1f06ca4afSHartmut Brandt.\" 2135f7de5SShteryana Shopova.\" Copyright (c) 2010 The FreeBSD Foundation 3135f7de5SShteryana Shopova.\" All rights reserved. 4135f7de5SShteryana Shopova.\" 5135f7de5SShteryana Shopova.\" Portions of this documentation were written by Shteryana Sotirova Shopova 6135f7de5SShteryana Shopova.\" under sponsorship from the FreeBSD Foundation. 7135f7de5SShteryana Shopova.\" 8165c5d31SHartmut Brandt.\" Copyright (c) 2004-2005 9165c5d31SHartmut Brandt.\" Hartmut Brandt. 10165c5d31SHartmut Brandt.\" All rights reserved. 11f06ca4afSHartmut Brandt.\" Copyright (c) 2001-2003 12f06ca4afSHartmut Brandt.\" Fraunhofer Institute for Open Communication Systems (FhG Fokus). 13f06ca4afSHartmut Brandt.\" All rights reserved. 14f06ca4afSHartmut Brandt.\" 154f13bbb6SUlrich Spörlein.\" Author: Harti Brandt <harti@FreeBSD.org> 16f06ca4afSHartmut Brandt.\" 17896052c1SHartmut Brandt.\" Redistribution and use in source and binary forms, with or without 18896052c1SHartmut Brandt.\" modification, are permitted provided that the following conditions 19896052c1SHartmut Brandt.\" are met: 20896052c1SHartmut Brandt.\" 1. Redistributions of source code must retain the above copyright 21896052c1SHartmut Brandt.\" notice, this list of conditions and the following disclaimer. 22f06ca4afSHartmut Brandt.\" 2. Redistributions in binary form must reproduce the above copyright 23f06ca4afSHartmut Brandt.\" notice, this list of conditions and the following disclaimer in the 24f06ca4afSHartmut Brandt.\" documentation and/or other materials provided with the distribution. 25f06ca4afSHartmut Brandt.\" 26896052c1SHartmut Brandt.\" THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27896052c1SHartmut Brandt.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28896052c1SHartmut Brandt.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29896052c1SHartmut Brandt.\" ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 30896052c1SHartmut Brandt.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31896052c1SHartmut Brandt.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32896052c1SHartmut Brandt.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33896052c1SHartmut Brandt.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34896052c1SHartmut Brandt.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35896052c1SHartmut Brandt.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36896052c1SHartmut Brandt.\" SUCH DAMAGE. 37f06ca4afSHartmut Brandt.\" 38165c5d31SHartmut Brandt.\" $Begemot: bsnmp/lib/bsnmplib.3,v 1.9 2005/10/04 08:46:51 brandt_h Exp $ 39f06ca4afSHartmut Brandt.\" 40*72cd7a52SShteryana Shopova.Dd December 19, 2010 4194caccb3SHartmut Brandt.Dt BSNMPLIB 3 42f06ca4afSHartmut Brandt.Os 43f06ca4afSHartmut Brandt.Sh NAME 44f06ca4afSHartmut Brandt.Nm snmp_value_free , 45f06ca4afSHartmut Brandt.Nm snmp_value_parse , 46f06ca4afSHartmut Brandt.Nm snmp_value_copy , 47f06ca4afSHartmut Brandt.Nm snmp_pdu_free , 48135f7de5SShteryana Shopova.Nm snmp_pdu_decode , 49135f7de5SShteryana Shopova.Nm snmp_pdu_encode , 50135f7de5SShteryana Shopova.Nm snmp_pdu_decode_header , 51135f7de5SShteryana Shopova.Nm snmp_pdu_decode_scoped , 52135f7de5SShteryana Shopova.Nm snmp_pdu_decode_secmode , 53*72cd7a52SShteryana Shopova.Nm snmp_pdu_init_secparams , 54f06ca4afSHartmut Brandt.Nm snmp_pdu_dump , 55135f7de5SShteryana Shopova.Nm snmp_passwd_to_keys , 56135f7de5SShteryana Shopova.Nm snmp_get_local_keys , 57135f7de5SShteryana Shopova.Nm snmp_calc_keychange , 58f06ca4afSHartmut Brandt.Nm TRUTH_MK , 59f06ca4afSHartmut Brandt.Nm TRUTH_GET , 60f06ca4afSHartmut Brandt.Nm TRUTH_OK 61f06ca4afSHartmut Brandt.Nd "SNMP decoding and encoding library" 62f06ca4afSHartmut Brandt.Sh LIBRARY 63f06ca4afSHartmut BrandtBegemot SNMP library 64f06ca4afSHartmut Brandt.Pq libbsnmp, -lbsnmp 65f06ca4afSHartmut Brandt.Sh SYNOPSIS 66f06ca4afSHartmut Brandt.In bsnmp/asn1.h 67f06ca4afSHartmut Brandt.In bsnmp/snmp.h 68f06ca4afSHartmut Brandt.Ft void 69f06ca4afSHartmut Brandt.Fn snmp_value_free "struct snmp_value *value" 70f06ca4afSHartmut Brandt.Ft int 71f06ca4afSHartmut Brandt.Fn snmp_value_parse "const char *buf" "enum snmp_syntax" "union snmp_values *value" 72f06ca4afSHartmut Brandt.Ft int 73f06ca4afSHartmut Brandt.Fn snmp_value_copy "struct snmp_value *to" "const struct snmp_value *from" 74f06ca4afSHartmut Brandt.Ft void 75f06ca4afSHartmut Brandt.Fn snmp_pdu_free "struct snmp_pdu *value" 76f06ca4afSHartmut Brandt.Ft enum snmp_code 77f06ca4afSHartmut Brandt.Fn snmp_pdu_decode "struct asn_buf *buf" "struct snmp_pdu *pdu" "int32_t *ip" 78f06ca4afSHartmut Brandt.Ft enum snmp_code 79f06ca4afSHartmut Brandt.Fn snmp_pdu_encode "struct snmp_pdu *pdu" "struct asn_buf *buf" 80135f7de5SShteryana Shopova.Ft enum snmp_code 81135f7de5SShteryana Shopova.Fn snmp_pdu_decode_header "struct snmp_pdu *pdu" "struct asn_buf *buf" 82135f7de5SShteryana Shopova.Ft enum snmp_code 83135f7de5SShteryana Shopova.Fn snmp_pdu_decode_scoped "struct asn_buf *buf" "struct snmp_pdu *pdu" "int32_t *ip" 84135f7de5SShteryana Shopova.Ft enum snmp_code 85135f7de5SShteryana Shopova.Fn snmp_pdu_decode_secmode "struct asn_buf *buf" "struct snmp_pdu *pdu" 86f06ca4afSHartmut Brandt.Ft void 87*72cd7a52SShteryana Shopova.Fn snmp_pdu_init_secparams "struct snmp_pdu *pdu" 88*72cd7a52SShteryana Shopova.Ft void 89f06ca4afSHartmut Brandt.Fn snmp_pdu_dump "const struct snmp_pdu *pdu" 90135f7de5SShteryana Shopova.Ft enum snmp_code 91135f7de5SShteryana Shopova.Fn snmp_passwd_to_keys "struct snmp_user *user" "char *passwd" 92135f7de5SShteryana Shopova.Ft enum snmp_code 93135f7de5SShteryana Shopova.Fn snmp_get_local_keys "struct snmp_user *user" "uint8_t *eid" "uint32_t elen" 94135f7de5SShteryana Shopova.Ft enum snmp_code 95135f7de5SShteryana Shopova.Fn snmp_calc_keychange "struct snmp_user *user" "uint8_t *keychange" 96f06ca4afSHartmut Brandt.Ft int 97f06ca4afSHartmut Brandt.Fn TRUTH_MK "F" 98f06ca4afSHartmut Brandt.Ft int 99f06ca4afSHartmut Brandt.Fn TRUTH_GET "T" 100f06ca4afSHartmut Brandt.Ft int 101f06ca4afSHartmut Brandt.Fn TRUTH_OK "T" 102f06ca4afSHartmut Brandt.Sh DESCRIPTION 103135f7de5SShteryana ShopovaThe SNMP library contains routines to handle SNMP version 1, 2 and 3 PDUs. 104135f7de5SShteryana ShopovaThere are several basic structures used throughout the library: 105f06ca4afSHartmut Brandt.Bd -literal -offset indent 106f06ca4afSHartmut Brandtstruct snmp_value { 107f06ca4afSHartmut Brandt struct asn_oid var; 108f06ca4afSHartmut Brandt enum snmp_syntax syntax; 109f06ca4afSHartmut Brandt union snmp_values { 110f06ca4afSHartmut Brandt int32_t integer;/* also integer32 */ 111f06ca4afSHartmut Brandt struct { 112f06ca4afSHartmut Brandt u_int len; 113f06ca4afSHartmut Brandt u_char *octets; 114f06ca4afSHartmut Brandt } octetstring; 115f06ca4afSHartmut Brandt struct asn_oid oid; 116f06ca4afSHartmut Brandt u_char ipaddress[4]; 117165c5d31SHartmut Brandt uint32_t uint32; /* also gauge32, counter32, 118f06ca4afSHartmut Brandt unsigned32, timeticks */ 119165c5d31SHartmut Brandt uint64_t counter64; 120f06ca4afSHartmut Brandt } v; 121f06ca4afSHartmut Brandt}; 122f06ca4afSHartmut Brandt.Ed 123f06ca4afSHartmut Brandt.Pp 124165c5d31SHartmut BrandtThis structure represents one variable binding from an SNMP PDU. 125165c5d31SHartmut BrandtThe field 126f06ca4afSHartmut Brandt.Fa var 127f06ca4afSHartmut Brandtis the ASN.1 of the variable that is bound. 128f06ca4afSHartmut Brandt.Fa syntax 129f06ca4afSHartmut Brandtcontains either the syntax code of the value or an exception code for SNMPv2 130f06ca4afSHartmut Brandtand may be one of: 131f06ca4afSHartmut Brandt.Bd -literal -offset indent 132f06ca4afSHartmut Brandtenum snmp_syntax { 133f06ca4afSHartmut Brandt SNMP_SYNTAX_NULL = 0, 134f06ca4afSHartmut Brandt SNMP_SYNTAX_INTEGER, /* == INTEGER32 */ 135f06ca4afSHartmut Brandt SNMP_SYNTAX_OCTETSTRING, 136f06ca4afSHartmut Brandt SNMP_SYNTAX_OID, 137f06ca4afSHartmut Brandt SNMP_SYNTAX_IPADDRESS, 138f06ca4afSHartmut Brandt SNMP_SYNTAX_COUNTER, 139f06ca4afSHartmut Brandt SNMP_SYNTAX_GAUGE, /* == UNSIGNED32 */ 140f06ca4afSHartmut Brandt SNMP_SYNTAX_TIMETICKS, 141f06ca4afSHartmut Brandt 142f06ca4afSHartmut Brandt /* v2 additions */ 143f06ca4afSHartmut Brandt SNMP_SYNTAX_COUNTER64, 144f06ca4afSHartmut Brandt /* exceptions */ 145f06ca4afSHartmut Brandt SNMP_SYNTAX_NOSUCHOBJECT, 146f06ca4afSHartmut Brandt SNMP_SYNTAX_NOSUCHINSTANCE, 147f06ca4afSHartmut Brandt SNMP_SYNTAX_ENDOFMIBVIEW, 148f06ca4afSHartmut Brandt}; 149f06ca4afSHartmut Brandt.Ed 150f06ca4afSHartmut BrandtThe field 151f06ca4afSHartmut Brandt.Fa v 152f06ca4afSHartmut Brandtholds the actual value depending on 153f06ca4afSHartmut Brandt.Fa syntax . 154f06ca4afSHartmut BrandtNote, that if 155f06ca4afSHartmut Brandt.Fa syntax 156f06ca4afSHartmut Brandtis 157f06ca4afSHartmut Brandt.Li SNMP_SYNTAX_OCTETSTRING 158f06ca4afSHartmut Brandtand 159f06ca4afSHartmut Brandt.Fa v.octetstring.len 160f06ca4afSHartmut Brandtis not zero, 161f06ca4afSHartmut Brandt.Fa v.octetstring.octets 162f06ca4afSHartmut Brandtpoints to a string allocated by 163f06ca4afSHartmut Brandt.Xr malloc 3 . 164135f7de5SShteryana Shopova.Pp 165135f7de5SShteryana Shopova.Bd -literal -offset indent 166135f7de5SShteryana Shopova#define SNMP_ENGINE_ID_SIZ 32 167135f7de5SShteryana Shopova 168135f7de5SShteryana Shopovastruct snmp_engine { 169135f7de5SShteryana Shopova uint8_t engine_id[SNMP_ENGINE_ID_SIZ]; 170135f7de5SShteryana Shopova uint32_t engine_len; 171135f7de5SShteryana Shopova int32_t engine_boots; 172135f7de5SShteryana Shopova int32_t engine_time; 173135f7de5SShteryana Shopova int32_t max_msg_size; 174135f7de5SShteryana Shopova}; 175135f7de5SShteryana Shopova.Ed 176135f7de5SShteryana Shopova.Pp 177135f7de5SShteryana ShopovaThis structure represents an SNMP engine as specified by the SNMP Management 178135f7de5SShteryana ShopovaArchitecture described in RFC 3411. 179135f7de5SShteryana Shopova.Pp 180135f7de5SShteryana Shopova.Bd -literal -offset indent 181*72cd7a52SShteryana Shopova#define SNMP_ADM_STR32_SIZ (32 + 1) 182135f7de5SShteryana Shopova#define SNMP_AUTH_KEY_SIZ 40 183135f7de5SShteryana Shopova#define SNMP_PRIV_KEY_SIZ 32 184135f7de5SShteryana Shopova 185*72cd7a52SShteryana Shopovaenum snmp_usm_level { 186*72cd7a52SShteryana Shopova SNMP_noAuthNoPriv = 1, 187*72cd7a52SShteryana Shopova SNMP_authNoPriv = 2, 188*72cd7a52SShteryana Shopova SNMP_authPriv = 3 189*72cd7a52SShteryana Shopova}; 190*72cd7a52SShteryana Shopova 191135f7de5SShteryana Shopovastruct snmp_user { 192*72cd7a52SShteryana Shopova char sec_name[SNMP_ADM_STR32_SIZ]; 193135f7de5SShteryana Shopova enum snmp_authentication auth_proto; 194135f7de5SShteryana Shopova enum snmp_privacy priv_proto; 195135f7de5SShteryana Shopova uint8_t auth_key[SNMP_AUTH_KEY_SIZ]; 196135f7de5SShteryana Shopova uint8_t priv_key[SNMP_PRIV_KEY_SIZ]; 197135f7de5SShteryana Shopova}; 198135f7de5SShteryana Shopova.Ed 199135f7de5SShteryana Shopova.Pp 200135f7de5SShteryana ShopovaThis structure represents an SNMPv3 user as specified by the User-based 201135f7de5SShteryana ShopovaSecurity Model (USM) described in RFC 3414. The field 202135f7de5SShteryana Shopova.Fa sec_name 203135f7de5SShteryana Shopovais a human readable string containing the security user name. 204135f7de5SShteryana Shopova.Fa auth_proto 205135f7de5SShteryana Shopovacontains the id of the authentication protocol in use by the user and may be one 206135f7de5SShteryana Shopovaof: 207135f7de5SShteryana Shopova.Bd -literal -offset indent 208135f7de5SShteryana Shopovaenum snmp_authentication { 209135f7de5SShteryana Shopova SNMP_AUTH_NOAUTH = 0, 210135f7de5SShteryana Shopova SNMP_AUTH_HMAC_MD5, 211135f7de5SShteryana Shopova SNMP_AUTH_HMAC_SHA 212135f7de5SShteryana Shopova}; 213135f7de5SShteryana Shopova.Ed 214135f7de5SShteryana Shopova.Fa priv_proto 215135f7de5SShteryana Shopovacontains the id of the privacy protocol in use by the user and may be one 216135f7de5SShteryana Shopovaof: 217135f7de5SShteryana Shopova.Bd -literal -offset indent 218135f7de5SShteryana Shopovaenum snmp_privacy { 219135f7de5SShteryana Shopova SNMP_PRIV_NOPRIV = 0, 220135f7de5SShteryana Shopova SNMP_PRIV_DES = 1, 221135f7de5SShteryana Shopova SNMP_PRIV_AES 222135f7de5SShteryana Shopova}; 223135f7de5SShteryana Shopova.Ed 224135f7de5SShteryana Shopova.Fa auth_key 225135f7de5SShteryana Shopovaand 226135f7de5SShteryana Shopova.Fa priv_key 227135f7de5SShteryana Shopovacontain the authentication and privacy keys for the user. 228135f7de5SShteryana Shopova.Pp 229f06ca4afSHartmut Brandt.Bd -literal -offset indent 230f06ca4afSHartmut Brandt#define SNMP_COMMUNITY_MAXLEN 128 231f06ca4afSHartmut Brandt#define SNMP_MAX_BINDINGS 100 232135f7de5SShteryana Shopova#define SNMP_CONTEXT_NAME_SIZ (32 + 1) 233135f7de5SShteryana Shopova#define SNMP_TIME_WINDOW 150 234135f7de5SShteryana Shopova 235135f7de5SShteryana Shopova#define SNMP_USM_AUTH_SIZE 12 236135f7de5SShteryana Shopova#define SNMP_USM_PRIV_SIZE 8 237135f7de5SShteryana Shopova 238135f7de5SShteryana Shopova#define SNMP_MSG_AUTH_FLAG 0x1 239135f7de5SShteryana Shopova#define SNMP_MSG_PRIV_FLAG 0x2 240135f7de5SShteryana Shopova#define SNMP_MSG_REPORT_FLAG 0x4 241135f7de5SShteryana Shopova 242*72cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V1 0 243*72cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V2c 1 244*72cd7a52SShteryana Shopova#define SNMP_MPM_SNMP_V3 3 245f06ca4afSHartmut Brandt 246f06ca4afSHartmut Brandtstruct snmp_pdu { 247f06ca4afSHartmut Brandt char community[SNMP_COMMUNITY_MAXLEN + 1]; 248f06ca4afSHartmut Brandt enum snmp_version version; 249f06ca4afSHartmut Brandt u_int type; 250f06ca4afSHartmut Brandt 251135f7de5SShteryana Shopova /* SNMPv3 PDU header fields */ 252135f7de5SShteryana Shopova int32_t identifier; 253135f7de5SShteryana Shopova uint8_t flags; 254135f7de5SShteryana Shopova int32_t security_model; 255135f7de5SShteryana Shopova struct snmp_engine engine; 256135f7de5SShteryana Shopova 257135f7de5SShteryana Shopova /* Associated USM user parameters */ 258135f7de5SShteryana Shopova struct snmp_user user; 259135f7de5SShteryana Shopova uint8_t msg_digest[SNMP_USM_AUTH_SIZE]; 260135f7de5SShteryana Shopova uint8_t msg_salt[SNMP_USM_PRIV_SIZE]; 261135f7de5SShteryana Shopova 262135f7de5SShteryana Shopova /* View-based Access Model */ 263135f7de5SShteryana Shopova uint32_t context_engine_len; 264135f7de5SShteryana Shopova uint8_t context_engine[SNMP_ENGINE_ID_SIZ]; 265135f7de5SShteryana Shopova char context_name[SNMP_CONTEXT_NAME_SIZ]; 266135f7de5SShteryana Shopova 267f06ca4afSHartmut Brandt /* trap only */ 268f06ca4afSHartmut Brandt struct asn_oid enterprise; 269f06ca4afSHartmut Brandt u_char agent_addr[4]; 270f06ca4afSHartmut Brandt int32_t generic_trap; 271f06ca4afSHartmut Brandt int32_t specific_trap; 272135f7de5SShteryana Shopova uint32_t time_stamp; 273f06ca4afSHartmut Brandt 274f06ca4afSHartmut Brandt /* others */ 275f06ca4afSHartmut Brandt int32_t request_id; 276f06ca4afSHartmut Brandt int32_t error_status; 277f06ca4afSHartmut Brandt int32_t error_index; 278f06ca4afSHartmut Brandt 279f06ca4afSHartmut Brandt /* fixes for encoding */ 280135f7de5SShteryana Shopova size_t outer_len; 281135f7de5SShteryana Shopova size_t scoped_len; 282f06ca4afSHartmut Brandt u_char *outer_ptr; 283135f7de5SShteryana Shopova u_char *digest_ptr; 284135f7de5SShteryana Shopova u_char *encrypted_ptr; 285135f7de5SShteryana Shopova u_char *scoped_ptr; 286f06ca4afSHartmut Brandt u_char *pdu_ptr; 287f06ca4afSHartmut Brandt u_char *vars_ptr; 288f06ca4afSHartmut Brandt 289135f7de5SShteryana Shopova 290f06ca4afSHartmut Brandt struct snmp_value bindings[SNMP_MAX_BINDINGS]; 291f06ca4afSHartmut Brandt u_int nbindings; 292f06ca4afSHartmut Brandt}; 293f06ca4afSHartmut Brandt.Ed 294f06ca4afSHartmut BrandtThis structure contains a decoded SNMP PDU. 295f06ca4afSHartmut Brandt.Fa version 296f06ca4afSHartmut Brandtis one of 297f06ca4afSHartmut Brandt.Bd -literal -offset indent 298f06ca4afSHartmut Brandtenum snmp_version { 299f06ca4afSHartmut Brandt SNMP_Verr = 0, 300f06ca4afSHartmut Brandt SNMP_V1 = 1, 301f06ca4afSHartmut Brandt SNMP_V2c, 302135f7de5SShteryana Shopova SNMP_V3 303f06ca4afSHartmut Brandt}; 304f06ca4afSHartmut Brandt.Ed 305f06ca4afSHartmut Brandtand 306f06ca4afSHartmut Brandt.Fa type 307f06ca4afSHartmut Brandtis the type of the PDU. 308135f7de5SShteryana Shopova.Fa security_model 309135f7de5SShteryana Shopovais the security model used for SNMPv3 PDUs. The only supported 310*72cd7a52SShteryana Shopovavalue currently is 3 (User-based Security Model). Additional values for any, 311*72cd7a52SShteryana Shopovaunknown, SNMPv1 and SNMPv2c security models are also enumerated 312*72cd7a52SShteryana Shopova.Bd -literal -offset indent 313*72cd7a52SShteryana Shopovaenum snmp_secmodel { 314*72cd7a52SShteryana Shopova SNMP_SECMODEL_ANY = 0, 315*72cd7a52SShteryana Shopova SNMP_SECMODEL_SNMPv1 = 1, 316*72cd7a52SShteryana Shopova SNMP_SECMODEL_SNMPv2c = 2, 317*72cd7a52SShteryana Shopova SNMP_SECMODEL_USM = 3, 318*72cd7a52SShteryana Shopova SNMP_SECMODEL_UNKNOWN 319*72cd7a52SShteryana Shopova}; 320*72cd7a52SShteryana Shopova.Ed 321f06ca4afSHartmut Brandt.Pp 322f06ca4afSHartmut BrandtThe function 323f06ca4afSHartmut Brandt.Fn snmp_value_free 324165c5d31SHartmut Brandtis used to free all the dynamic allocated contents of an SNMP value. 325165c5d31SHartmut BrandtIt does not free the structure pointed to by 326f06ca4afSHartmut Brandt.Fa value 327f06ca4afSHartmut Brandtitself. 328f06ca4afSHartmut Brandt.Pp 329f06ca4afSHartmut BrandtThe function 330f06ca4afSHartmut Brandt.Fn snmp_value_parse 331f06ca4afSHartmut Brandtparses the ASCII representation of an SNMP value into its binary form. 332f06ca4afSHartmut BrandtThis function is mainly used by the configuration file reader of 333165c5d31SHartmut Brandt.Xr bsnmpd 1 . 334f06ca4afSHartmut Brandt.Pp 335f06ca4afSHartmut BrandtThe function 336f06ca4afSHartmut Brandt.Fn snmp_value_copy 337f06ca4afSHartmut Brandtmakes a deep copy of the value pointed to by 338f06ca4afSHartmut Brandt.Fa from 339f06ca4afSHartmut Brandtto the structure pointed to by 340f06ca4afSHartmut Brandt.Fa to . 341f06ca4afSHartmut BrandtIt assumes that 342f06ca4afSHartmut Brandt.Fa to 343165c5d31SHartmut Brandtis uninitialized and will overwrite its previous contents. 344165c5d31SHartmut BrandtIt does not itself allocate the structure pointed to by 345f06ca4afSHartmut Brandt.Fa to . 346f06ca4afSHartmut Brandt.Pp 347f06ca4afSHartmut BrandtThe function 348f06ca4afSHartmut Brandt.Fn snmp_pdu_free 349165c5d31SHartmut Brandtfrees all the dynamically allocated components of the PDU. 350165c5d31SHartmut BrandtIt does not itself free the structure pointed to by 351f06ca4afSHartmut Brandt.Fa pdu . 352f06ca4afSHartmut Brandt.Pp 353f06ca4afSHartmut BrandtThe function 354f06ca4afSHartmut Brandt.Fn snmp_pdu_decode 355f06ca4afSHartmut Brandtdecodes the PDU pointed to by 356f06ca4afSHartmut Brandt.Fa buf 357f06ca4afSHartmut Brandtand stores the result into 358f06ca4afSHartmut Brandt.Fa pdu . 359f06ca4afSHartmut BrandtIf an error occurs in a variable binding the (1 based) index of this binding 360f06ca4afSHartmut Brandtis stored in the variable pointed to by 361f06ca4afSHartmut Brandt.Fa ip . 362f06ca4afSHartmut Brandt.Pp 363f06ca4afSHartmut BrandtThe function 364f06ca4afSHartmut Brandt.Fn snmp_pdu_encode 365f06ca4afSHartmut Brandtencodes the PDU 366f06ca4afSHartmut Brandt.Fa pdu 367135f7de5SShteryana Shopovainto the an octetstring in buffer, and if authentication and privacy are used, 368135f7de5SShteryana Shopovacalculates a message digest and encrypts the PDU data in the buffer 369f06ca4afSHartmut Brandt.Fa buf . 370f06ca4afSHartmut Brandt.Pp 371f06ca4afSHartmut BrandtThe function 372135f7de5SShteryana Shopova.Fn snmp_pdu_decode_header 373135f7de5SShteryana Shopovadecodes the header of the PDU pointed to by 374135f7de5SShteryana Shopova.Fa buf . 375135f7de5SShteryana ShopovaThe uncoded PDU contents remain in the buffer. 376135f7de5SShteryana Shopova.Pp 377135f7de5SShteryana ShopovaThe function 378135f7de5SShteryana Shopova.Fn snmp_pdu_decode_scoped 379135f7de5SShteryana Shopovadecodes the scoped PDU pointed to by 380135f7de5SShteryana Shopova.Fa buf . 381135f7de5SShteryana Shopova.Pp 382135f7de5SShteryana ShopovaThe function 383135f7de5SShteryana Shopova.Fn snmp_pdu_decode_secmode 384135f7de5SShteryana Shopovaverifies the authentication parameter contained in the PDU (if present) and 385135f7de5SShteryana Shopovaif the PDU is encrypted, decrypts the PDU contents pointed to by 386135f7de5SShteryana Shopova.Fa buf . 387135f7de5SShteryana ShopovaIf successfull, a plain text scoped PDU is stored in the buffer. 388135f7de5SShteryana Shopova.Pp 389135f7de5SShteryana ShopovaThe function 390*72cd7a52SShteryana Shopova.Fn snmp_pdu_init_secparams 391*72cd7a52SShteryana Shopovacalculates the initialization vector for the privacy protocol in use before 392*72cd7a52SShteryana Shopovathe PDU pointed to by 393*72cd7a52SShteryana Shopova.Fa pdu 394*72cd7a52SShteryana Shopovamay be encrypted or decrypted. 395*72cd7a52SShteryana Shopova.Pp 396*72cd7a52SShteryana ShopovaThe function 397f06ca4afSHartmut Brandt.Fn snmp_pdu_dump 398f06ca4afSHartmut Brandtdumps the PDU in a human readable form by calling 399f06ca4afSHartmut Brandt.Fn snmp_printf . 400f06ca4afSHartmut Brandt.Pp 401f06ca4afSHartmut BrandtThe function 402135f7de5SShteryana Shopova.Fn snmp_passwd_to_keys 403135f7de5SShteryana Shopovacalculates a binary private authentication key corresponding to a plain text human 404135f7de5SShteryana Shopovareadable password string. The calculated key is placed in the 405135f7de5SShteryana Shopova.Fa auth_key 406135f7de5SShteryana Shopovafield of the 407135f7de5SShteryana Shopova.Fa user . 408135f7de5SShteryana Shopova.Pp 409135f7de5SShteryana ShopovaThe function 410135f7de5SShteryana Shopova.Fn snmp_get_local_keys 411135f7de5SShteryana Shopovacalculates a localazied authentication and privacy keys for a specified SNMPv3 412135f7de5SShteryana Shopovaengine. The calculateds keys are placed in the 413135f7de5SShteryana Shopova.Fa auth_key 414135f7de5SShteryana Shopovaand 415135f7de5SShteryana Shopova.Fa priv_key 416135f7de5SShteryana Shopovafields of the 417135f7de5SShteryana Shopova.Fa user . 418135f7de5SShteryana Shopova.Pp 419135f7de5SShteryana ShopovaThe function 420135f7de5SShteryana Shopova.Fn snmp_calc_keychange 421135f7de5SShteryana Shopovacalculates a binary key change octet string based on the contents of an old and 422135f7de5SShteryana Shopovaa new binary localized key. The rezult is placed in the buffer pointer to by 423135f7de5SShteryana Shopova.Fa keychange 424135f7de5SShteryana Shopovaand may be used by an SNMPv3 user who wishes to change his/her password 425135f7de5SShteryana Shopovaor localized key. 426135f7de5SShteryana Shopova.Pp 427135f7de5SShteryana ShopovaThe function 428f06ca4afSHartmut Brandt.Fn TRUTH_MK 429f06ca4afSHartmut Brandttakes a C truth value (zero or non-zero) and makes an SNMP truth value (2 or 1). 430f06ca4afSHartmut BrandtThe function 431f06ca4afSHartmut Brandt.Fn TRUTH_GET 432f06ca4afSHartmut Brandttakes an SNMP truth value and makes a C truth value (0 or 1). 433f06ca4afSHartmut BrandtThe function 434f06ca4afSHartmut Brandt.Fn TRUTH_OK 435f06ca4afSHartmut Brandtchecks, whether its argument is a legal SNMP truth value. 436f06ca4afSHartmut Brandt.Sh DIAGNOSTICS 437165c5d31SHartmut BrandtWhen an error occurs in any of the function the function pointed to 438f06ca4afSHartmut Brandtby the global pointer 439f06ca4afSHartmut Brandt.Bd -literal -offset indent 440f06ca4afSHartmut Brandtextern void (*snmp_error)(const char *, ...); 441f06ca4afSHartmut Brandt.Ed 442f06ca4afSHartmut Brandt.Pp 443f06ca4afSHartmut Brandtwith a 444f06ca4afSHartmut Brandt.Xr printf 3 445f06ca4afSHartmut Brandtstyle format string. 446f06ca4afSHartmut BrandtThere is a default error handler in the library that prints a message 447f06ca4afSHartmut Brandtstarting with 448f06ca4afSHartmut Brandt.Sq SNMP: 449f06ca4afSHartmut Brandtfollowed by the error message to standard error. 450f06ca4afSHartmut Brandt.Pp 451f06ca4afSHartmut BrandtThe function pointed to by 452f06ca4afSHartmut Brandt.Bd -literal -offset indent 453f06ca4afSHartmut Brandtextern void (*snmp_printf)(const char *, ...); 454f06ca4afSHartmut Brandt.Ed 455f06ca4afSHartmut Brandt.Pp 456f06ca4afSHartmut Brandtis called by the 457f06ca4afSHartmut Brandt.Fn snmp_pdu_dump 458f06ca4afSHartmut Brandtfunction. 459f06ca4afSHartmut BrandtThe default handler is 460f06ca4afSHartmut Brandt.Xr printf 3 . 461f06ca4afSHartmut Brandt.Sh ERRORS 462f06ca4afSHartmut Brandt.Fn snmp_pdu_decode 463f06ca4afSHartmut Brandtwill return one of the following return codes: 464f06ca4afSHartmut Brandt.Bl -tag -width Er 465f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OK 466f06ca4afSHartmut BrandtSuccess. 467f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_FAILED 468f06ca4afSHartmut BrandtThe ASN.1 coding was wrong. 469f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADLEN 470f06ca4afSHartmut BrandtA variable binding value had a wrong length field. 471f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OORANGE 472f06ca4afSHartmut BrandtA variable binding value was out of the allowed range. 473f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADVERS 474f06ca4afSHartmut BrandtThe PDU is of an unsupported version. 475f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_BADENQ 476f06ca4afSHartmut BrandtThere was an ASN.1 value with an unsupported tag. 477135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_BADSECLEVEL 478135f7de5SShteryana ShopovaThe requested securityLevel contained in the PDU is not supported. 479135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_BADDIGEST 480135f7de5SShteryana ShopovaThe PDU authentication parameter received in the PDU did not match the 481135f7de5SShteryana Shopovacalculated message digest. 482135f7de5SShteryana Shopova.It Bq Er SNMP_CODE_EDECRYPT 483135f7de5SShteryana ShopovaError occured while trying to decrypt the PDU. 484f06ca4afSHartmut Brandt.El 485f06ca4afSHartmut Brandt.Pp 486f06ca4afSHartmut Brandt.Fn snmp_pdu_encode 487f06ca4afSHartmut Brandtwill return one of the following return codes: 488f06ca4afSHartmut Brandt.Bl -tag -width Er 489f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_OK 490f06ca4afSHartmut BrandtSuccess. 491f06ca4afSHartmut Brandt.It Bq Er SNMP_CODE_FAILED 492f06ca4afSHartmut BrandtEncoding failed. 493f06ca4afSHartmut Brandt.El 494f06ca4afSHartmut Brandt.Sh SEE ALSO 495f06ca4afSHartmut Brandt.Xr gensnmptree 1 , 496165c5d31SHartmut Brandt.Xr bsnmpd 1 , 49794caccb3SHartmut Brandt.Xr bsnmpagent 3 , 498f06ca4afSHartmut Brandt.Xr bsnmpclient 3 , 49994caccb3SHartmut Brandt.Xr bsnmplib 3 500135f7de5SShteryana Shopova.Sh CAVEAT 501135f7de5SShteryana ShopovaThe SNMPv3 message digests, encryption and decryption, and key routines use 502135f7de5SShteryana Shopovathe cryptographic functions from 503135f7de5SShteryana Shopova.Xr crypto 3 . 504135f7de5SShteryana ShopovaThe library may optionally be built without references to the 505135f7de5SShteryana Shopova.Xr crypto 3 506135f7de5SShteryana Shopovalibrary. In such case only plain text SNMPv3 PDUs without message digests 507135f7de5SShteryana Shopovamay be proccessed correctly. 508f06ca4afSHartmut Brandt.Sh STANDARDS 509f06ca4afSHartmut BrandtThis implementation conforms to the applicable IETF RFCs and ITU-T 510f06ca4afSHartmut Brandtrecommendations. 511f06ca4afSHartmut Brandt.Sh AUTHORS 512135f7de5SShteryana ShopovaThe Begemot SNMP library was originally written by 5134f13bbb6SUlrich Spörlein.An Hartmut Brandt Aq harti@FreeBSD.org 514135f7de5SShteryana Shopova.Pp 515135f7de5SShteryana Shopova.An Shteryana Shopova Aq syrinx@FreeBSD.org 516135f7de5SShteryana Shopovaadded support for the SNMPv3 message proccessing and User-Based 517135f7de5SShteryana ShopovaSecurity model message authentication and privacy. 518