1f06ca4afSHartmut Brandt.\" 2135f7de5SShteryana Shopova.\" Copyright (c) 2010 The FreeBSD Foundation 3135f7de5SShteryana Shopova.\" All rights reserved. 4135f7de5SShteryana Shopova.\" 5135f7de5SShteryana Shopova.\" Portions of this documentation were written by Shteryana Sotirova Shopova 6135f7de5SShteryana Shopova.\" under sponsorship from the FreeBSD Foundation. 7135f7de5SShteryana Shopova.\" 8165c5d31SHartmut Brandt.\" Copyright (c) 2004-2005 9165c5d31SHartmut Brandt.\" Hartmut Brandt. 10165c5d31SHartmut Brandt.\" All rights reserved. 11f06ca4afSHartmut Brandt.\" Copyright (c) 2001-2003 12f06ca4afSHartmut Brandt.\" Fraunhofer Institute for Open Communication Systems (FhG Fokus). 13f06ca4afSHartmut Brandt.\" All rights reserved. 14f06ca4afSHartmut Brandt.\" 154f13bbb6SUlrich Spörlein.\" Author: Harti Brandt <harti@FreeBSD.org> 16f06ca4afSHartmut Brandt.\" 17896052c1SHartmut Brandt.\" Redistribution and use in source and binary forms, with or without 18896052c1SHartmut Brandt.\" modification, are permitted provided that the following conditions 19896052c1SHartmut Brandt.\" are met: 20896052c1SHartmut Brandt.\" 1. Redistributions of source code must retain the above copyright 21896052c1SHartmut Brandt.\" notice, this list of conditions and the following disclaimer. 22f06ca4afSHartmut Brandt.\" 2. Redistributions in binary form must reproduce the above copyright 23f06ca4afSHartmut Brandt.\" notice, this list of conditions and the following disclaimer in the 24f06ca4afSHartmut Brandt.\" documentation and/or other materials provided with the distribution. 25f06ca4afSHartmut Brandt.\" 26896052c1SHartmut Brandt.\" THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27896052c1SHartmut Brandt.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28896052c1SHartmut Brandt.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29896052c1SHartmut Brandt.\" ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 30896052c1SHartmut Brandt.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31896052c1SHartmut Brandt.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32896052c1SHartmut Brandt.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33896052c1SHartmut Brandt.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34896052c1SHartmut Brandt.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35896052c1SHartmut Brandt.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36896052c1SHartmut Brandt.\" SUCH DAMAGE. 37f06ca4afSHartmut Brandt.\" 38165c5d31SHartmut Brandt.\" $Begemot: bsnmp/lib/bsnmplib.3,v 1.9 2005/10/04 08:46:51 brandt_h Exp $ 39f06ca4afSHartmut Brandt.\" 40*84d0b89eSEnji Cooper.Dd December 31, 2016 4194caccb3SHartmut Brandt.Dt BSNMPLIB 3 42f06ca4afSHartmut Brandt.Os 43f06ca4afSHartmut Brandt.Sh NAME 44f06ca4afSHartmut Brandt.Nm snmp_value_free , 45f06ca4afSHartmut Brandt.Nm snmp_value_parse , 46f06ca4afSHartmut Brandt.Nm snmp_value_copy , 47f06ca4afSHartmut Brandt.Nm snmp_pdu_free , 48135f7de5SShteryana Shopova.Nm snmp_pdu_decode , 49135f7de5SShteryana Shopova.Nm snmp_pdu_encode , 50135f7de5SShteryana Shopova.Nm snmp_pdu_decode_header , 51135f7de5SShteryana Shopova.Nm snmp_pdu_decode_scoped , 52135f7de5SShteryana Shopova.Nm snmp_pdu_decode_secmode , 5372cd7a52SShteryana Shopova.Nm snmp_pdu_init_secparams , 54f06ca4afSHartmut Brandt.Nm snmp_pdu_dump , 55135f7de5SShteryana Shopova.Nm snmp_passwd_to_keys , 56135f7de5SShteryana Shopova.Nm snmp_get_local_keys , 57135f7de5SShteryana Shopova.Nm snmp_calc_keychange , 58f06ca4afSHartmut Brandt.Nm TRUTH_MK , 59f06ca4afSHartmut Brandt.Nm TRUTH_GET , 60f06ca4afSHartmut Brandt.Nm TRUTH_OK 61f06ca4afSHartmut Brandt.Nd "SNMP decoding and encoding library" 62f06ca4afSHartmut Brandt.Sh LIBRARY 63f06ca4afSHartmut BrandtBegemot SNMP library 64f06ca4afSHartmut Brandt.Pq libbsnmp, -lbsnmp 65f06ca4afSHartmut Brandt.Sh SYNOPSIS 66f06ca4afSHartmut Brandt.In bsnmp/asn1.h 67f06ca4afSHartmut Brandt.In bsnmp/snmp.h 68f06ca4afSHartmut Brandt.Ft void 69f06ca4afSHartmut Brandt.Fn snmp_value_free "struct snmp_value *value" 70f06ca4afSHartmut Brandt.Ft int 71f06ca4afSHartmut Brandt.Fn snmp_value_parse "const char *buf" "enum snmp_syntax" "union snmp_values *value" 72f06ca4afSHartmut Brandt.Ft int 73f06ca4afSHartmut Brandt.Fn snmp_value_copy "struct snmp_value *to" "const struct snmp_value *from" 74f06ca4afSHartmut Brandt.Ft void 75f06ca4afSHartmut Brandt.Fn snmp_pdu_free "struct snmp_pdu *value" 76f06ca4afSHartmut Brandt.Ft enum snmp_code 77f06ca4afSHartmut Brandt.Fn snmp_pdu_decode "struct asn_buf *buf" "struct snmp_pdu *pdu" "int32_t *ip" 78f06ca4afSHartmut Brandt.Ft enum snmp_code 79f06ca4afSHartmut Brandt.Fn snmp_pdu_encode "struct snmp_pdu *pdu" "struct asn_buf *buf" 80135f7de5SShteryana Shopova.Ft enum snmp_code 81135f7de5SShteryana Shopova.Fn snmp_pdu_decode_header "struct snmp_pdu *pdu" "struct asn_buf *buf" 82135f7de5SShteryana Shopova.Ft enum snmp_code 83135f7de5SShteryana Shopova.Fn snmp_pdu_decode_scoped "struct asn_buf *buf" "struct snmp_pdu *pdu" "int32_t *ip" 84135f7de5SShteryana Shopova.Ft enum snmp_code 85135f7de5SShteryana Shopova.Fn snmp_pdu_decode_secmode "struct asn_buf *buf" "struct snmp_pdu *pdu" 86f06ca4afSHartmut Brandt.Ft void 8772cd7a52SShteryana Shopova.Fn snmp_pdu_init_secparams "struct snmp_pdu *pdu" 8872cd7a52SShteryana Shopova.Ft void 89f06ca4afSHartmut Brandt.Fn snmp_pdu_dump "const struct snmp_pdu *pdu" 90135f7de5SShteryana Shopova.Ft enum snmp_code 91135f7de5SShteryana Shopova.Fn snmp_passwd_to_keys "struct snmp_user *user" "char *passwd" 92135f7de5SShteryana Shopova.Ft enum snmp_code 93135f7de5SShteryana Shopova.Fn snmp_get_local_keys "struct snmp_user *user" "uint8_t *eid" "uint32_t elen" 94135f7de5SShteryana Shopova.Ft enum snmp_code 95135f7de5SShteryana Shopova.Fn snmp_calc_keychange "struct snmp_user *user" "uint8_t *keychange" 96f06ca4afSHartmut Brandt.Ft int 97f06ca4afSHartmut Brandt.Fn TRUTH_MK "F" 98f06ca4afSHartmut Brandt.Ft int 99f06ca4afSHartmut Brandt.Fn TRUTH_GET "T" 100f06ca4afSHartmut Brandt.Ft int 101f06ca4afSHartmut Brandt.Fn TRUTH_OK "T" 102f06ca4afSHartmut Brandt.Sh DESCRIPTION 103135f7de5SShteryana ShopovaThe SNMP library contains routines to handle SNMP version 1, 2 and 3 PDUs. 104135f7de5SShteryana ShopovaThere are several basic structures used throughout the library: 105f06ca4afSHartmut Brandt.Bd -literal -offset indent 106f06ca4afSHartmut Brandtstruct snmp_value { 107f06ca4afSHartmut Brandt struct asn_oid var; 108f06ca4afSHartmut Brandt enum snmp_syntax syntax; 109f06ca4afSHartmut Brandt union snmp_values { 110f06ca4afSHartmut Brandt int32_t integer;/* also integer32 */ 111f06ca4afSHartmut Brandt struct { 112f06ca4afSHartmut Brandt u_int len; 113f06ca4afSHartmut Brandt u_char *octets; 114f06ca4afSHartmut Brandt } octetstring; 115f06ca4afSHartmut Brandt struct asn_oid oid; 116f06ca4afSHartmut Brandt u_char ipaddress[4]; 117165c5d31SHartmut Brandt uint32_t uint32; /* also gauge32, counter32, 118f06ca4afSHartmut Brandt unsigned32, timeticks */ 119165c5d31SHartmut Brandt uint64_t counter64; 120f06ca4afSHartmut Brandt } v; 121f06ca4afSHartmut Brandt}; 122f06ca4afSHartmut Brandt.Ed 123f06ca4afSHartmut Brandt.Pp 124165c5d31SHartmut BrandtThis structure represents one variable binding from an SNMP PDU. 125165c5d31SHartmut BrandtThe field 126f06ca4afSHartmut Brandt.Fa var 127f06ca4afSHartmut Brandtis the ASN.1 of the variable that is bound. 128f06ca4afSHartmut Brandt.Fa syntax 129f06ca4afSHartmut Brandtcontains either the syntax code of the value or an exception code for SNMPv2 130f06ca4afSHartmut Brandtand may be one of: 131f06ca4afSHartmut Brandt.Bd -literal -offset indent 132f06ca4afSHartmut Brandtenum snmp_syntax { 133f06ca4afSHartmut Brandt SNMP_SYNTAX_NULL = 0, 134f06ca4afSHartmut Brandt SNMP_SYNTAX_INTEGER, /* == INTEGER32 */ 135f06ca4afSHartmut Brandt SNMP_SYNTAX_OCTETSTRING, 136f06ca4afSHartmut Brandt SNMP_SYNTAX_OID, 137f06ca4afSHartmut Brandt SNMP_SYNTAX_IPADDRESS, 138f06ca4afSHartmut Brandt SNMP_SYNTAX_COUNTER, 139f06ca4afSHartmut Brandt SNMP_SYNTAX_GAUGE, /* == UNSIGNED32 */ 140f06ca4afSHartmut Brandt SNMP_SYNTAX_TIMETICKS, 141f06ca4afSHartmut Brandt 142f06ca4afSHartmut Brandt /* v2 additions */ 143f06ca4afSHartmut Brandt SNMP_SYNTAX_COUNTER64, 144f06ca4afSHartmut Brandt /* exceptions */ 145f06ca4afSHartmut Brandt SNMP_SYNTAX_NOSUCHOBJECT, 146f06ca4afSHartmut Brandt SNMP_SYNTAX_NOSUCHINSTANCE, 147f06ca4afSHartmut Brandt SNMP_SYNTAX_ENDOFMIBVIEW, 148f06ca4afSHartmut Brandt}; 149f06ca4afSHartmut Brandt.Ed 150f06ca4afSHartmut BrandtThe field 151f06ca4afSHartmut Brandt.Fa v 152f06ca4afSHartmut Brandtholds the actual value depending on 153f06ca4afSHartmut Brandt.Fa syntax . 154f06ca4afSHartmut BrandtNote, that if 155f06ca4afSHartmut Brandt.Fa syntax 156f06ca4afSHartmut Brandtis 157f06ca4afSHartmut Brandt.Li SNMP_SYNTAX_OCTETSTRING 158f06ca4afSHartmut Brandtand 159f06ca4afSHartmut Brandt.Fa v.octetstring.len 160f06ca4afSHartmut Brandtis not zero, 161f06ca4afSHartmut Brandt.Fa v.octetstring.octets 162f06ca4afSHartmut Brandtpoints to a string allocated by 163f06ca4afSHartmut Brandt.Xr malloc 3 . 164135f7de5SShteryana Shopova.Bd -literal -offset indent 165135f7de5SShteryana Shopova#define SNMP_ENGINE_ID_SIZ 32 166135f7de5SShteryana Shopova 167135f7de5SShteryana Shopovastruct snmp_engine { 168135f7de5SShteryana Shopova uint8_t engine_id[SNMP_ENGINE_ID_SIZ]; 169135f7de5SShteryana Shopova uint32_t engine_len; 170135f7de5SShteryana Shopova int32_t engine_boots; 171135f7de5SShteryana Shopova int32_t engine_time; 172135f7de5SShteryana Shopova int32_t max_msg_size; 173135f7de5SShteryana Shopova}; 174135f7de5SShteryana Shopova.Ed 175135f7de5SShteryana Shopova.Pp 176135f7de5SShteryana ShopovaThis structure represents an SNMP engine as specified by the SNMP Management 177135f7de5SShteryana ShopovaArchitecture described in RFC 3411. 178135f7de5SShteryana Shopova.Bd -literal -offset indent 17972cd7a52SShteryana Shopova#define SNMP_ADM_STR32_SIZ (32 + 1) 180135f7de5SShteryana Shopova#define SNMP_AUTH_KEY_SIZ 40 181135f7de5SShteryana Shopova#define SNMP_PRIV_KEY_SIZ 32 182135f7de5SShteryana Shopova 18372cd7a52SShteryana Shopovaenum snmp_usm_level { 18472cd7a52SShteryana Shopova SNMP_noAuthNoPriv = 1, 18572cd7a52SShteryana Shopova SNMP_authNoPriv = 2, 18672cd7a52SShteryana Shopova SNMP_authPriv = 3 18772cd7a52SShteryana Shopova}; 18872cd7a52SShteryana Shopova 189135f7de5SShteryana Shopovastruct snmp_user { 19072cd7a52SShteryana Shopova char sec_name[SNMP_ADM_STR32_SIZ]; 191135f7de5SShteryana Shopova enum snmp_authentication auth_proto; 192135f7de5SShteryana Shopova enum snmp_privacy priv_proto; 193135f7de5SShteryana Shopova uint8_t auth_key[SNMP_AUTH_KEY_SIZ]; 194135f7de5SShteryana Shopova uint8_t priv_key[SNMP_PRIV_KEY_SIZ]; 195135f7de5SShteryana Shopova}; 196135f7de5SShteryana Shopova.Ed 197135f7de5SShteryana Shopova.Pp 198135f7de5SShteryana ShopovaThis structure represents an SNMPv3 user as specified by the User-based 199135f7de5SShteryana ShopovaSecurity Model (USM) described in RFC 3414. The field 200135f7de5SShteryana Shopova.Fa sec_name 201135f7de5SShteryana Shopovais a human readable string containing the security user name. 202135f7de5SShteryana Shopova.Fa auth_proto 203135f7de5SShteryana Shopovacontains the id of the authentication protocol in use by the user and may be one 204135f7de5SShteryana Shopovaof: 205135f7de5SShteryana Shopova.Bd -literal -offset indent 206135f7de5SShteryana Shopovaenum snmp_authentication { 207135f7de5SShteryana Shopova SNMP_AUTH_NOAUTH = 0, 208135f7de5SShteryana Shopova SNMP_AUTH_HMAC_MD5, 209135f7de5SShteryana Shopova SNMP_AUTH_HMAC_SHA 210135f7de5SShteryana Shopova}; 211135f7de5SShteryana Shopova.Ed 212135f7de5SShteryana Shopova.Fa priv_proto 213135f7de5SShteryana Shopovacontains the id of the privacy protocol in use by the user and may be one 214135f7de5SShteryana Shopovaof: 215135f7de5SShteryana Shopova.Bd -literal -offset indent 216135f7de5SShteryana Shopovaenum snmp_privacy { 217135f7de5SShteryana Shopova SNMP_PRIV_NOPRIV = 0, 218135f7de5SShteryana Shopova SNMP_PRIV_DES = 1, 219135f7de5SShteryana Shopova SNMP_PRIV_AES 220135f7de5SShteryana Shopova}; 221135f7de5SShteryana Shopova.Ed 222135f7de5SShteryana Shopova.Fa auth_key 223135f7de5SShteryana Shopovaand 224135f7de5SShteryana Shopova.Fa priv_key 225135f7de5SShteryana Shopovacontain the authentication and privacy keys for the user. 226f06ca4afSHartmut Brandt.Bd -literal -offset indent 227f06ca4afSHartmut Brandt#define SNMP_COMMUNITY_MAXLEN 128 228f06ca4afSHartmut Brandt#define SNMP_MAX_BINDINGS 100 229135f7de5SShteryana Shopova#define SNMP_CONTEXT_NAME_SIZ (32 + 1) 230135f7de5SShteryana Shopova#define SNMP_TIME_WINDOW 150 231135f7de5SShteryana Shopova 232135f7de5SShteryana Shopova#define SNMP_USM_AUTH_SIZE 12 233135f7de5SShteryana Shopova#define SNMP_USM_PRIV_SIZE 8 234135f7de5SShteryana Shopova 235135f7de5SShteryana Shopova#define SNMP_MSG_AUTH_FLAG 0x1 236135f7de5SShteryana Shopova#define SNMP_MSG_PRIV_FLAG 0x2 237135f7de5SShteryana Shopova#define SNMP_MSG_REPORT_FLAG 0x4 238135f7de5SShteryana Shopova 23972cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V1 0 24072cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V2c 1 24172cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V3 3 242f06ca4afSHartmut Brandt 243f06ca4afSHartmut Brandtstruct snmp_pdu { 244f06ca4afSHartmut Brandt char community[SNMP_COMMUNITY_MAXLEN + 1]; 245f06ca4afSHartmut Brandt enum snmp_version version; 246f06ca4afSHartmut Brandt u_int type; 247f06ca4afSHartmut Brandt 248135f7de5SShteryana Shopova /* SNMPv3 PDU header fields */ 249135f7de5SShteryana Shopova int32_t identifier; 250135f7de5SShteryana Shopova uint8_t flags; 251135f7de5SShteryana Shopova int32_t security_model; 252135f7de5SShteryana Shopova struct snmp_engine engine; 253135f7de5SShteryana Shopova 254135f7de5SShteryana Shopova /* Associated USM user parameters */ 255135f7de5SShteryana Shopova struct snmp_user user; 256135f7de5SShteryana Shopova uint8_t msg_digest[SNMP_USM_AUTH_SIZE]; 257135f7de5SShteryana Shopova uint8_t msg_salt[SNMP_USM_PRIV_SIZE]; 258135f7de5SShteryana Shopova 259135f7de5SShteryana Shopova /* View-based Access Model */ 260135f7de5SShteryana Shopova uint32_t context_engine_len; 261135f7de5SShteryana Shopova uint8_t context_engine[SNMP_ENGINE_ID_SIZ]; 262135f7de5SShteryana Shopova char context_name[SNMP_CONTEXT_NAME_SIZ]; 263135f7de5SShteryana Shopova 264f06ca4afSHartmut Brandt /* trap only */ 265f06ca4afSHartmut Brandt struct asn_oid enterprise; 266f06ca4afSHartmut Brandt u_char agent_addr[4]; 267f06ca4afSHartmut Brandt int32_t generic_trap; 268f06ca4afSHartmut Brandt int32_t specific_trap; 269135f7de5SShteryana Shopova uint32_t time_stamp; 270f06ca4afSHartmut Brandt 271f06ca4afSHartmut Brandt /* others */ 272f06ca4afSHartmut Brandt int32_t request_id; 273f06ca4afSHartmut Brandt int32_t error_status; 274f06ca4afSHartmut Brandt int32_t error_index; 275f06ca4afSHartmut Brandt 276f06ca4afSHartmut Brandt /* fixes for encoding */ 277135f7de5SShteryana Shopova size_t outer_len; 278135f7de5SShteryana Shopova size_t scoped_len; 279f06ca4afSHartmut Brandt u_char *outer_ptr; 280135f7de5SShteryana Shopova u_char *digest_ptr; 281135f7de5SShteryana Shopova u_char *encrypted_ptr; 282135f7de5SShteryana Shopova u_char *scoped_ptr; 283f06ca4afSHartmut Brandt u_char *pdu_ptr; 284f06ca4afSHartmut Brandt u_char *vars_ptr; 285f06ca4afSHartmut Brandt 286135f7de5SShteryana Shopova 287f06ca4afSHartmut Brandt struct snmp_value bindings[SNMP_MAX_BINDINGS]; 288f06ca4afSHartmut Brandt u_int nbindings; 289f06ca4afSHartmut Brandt}; 290f06ca4afSHartmut Brandt.Ed 291f06ca4afSHartmut BrandtThis structure contains a decoded SNMP PDU. 292f06ca4afSHartmut Brandt.Fa version 293f06ca4afSHartmut Brandtis one of 294f06ca4afSHartmut Brandt.Bd -literal -offset indent 295f06ca4afSHartmut Brandtenum snmp_version { 296f06ca4afSHartmut Brandt SNMP_Verr = 0, 297f06ca4afSHartmut Brandt SNMP_V1 = 1, 298f06ca4afSHartmut Brandt SNMP_V2c, 299135f7de5SShteryana Shopova SNMP_V3 300f06ca4afSHartmut Brandt}; 301f06ca4afSHartmut Brandt.Ed 302f06ca4afSHartmut Brandtand 303f06ca4afSHartmut Brandt.Fa type 304f06ca4afSHartmut Brandtis the type of the PDU. 305135f7de5SShteryana Shopova.Fa security_model 306135f7de5SShteryana Shopovais the security model used for SNMPv3 PDUs. The only supported 30772cd7a52SShteryana Shopovavalue currently is 3 (User-based Security Model). Additional values for any, 30872cd7a52SShteryana Shopovaunknown, SNMPv1 and SNMPv2c security models are also enumerated 30972cd7a52SShteryana Shopova.Bd -literal -offset indent 31072cd7a52SShteryana Shopovaenum snmp_secmodel { 31172cd7a52SShteryana Shopova SNMP_SECMODEL_ANY = 0, 31272cd7a52SShteryana Shopova SNMP_SECMODEL_SNMPv1 = 1, 31372cd7a52SShteryana Shopova SNMP_SECMODEL_SNMPv2c = 2, 31472cd7a52SShteryana Shopova SNMP_SECMODEL_USM = 3, 31572cd7a52SShteryana Shopova SNMP_SECMODEL_UNKNOWN 31672cd7a52SShteryana Shopova}; 31772cd7a52SShteryana Shopova.Ed 318f06ca4afSHartmut Brandt.Pp 319f06ca4afSHartmut BrandtThe function 320f06ca4afSHartmut Brandt.Fn snmp_value_free 321165c5d31SHartmut Brandtis used to free all the dynamic allocated contents of an SNMP value. 322165c5d31SHartmut BrandtIt does not free the structure pointed to by 323f06ca4afSHartmut Brandt.Fa value 324f06ca4afSHartmut Brandtitself. 325f06ca4afSHartmut Brandt.Pp 326f06ca4afSHartmut BrandtThe function 327f06ca4afSHartmut Brandt.Fn snmp_value_parse 328f06ca4afSHartmut Brandtparses the ASCII representation of an SNMP value into its binary form. 329f06ca4afSHartmut BrandtThis function is mainly used by the configuration file reader of 330165c5d31SHartmut Brandt.Xr bsnmpd 1 . 331f06ca4afSHartmut Brandt.Pp 332f06ca4afSHartmut BrandtThe function 333f06ca4afSHartmut Brandt.Fn snmp_value_copy 334f06ca4afSHartmut Brandtmakes a deep copy of the value pointed to by 335f06ca4afSHartmut Brandt.Fa from 336f06ca4afSHartmut Brandtto the structure pointed to by 337f06ca4afSHartmut Brandt.Fa to . 338f06ca4afSHartmut BrandtIt assumes that 339f06ca4afSHartmut Brandt.Fa to 340165c5d31SHartmut Brandtis uninitialized and will overwrite its previous contents. 341165c5d31SHartmut BrandtIt does not itself allocate the structure pointed to by 342f06ca4afSHartmut Brandt.Fa to . 343f06ca4afSHartmut Brandt.Pp 344f06ca4afSHartmut BrandtThe function 345f06ca4afSHartmut Brandt.Fn snmp_pdu_free 346165c5d31SHartmut Brandtfrees all the dynamically allocated components of the PDU. 347165c5d31SHartmut BrandtIt does not itself free the structure pointed to by 348f06ca4afSHartmut Brandt.Fa pdu . 349f06ca4afSHartmut Brandt.Pp 350f06ca4afSHartmut BrandtThe function 351f06ca4afSHartmut Brandt.Fn snmp_pdu_decode 352f06ca4afSHartmut Brandtdecodes the PDU pointed to by 353f06ca4afSHartmut Brandt.Fa buf 354f06ca4afSHartmut Brandtand stores the result into 355f06ca4afSHartmut Brandt.Fa pdu . 356f06ca4afSHartmut BrandtIf an error occurs in a variable binding the (1 based) index of this binding 357f06ca4afSHartmut Brandtis stored in the variable pointed to by 358f06ca4afSHartmut Brandt.Fa ip . 359f06ca4afSHartmut Brandt.Pp 360f06ca4afSHartmut BrandtThe function 361f06ca4afSHartmut Brandt.Fn snmp_pdu_encode 362f06ca4afSHartmut Brandtencodes the PDU 363f06ca4afSHartmut Brandt.Fa pdu 364135f7de5SShteryana Shopovainto the an octetstring in buffer, and if authentication and privacy are used, 365135f7de5SShteryana Shopovacalculates a message digest and encrypts the PDU data in the buffer 366f06ca4afSHartmut Brandt.Fa buf . 367f06ca4afSHartmut Brandt.Pp 368f06ca4afSHartmut BrandtThe function 369135f7de5SShteryana Shopova.Fn snmp_pdu_decode_header 370135f7de5SShteryana Shopovadecodes the header of the PDU pointed to by 371135f7de5SShteryana Shopova.Fa buf . 372135f7de5SShteryana ShopovaThe uncoded PDU contents remain in the buffer. 373135f7de5SShteryana Shopova.Pp 374135f7de5SShteryana ShopovaThe function 375135f7de5SShteryana Shopova.Fn snmp_pdu_decode_scoped 376135f7de5SShteryana Shopovadecodes the scoped PDU pointed to by 377135f7de5SShteryana Shopova.Fa buf . 378135f7de5SShteryana Shopova.Pp 379135f7de5SShteryana ShopovaThe function 380135f7de5SShteryana Shopova.Fn snmp_pdu_decode_secmode 381135f7de5SShteryana Shopovaverifies the authentication parameter contained in the PDU (if present) and 382135f7de5SShteryana Shopovaif the PDU is encrypted, decrypts the PDU contents pointed to by 383135f7de5SShteryana Shopova.Fa buf . 384*84d0b89eSEnji CooperIf successful, a plain text scoped PDU is stored in the buffer. 385135f7de5SShteryana Shopova.Pp 386135f7de5SShteryana ShopovaThe function 38772cd7a52SShteryana Shopova.Fn snmp_pdu_init_secparams 38872cd7a52SShteryana Shopovacalculates the initialization vector for the privacy protocol in use before 38972cd7a52SShteryana Shopovathe PDU pointed to by 39072cd7a52SShteryana Shopova.Fa pdu 39172cd7a52SShteryana Shopovamay be encrypted or decrypted. 39272cd7a52SShteryana Shopova.Pp 39372cd7a52SShteryana ShopovaThe function 394f06ca4afSHartmut Brandt.Fn snmp_pdu_dump 395f06ca4afSHartmut Brandtdumps the PDU in a human readable form by calling 396f06ca4afSHartmut Brandt.Fn snmp_printf . 397f06ca4afSHartmut Brandt.Pp 398f06ca4afSHartmut BrandtThe function 399135f7de5SShteryana Shopova.Fn snmp_passwd_to_keys 400135f7de5SShteryana Shopovacalculates a binary private authentication key corresponding to a plain text human 401135f7de5SShteryana Shopovareadable password string. The calculated key is placed in the 402135f7de5SShteryana Shopova.Fa auth_key 403135f7de5SShteryana Shopovafield of the 404135f7de5SShteryana Shopova.Fa user . 405135f7de5SShteryana Shopova.Pp 406135f7de5SShteryana ShopovaThe function 407135f7de5SShteryana Shopova.Fn snmp_get_local_keys 408135f7de5SShteryana Shopovacalculates a localazied authentication and privacy keys for a specified SNMPv3 409135f7de5SShteryana Shopovaengine. The calculateds keys are placed in the 410135f7de5SShteryana Shopova.Fa auth_key 411135f7de5SShteryana Shopovaand 412135f7de5SShteryana Shopova.Fa priv_key 413135f7de5SShteryana Shopovafields of the 414135f7de5SShteryana Shopova.Fa user . 415135f7de5SShteryana Shopova.Pp 416135f7de5SShteryana ShopovaThe function 417135f7de5SShteryana Shopova.Fn snmp_calc_keychange 418135f7de5SShteryana Shopovacalculates a binary key change octet string based on the contents of an old and 419135f7de5SShteryana Shopovaa new binary localized key. The rezult is placed in the buffer pointer to by 420135f7de5SShteryana Shopova.Fa keychange 421135f7de5SShteryana Shopovaand may be used by an SNMPv3 user who wishes to change his/her password 422135f7de5SShteryana Shopovaor localized key. 423135f7de5SShteryana Shopova.Pp 424135f7de5SShteryana ShopovaThe function 425f06ca4afSHartmut Brandt.Fn TRUTH_MK 426f06ca4afSHartmut Brandttakes a C truth value (zero or non-zero) and makes an SNMP truth value (2 or 1). 427f06ca4afSHartmut BrandtThe function 428f06ca4afSHartmut Brandt.Fn TRUTH_GET 429f06ca4afSHartmut Brandttakes an SNMP truth value and makes a C truth value (0 or 1). 430f06ca4afSHartmut BrandtThe function 431f06ca4afSHartmut Brandt.Fn TRUTH_OK 432f06ca4afSHartmut Brandtchecks, whether its argument is a legal SNMP truth value. 433f06ca4afSHartmut Brandt.Sh DIAGNOSTICS 434165c5d31SHartmut BrandtWhen an error occurs in any of the function the function pointed to 435f06ca4afSHartmut Brandtby the global pointer 436f06ca4afSHartmut Brandt.Bd -literal -offset indent 437f06ca4afSHartmut Brandtextern void (*snmp_error)(const char *, ...); 438f06ca4afSHartmut Brandt.Ed 439f06ca4afSHartmut Brandt.Pp 440f06ca4afSHartmut Brandtwith a 441f06ca4afSHartmut Brandt.Xr printf 3 442f06ca4afSHartmut Brandtstyle format string. 443f06ca4afSHartmut BrandtThere is a default error handler in the library that prints a message 444f06ca4afSHartmut Brandtstarting with 445f06ca4afSHartmut Brandt.Sq SNMP: 446f06ca4afSHartmut Brandtfollowed by the error message to standard error. 447f06ca4afSHartmut Brandt.Pp 448f06ca4afSHartmut BrandtThe function pointed to by 449f06ca4afSHartmut Brandt.Bd -literal -offset indent 450f06ca4afSHartmut Brandtextern void (*snmp_printf)(const char *, ...); 451f06ca4afSHartmut Brandt.Ed 452f06ca4afSHartmut Brandt.Pp 453f06ca4afSHartmut Brandtis called by the 454f06ca4afSHartmut Brandt.Fn snmp_pdu_dump 455f06ca4afSHartmut Brandtfunction. 456f06ca4afSHartmut BrandtThe default handler is 457f06ca4afSHartmut Brandt.Xr printf 3 . 458f06ca4afSHartmut Brandt.Sh ERRORS 459f06ca4afSHartmut Brandt.Fn snmp_pdu_decode 460f06ca4afSHartmut Brandtwill return one of the following return codes: 461f06ca4afSHartmut Brandt.Bl -tag -width Er 462f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OK 463f06ca4afSHartmut BrandtSuccess. 464f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_FAILED 465f06ca4afSHartmut BrandtThe ASN.1 coding was wrong. 466f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADLEN 467f06ca4afSHartmut BrandtA variable binding value had a wrong length field. 468f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OORANGE 469f06ca4afSHartmut BrandtA variable binding value was out of the allowed range. 470f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADVERS 471f06ca4afSHartmut BrandtThe PDU is of an unsupported version. 472f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADENQ 473f06ca4afSHartmut BrandtThere was an ASN.1 value with an unsupported tag. 474135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_BADSECLEVEL 475135f7de5SShteryana ShopovaThe requested securityLevel contained in the PDU is not supported. 476135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_BADDIGEST 477135f7de5SShteryana ShopovaThe PDU authentication parameter received in the PDU did not match the 478135f7de5SShteryana Shopovacalculated message digest. 479135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_EDECRYPT 480*84d0b89eSEnji CooperError occurred while trying to decrypt the PDU. 481f06ca4afSHartmut Brandt.El 482f06ca4afSHartmut Brandt.Pp 483f06ca4afSHartmut Brandt.Fn snmp_pdu_encode 484f06ca4afSHartmut Brandtwill return one of the following return codes: 485f06ca4afSHartmut Brandt.Bl -tag -width Er 486f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OK 487f06ca4afSHartmut BrandtSuccess. 488f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_FAILED 489f06ca4afSHartmut BrandtEncoding failed. 490f06ca4afSHartmut Brandt.El 491f06ca4afSHartmut Brandt.Sh SEE ALSO 492f06ca4afSHartmut Brandt.Xr gensnmptree 1 , 493165c5d31SHartmut Brandt.Xr bsnmpd 1 , 49494caccb3SHartmut Brandt.Xr bsnmpagent 3 , 495f06ca4afSHartmut Brandt.Xr bsnmpclient 3 , 49694caccb3SHartmut Brandt.Xr bsnmplib 3 497135f7de5SShteryana Shopova.Sh CAVEAT 498135f7de5SShteryana ShopovaThe SNMPv3 message digests, encryption and decryption, and key routines use 499135f7de5SShteryana Shopovathe cryptographic functions from 500135f7de5SShteryana Shopova.Xr crypto 3 . 501135f7de5SShteryana ShopovaThe library may optionally be built without references to the 502135f7de5SShteryana Shopova.Xr crypto 3 503135f7de5SShteryana Shopovalibrary. In such case only plain text SNMPv3 PDUs without message digests 504135f7de5SShteryana Shopovamay be proccessed correctly. 505f06ca4afSHartmut Brandt.Sh STANDARDS 506f06ca4afSHartmut BrandtThis implementation conforms to the applicable IETF RFCs and ITU-T 507f06ca4afSHartmut Brandtrecommendations. 508f06ca4afSHartmut Brandt.Sh AUTHORS 509135f7de5SShteryana ShopovaThe Begemot SNMP library was originally written by 5104f13bbb6SUlrich Spörlein.An Hartmut Brandt Aq harti@FreeBSD.org 511135f7de5SShteryana Shopova.Pp 512135f7de5SShteryana Shopova.An Shteryana Shopova Aq syrinx@FreeBSD.org 513135f7de5SShteryana Shopovaadded support for the SNMPv3 message proccessing and User-Based 514135f7de5SShteryana ShopovaSecurity model message authentication and privacy. 515