xref: /freebsd/contrib/bsnmp/lib/snmpclient.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 2004-2005
3  *	Hartmut Brandt.
4  *	All rights reserved.
5  * Copyright (c) 2001-2003
6  *	Fraunhofer Institute for Open Communication Systems (FhG Fokus).
7  *	All rights reserved.
8  *
9  * Author: Harti Brandt <harti@freebsd.org>
10  *         Kendy Kutzner
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  *
33  * $Begemot: bsnmp/lib/snmpclient.c,v 1.36 2005/10/06 07:14:58 brandt_h Exp $
34  *
35  * Support functions for SNMP clients.
36  */
37 #include <sys/types.h>
38 #include <sys/time.h>
39 #include <sys/queue.h>
40 #include <sys/socket.h>
41 #include <sys/un.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <stddef.h>
45 #include <stdarg.h>
46 #include <string.h>
47 #include <errno.h>
48 #include <unistd.h>
49 #include <fcntl.h>
50 #include <netdb.h>
51 #ifdef HAVE_STDINT_H
52 #include <stdint.h>
53 #elif defined(HAVE_INTTYPES_H)
54 #include <inttypes.h>
55 #endif
56 #include <limits.h>
57 #ifdef HAVE_ERR_H
58 #include <err.h>
59 #endif
60 
61 #include "support.h"
62 #include "asn1.h"
63 #include "snmp.h"
64 #include "snmpclient.h"
65 #include "snmppriv.h"
66 
67 /* global context */
68 struct snmp_client snmp_client;
69 
70 /* List of all outstanding requests */
71 struct sent_pdu {
72 	int		reqid;
73 	struct snmp_pdu	*pdu;
74 	struct timeval	time;
75 	u_int		retrycount;
76 	snmp_send_cb_f	callback;
77 	void		*arg;
78 	void		*timeout_id;
79 	LIST_ENTRY(sent_pdu) entries;
80 };
81 LIST_HEAD(sent_pdu_list, sent_pdu);
82 
83 static struct sent_pdu_list sent_pdus;
84 
85 /*
86  * Prototype table entry. All C-structure produced by the table function must
87  * start with these two fields. This relies on the fact, that all TAILQ_ENTRY
88  * are compatible with each other in the sense implied by ANSI-C.
89  */
90 struct entry {
91 	TAILQ_ENTRY(entry)	link;
92 	uint64_t		found;
93 };
94 TAILQ_HEAD(table, entry);
95 
96 /*
97  * working list entry. This list is used to hold the Index part of the
98  * table row's. The entry list and the work list parallel each other.
99  */
100 struct work {
101 	TAILQ_ENTRY(work)	link;
102 	struct asn_oid		index;
103 };
104 TAILQ_HEAD(worklist, work);
105 
106 /*
107  * Table working data
108  */
109 struct tabwork {
110 	const struct snmp_table *descr;
111 	struct table	*table;
112 	struct worklist	worklist;
113 	uint32_t	last_change;
114 	int		first;
115 	u_int		iter;
116 	snmp_table_cb_f	callback;
117 	void		*arg;
118 	struct snmp_pdu	pdu;
119 };
120 
121 /*
122  * Set the error string
123  */
124 static void
125 seterr(struct snmp_client *sc, const char *fmt, ...)
126 {
127 	va_list ap;
128 
129 	va_start(ap, fmt);
130 	vsnprintf(sc->error, sizeof(sc->error), fmt, ap);
131 	va_end(ap);
132 }
133 
134 /*
135  * Free the entire table and work list. If table is NULL only the worklist
136  * is freed.
137  */
138 static void
139 table_free(struct tabwork *work, int all)
140 {
141 	struct work *w;
142 	struct entry *e;
143 	const struct snmp_table_entry *d;
144 	u_int i;
145 
146 	while ((w = TAILQ_FIRST(&work->worklist)) != NULL) {
147 		TAILQ_REMOVE(&work->worklist, w, link);
148 		free(w);
149 	}
150 
151 	if (all == 0)
152 		return;
153 
154 	while ((e = TAILQ_FIRST(work->table)) != NULL) {
155 		for (i = 0; work->descr->entries[i].syntax != SNMP_SYNTAX_NULL;
156 		    i++) {
157 			d = &work->descr->entries[i];
158 			if (d->syntax == SNMP_SYNTAX_OCTETSTRING &&
159 			    (e->found & ((uint64_t)1 << i)))
160 				free(*(void **)(void *)
161 				    ((u_char *)e + d->offset));
162 		}
163 		TAILQ_REMOVE(work->table, e, link);
164 		free(e);
165 	}
166 }
167 
168 /*
169  * Find the correct table entry for the given variable. If non exists,
170  * create one.
171  */
172 static struct entry *
173 table_find(struct tabwork *work, const struct asn_oid *var)
174 {
175 	struct entry *e, *e1;
176 	struct work *w, *w1;
177 	u_int i, p, j;
178 	size_t len;
179 	u_char *ptr;
180 	struct asn_oid oid;
181 
182 	/* get index */
183 	asn_slice_oid(&oid, var, work->descr->table.len + 2, var->len);
184 
185 	e = TAILQ_FIRST(work->table);
186 	w = TAILQ_FIRST(&work->worklist);
187 	while (e != NULL) {
188 		if (asn_compare_oid(&w->index, &oid) == 0)
189 			return (e);
190 		e = TAILQ_NEXT(e, link);
191 		w = TAILQ_NEXT(w, link);
192 	}
193 
194 	/* Not found create new one */
195 	if ((e = malloc(work->descr->entry_size)) == NULL) {
196 		seterr(&snmp_client, "no memory for table entry");
197 		return (NULL);
198 	}
199 	if ((w = malloc(sizeof(*w))) == NULL) {
200 		seterr(&snmp_client, "no memory for table entry");
201 		free(e);
202 		return (NULL);
203 	}
204 	w->index = oid;
205 	memset(e, 0, work->descr->entry_size);
206 
207 	/* decode index */
208 	p = work->descr->table.len + 2;
209 	for (i = 0; i < work->descr->index_size; i++) {
210 		switch (work->descr->entries[i].syntax) {
211 
212 		  case SNMP_SYNTAX_INTEGER:
213 			if (var->len < p + 1) {
214 				seterr(&snmp_client, "bad index: need integer");
215 				goto err;
216 			}
217 			if (var->subs[p] > INT32_MAX) {
218 				seterr(&snmp_client,
219 				    "bad index: integer too large");
220 				goto err;
221 			}
222 			*(int32_t *)(void *)((u_char *)e +
223 			    work->descr->entries[i].offset) = var->subs[p++];
224 			break;
225 
226 		  case SNMP_SYNTAX_OCTETSTRING:
227 			if (var->len < p + 1) {
228 				seterr(&snmp_client,
229 				    "bad index: need string length");
230 				goto err;
231 			}
232 			len = var->subs[p++];
233 			if (var->len < p + len) {
234 				seterr(&snmp_client,
235 				    "bad index: string too short");
236 				goto err;
237 			}
238 			if ((ptr = malloc(len + 1)) == NULL) {
239 				seterr(&snmp_client,
240 				    "no memory for index string");
241 				goto err;
242 			}
243 			for (j = 0; j < len; j++) {
244 				if (var->subs[p] > UCHAR_MAX) {
245 					seterr(&snmp_client,
246 					    "bad index: char too large");
247 					free(ptr);
248 					goto err;
249 				}
250 				ptr[j] = var->subs[p++];
251 			}
252 			ptr[j] = '\0';
253 			*(u_char **)(void *)((u_char *)e +
254 			    work->descr->entries[i].offset) = ptr;
255 			*(size_t *)(void *)((u_char *)e +
256 			    work->descr->entries[i].offset + sizeof(u_char *))
257 			    = len;
258 			break;
259 
260 		  case SNMP_SYNTAX_OID:
261 			if (var->len < p + 1) {
262 				seterr(&snmp_client,
263 				    "bad index: need oid length");
264 				goto err;
265 			}
266 			oid.len = var->subs[p++];
267 			if (var->len < p + oid.len) {
268 				seterr(&snmp_client,
269 				    "bad index: oid too short");
270 				goto err;
271 			}
272 			for (j = 0; j < oid.len; j++)
273 				oid.subs[j] = var->subs[p++];
274 			*(struct asn_oid *)(void *)((u_char *)e +
275 			    work->descr->entries[i].offset) = oid;
276 			break;
277 
278 		  case SNMP_SYNTAX_IPADDRESS:
279 			if (var->len < p + 4) {
280 				seterr(&snmp_client,
281 				    "bad index: need ip-address");
282 				goto err;
283 			}
284 			for (j = 0; j < 4; j++) {
285 				if (var->subs[p] > 0xff) {
286 					seterr(&snmp_client,
287 					    "bad index: ipaddress too large");
288 					goto err;
289 				}
290 				((u_char *)e +
291 				    work->descr->entries[i].offset)[j] =
292 				    var->subs[p++];
293 			}
294 			break;
295 
296 		  case SNMP_SYNTAX_GAUGE:
297 			if (var->len < p + 1) {
298 				seterr(&snmp_client,
299 				    "bad index: need unsigned");
300 				goto err;
301 			}
302 			if (var->subs[p] > UINT32_MAX) {
303 				seterr(&snmp_client,
304 				    "bad index: unsigned too large");
305 				goto err;
306 			}
307 			*(uint32_t *)(void *)((u_char *)e +
308 			    work->descr->entries[i].offset) = var->subs[p++];
309 			break;
310 
311 		  case SNMP_SYNTAX_COUNTER:
312 		  case SNMP_SYNTAX_TIMETICKS:
313 		  case SNMP_SYNTAX_COUNTER64:
314 		  case SNMP_SYNTAX_NULL:
315 		  case SNMP_SYNTAX_NOSUCHOBJECT:
316 		  case SNMP_SYNTAX_NOSUCHINSTANCE:
317 		  case SNMP_SYNTAX_ENDOFMIBVIEW:
318 			abort();
319 		}
320 		e->found |= (uint64_t)1 << i;
321 	}
322 
323 	/* link into the correct place */
324 	e1 = TAILQ_FIRST(work->table);
325 	w1 = TAILQ_FIRST(&work->worklist);
326 	while (e1 != NULL) {
327 		if (asn_compare_oid(&w1->index, &w->index) > 0)
328 			break;
329 		e1 = TAILQ_NEXT(e1, link);
330 		w1 = TAILQ_NEXT(w1, link);
331 	}
332 	if (e1 == NULL) {
333 		TAILQ_INSERT_TAIL(work->table, e, link);
334 		TAILQ_INSERT_TAIL(&work->worklist, w, link);
335 	} else {
336 		TAILQ_INSERT_BEFORE(e1, e, link);
337 		TAILQ_INSERT_BEFORE(w1, w, link);
338 	}
339 
340 	return (e);
341 
342   err:
343 	/*
344 	 * Error happend. Free all octet string index parts and the entry
345 	 * itself.
346 	 */
347 	for (i = 0; i < work->descr->index_size; i++) {
348 		if (work->descr->entries[i].syntax == SNMP_SYNTAX_OCTETSTRING &&
349 		    (e->found & ((uint64_t)1 << i)))
350 			free(*(void **)(void *)((u_char *)e +
351 			    work->descr->entries[i].offset));
352 	}
353 	free(e);
354 	free(w);
355 	return (NULL);
356 }
357 
358 /*
359  * Assign the value
360  */
361 static int
362 table_value(const struct snmp_table *descr, struct entry *e,
363     const struct snmp_value *b)
364 {
365 	u_int i;
366 	u_char *ptr;
367 
368 	for (i = descr->index_size;
369 	    descr->entries[i].syntax != SNMP_SYNTAX_NULL; i++)
370 		if (descr->entries[i].subid ==
371 		    b->var.subs[descr->table.len + 1])
372 			break;
373 	if (descr->entries[i].syntax == SNMP_SYNTAX_NULL)
374 		return (0);
375 
376 	/* check syntax */
377 	if (b->syntax != descr->entries[i].syntax) {
378 		seterr(&snmp_client, "bad syntax (%u instead of %u)", b->syntax,
379 		    descr->entries[i].syntax);
380 		return (-1);
381 	}
382 
383 	switch (b->syntax) {
384 
385 	  case SNMP_SYNTAX_INTEGER:
386 		*(int32_t *)(void *)((u_char *)e + descr->entries[i].offset) =
387 		    b->v.integer;
388 		break;
389 
390 	  case SNMP_SYNTAX_OCTETSTRING:
391 		if ((ptr = malloc(b->v.octetstring.len + 1)) == NULL) {
392 			seterr(&snmp_client, "no memory for string");
393 			return (-1);
394 		}
395 		memcpy(ptr, b->v.octetstring.octets, b->v.octetstring.len);
396 		ptr[b->v.octetstring.len] = '\0';
397 		*(u_char **)(void *)((u_char *)e + descr->entries[i].offset) =
398 		    ptr;
399 		*(size_t *)(void *)((u_char *)e + descr->entries[i].offset +
400 		    sizeof(u_char *)) = b->v.octetstring.len;
401 		break;
402 
403 	  case SNMP_SYNTAX_OID:
404 		*(struct asn_oid *)(void *)((u_char *)e + descr->entries[i].offset) =
405 		    b->v.oid;
406 		break;
407 
408 	  case SNMP_SYNTAX_IPADDRESS:
409 		memcpy((u_char *)e + descr->entries[i].offset,
410 		    b->v.ipaddress, 4);
411 		break;
412 
413 	  case SNMP_SYNTAX_COUNTER:
414 	  case SNMP_SYNTAX_GAUGE:
415 	  case SNMP_SYNTAX_TIMETICKS:
416 		*(uint32_t *)(void *)((u_char *)e + descr->entries[i].offset) =
417 		    b->v.uint32;
418 		break;
419 
420 	  case SNMP_SYNTAX_COUNTER64:
421 		*(uint64_t *)(void *)((u_char *)e + descr->entries[i].offset) =
422 		    b->v.counter64;
423 		break;
424 
425 	  case SNMP_SYNTAX_NULL:
426 	  case SNMP_SYNTAX_NOSUCHOBJECT:
427 	  case SNMP_SYNTAX_NOSUCHINSTANCE:
428 	  case SNMP_SYNTAX_ENDOFMIBVIEW:
429 		abort();
430 	}
431 	e->found |= (uint64_t)1 << i;
432 
433 	return (0);
434 }
435 
436 /*
437  * Initialize the first PDU to send
438  */
439 static void
440 table_init_pdu(const struct snmp_table *descr, struct snmp_pdu *pdu)
441 {
442 	if (snmp_client.version == SNMP_V1)
443 		snmp_pdu_create(pdu, SNMP_PDU_GETNEXT);
444 	else {
445 		snmp_pdu_create(pdu, SNMP_PDU_GETBULK);
446 		pdu->error_index = 10;
447 	}
448 	if (descr->last_change.len != 0) {
449 		pdu->bindings[pdu->nbindings].syntax = SNMP_SYNTAX_NULL;
450 		pdu->bindings[pdu->nbindings].var = descr->last_change;
451 		pdu->nbindings++;
452 		if (pdu->version != SNMP_V1)
453 			pdu->error_status++;
454 	}
455 	pdu->bindings[pdu->nbindings].var = descr->table;
456 	pdu->bindings[pdu->nbindings].syntax = SNMP_SYNTAX_NULL;
457 	pdu->nbindings++;
458 }
459 
460 /*
461  * Return code:
462  *	0  - End Of Table
463  * 	-1 - Error
464  *	-2 - Last change changed - again
465  *	+1 - ok, continue
466  */
467 static int
468 table_check_response(struct tabwork *work, const struct snmp_pdu *resp)
469 {
470 	const struct snmp_value *b;
471 	struct entry *e;
472 
473 	if (resp->error_status != SNMP_ERR_NOERROR) {
474 		if (snmp_client.version == SNMP_V1 &&
475 		    resp->error_status == SNMP_ERR_NOSUCHNAME &&
476 		    resp->error_index ==
477 		    (work->descr->last_change.len == 0) ? 1 : 2)
478 			/* EOT */
479 			return (0);
480 		/* Error */
481 		seterr(&snmp_client, "error fetching table: status=%d index=%d",
482 		    resp->error_status, resp->error_index);
483 		return (-1);
484 	}
485 
486 	for (b = resp->bindings; b < resp->bindings + resp->nbindings; b++) {
487 		if (work->descr->last_change.len != 0 && b == resp->bindings) {
488 			if (!asn_is_suboid(&work->descr->last_change, &b->var) ||
489 			    b->var.len != work->descr->last_change.len + 1 ||
490 			    b->var.subs[work->descr->last_change.len] != 0) {
491 				seterr(&snmp_client,
492 				    "last_change: bad response");
493 				return (-1);
494 			}
495 			if (b->syntax != SNMP_SYNTAX_TIMETICKS) {
496 				seterr(&snmp_client,
497 				    "last_change: bad syntax %u", b->syntax);
498 				return (-1);
499 			}
500 			if (work->first) {
501 				work->last_change = b->v.uint32;
502 				work->first = 0;
503 
504 			} else if (work->last_change != b->v.uint32) {
505 				if (++work->iter >= work->descr->max_iter) {
506 					seterr(&snmp_client,
507 					    "max iteration count exceeded");
508 					return (-1);
509 				}
510 				table_free(work, 1);
511 				return (-2);
512 			}
513 
514 			continue;
515 		}
516 		if (!asn_is_suboid(&work->descr->table, &b->var) ||
517 		    b->syntax == SNMP_SYNTAX_ENDOFMIBVIEW)
518 			return (0);
519 
520 		if ((e = table_find(work, &b->var)) == NULL)
521 			return (-1);
522 		if (table_value(work->descr, e, b))
523 			return (-1);
524 	}
525 	return (+1);
526 }
527 
528 /*
529  * Check table consistency
530  */
531 static int
532 table_check_cons(struct tabwork *work)
533 {
534 	struct entry *e;
535 
536 	TAILQ_FOREACH(e, work->table, link)
537 		if ((e->found & work->descr->req_mask) !=
538 		    work->descr->req_mask) {
539 			if (work->descr->last_change.len == 0) {
540 				if (++work->iter >= work->descr->max_iter) {
541 					seterr(&snmp_client,
542 					    "max iteration count exceeded");
543 					return (-1);
544 				}
545 				return (-2);
546 			}
547 			seterr(&snmp_client, "inconsistency detected %llx %llx",
548 			    e->found, work->descr->req_mask);
549 			return (-1);
550 		}
551 	return (0);
552 }
553 
554 /*
555  * Fetch a table. Returns 0 if ok, -1 on errors.
556  * This is the synchronous variant.
557  */
558 int
559 snmp_table_fetch(const struct snmp_table *descr, void *list)
560 {
561 	struct snmp_pdu resp;
562 	struct tabwork work;
563 	int ret;
564 
565 	work.descr = descr;
566 	work.table = (struct table *)list;
567 	work.iter = 0;
568 	TAILQ_INIT(work.table);
569 	TAILQ_INIT(&work.worklist);
570 	work.callback = NULL;
571 	work.arg = NULL;
572 
573   again:
574 	/*
575 	 * We come to this label when the code detects that the table
576 	 * has changed while fetching it.
577 	 */
578 	work.first = 1;
579 	work.last_change = 0;
580 	table_init_pdu(descr, &work.pdu);
581 
582 	for (;;) {
583 		if (snmp_dialog(&work.pdu, &resp)) {
584 			table_free(&work, 1);
585 			return (-1);
586 		}
587 		if ((ret = table_check_response(&work, &resp)) == 0) {
588 			snmp_pdu_free(&resp);
589 			break;
590 		}
591 		if (ret == -1) {
592 			snmp_pdu_free(&resp);
593 			table_free(&work, 1);
594 			return (-1);
595 		}
596 		if (ret == -2) {
597 			snmp_pdu_free(&resp);
598 			goto again;
599 		}
600 
601 		work.pdu.bindings[work.pdu.nbindings - 1].var =
602 		    resp.bindings[resp.nbindings - 1].var;
603 
604 		snmp_pdu_free(&resp);
605 	}
606 
607 	if ((ret = table_check_cons(&work)) == -1) {
608 		table_free(&work, 1);
609 		return (-1);
610 	}
611 	if (ret == -2) {
612 		table_free(&work, 1);
613 		goto again;
614 	}
615 	/*
616 	 * Free index list
617 	 */
618 	table_free(&work, 0);
619 	return (0);
620 }
621 
622 /*
623  * Callback for table
624  */
625 static void
626 table_cb(struct snmp_pdu *req __unused, struct snmp_pdu *resp, void *arg)
627 {
628 	struct tabwork *work = arg;
629 	int ret;
630 
631 	if (resp == NULL) {
632 		/* timeout */
633 		seterr(&snmp_client, "no response to fetch table request");
634 		table_free(work, 1);
635 		work->callback(work->table, work->arg, -1);
636 		free(work);
637 		return;
638 	}
639 
640 	if ((ret = table_check_response(work, resp)) == 0) {
641 		/* EOT */
642 		snmp_pdu_free(resp);
643 
644 		if ((ret = table_check_cons(work)) == -1) {
645 			/* error happend */
646 			table_free(work, 1);
647 			work->callback(work->table, work->arg, -1);
648 			free(work);
649 			return;
650 		}
651 		if (ret == -2) {
652 			/* restart */
653   again:
654 			table_free(work, 1);
655 			work->first = 1;
656 			work->last_change = 0;
657 			table_init_pdu(work->descr, &work->pdu);
658 			if (snmp_pdu_send(&work->pdu, table_cb, work) == -1) {
659 				work->callback(work->table, work->arg, -1);
660 				free(work);
661 				return;
662 			}
663 			return;
664 		}
665 		/*
666 		 * Free index list
667 		 */
668 		table_free(work, 0);
669 		work->callback(work->table, work->arg, 0);
670 		free(work);
671 		return;
672 	}
673 
674 	if (ret == -1) {
675 		/* error */
676 		snmp_pdu_free(resp);
677 		table_free(work, 1);
678 		work->callback(work->table, work->arg, -1);
679 		free(work);
680 		return;
681 	}
682 
683 	if (ret == -2) {
684 		/* again */
685 		snmp_pdu_free(resp);
686 		goto again;
687 	}
688 
689 	/* next part */
690 
691 	work->pdu.bindings[work->pdu.nbindings - 1].var =
692 	    resp->bindings[resp->nbindings - 1].var;
693 
694 	snmp_pdu_free(resp);
695 
696 	if (snmp_pdu_send(&work->pdu, table_cb, work) == -1) {
697 		table_free(work, 1);
698 		work->callback(work->table, work->arg, -1);
699 		free(work);
700 		return;
701 	}
702 }
703 
704 int
705 snmp_table_fetch_async(const struct snmp_table *descr, void *list,
706     snmp_table_cb_f func, void *arg)
707 {
708 	struct tabwork *work;
709 
710 	if ((work = malloc(sizeof(*work))) == NULL) {
711 		seterr(&snmp_client, "%s", strerror(errno));
712 		return (-1);
713 	}
714 
715 	work->descr = descr;
716 	work->table = (struct table *)list;
717 	work->iter = 0;
718 	TAILQ_INIT(work->table);
719 	TAILQ_INIT(&work->worklist);
720 
721 	work->callback = func;
722 	work->arg = arg;
723 
724 	/*
725 	 * Start by sending the first PDU
726 	 */
727 	work->first = 1;
728 	work->last_change = 0;
729 	table_init_pdu(descr, &work->pdu);
730 
731 	if (snmp_pdu_send(&work->pdu, table_cb, work) == -1)
732 		return (-1);
733 	return (0);
734 }
735 
736 /*
737  * Append an index to an oid
738  */
739 int
740 snmp_oid_append(struct asn_oid *oid, const char *fmt, ...)
741 {
742 	va_list	va;
743 	int	size;
744 	char	*nextptr;
745 	const u_char *str;
746 	size_t	len;
747 	struct in_addr ina;
748 	int ret;
749 
750 	va_start(va, fmt);
751 
752 	size = 0;
753 
754 	ret = 0;
755 	while (*fmt != '\0') {
756 		switch (*fmt++) {
757 		  case 'i':
758 			/* just an integer more */
759 			if (oid->len + 1 > ASN_MAXOIDLEN) {
760 				warnx("%s: OID too long for integer", __func__);
761 				ret = -1;
762 				break;
763 			}
764 			oid->subs[oid->len++] = va_arg(va, asn_subid_t);
765 			break;
766 
767 		  case 'a':
768 			/* append an IP address */
769 			if (oid->len + 4 > ASN_MAXOIDLEN) {
770 				warnx("%s: OID too long for ip-addr", __func__);
771 				ret = -1;
772 				break;
773 			}
774 			ina = va_arg(va, struct in_addr);
775 			ina.s_addr = ntohl(ina.s_addr);
776 			oid->subs[oid->len++] = (ina.s_addr >> 24) & 0xff;
777 			oid->subs[oid->len++] = (ina.s_addr >> 16) & 0xff;
778 			oid->subs[oid->len++] = (ina.s_addr >> 8) & 0xff;
779 			oid->subs[oid->len++] = (ina.s_addr >> 0) & 0xff;
780 			break;
781 
782 		  case 's':
783 			/* append a null-terminated string,
784 			 * length is computed */
785 			str = (const u_char *)va_arg(va, const char *);
786 			len = strlen((const char *)str);
787 			if (oid->len + len + 1 > ASN_MAXOIDLEN) {
788 				warnx("%s: OID too long for string", __func__);
789 				ret = -1;
790 				break;
791 			}
792 			oid->subs[oid->len++] = len;
793 			while (len--)
794 				oid->subs[oid->len++] = *str++;
795 			break;
796 
797 		  case '(':
798 			/* the integer value between ( and ) is stored
799 			 * in size */
800 			size = strtol(fmt, &nextptr, 10);
801 			if (*nextptr != ')')
802 				abort();
803 			fmt = ++nextptr;
804 			break;
805 
806 		  case 'b':
807 			/* append `size` characters */
808 			str = (const u_char *)va_arg(va, const char *);
809 			if (oid->len + size > ASN_MAXOIDLEN) {
810 				warnx("%s: OID too long for string", __func__);
811 				ret = -1;
812 				break;
813 			}
814 			while (size--)
815 				oid->subs[oid->len++] = *str++;
816 			break;
817 
818 		  case 'c':
819 			/* get size and the octets from the arguments */
820 			size = va_arg(va, size_t);
821 			str = va_arg(va, const u_char *);
822 			if (oid->len + size + 1 > ASN_MAXOIDLEN) {
823 				warnx("%s: OID too long for string", __func__);
824 				ret = -1;
825 				break;
826 			}
827 			oid->subs[oid->len++] = size;
828 			while (size--)
829 				oid->subs[oid->len++] = *str++;
830 			break;
831 
832 		  default:
833 			abort();
834 		}
835 	}
836 	va_end(va);
837 	return (ret);
838 }
839 
840 /*
841  * Initialize a client structure
842  */
843 void
844 snmp_client_init(struct snmp_client *c)
845 {
846 	memset(c, 0, sizeof(*c));
847 
848 	c->version = SNMP_V2c;
849 	c->trans = SNMP_TRANS_UDP;
850 	c->chost = NULL;
851 	c->cport = NULL;
852 
853 	strcpy(c->read_community, "public");
854 	strcpy(c->write_community, "private");
855 
856 	c->timeout.tv_sec = 3;
857 	c->timeout.tv_usec = 0;
858 	c->retries = 3;
859 	c->dump_pdus = 0;
860 	c->txbuflen = c->rxbuflen = 10000;
861 
862 	c->fd = -1;
863 
864 	c->max_reqid = INT32_MAX;
865 	c->min_reqid = 0;
866 	c->next_reqid = 0;
867 }
868 
869 
870 /*
871  * Open UDP client socket
872  */
873 static int
874 open_client_udp(const char *host, const char *port)
875 {
876 	int error;
877 	char *ptr;
878 	struct addrinfo hints, *res0, *res;
879 
880 	/* copy host- and portname */
881 	if (snmp_client.chost == NULL) {
882 		if ((snmp_client.chost = malloc(1 + sizeof(DEFAULT_HOST)))
883 		    == NULL) {
884 			seterr(&snmp_client, "%s", strerror(errno));
885 			return (-1);
886 		}
887 		strcpy(snmp_client.chost, DEFAULT_HOST);
888 	}
889 	if (host != NULL) {
890 		if ((ptr = malloc(1 + strlen(host))) == NULL) {
891 			seterr(&snmp_client, "%s", strerror(errno));
892 			return (-1);
893 		}
894 		free(snmp_client.chost);
895 		snmp_client.chost = ptr;
896 		strcpy(snmp_client.chost, host);
897 	}
898 	if (snmp_client.cport == NULL) {
899 		if ((snmp_client.cport = malloc(1 + sizeof(DEFAULT_PORT)))
900 		    == NULL) {
901 			seterr(&snmp_client, "%s", strerror(errno));
902 			return (-1);
903 		}
904 		strcpy(snmp_client.cport, DEFAULT_PORT);
905 	}
906 	if (port != NULL) {
907 		if ((ptr = malloc(1 + strlen(port))) == NULL) {
908 			seterr(&snmp_client, "%s", strerror(errno));
909 			return (-1);
910 		}
911 		free(snmp_client.cport);
912 		snmp_client.cport = ptr;
913 		strcpy(snmp_client.cport, port);
914 	}
915 
916 	/* open connection */
917 	memset(&hints, 0, sizeof(hints));
918 	hints.ai_flags = AI_CANONNAME;
919 	hints.ai_family = AF_INET;
920 	hints.ai_socktype = SOCK_DGRAM;
921 	hints.ai_protocol = 0;
922 	error = getaddrinfo(snmp_client.chost, snmp_client.cport, &hints, &res0);
923 	if (error != 0) {
924 		seterr(&snmp_client, "%s: %s", snmp_client.chost,
925 		    gai_strerror(error));
926 		return (-1);
927 	}
928 	res = res0;
929 	for (;;) {
930 		if ((snmp_client.fd = socket(res->ai_family, res->ai_socktype,
931 		    res->ai_protocol)) == -1) {
932 			if ((res = res->ai_next) == NULL) {
933 				seterr(&snmp_client, "%s", strerror(errno));
934 				freeaddrinfo(res0);
935 				return (-1);
936 			}
937 		} else if (connect(snmp_client.fd, res->ai_addr,
938 		    res->ai_addrlen) == -1) {
939 			if ((res = res->ai_next) == NULL) {
940 				seterr(&snmp_client, "%s", strerror(errno));
941 				freeaddrinfo(res0);
942 				return (-1);
943 			}
944 		} else
945 			break;
946 	}
947 	freeaddrinfo(res0);
948 	return (0);
949 }
950 
951 static void
952 remove_local(void)
953 {
954 	(void)remove(snmp_client.local_path);
955 }
956 
957 /*
958  * Open local socket
959  */
960 static int
961 open_client_local(const char *path)
962 {
963 	struct sockaddr_un sa;
964 	char *ptr;
965 	int stype;
966 
967 	if (snmp_client.chost == NULL) {
968 		if ((snmp_client.chost = malloc(1 + sizeof(DEFAULT_LOCAL)))
969 		    == NULL) {
970 			seterr(&snmp_client, "%s", strerror(errno));
971 			return (-1);
972 		}
973 		strcpy(snmp_client.chost, DEFAULT_LOCAL);
974 	}
975 	if (path != NULL) {
976 		if ((ptr = malloc(1 + strlen(path))) == NULL) {
977 			seterr(&snmp_client, "%s", strerror(errno));
978 			return (-1);
979 		}
980 		free(snmp_client.chost);
981 		snmp_client.chost = ptr;
982 		strcpy(snmp_client.chost, path);
983 	}
984 
985 	if (snmp_client.trans == SNMP_TRANS_LOC_DGRAM)
986 		stype = SOCK_DGRAM;
987 	else
988 		stype = SOCK_STREAM;
989 
990 	if ((snmp_client.fd = socket(PF_LOCAL, stype, 0)) == -1) {
991 		seterr(&snmp_client, "%s", strerror(errno));
992 		return (-1);
993 	}
994 
995 	snprintf(snmp_client.local_path, sizeof(snmp_client.local_path),
996 	    "%s", SNMP_LOCAL_PATH);
997 
998 	if (mktemp(snmp_client.local_path) == NULL) {
999 		seterr(&snmp_client, "%s", strerror(errno));
1000 		(void)close(snmp_client.fd);
1001 		snmp_client.fd = -1;
1002 		return (-1);
1003 	}
1004 
1005 	sa.sun_family = AF_LOCAL;
1006 	sa.sun_len = sizeof(sa);
1007 	strcpy(sa.sun_path, snmp_client.local_path);
1008 
1009 	if (bind(snmp_client.fd, (struct sockaddr *)&sa, sizeof(sa)) == -1) {
1010 		seterr(&snmp_client, "%s", strerror(errno));
1011 		(void)close(snmp_client.fd);
1012 		snmp_client.fd = -1;
1013 		(void)remove(snmp_client.local_path);
1014 		return (-1);
1015 	}
1016 	atexit(remove_local);
1017 
1018 	sa.sun_family = AF_LOCAL;
1019 	sa.sun_len = offsetof(struct sockaddr_un, sun_path) +
1020 	    strlen(snmp_client.chost);
1021 	strncpy(sa.sun_path, snmp_client.chost, sizeof(sa.sun_path) - 1);
1022 	sa.sun_path[sizeof(sa.sun_path) - 1] = '\0';
1023 
1024 	if (connect(snmp_client.fd, (struct sockaddr *)&sa, sa.sun_len) == -1) {
1025 		seterr(&snmp_client, "%s", strerror(errno));
1026 		(void)close(snmp_client.fd);
1027 		snmp_client.fd = -1;
1028 		(void)remove(snmp_client.local_path);
1029 		return (-1);
1030 	}
1031 	return (0);
1032 }
1033 
1034 /*
1035  * SNMP_OPEN
1036  */
1037 int
1038 snmp_open(const char *host, const char *port, const char *readcomm,
1039     const char *writecomm)
1040 {
1041 	struct timeval tout;
1042 
1043 	/* still open ? */
1044 	if (snmp_client.fd != -1) {
1045 		errno = EBUSY;
1046 		seterr(&snmp_client, "%s", strerror(errno));
1047 		return (-1);
1048 	}
1049 
1050 	/* copy community strings */
1051 	if (readcomm != NULL)
1052 		strlcpy(snmp_client.read_community, readcomm,
1053 		    sizeof(snmp_client.read_community));
1054 	if (writecomm != NULL)
1055 		strlcpy(snmp_client.write_community, writecomm,
1056 		    sizeof(snmp_client.write_community));
1057 
1058 	switch (snmp_client.trans) {
1059 
1060 	  case SNMP_TRANS_UDP:
1061 		if (open_client_udp(host, port))
1062 			return (-1);
1063 		break;
1064 
1065 	  case SNMP_TRANS_LOC_DGRAM:
1066 	  case SNMP_TRANS_LOC_STREAM:
1067 		if (open_client_local(host))
1068 			return (-1);
1069 		break;
1070 
1071 	  default:
1072 		seterr(&snmp_client, "bad transport mapping");
1073 		return (-1);
1074 	}
1075 	tout.tv_sec = 0;
1076 	tout.tv_usec = 0;
1077 	if (setsockopt(snmp_client.fd, SOL_SOCKET, SO_SNDTIMEO,
1078 	    &tout, sizeof(struct timeval)) == -1) {
1079 		seterr(&snmp_client, "%s", strerror(errno));
1080 		(void)close(snmp_client.fd);
1081 		snmp_client.fd = -1;
1082 		if (snmp_client.local_path[0] != '\0')
1083 			(void)remove(snmp_client.local_path);
1084 		return (-1);
1085 	}
1086 
1087 	/* initialize list */
1088 	LIST_INIT(&sent_pdus);
1089 
1090 	return (0);
1091 }
1092 
1093 
1094 /*
1095  * SNMP_CLOSE
1096  *
1097  * closes connection to snmp server
1098  * - function cannot fail
1099  * - clears connection
1100  * - clears list of sent pdus
1101  *
1102  * input:
1103  *  void
1104  * return:
1105  *  void
1106  */
1107 void
1108 snmp_close(void)
1109 {
1110 	struct sent_pdu *p1;
1111 
1112 	if (snmp_client.fd != -1) {
1113 		(void)close(snmp_client.fd);
1114 		snmp_client.fd = -1;
1115 		if (snmp_client.local_path[0] != '\0')
1116 			(void)remove(snmp_client.local_path);
1117 	}
1118 	while(!LIST_EMPTY(&sent_pdus)){
1119 		p1 = LIST_FIRST(&sent_pdus);
1120 		if (p1->timeout_id != NULL)
1121 			snmp_client.timeout_stop(p1->timeout_id);
1122 		LIST_REMOVE(p1, entries);
1123 		free(p1);
1124 	}
1125 	free(snmp_client.chost);
1126 	free(snmp_client.cport);
1127 }
1128 
1129 /*
1130  * initialize a snmp_pdu structure
1131  */
1132 void
1133 snmp_pdu_create(struct snmp_pdu *pdu, u_int op)
1134 {
1135 	memset(pdu,0,sizeof(struct snmp_pdu));
1136 	if (op == SNMP_PDU_SET)
1137 		strlcpy(pdu->community, snmp_client.write_community,
1138 		    sizeof(pdu->community));
1139 	else
1140 		strlcpy(pdu->community, snmp_client.read_community,
1141 		    sizeof(pdu->community));
1142 
1143 	pdu->type = op;
1144 	pdu->version = snmp_client.version;
1145 	pdu->error_status = 0;
1146 	pdu->error_index = 0;
1147 	pdu->nbindings = 0;
1148 }
1149 
1150 /* add pairs of (struct asn_oid, enum snmp_syntax) to an existing pdu */
1151 /* added 10/04/02 by kek: check for MAX_BINDINGS */
1152 int
1153 snmp_add_binding(struct snmp_v1_pdu *pdu, ...)
1154 {
1155 	va_list ap;
1156 	const struct asn_oid *oid;
1157 	u_int ret;
1158 
1159 	va_start(ap, pdu);
1160 
1161 	ret = pdu->nbindings;
1162 	while ((oid = va_arg(ap, const struct asn_oid *)) != NULL) {
1163 		if (pdu->nbindings >= SNMP_MAX_BINDINGS){
1164 			va_end(ap);
1165 			return (-1);
1166 		}
1167 		pdu->bindings[pdu->nbindings].var = *oid;
1168 		pdu->bindings[pdu->nbindings].syntax =
1169 		    va_arg(ap, enum snmp_syntax);
1170 		pdu->nbindings++;
1171 	}
1172 	va_end(ap);
1173 	return (ret);
1174 }
1175 
1176 
1177 static int32_t
1178 snmp_next_reqid(struct snmp_client * c)
1179 {
1180 	int32_t i;
1181 
1182 	i = c->next_reqid;
1183 	if (c->next_reqid >= c->max_reqid)
1184 		c->next_reqid = c->min_reqid;
1185 	else
1186 		c->next_reqid++;
1187 	return (i);
1188 }
1189 
1190 /*
1191  * Send request and return request id.
1192  */
1193 static int32_t
1194 snmp_send_packet(struct snmp_pdu * pdu)
1195 {
1196         u_char *buf;
1197         struct asn_buf b;
1198         ssize_t ret;
1199 
1200 	if ((buf = malloc(snmp_client.txbuflen)) == NULL) {
1201 		seterr(&snmp_client, "%s", strerror(errno));
1202 		return (-1);
1203 	}
1204 
1205         pdu->request_id = snmp_next_reqid(&snmp_client);
1206 
1207         b.asn_ptr = buf;
1208         b.asn_len = snmp_client.txbuflen;
1209         if (snmp_pdu_encode(pdu, &b)) {
1210 		seterr(&snmp_client, "%s", strerror(errno));
1211 		free(buf);
1212 		return (-1);
1213 	}
1214 
1215         if (snmp_client.dump_pdus)
1216                 snmp_pdu_dump(pdu);
1217 
1218         if ((ret = send(snmp_client.fd, buf, b.asn_ptr - buf, 0)) == -1) {
1219 		seterr(&snmp_client, "%s", strerror(errno));
1220 		free(buf);
1221                 return (-1);
1222 	}
1223 	free(buf);
1224 
1225 	return pdu->request_id;
1226 }
1227 
1228 /*
1229  * to be called when a snmp request timed out
1230  */
1231 static void
1232 snmp_timeout(void * listentry_ptr)
1233 {
1234 	struct sent_pdu *listentry = listentry_ptr;
1235 
1236 #if 0
1237 	warnx("snmp request %i timed out, attempt (%i/%i)",
1238 	    listentry->reqid, listentry->retrycount, snmp_client.retries);
1239 #endif
1240 
1241 	listentry->retrycount++;
1242 	if (listentry->retrycount > snmp_client.retries) {
1243 		/* there is no answer at all */
1244 		LIST_REMOVE(listentry, entries);
1245 		listentry->callback(listentry->pdu, NULL, listentry->arg);
1246 		free(listentry);
1247 	} else {
1248 		/* try again */
1249 		/* new request with new request ID */
1250 		listentry->reqid = snmp_send_packet(listentry->pdu);
1251 		listentry->timeout_id =
1252 		    snmp_client.timeout_start(&snmp_client.timeout,
1253 		    snmp_timeout, listentry);
1254 	}
1255 }
1256 
1257 int32_t
1258 snmp_pdu_send(struct snmp_pdu *pdu, snmp_send_cb_f func, void *arg)
1259 {
1260 	struct sent_pdu *listentry;
1261 	int32_t id;
1262 
1263 	if ((listentry = malloc(sizeof(struct sent_pdu))) == NULL) {
1264 		seterr(&snmp_client, "%s", strerror(errno));
1265 		return (-1);
1266 	}
1267 
1268 	/* here we really send */
1269 	if ((id = snmp_send_packet(pdu)) == -1) {
1270 		free(listentry);
1271 		return (-1);
1272 	}
1273 
1274 	/* add entry to list of sent PDUs */
1275 	listentry->pdu = pdu;
1276 	if (gettimeofday(&listentry->time, NULL) == -1)
1277 		warn("gettimeofday() failed");
1278 
1279 	listentry->reqid = pdu->request_id;
1280 	listentry->callback = func;
1281 	listentry->arg = arg;
1282 	listentry->retrycount=1;
1283 	listentry->timeout_id =
1284 	    snmp_client.timeout_start(&snmp_client.timeout, snmp_timeout,
1285 	    listentry);
1286 
1287 	LIST_INSERT_HEAD(&sent_pdus, listentry, entries);
1288 
1289 	return (id);
1290 }
1291 
1292 /*
1293  * Receive an SNMP packet.
1294  *
1295  * tv controls how we wait for a packet: if tv is a NULL pointer,
1296  * the receive blocks forever, if tv points to a structure with all
1297  * members 0 the socket is polled, in all other cases tv specifies the
1298  * maximum time to wait for a packet.
1299  *
1300  * Return:
1301  *	-1 on errors
1302  *	0 on timeout
1303  *	+1 if packet received
1304  */
1305 static int
1306 snmp_receive_packet(struct snmp_pdu *pdu, struct timeval *tv)
1307 {
1308 	int dopoll, setpoll;
1309 	int flags;
1310 	int saved_errno;
1311 	u_char *buf;
1312 	int ret;
1313 	struct asn_buf abuf;
1314 	int32_t ip;
1315 #ifdef bsdi
1316 	int optlen;
1317 #else
1318 	socklen_t optlen;
1319 #endif
1320 
1321 	if ((buf = malloc(snmp_client.rxbuflen)) == NULL) {
1322 		seterr(&snmp_client, "%s", strerror(errno));
1323 		return (-1);
1324 	}
1325 	dopoll = setpoll = 0;
1326 	flags = 0;
1327 	if (tv != NULL) {
1328 		/* poll or timeout */
1329 		if (tv->tv_sec != 0 || tv->tv_usec != 0) {
1330 			/* wait with timeout */
1331 			if (setsockopt(snmp_client.fd, SOL_SOCKET, SO_RCVTIMEO,
1332 			    tv, sizeof(*tv)) == -1) {
1333 				seterr(&snmp_client, "setsockopt: %s",
1334 				    strerror(errno));
1335 				free(buf);
1336 				return (-1);
1337 			}
1338 			optlen = sizeof(*tv);
1339 			if (getsockopt(snmp_client.fd, SOL_SOCKET, SO_RCVTIMEO,
1340 			    tv, &optlen) == -1) {
1341 				seterr(&snmp_client, "getsockopt: %s",
1342 				    strerror(errno));
1343 				free(buf);
1344 				return (-1);
1345 			}
1346 			/* at this point tv_sec and tv_usec may appear
1347 			 * as 0. This happens for timeouts lesser than
1348 			 * the clock granularity. The kernel rounds these to
1349 			 * 0 and this would result in a blocking receive.
1350 			 * Instead of an else we check tv_sec and tv_usec
1351 			 * again below and if this rounding happens,
1352 			 * switch to a polling receive. */
1353 		}
1354 		if (tv->tv_sec == 0 && tv->tv_usec == 0) {
1355 			/* poll */
1356 			dopoll = 1;
1357 			if ((flags = fcntl(snmp_client.fd, F_GETFL, 0)) == -1) {
1358 				seterr(&snmp_client, "fcntl: %s",
1359 				    strerror(errno));
1360 				free(buf);
1361 				return (-1);
1362 			}
1363 			if (!(flags & O_NONBLOCK)) {
1364 				setpoll = 1;
1365 				flags |= O_NONBLOCK;
1366 				if (fcntl(snmp_client.fd, F_SETFL, flags) == -1) {
1367 					seterr(&snmp_client, "fcntl: %s",
1368 					    strerror(errno));
1369 					free(buf);
1370 					return (-1);
1371 				}
1372 			}
1373 		}
1374 	}
1375 	ret = recv(snmp_client.fd, buf, snmp_client.rxbuflen, 0);
1376 	saved_errno = errno;
1377 	if (tv != NULL) {
1378 		if (dopoll) {
1379 			if (setpoll) {
1380 				flags &= ~O_NONBLOCK;
1381 				(void)fcntl(snmp_client.fd, F_SETFL, flags);
1382 			}
1383 		} else {
1384 			tv->tv_sec = 0;
1385 			tv->tv_usec = 0;
1386 			(void)setsockopt(snmp_client.fd, SOL_SOCKET, SO_RCVTIMEO,
1387 			    tv, sizeof(*tv));
1388 		}
1389 	}
1390 	if (ret == -1) {
1391 		free(buf);
1392 		if (errno == EAGAIN || errno == EWOULDBLOCK)
1393 			return (0);
1394 		seterr(&snmp_client, "recv: %s", strerror(saved_errno));
1395 		return (-1);
1396 	}
1397 	if (ret == 0) {
1398 		/* this happens when we have a streaming socket and the
1399 		 * remote side has closed it */
1400 		free(buf);
1401 		seterr(&snmp_client, "recv: socket closed by peer");
1402 		errno = EPIPE;
1403 		return (-1);
1404 	}
1405 
1406 	abuf.asn_ptr = buf;
1407 	abuf.asn_len = ret;
1408 
1409 	if (SNMP_CODE_OK != (ret = snmp_pdu_decode(&abuf, pdu, &ip))) {
1410 		seterr(&snmp_client, "snmp_decode_pdu: failed %d", ret);
1411 		free(buf);
1412 		return (-1);
1413 	}
1414 	free(buf);
1415 	if (snmp_client.dump_pdus)
1416 		snmp_pdu_dump(pdu);
1417 
1418 	return (+1);
1419 }
1420 
1421 static int
1422 snmp_deliver_packet(struct snmp_pdu * resp)
1423 {
1424 	struct sent_pdu *listentry;
1425 
1426 	if (resp->type != SNMP_PDU_RESPONSE) {
1427 		warn("ignoring snmp pdu %u", resp->type);
1428 		return (-1);
1429 	}
1430 
1431 	LIST_FOREACH(listentry, &sent_pdus, entries)
1432 		if (listentry->reqid == resp->request_id)
1433 			break;
1434 	if (listentry == NULL)
1435 		return (-1);
1436 
1437 	LIST_REMOVE(listentry, entries);
1438 	listentry->callback(listentry->pdu, resp, listentry->arg);
1439 
1440 	snmp_client.timeout_stop(listentry->timeout_id);
1441 
1442 	free(listentry);
1443 	return (0);
1444 }
1445 
1446 int
1447 snmp_receive(int blocking)
1448 {
1449 	int ret;
1450 
1451 	struct timeval tv;
1452 	struct snmp_pdu * resp;
1453 
1454 	memset(&tv, 0, sizeof(tv));
1455 
1456 	resp = malloc(sizeof(struct snmp_pdu));
1457 	if (resp == NULL) {
1458 		seterr(&snmp_client, "no memory for returning PDU");
1459 		return (-1) ;
1460 	}
1461 
1462 	if ((ret = snmp_receive_packet(resp, blocking ? NULL : &tv)) <= 0) {
1463 		free(resp);
1464 		return (ret);
1465 	}
1466 	ret = snmp_deliver_packet(resp);
1467 	snmp_pdu_free(resp);
1468 	free(resp);
1469 	return (ret);
1470 }
1471 
1472 
1473 /*
1474  * Check a GETNEXT response. Here we have three possible outcomes: -1 an
1475  * unexpected error happened. +1 response is ok and is within the table 0
1476  * response is ok, but is behind the table or error is NOSUCHNAME. The req
1477  * should point to a template PDU which contains the base OIDs and the
1478  * syntaxes. This is really only useful to sweep non-sparse tables.
1479  */
1480 static int
1481 ok_getnext(const struct snmp_pdu * req, const struct snmp_pdu * resp)
1482 {
1483 	u_int i;
1484 
1485 	if (resp->version != req->version) {
1486 		warnx("SNMP GETNEXT: response has wrong version");
1487 		return (-1);
1488 	}
1489 
1490 	if (resp->error_status == SNMP_ERR_NOSUCHNAME)
1491 		return (0);
1492 
1493 	if (resp->error_status != SNMP_ERR_NOERROR) {
1494 		warnx("SNMP GETNEXT: error %d", resp->error_status);
1495 		return (-1);
1496 	}
1497 	if (resp->nbindings != req->nbindings) {
1498 		warnx("SNMP GETNEXT: bad number of bindings in response");
1499 		return (-1);
1500 	}
1501 	for (i = 0; i < req->nbindings; i++) {
1502 		if (!asn_is_suboid(&req->bindings[i].var,
1503 		    &resp->bindings[i].var)) {
1504 			if (i != 0)
1505 				warnx("SNMP GETNEXT: inconsistent table "
1506 				      "response");
1507 			return (0);
1508 		}
1509 		if (resp->version != SNMP_V1 &&
1510 		    resp->bindings[i].syntax == SNMP_SYNTAX_ENDOFMIBVIEW)
1511 			return (0);
1512 
1513 		if (resp->bindings[i].syntax != req->bindings[i].syntax) {
1514 			warnx("SNMP GETNEXT: bad syntax in response");
1515 			return (0);
1516 		}
1517 	}
1518 	return (1);
1519 }
1520 
1521 /*
1522  * Check a GET response. Here we have three possible outcomes: -1 an
1523  * unexpected error happened. +1 response is ok. 0 NOSUCHNAME The req should
1524  * point to a template PDU which contains the OIDs and the syntaxes. This
1525  * is only useful for SNMPv1 or single object GETS.
1526  */
1527 static int
1528 ok_get(const struct snmp_pdu * req, const struct snmp_pdu * resp)
1529 {
1530 	u_int i;
1531 
1532 	if (resp->version != req->version) {
1533 		warnx("SNMP GET: response has wrong version");
1534 		return (-1);
1535 	}
1536 
1537 	if (resp->error_status == SNMP_ERR_NOSUCHNAME)
1538 		return (0);
1539 
1540 	if (resp->error_status != SNMP_ERR_NOERROR) {
1541 		warnx("SNMP GET: error %d", resp->error_status);
1542 		return (-1);
1543 	}
1544 
1545 	if (resp->nbindings != req->nbindings) {
1546 		warnx("SNMP GET: bad number of bindings in response");
1547 		return (-1);
1548 	}
1549 	for (i = 0; i < req->nbindings; i++) {
1550 		if (asn_compare_oid(&req->bindings[i].var,
1551 		    &resp->bindings[i].var) != 0) {
1552 			warnx("SNMP GET: bad OID in response");
1553 			return (-1);
1554 		}
1555 		if (snmp_client.version != SNMP_V1 &&
1556 		    (resp->bindings[i].syntax == SNMP_SYNTAX_NOSUCHOBJECT ||
1557 		    resp->bindings[i].syntax == SNMP_SYNTAX_NOSUCHINSTANCE))
1558 			return (0);
1559 		if (resp->bindings[i].syntax != req->bindings[i].syntax) {
1560 			warnx("SNMP GET: bad syntax in response");
1561 			return (-1);
1562 		}
1563 	}
1564 	return (1);
1565 }
1566 
1567 /*
1568  * Check the response to a SET PDU. We check: - the error status must be 0 -
1569  * the number of bindings must be equal in response and request - the
1570  * syntaxes must be the same in response and request - the OIDs must be the
1571  * same in response and request
1572  */
1573 static int
1574 ok_set(const struct snmp_pdu * req, const struct snmp_pdu * resp)
1575 {
1576 	u_int i;
1577 
1578 	if (resp->version != req->version) {
1579 		warnx("SNMP SET: response has wrong version");
1580 		return (-1);
1581 	}
1582 
1583 	if (resp->error_status == SNMP_ERR_NOSUCHNAME) {
1584 		warnx("SNMP SET: error %d", resp->error_status);
1585 		return (0);
1586 	}
1587 	if (resp->error_status != SNMP_ERR_NOERROR) {
1588 		warnx("SNMP SET: error %d", resp->error_status);
1589 		return (-1);
1590 	}
1591 
1592 	if (resp->nbindings != req->nbindings) {
1593 		warnx("SNMP SET: bad number of bindings in response");
1594 		return (-1);
1595 	}
1596 	for (i = 0; i < req->nbindings; i++) {
1597 		if (asn_compare_oid(&req->bindings[i].var,
1598 		    &resp->bindings[i].var) != 0) {
1599 			warnx("SNMP SET: wrong OID in response to SET");
1600 			return (-1);
1601 		}
1602 		if (resp->bindings[i].syntax != req->bindings[i].syntax) {
1603 			warnx("SNMP SET: bad syntax in response");
1604 			return (-1);
1605 		}
1606 	}
1607 	return (1);
1608 }
1609 
1610 /*
1611  * Simple checks for response PDUs against request PDUs. Return values: 1=ok,
1612  * 0=nosuchname or similar, -1=failure, -2=no response at all
1613  */
1614 int
1615 snmp_pdu_check(const struct snmp_pdu *req,
1616     const struct snmp_pdu *resp)
1617 {
1618 	if (resp == NULL)
1619 		return (-2);
1620 
1621 	switch (req->type) {
1622 
1623 	  case SNMP_PDU_GET:
1624 		return (ok_get(req, resp));
1625 
1626 	  case SNMP_PDU_SET:
1627 		return (ok_set(req, resp));
1628 
1629 	  case SNMP_PDU_GETNEXT:
1630 		return (ok_getnext(req, resp));
1631 
1632 	}
1633 	errx(1, "%s: bad pdu type %i", __func__, req->type);
1634 }
1635 
1636 int
1637 snmp_dialog(struct snmp_v1_pdu *req, struct snmp_v1_pdu *resp)
1638 {
1639         u_int i;
1640         int32_t reqid;
1641 	int ret;
1642         struct timeval tv = snmp_client.timeout;
1643 	struct timeval end;
1644 	struct snmp_pdu pdu;
1645 
1646 	/*
1647 	 * Make a copy of the request and replace the syntaxes by NULL
1648 	 * if this is a GET,GETNEXT or GETBULK.
1649 	 */
1650 	pdu = *req;
1651 	if (pdu.type == SNMP_PDU_GET || pdu.type == SNMP_PDU_GETNEXT ||
1652 	    pdu.type == SNMP_PDU_GETBULK) {
1653 		for (i = 0; i < pdu.nbindings; i++)
1654 			pdu.bindings[i].syntax = SNMP_SYNTAX_NULL;
1655 	}
1656 
1657         for (i = 0; i <= snmp_client.retries; i++) {
1658 		(void)gettimeofday(&end, NULL);
1659 		timeradd(&end, &snmp_client.timeout, &end);
1660                 if ((reqid = snmp_send_packet(&pdu)) == -1)
1661 			return (-1);
1662 		for (;;) {
1663 			(void)gettimeofday(&tv, NULL);
1664 			if (timercmp(&end, &tv, <=))
1665 				break;
1666 			timersub(&end, &tv, &tv);
1667 			if ((ret = snmp_receive_packet(resp, &tv)) == 0)
1668 				/* timeout */
1669 				break;
1670 
1671 			if (ret > 0) {
1672 				if (reqid == resp->request_id)
1673 					return (0);
1674 				/* not for us */
1675 				(void)snmp_deliver_packet(resp);
1676 			}
1677 			if (ret < 0 && errno == EPIPE)
1678 				/* stream closed */
1679 				return (-1);
1680 		}
1681         }
1682 	errno = ETIMEDOUT;
1683 	seterr(&snmp_client, "retry count exceeded");
1684         return (-1);
1685 }
1686 
1687 int
1688 snmp_client_set_host(struct snmp_client *cl, const char *h)
1689 {
1690 	char *np;
1691 
1692 	if (h == NULL) {
1693 		if (cl->chost != NULL)
1694 			free(cl->chost);
1695 		cl->chost = NULL;
1696 	} else {
1697 		if ((np = malloc(strlen(h) + 1)) == NULL)
1698 			return (-1);
1699 		strcpy(np, h);
1700 		if (cl->chost != NULL)
1701 			free(cl->chost);
1702 		cl->chost = np;
1703 	}
1704 	return (0);
1705 }
1706 
1707 int
1708 snmp_client_set_port(struct snmp_client *cl, const char *p)
1709 {
1710 	char *np;
1711 
1712 	if (p == NULL) {
1713 		if (cl->cport != NULL)
1714 			free(cl->cport);
1715 		cl->cport = NULL;
1716 	} else {
1717 		if ((np = malloc(strlen(p) + 1)) == NULL)
1718 			return (-1);
1719 		strcpy(np, p);
1720 		if (cl->cport != NULL)
1721 			free(cl->cport);
1722 		cl->cport = np;
1723 	}
1724 	return (0);
1725 }
1726 
1727 /*
1728  * parse a server specification
1729  *
1730  * [trans::][community@][server][:port]
1731  */
1732 int
1733 snmp_parse_server(struct snmp_client *sc, const char *str)
1734 {
1735 	const char *p, *s = str;
1736 
1737 	/* look for a double colon */
1738 	for (p = s; *p != '\0'; p++) {
1739 		if (*p == '\\' && p[1] != '\0') {
1740 			p++;
1741 			continue;
1742 		}
1743 		if (*p == ':' && p[1] == ':')
1744 			break;
1745 	}
1746 	if (*p != '\0') {
1747 		if (p > s) {
1748 			if (p - s == 3 && strncmp(s, "udp", 3) == 0)
1749 				sc->trans = SNMP_TRANS_UDP;
1750 			else if (p - s == 6 && strncmp(s, "stream", 6) == 0)
1751 				sc->trans = SNMP_TRANS_LOC_STREAM;
1752 			else if (p - s == 5 && strncmp(s, "dgram", 5) == 0)
1753 				sc->trans = SNMP_TRANS_LOC_DGRAM;
1754 			else {
1755 				seterr(sc, "unknown SNMP transport '%.*s'",
1756 				    (int)(p - s), s);
1757 				return (-1);
1758 			}
1759 		}
1760 		s = p + 2;
1761 	}
1762 
1763 	/* look for a @ */
1764 	for (p = s; *p != '\0'; p++) {
1765 		if (*p == '\\' && p[1] != '\0') {
1766 			p++;
1767 			continue;
1768 		}
1769 		if (*p == '@')
1770 			break;
1771 	}
1772 
1773 	if (*p != '\0') {
1774 		if (p - s > SNMP_COMMUNITY_MAXLEN) {
1775 			seterr(sc, "community string too long");
1776 			return (-1);
1777 		}
1778 		strncpy(sc->read_community, s, p - s);
1779 		sc->read_community[p - s] = '\0';
1780 		strncpy(sc->write_community, s, p - s);
1781 		sc->write_community[p - s] = '\0';
1782 		s = p + 1;
1783 	}
1784 
1785 	/* look for a colon */
1786 	for (p = s; *p != '\0'; p++) {
1787 		if (*p == '\\' && p[1] != '\0') {
1788 			p++;
1789 			continue;
1790 		}
1791 		if (*p == ':')
1792 			break;
1793 	}
1794 
1795 	if (*p == ':') {
1796 		if (p > s) {
1797 			/* host:port */
1798 			free(sc->chost);
1799 			if ((sc->chost = malloc(p - s + 1)) == NULL) {
1800 				seterr(sc, "%s", strerror(errno));
1801 				return (-1);
1802 			}
1803 			strncpy(sc->chost, s, p - s);
1804 			sc->chost[p - s] = '\0';
1805 		}
1806 		/* port */
1807 		free(sc->cport);
1808 		if ((sc->cport = malloc(strlen(p + 1) + 1)) == NULL) {
1809 			seterr(sc, "%s", strerror(errno));
1810 			return (-1);
1811 		}
1812 		strcpy(sc->cport, p + 1);
1813 
1814 	} else if (p > s) {
1815 		/* host */
1816 		free(sc->chost);
1817 		if ((sc->chost = malloc(strlen(s) + 1)) == NULL) {
1818 			seterr(sc, "%s", strerror(errno));
1819 			return (-1);
1820 		}
1821 		strcpy(sc->chost, s);
1822 	}
1823 	return (0);
1824 }
1825