00001 #ifndef SNMPSECMOD_H 00002 #define SNMPSECMOD_H 00003 00004 #ifdef __cplusplus 00005 extern "C" { 00006 #endif 00007 00008 #include <net-snmp/library/snmp_transport.h> 00009 00010 /* Locally defined security models. 00011 * (Net-SNMP enterprise number = 8072)*256 + local_num 00012 */ 00013 #define NETSNMP_KSM_SECURITY_MODEL 2066432 00014 #define NETSNMP_TSM_SECURITY_MODEL 2066434 00015 00016 struct snmp_secmod_def; 00017 00018 /* 00019 * parameter information passed to security model routines 00020 */ 00021 struct snmp_secmod_outgoing_params { 00022 int msgProcModel; 00023 u_char *globalData; 00024 size_t globalDataLen; 00025 int maxMsgSize; 00026 int secModel; 00027 u_char *secEngineID; 00028 size_t secEngineIDLen; 00029 char *secName; 00030 size_t secNameLen; 00031 int secLevel; 00032 u_char *scopedPdu; 00033 size_t scopedPduLen; 00034 void *secStateRef; 00035 u_char *secParams; 00036 size_t *secParamsLen; 00037 u_char **wholeMsg; 00038 size_t *wholeMsgLen; 00039 size_t *wholeMsgOffset; 00040 netsnmp_pdu *pdu; /* IN - the pdu getting encoded */ 00041 netsnmp_session *session; /* IN - session sending the message */ 00042 }; 00043 00044 struct snmp_secmod_incoming_params { 00045 int msgProcModel; /* IN */ 00046 size_t maxMsgSize; /* IN - Used to calc maxSizeResponse. */ 00047 00048 u_char *secParams; /* IN - BER encoded securityParameters. */ 00049 int secModel; /* IN */ 00050 int secLevel; /* IN - AuthNoPriv; authPriv etc. */ 00051 00052 u_char *wholeMsg; /* IN - Original v3 message. */ 00053 size_t wholeMsgLen; /* IN - Msg length. */ 00054 00055 u_char *secEngineID; /* OUT - Pointer snmpEngineID. */ 00056 size_t *secEngineIDLen; /* IN/OUT - Len available; len returned. */ 00057 /* 00058 * NOTE: Memory provided by caller. 00059 */ 00060 00061 char *secName; /* OUT - Pointer to securityName. */ 00062 size_t *secNameLen; /* IN/OUT - Len available; len returned. */ 00063 00064 u_char **scopedPdu; /* OUT - Pointer to plaintext scopedPdu. */ 00065 size_t *scopedPduLen; /* IN/OUT - Len available; len returned. */ 00066 00067 size_t *maxSizeResponse; /* OUT - Max size of Response PDU. */ 00068 void **secStateRef; /* OUT - Ref to security state. */ 00069 netsnmp_session *sess; /* IN - session which got the message */ 00070 netsnmp_pdu *pdu; /* IN - the pdu getting parsed */ 00071 u_char msg_flags; /* IN - v3 Message flags. */ 00072 }; 00073 00074 00075 /* 00076 * function pointers: 00077 */ 00078 00079 /* 00080 * free's a given security module's data; called at unregistration time 00081 */ 00082 typedef int (SecmodSessionCallback) (netsnmp_session *); 00083 typedef int (SecmodPduCallback) (netsnmp_pdu *); 00084 typedef int (Secmod2PduCallback) (netsnmp_pdu *, netsnmp_pdu *); 00085 typedef int (SecmodOutMsg) (struct snmp_secmod_outgoing_params *); 00086 typedef int (SecmodInMsg) (struct snmp_secmod_incoming_params *); 00087 typedef void (SecmodFreeState) (void *); 00088 typedef void (SecmodHandleReport) (void *sessp, 00089 netsnmp_transport *transport, 00090 netsnmp_session *, 00091 int result, 00092 netsnmp_pdu *origpdu); 00093 typedef int (SecmodDiscoveryMethod) (void *slp, 00094 netsnmp_session *session); 00095 00096 /* 00097 * definition of a security module 00098 */ 00099 00100 /* 00101 * all of these callback functions except the encoding and decoding 00102 * routines are optional. The rest of them are available if need. 00103 */ 00104 struct snmp_secmod_def { 00105 /* 00106 * session maniplation functions 00107 */ 00108 SecmodSessionCallback *session_open; /* called in snmp_sess_open() */ 00109 SecmodSessionCallback *session_close; /* called in snmp_sess_close() */ 00110 00111 /* 00112 * pdu manipulation routines 00113 */ 00114 SecmodPduCallback *pdu_free; /* called in free_pdu() */ 00115 Secmod2PduCallback *pdu_clone; /* called in snmp_clone_pdu() */ 00116 SecmodPduCallback *pdu_timeout; /* called when request timesout */ 00117 SecmodFreeState *pdu_free_state_ref; /* frees pdu->securityStateRef */ 00118 00119 /* 00120 * de/encoding routines: mandatory 00121 */ 00122 SecmodOutMsg *encode_reverse; /* encode packet back to front */ 00123 SecmodOutMsg *encode_forward; /* encode packet forward */ 00124 SecmodInMsg *decode; /* decode & validate incoming */ 00125 00126 /* 00127 * error and report handling 00128 */ 00129 SecmodHandleReport *handle_report; 00130 00131 /* 00132 * default engineID discovery mechanism 00133 */ 00134 SecmodDiscoveryMethod *probe_engineid; 00135 }; 00136 00137 00138 /* 00139 * internal list 00140 */ 00141 struct snmp_secmod_list { 00142 int securityModel; 00143 struct snmp_secmod_def *secDef; 00144 struct snmp_secmod_list *next; 00145 }; 00146 00147 00148 /* 00149 * register a security service 00150 */ 00151 int register_sec_mod(int, const char *, 00152 struct snmp_secmod_def *); 00153 /* 00154 * find a security service definition 00155 */ 00156 struct snmp_secmod_def *find_sec_mod(int); 00157 /* 00158 * register a security service 00159 */ 00160 int unregister_sec_mod(int); /* register a security service */ 00161 void init_secmod(void); 00162 00163 /* 00164 * clears the sec_mod list 00165 */ 00166 void clear_sec_mod(void); 00167 00168 #ifdef __cplusplus 00169 } 00170 #endif 00171 #endif /* SNMPSECMOD_H */
1.5.7.1
Last modified: Tuesday, 23-Dec-2025 17:22:04 UTC
For questions regarding web content and site functionality, please write to the net-snmp-users mail list.