snmp_agent_vacm.c File Reference

View-based Access Control Model (VACM) for SNMP. More...

#include "core/net.h"
#include "snmp/snmp_agent.h"
#include "snmp/snmp_agent_vacm.h"
#include "core/crypto.h"
#include "encoding/asn1.h"
#include "encoding/oid.h"
#include "debug.h"

Go to the source code of this file.

Macros

#define TRACE_LEVEL   SNMP_TRACE_LEVEL
 

Functions

error_t snmpIsAccessAllowed (SnmpAgentContext *context, const SnmpMessage *message, const uint8_t *oid, size_t oidLen)
 Access control verification. More...
 
SnmpGroupEntrysnmpCreateGroupEntry (SnmpAgentContext *context)
 Create a new group entry. More...
 
SnmpGroupEntrysnmpFindGroupEntry (SnmpAgentContext *context, uint_t securityModel, const char_t *securityName, size_t securityNameLen)
 Search the group table. More...
 
SnmpAccessEntrysnmpCreateAccessEntry (SnmpAgentContext *context)
 Create a new access entry. More...
 
SnmpAccessEntrysnmpFindAccessEntry (SnmpAgentContext *context, const char_t *groupName, const char_t *contextPrefix, uint_t securityModel, uint_t securityLevel)
 Search the access table for a given entry. More...
 
SnmpAccessEntrysnmpSelectAccessEntry (SnmpAgentContext *context, const char_t *groupName, const char_t *contextName, size_t contextNameLen, SnmpSecurityModel securityModel, SnmpSecurityLevel securityLevel)
 Find an access entry that matches the selection criteria. More...
 
SnmpViewEntrysnmpCreateViewEntry (SnmpAgentContext *context)
 Create a new view entry. More...
 
SnmpViewEntrysnmpFindViewEntry (SnmpAgentContext *context, const char_t *viewName, const uint8_t *subtree, size_t subtreeLen)
 Search the view table for a given entry. More...
 
SnmpViewEntrysnmpSelectViewEntry (SnmpAgentContext *context, const char_t *viewName, const uint8_t *oid, size_t oidLen)
 Find a view entry that matches the selection criteria. More...
 

Detailed Description

View-based Access Control Model (VACM) for SNMP.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneTCP Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Description

This module implements the View-based Access Control Model (VACM) for Simple Network Management Protocol (SNMP). Refer to RFC 3415 for complete details

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.0

Definition in file snmp_agent_vacm.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL   SNMP_TRACE_LEVEL

Definition at line 37 of file snmp_agent_vacm.c.

Function Documentation

◆ snmpCreateAccessEntry()

SnmpAccessEntry* snmpCreateAccessEntry ( SnmpAgentContext context)

Create a new access entry.

Parameters
[in]contextPointer to the SNMP agent context
Returns
Pointer to the newly created entry

Definition at line 325 of file snmp_agent_vacm.c.

◆ snmpCreateGroupEntry()

SnmpGroupEntry* snmpCreateGroupEntry ( SnmpAgentContext context)

Create a new group entry.

Parameters
[in]contextPointer to the SNMP agent context
Returns
Pointer to the newly created entry

Definition at line 223 of file snmp_agent_vacm.c.

◆ snmpCreateViewEntry()

SnmpViewEntry* snmpCreateViewEntry ( SnmpAgentContext context)

Create a new view entry.

Parameters
[in]contextPointer to the SNMP agent context
Returns
Pointer to the newly created entry

Definition at line 548 of file snmp_agent_vacm.c.

◆ snmpFindAccessEntry()

SnmpAccessEntry* snmpFindAccessEntry ( SnmpAgentContext context,
const char_t groupName,
const char_t contextPrefix,
uint_t  securityModel,
uint_t  securityLevel 
)

Search the access table for a given entry.

Parameters
[in]contextPointer to the SNMP agent context
[in]groupNameGroup name
[in]contextPrefixContext name prefix
[in]securityModelSecurity model
[in]securityLevelSecurity level
Returns
Pointer to the matching entry

Definition at line 378 of file snmp_agent_vacm.c.

◆ snmpFindGroupEntry()

SnmpGroupEntry* snmpFindGroupEntry ( SnmpAgentContext context,
uint_t  securityModel,
const char_t securityName,
size_t  securityNameLen 
)

Search the group table.

Parameters
[in]contextPointer to the SNMP agent context
[in]securityModelSecurity model
[in]securityNamePointer to the security name
[in]securityNameLenLength of the security name
Returns
Pointer to the matching entry

Definition at line 275 of file snmp_agent_vacm.c.

◆ snmpFindViewEntry()

SnmpViewEntry* snmpFindViewEntry ( SnmpAgentContext context,
const char_t viewName,
const uint8_t *  subtree,
size_t  subtreeLen 
)

Search the view table for a given entry.

Parameters
[in]contextPointer to the SNMP agent context
[in]viewNameView name
[in]subtreePointer to the MIB subtree
[in]subtreeLenLength of the MIB subtree
Returns
Pointer to the matching entry

Definition at line 600 of file snmp_agent_vacm.c.

◆ snmpIsAccessAllowed()

error_t snmpIsAccessAllowed ( SnmpAgentContext context,
const SnmpMessage message,
const uint8_t *  oid,
size_t  oidLen 
)

Access control verification.

Parameters
[in]contextPointer to the SNMP agent context
[in]messagePointer to the received SNMP message
[in]oidOID for the managed object
[in]oidLenLength of the OID, in bytes
Returns
Error code

Definition at line 61 of file snmp_agent_vacm.c.

◆ snmpSelectAccessEntry()

SnmpAccessEntry* snmpSelectAccessEntry ( SnmpAgentContext context,
const char_t groupName,
const char_t contextName,
size_t  contextNameLen,
SnmpSecurityModel  securityModel,
SnmpSecurityLevel  securityLevel 
)

Find an access entry that matches the selection criteria.

Parameters
[in]contextPointer to the SNMP agent context
[in]groupNameNULL-terminated string that contains the group name
[in]contextNamePointer to the context name
[in]contextNameLenLength of the context name
[in]securityModelSecurity model
[in]securityLevelSecurity level
Returns
Pointer to the matching entry

Definition at line 435 of file snmp_agent_vacm.c.

◆ snmpSelectViewEntry()

SnmpViewEntry* snmpSelectViewEntry ( SnmpAgentContext context,
const char_t viewName,
const uint8_t *  oid,
size_t  oidLen 
)

Find a view entry that matches the selection criteria.

Parameters
[in]contextPointer to the SNMP agent context
[in]viewNameNULL-terminated string that contains the view name
[in]oidOID for the managed object
[in]oidLenLength of the OID, in bytes
Returns
Pointer to the matching entry

Definition at line 653 of file snmp_agent_vacm.c.