 switch (val->var.subs[sub - 1]) { in op_usm_users()
398 return (string_get(val, uuser->suser.sec_name, -1)); in op_usm_users()
400 memcpy(&val->v.oid, &oid_zeroDotZero, sizeof(oid_zeroDotZero)); in op_usm_users()
403 switch (uuser->suser.auth_proto) { in op_usm_users()
405 memcpy(&val->v.oid, &oid_usmHMACMD5AuthProtocol, in op_usm_users()
409 memcpy(&val->v.oid, &oid_usmHMACSHAAuthProtocol, in op_usm_users()
413 memcpy(&val->v.oid, &oid_usmNoAuthProtocol, in op_usm_users()
420 return (string_get(val, (char *)uuser->suser.auth_key, 0)); in op_usm_users()
422 switch (uuser->suser.priv_proto) { in op_usm_users()
424 memcpy(&val->v.oid, &oid_usmDESPrivProtocol, in op_usm_users()
428 memcpy(&val->v.oid, &oid_usmAesCfb128Protocol, in op_usm_users()
432 memcpy(&val->v.oid, &oid_usmNoPrivProtocol, in op_usm_users()
439 return (string_get(val, (char *)uuser->suser.priv_key, 0)); in op_usm_users()
441 return (string_get(val, uuser->user_public, in op_usm_users()
442 uuser->user_public_len)); in op_usm_users()
444 val->v.integer = uuser->type; in op_usm_users()
447 val->v.integer = uuser->status; in op_usm_users()
455 usm_user_index_decode(const struct asn_oid *oid, uint sub, uint8_t *engine, in usm_user_index_decode() argument
461 if (oid->subs[sub] > SNMP_ENGINE_ID_SIZ) in usm_user_index_decode()
462 return (-1); in usm_user_index_decode()
464 for (i = 0; i < oid->subs[sub]; i++) in usm_user_index_decode()
465 engine[i] = oid->subs[sub + i + 1]; in usm_user_index_decode()
468 uname_off = sub + oid->subs[sub] + 1; in usm_user_index_decode()
469 if ((nlen = oid->subs[uname_off]) >= SNMP_ADM_STR32_SIZ) in usm_user_index_decode()
470 return (-1); in usm_user_index_decode()
473 uname[i] = oid->subs[uname_off + i + 1]; in usm_user_index_decode()
480 usm_append_userindex(struct asn_oid *oid, uint sub, in usm_append_userindex() argument
485 oid->len = sub + uuser->user_engine_len + strlen(uuser->suser.sec_name); in usm_append_userindex()
486 oid->len += 2; in usm_append_userindex()
487 oid->subs[sub] = uuser->user_engine_len; in usm_append_userindex()
488 for (i = 1; i < uuser->user_engine_len + 1; i++) in usm_append_userindex()
489 oid->subs[sub + i] = uuser->user_engine_id[i - 1]; in usm_append_userindex()
491 sub += uuser->user_engine_len + 1; in usm_append_userindex()
492 oid->subs[sub] = strlen(uuser->suser.sec_name); in usm_append_userindex()
493 for (i = 1; i <= oid->subs[sub]; i++) in usm_append_userindex()
494 oid->subs[sub + i] = uuser->suser.sec_name[i - 1]; in usm_append_userindex()
498 usm_get_user(const struct asn_oid *oid, uint sub) in usm_get_user() argument
504 if (usm_user_index_decode(oid, sub, engineid, &enginelen, username) < 0) in usm_get_user()
511 usm_get_next_user(const struct asn_oid *oid, uint sub) in usm_get_next_user() argument
518 if (oid->len - sub == 0) in usm_get_next_user()
521 if (usm_user_index_decode(oid, sub, engineid, &enginelen, username) < 0) in usm_get_next_user()
531 * USM snmp module initialization hook.
544 * USM snmp module finalization hook.
556 * USM snmp module start operation.
562 "The MIB module for managing SNMP User-Based Security Model.", in usm_start()
586 usmstats->unsupported_seclevels); in usm_dump()
588 usmstats->not_in_time_windows); in usm_dump()
590 usmstats->unknown_users); in usm_dump()
592 usmstats->unknown_engine_ids); in usm_dump()
594 usmstats->wrong_digests); in usm_dump()
596 usmstats->decrypt_errors); in usm_dump()
602 syslog(LOG_ERR, "user %s\t\t%s, %s", uuser->suser.sec_name, in usm_dump()
603 authstr[uuser->suser.auth_proto], in usm_dump()
604 privstr[uuser->suser.priv_proto]); in usm_dump()
608 "This module implements SNMP User-based Security Model defined in RFC 3414.";