userapps/opensource/net-snmp/include/net-snmp/library/vacm.h

   1 /*
   2  * vacm.h
   3  *
   4  * SNMPv3 View-based Access Control Model
   5  */
   6
   7 #ifndef VACM_H
   8 #define VACM_H
   9
  10 #ifdef __cplusplus
  11 extern          "C" {
  12 #endif
  13
  14 #define VACM_SUCCESS       0
  15 #define VACM_NOSECNAME     1
  16 #define VACM_NOGROUP       2
  17 #define VACM_NOACCESS      3
  18 #define VACM_NOVIEW        4
  19 #define VACM_NOTINVIEW     5
  20 #define VACM_NOSUCHCONTEXT 6
  21 #define VACM_SUBTREE_UNKNOWN 7
  22
  23 #define SECURITYMODEL   1
  24 #define SECURITYNAME    2
  25 #define SECURITYGROUP   3
  26 #define SECURITYSTORAGE 4
  27 #define SECURITYSTATUS  5
  28
  29 #define ACCESSPREFIX    1
  30 #define ACCESSMODEL     2
  31 #define ACCESSLEVEL     3
  32 #define ACCESSMATCH     4
  33 #define ACCESSREAD      5
  34 #define ACCESSWRITE     6
  35 #define ACCESSNOTIFY    7
  36 #define ACCESSSTORAGE   8
  37 #define ACCESSSTATUS    9
  38
  39 #define VACMVIEWSPINLOCK 1
  40 #define VIEWNAME        2
  41 #define VIEWSUBTREE     3
  42 #define VIEWMASK        4
  43 #define VIEWTYPE        5
  44 #define VIEWSTORAGE     6
  45 #define VIEWSTATUS      7
  46
  47 #define VACM_MAX_STRING 32
  48 #define VACMSTRINGLEN   34      /* VACM_MAX_STRING + 2 */
  49
  50     struct vacm_groupEntry {
  51         int             securityModel;
  52         char            securityName[VACMSTRINGLEN];
  53         char            groupName[VACMSTRINGLEN];
  54         int             storageType;
  55         int             status;
  56
  57         u_long          bitMask;
  58         struct vacm_groupEntry *reserved;
  59         struct vacm_groupEntry *next;
  60     };
  61
  62 #define CONTEXT_MATCH_EXACT  1
  63 #define CONTEXT_MATCH_PREFIX 2
  64     struct vacm_accessEntry {
  65         char            groupName[VACMSTRINGLEN];
  66         char            contextPrefix[VACMSTRINGLEN];
  67         int             securityModel;
  68         int             securityLevel;
  69         int             contextMatch;
  70         char            readView[VACMSTRINGLEN];
  71         char            writeView[VACMSTRINGLEN];
  72         char            notifyView[VACMSTRINGLEN];
  73         int             storageType;
  74         int             status;
  75
  76         u_long          bitMask;
  77         struct vacm_accessEntry *reserved;
  78         struct vacm_accessEntry *next;
  79     };
  80
  81     struct vacm_viewEntry {
  82         char            viewName[VACMSTRINGLEN];
  83         oid             viewSubtree[MAX_OID_LEN];
  84         size_t          viewSubtreeLen;
  85         u_char          viewMask[VACMSTRINGLEN];
  86         size_t          viewMaskLen;
  87         int             viewType;
  88         int             viewStorageType;
  89         int             viewStatus;
  90
  91         u_long          bitMask;
  92
  93         struct vacm_viewEntry *reserved;
  94         struct vacm_viewEntry *next;
  95     };
  96
  97     void            vacm_destroyViewEntry(const char *, oid *, size_t);
  98     void            vacm_destroyAllViewEntries(void);
  99
 100 #define VACM_MODE_FIND                0
 101 #define VACM_MODE_IGNORE_MASK         1
 102 #define VACM_MODE_CHECK_SUBTREE       2
 103     struct vacm_viewEntry *vacm_getViewEntry(const char *, oid *, size_t,
 104                                              int);
 105     /*
 106      * Returns a pointer to the viewEntry with the
 107      * same viewName and viewSubtree
 108      * Returns NULL if that entry does not exist.
 109      */
 110
 111     void
 112                     vacm_scanViewInit(void);
 113     /*
 114      * Initialized the scan routines so that they will begin at the
 115      * beginning of the list of viewEntries.
 116      *
 117      */
 118
 119
 120     struct vacm_viewEntry *vacm_scanViewNext(void);
 121     /*
 122      * Returns a pointer to the next viewEntry.
 123      * These entries are returned in no particular order,
 124      * but if N entries exist, N calls to view_scanNext() will
 125      * return all N entries once.
 126      * Returns NULL if all entries have been returned.
 127      * view_scanInit() starts the scan over.
 128      */
 129
 130     struct vacm_viewEntry *vacm_createViewEntry(const char *, oid *,
 131                                                 size_t);
 132     /*
 133      * Creates a viewEntry with the given index
 134      * and returns a pointer to it.
 135      * The status of this entry is created as invalid.
 136      */
 137
 138     void            vacm_destroyGroupEntry(int, const char *);
 139     void            vacm_destroyAllGroupEntries(void);
 140     struct vacm_groupEntry *vacm_createGroupEntry(int, const char *);
 141     struct vacm_groupEntry *vacm_getGroupEntry(int, const char *);
 142     void            vacm_scanGroupInit(void);
 143     struct vacm_groupEntry *vacm_scanGroupNext(void);
 144
 145     void            vacm_destroyAccessEntry(const char *, const char *,
 146                                             int, int);
 147     void            vacm_destroyAllAccessEntries(void);
 148     struct vacm_accessEntry *vacm_createAccessEntry(const char *,
 149                                                     const char *, int,
 150                                                     int);
 151     struct vacm_accessEntry *vacm_getAccessEntry(const char *,
 152                                                  const char *, int, int);
 153     void            vacm_scanAccessInit(void);
 154     struct vacm_accessEntry *vacm_scanAccessNext(void);
 155
 156     void            vacm_destroySecurityEntry(const char *);
 157     struct vacm_securityEntry *vacm_createSecurityEntry(const char *);
 158     struct vacm_securityEntry *vacm_getSecurityEntry(const char *);
 159     void            vacm_scanSecurityInit(void);
 160     struct vacm_securityEntry *vacm_scanSecurityEntry(void);
 161     int             vacm_is_configured(void);
 162
 163     void            vacm_save(const char *token, const char *type);
 164     void            vacm_save_view(struct vacm_viewEntry *view,
 165                                    const char *token, const char *type);
 166     void            vacm_save_access(struct vacm_accessEntry *access_entry,
 167                                      const char *token, const char *type);
 168     void            vacm_save_group(struct vacm_groupEntry *group_entry,
 169                                     const char *token, const char *type);
 170
 171     void            vacm_parse_config_view(const char *token, char *line);
 172     void            vacm_parse_config_group(const char *token, char *line);
 173     void            vacm_parse_config_access(const char *token,
 174                                              char *line);
 175
 176     int             store_vacm(int majorID, int minorID, void *serverarg,
 177                                void *clientarg);
 178
 179
 180 #ifdef __cplusplus
 181 }
 182 #endif
 183 #endif                          /* VACM_H */