1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 1992,1997-2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 /* Copyright (c) 1990 Mentat Inc. */ 27 28 #pragma ident "%Z%%M% %I% %E% SMI" 29 30 /* 31 * This file contains common code for handling Options Management requests 32 * for SNMP/MIB. 33 */ 34 35 #include <sys/types.h> 36 #include <sys/stream.h> 37 #include <sys/stropts.h> 38 #include <sys/errno.h> 39 #define _SUN_TPI_VERSION 2 40 #include <sys/tihdr.h> 41 #include <sys/ddi.h> 42 #include <sys/cmn_err.h> 43 #include <sys/policy.h> 44 45 #include <sys/socket.h> 46 #include <netinet/in.h> 47 48 #include <inet/common.h> 49 #include <inet/mi.h> 50 #include <inet/mib2.h> 51 #include <inet/optcom.h> 52 #include <inet/snmpcom.h> 53 54 #define DEFAULT_LENGTH sizeof (long) 55 #define DATA_MBLK_SIZE 1024 56 #define TOAHDR_SIZE (sizeof (struct T_optmgmt_ack) +\ 57 sizeof (struct opthdr)) 58 59 /* SNMP Option Request Structure */ 60 typedef struct sor_s { 61 int sor_group; 62 int sor_code; /* MIB2 index value */ 63 int sor_size; 64 } sor_t; 65 66 /* 67 * Validation Table for set requests. 68 */ 69 static sor_t req_arr[] = { 70 { MIB2_IP, 1, sizeof (int) }, 71 { MIB2_IP, 2, sizeof (int) }, 72 { MIB2_IP, 21, sizeof (mib2_ipRouteEntry_t) }, 73 { MIB2_IP, 22, sizeof (mib2_ipNetToMediaEntry_t)}, 74 { MIB2_TCP, 13, sizeof (mib2_tcpConnEntry_t) } 75 }; 76 77 /* 78 * Binary compatibility to what used to be T_CURRENT in older releases. 79 * Unfortunately, the binary chosen for it was different and used by 80 * T_PARTSUCCESS in the new name space. However T_PARTSUCESS is only 81 * anticiapted in new T_OPTMGM_REQ (and not O_T_OPTMGMT_REQ messages). 82 * Only a test for TBADFLAG which uses one of the MIB option levels 83 * may have trouble with this provision for binary compatibility. 84 */ 85 #define OLD_T_CURRENT 0x100 /* same value as T_PARTSUCCESS */ 86 87 /* 88 * MIB info returned in data part of M_PROTO msg. All info for a single 89 * request is appended in a chain of mblk's off of the M_PROTO T_OPTMGMT_ACK 90 * ctl buffer. 91 */ 92 int 93 snmp_append_data(mpdata, blob, len) 94 mblk_t *mpdata; 95 char *blob; 96 int len; 97 { 98 99 if (!mpdata) 100 return (0); 101 while (mpdata->b_cont) 102 mpdata = mpdata->b_cont; 103 if (mpdata->b_wptr + len >= mpdata->b_datap->db_lim) { 104 mpdata->b_cont = allocb(DATA_MBLK_SIZE, BPRI_HI); 105 mpdata = mpdata->b_cont; 106 if (!mpdata) 107 return (0); 108 } 109 bcopy(blob, (char *)mpdata->b_wptr, len); 110 mpdata->b_wptr += len; 111 return (1); 112 } 113 114 /* 115 * Need a form which avoids O(n^2) behavior locating the end of the 116 * chain every time. This is it. 117 */ 118 int 119 snmp_append_data2(mblk_t *mpdata, mblk_t **last_mpp, char *blob, int len) 120 { 121 122 if (!mpdata) 123 return (0); 124 if (*last_mpp == NULL) { 125 while (mpdata->b_cont) 126 mpdata = mpdata->b_cont; 127 *last_mpp = mpdata; 128 } 129 if ((*last_mpp)->b_wptr + len >= (*last_mpp)->b_datap->db_lim) { 130 (*last_mpp)->b_cont = allocb(DATA_MBLK_SIZE, BPRI_HI); 131 *last_mpp = (*last_mpp)->b_cont; 132 if (!*last_mpp) 133 return (0); 134 } 135 bcopy(blob, (char *)(*last_mpp)->b_wptr, len); 136 (*last_mpp)->b_wptr += len; 137 return (1); 138 } 139 140 /* 141 * SNMP requests are issued using putmsg() on a stream containing all 142 * relevant modules. The ctl part contains a O_T_OPTMGMT_REQ message, 143 * and the data part is NULL 144 * to process this msg. If snmpcom_req() returns FALSE, then the module 145 * will try optcom_req to see if its some sort of SOCKET or IP option. 146 * snmpcom_req returns TRUE whenever the first option is recognized as 147 * an SNMP request, even if a bad one. 148 * 149 * "get" is done by a single O_T_OPTMGMT_REQ with MGMT_flags set to T_CURRENT. 150 * All modules respond with one or msg's about what they know. Responses 151 * are in T_OPTMGMT_ACK format. The opthdr level/name fields identify what 152 * is begin returned, the len field how big it is (in bytes). The info 153 * itself is in the data portion of the msg. Fixed length info returned 154 * in one msg; each table in a separate msg. 155 * 156 * setfn() returns 1 if things ok, 0 if set request invalid or otherwise 157 * messed up. 158 * 159 * If the passed q is at the bottom of the module chain (q_next == NULL, 160 * a ctl msg with req->name, level, len all zero is sent upstream. This 161 * is and EOD flag to the caller. 162 * 163 * IMPORTANT: 164 * - The msg type is M_PROTO, not M_PCPROTO!!! This is by design, 165 * since multiple messages will be sent to stream head and we want 166 * them queued for reading, not discarded. 167 * - All requests which match a table entry are sent to all get/set functions 168 * of each module. The functions must simply ignore requests not meant 169 * for them: getfn() returns 0, setfn() returns 1. 170 */ 171 boolean_t 172 snmpcom_req(q, mp, setfn, getfn, credp) 173 queue_t *q; 174 mblk_t *mp; 175 pfi_t setfn; 176 pfi_t getfn; 177 cred_t *credp; 178 { 179 mblk_t *mpctl; 180 struct opthdr *req; 181 struct opthdr *next_req; 182 struct opthdr *req_end; 183 struct opthdr *req_start; 184 sor_t *sreq; 185 struct T_optmgmt_req *tor = (struct T_optmgmt_req *)mp->b_rptr; 186 struct T_optmgmt_ack *toa; 187 188 if (mp->b_cont) { /* don't deal with multiple mblk's */ 189 freemsg(mp->b_cont); 190 mp->b_cont = (mblk_t *)0; 191 optcom_err_ack(q, mp, TSYSERR, EBADMSG); 192 return (B_TRUE); 193 } 194 if ((mp->b_wptr - mp->b_rptr) < sizeof (struct T_optmgmt_req) || 195 !(req_start = (struct opthdr *)mi_offset_param(mp, 196 tor->OPT_offset, tor->OPT_length))) 197 goto bad_req1; 198 if (! __TPI_OPT_ISALIGNED(req_start)) 199 goto bad_req1; 200 201 /* 202 * if first option not in the MIB2 or EXPER range, return false so 203 * optcom_req can scope things out. Otherwise it's passed to each 204 * calling module to process or ignore as it sees fit. 205 */ 206 if ((!(req_start->level >= MIB2_RANGE_START && 207 req_start->level <= MIB2_RANGE_END)) && 208 (!(req_start->level >= EXPER_RANGE_START && 209 req_start->level <= EXPER_RANGE_END))) 210 return (B_FALSE); 211 212 switch (tor->MGMT_flags) { 213 214 case T_NEGOTIATE: 215 if (secpolicy_net_config(credp, B_FALSE) != 0) { 216 optcom_err_ack(q, mp, TACCES, 0); 217 return (B_TRUE); 218 } 219 req_end = (struct opthdr *)((uchar_t *)req_start + 220 tor->OPT_length); 221 for (req = req_start; req < req_end; req = next_req) { 222 next_req = 223 (struct opthdr *)((uchar_t *)&req[1] + 224 _TPI_ALIGN_OPT(req->len)); 225 if (next_req > req_end) 226 goto bad_req2; 227 for (sreq = req_arr; sreq < A_END(req_arr); sreq++) { 228 if (req->level == sreq->sor_group && 229 req->name == sreq->sor_code) 230 break; 231 } 232 if (sreq >= A_END(req_arr)) 233 goto bad_req3; 234 if (!(*setfn)(q, req->level, req->name, 235 (uchar_t *)&req[1], req->len)) 236 goto bad_req4; 237 } 238 if (q->q_next) 239 putnext(q, mp); 240 else 241 freemsg(mp); 242 return (B_TRUE); 243 244 case OLD_T_CURRENT: 245 case T_CURRENT: 246 mpctl = allocb(TOAHDR_SIZE, BPRI_MED); 247 if (!mpctl) { 248 optcom_err_ack(q, mp, TSYSERR, ENOMEM); 249 return (B_TRUE); 250 } 251 mpctl->b_cont = allocb(DATA_MBLK_SIZE, BPRI_MED); 252 if (!mpctl->b_cont) { 253 freemsg(mpctl); 254 optcom_err_ack(q, mp, TSYSERR, ENOMEM); 255 return (B_TRUE); 256 } 257 mpctl->b_datap->db_type = M_PROTO; 258 mpctl->b_wptr += TOAHDR_SIZE; 259 toa = (struct T_optmgmt_ack *)mpctl->b_rptr; 260 toa->PRIM_type = T_OPTMGMT_ACK; 261 toa->OPT_offset = sizeof (struct T_optmgmt_ack); 262 toa->OPT_length = sizeof (struct opthdr); 263 toa->MGMT_flags = T_SUCCESS; 264 if (!(*getfn)(q, mpctl)) 265 freemsg(mpctl); 266 /* 267 * all data for this module has now been sent upstream. If 268 * this is bottom module of stream, send up an EOD ctl msg, 269 * otherwise pass onto the next guy for processing. 270 */ 271 if (q->q_next) { 272 putnext(q, mp); 273 return (B_TRUE); 274 } 275 if (mp->b_cont) { 276 freemsg(mp->b_cont); 277 mp->b_cont = NULL; 278 } 279 mpctl = reallocb(mp, TOAHDR_SIZE, 1); 280 if (!mpctl) { 281 optcom_err_ack(q, mp, TSYSERR, ENOMEM); 282 return (B_TRUE); 283 } 284 mpctl->b_datap->db_type = M_PROTO; 285 mpctl->b_wptr = mpctl->b_rptr + TOAHDR_SIZE; 286 toa = (struct T_optmgmt_ack *)mpctl->b_rptr; 287 toa->PRIM_type = T_OPTMGMT_ACK; 288 toa->OPT_offset = sizeof (struct T_optmgmt_ack); 289 toa->OPT_length = sizeof (struct opthdr); 290 toa->MGMT_flags = T_SUCCESS; 291 req = (struct opthdr *)&toa[1]; 292 req->level = 0; 293 req->name = 0; 294 req->len = 0; 295 qreply(q, mpctl); 296 return (B_TRUE); 297 298 default: 299 optcom_err_ack(q, mp, TBADFLAG, 0); 300 return (B_TRUE); 301 } 302 303 bad_req1:; 304 printf("snmpcom bad_req1\n"); 305 goto bad_req; 306 bad_req2:; 307 printf("snmpcom bad_req2\n"); 308 goto bad_req; 309 bad_req3:; 310 printf("snmpcom bad_req3\n"); 311 goto bad_req; 312 bad_req4:; 313 printf("snmpcom bad_req4\n"); 314 /* FALLTHRU */ 315 bad_req:; 316 optcom_err_ack(q, mp, TBADOPT, 0); 317 return (B_TRUE); 318 319 } 320