2 * security service wrapper to support pluggable security models
5 #include <net-snmp/net-snmp-config.h>
24 #include <net-snmp/types.h>
25 #include <net-snmp/output_api.h>
26 #include <net-snmp/config_api.h>
27 #include <net-snmp/utilities.h>
29 #include <net-snmp/library/snmp_api.h>
30 #include <net-snmp/library/snmp_enum.h>
31 #include <net-snmp/library/callback.h>
32 #include <net-snmp/library/snmp_secmod.h>
33 #include <net-snmp/library/snmpusm.h>
35 static struct snmp_secmod_list *registered_services = NULL;
37 static SNMPCallback set_default_secmod;
42 snmp_register_callback(SNMP_CALLBACK_LIBRARY,
43 SNMP_CALLBACK_SESSION_INIT, set_default_secmod,
46 netsnmp_ds_register_config(ASN_OCTET_STR, "snmp", "defSecurityModel",
47 NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_SECMODEL);
49 * this file is generated by configure for all the stuff we're using
51 #ifdef BRCM_SNMP_MIB_SUPPORT
52 #include "snmpsm_init.h"
58 register_sec_mod(int secmod, const char *modname,
59 struct snmp_secmod_def *newdef)
62 struct snmp_secmod_list *sptr;
65 for (sptr = registered_services; sptr; sptr = sptr->next) {
66 if (sptr->securityModel == secmod) {
67 return SNMPERR_GENERR;
70 sptr = SNMP_MALLOC_STRUCT(snmp_secmod_list);
72 return SNMPERR_MALLOC;
73 sptr->secDef = newdef;
74 sptr->securityModel = secmod;
75 sptr->next = registered_services;
76 registered_services = sptr;
78 se_add_pair_to_slist("snmp_secmods", strdup(modname), secmod))
82 snmp_log(LOG_CRIT, "snmp_secmod: no memory\n");
85 case SE_ALREADY_THERE:
86 othername = se_find_label_in_slist("snmp_secmods", secmod);
87 if (strcmp(othername, modname) != 0) {
89 "snmp_secmod: two security modules %s and %s registered with the same security number\n",
96 "snmp_secmod: unknown error trying to register a new security module\n");
99 return SNMPERR_GENERR;
101 return SNMPERR_SUCCESS;
105 unregister_sec_mod(int secmod)
107 struct snmp_secmod_list *sptr, *lptr;
109 for (sptr = registered_services, lptr = NULL; sptr;
110 lptr = sptr, sptr = sptr->next) {
111 if (sptr->securityModel == secmod) {
112 lptr->next = sptr->next;
114 return SNMPERR_SUCCESS;
120 return SNMPERR_GENERR;
123 struct snmp_secmod_def *
124 find_sec_mod(int secmod)
126 struct snmp_secmod_list *sptr;
128 for (sptr = registered_services; sptr; sptr = sptr->next) {
129 if (sptr->securityModel == secmod) {
140 set_default_secmod(int major, int minor, void *serverarg, void *clientarg)
142 netsnmp_session *sess = (netsnmp_session *) serverarg;
147 return SNMPERR_GENERR;
148 if (sess->securityModel == SNMP_DEFAULT_SECMODEL) {
149 if ((cptr = netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID,
150 NETSNMP_DS_LIB_SECMODEL)) != NULL) {
151 if ((model = se_find_value_in_slist("snmp_secmods", cptr))
153 sess->securityModel = model;
156 "unknown security model name: %s. Forcing USM instead.\n",
158 sess->securityModel = USM_SEC_MODEL_NUMBER;
159 return SNMPERR_GENERR;
162 sess->securityModel = USM_SEC_MODEL_NUMBER;
165 return SNMPERR_SUCCESS;