Commit Graph

210 Commits

Author SHA1 Message Date
Enji Cooper
02ff676c4d MIB-II: use strlcpy when copying interface names to .ifr_name
.ifra_name is assumed to be NUL terminated; using strlcpy(3)
ensures that it's indeed NUL terminated whereas strncpy does
not.

Tested and verified as follows with a combination of ifconfig,
snmpget, and snmpset:

  % ifconfig create lo1 127.0.0.2/8
  % SNMPARGS="-v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des -X bsnmptest localhost"
  % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
  IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
  % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 2
  IF-MIB::ifAdminStatus.4 = INTEGER: down(2)
  % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
  IF-MIB::ifAdminStatus.4 = INTEGER: down(2)
  % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 1
  IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
  % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4
  IF-MIB::ifAdminStatus.4 = INTEGER: up(1)

MFC after:	2 weeks
Reported by:	Coverity
CID:		1009652-1009656, 1349850
2016-12-31 11:50:36 +00:00
Enji Cooper
1e5211d238 Unbreak the build by passing the string to strdup, not its length
MFC after:	1 week
X-MFC with:	r310931
Pointyhat to:	ngie
2016-12-31 11:24:12 +00:00
Enji Cooper
bfb81e6524 Use strdup in snmp_parse_server(..) when possible instead of malloc+strcpy
This simplifies the code and mutes a Coverity warning about sc->cport being
improperly allocated

Reported by:	Coverity
CID:		1018247
MFC after:	1 week
2016-12-31 11:13:00 +00:00
Enji Cooper
8373993535 Guard against use-after-free after calling mibif_free(..)
Set variables to NULL after calling free.

Also, remove unnecessary if (x != NULL) checks before calling free(x)

MFC after:	1 week
2016-12-30 23:44:39 +00:00
Enji Cooper
2fd30e016e Fix whitespace in a comment and fixing a spelling error in a comment
MFC after:	3 days
2016-12-30 21:41:01 +00:00
Enji Cooper
b8882958b3 Use uint32_t instead of u_int32_t for or_last_change and services in "struct systemg"
This is being done to match "struct systemg" in snmpmod(3)

No functional change

MFC after:	3 days
2016-12-29 08:16:43 +00:00
Enji Cooper
6c9b7542ef Prevent improper memory accesses after calling snmp_pdu_free and snmp_value_free
snmp_pdu_free: set pdu->nbindings to 0 to limit the damage that
could happen if a pdu was reused after calling the function, and
as both stack and heap allocation types are used in contrib/bsnmp
and usr.sbin/bsnmpd.

snmp_value_free: NULL out value->v.octetstring.octets after calling
free on it to prevent a double-free from occurring.

MFC after:      2 weeks
2016-12-29 00:20:03 +00:00
Enji Cooper
b3972edb64 style(9): ip_get(..): clean up whitespace
MFC after:	3 days
2016-12-28 05:05:08 +00:00
Enji Cooper
700d391fb8 style(9): snmp_send_packet(..): fix whitespace
MFC after:	3 days
2016-12-28 04:56:15 +00:00
Enji Cooper
bc54857ed0 style(9): fix whitespace in pdu_encode_secparams(..)
MFC after:	3 days
2016-12-28 04:53:52 +00:00
Enji Cooper
5120d21c63 style(9): sort alignment in udp_recv(..)
MFC after:	3 weeks
2016-12-28 04:31:07 +00:00
Enji Cooper
8d7f605b6c Fix bsnmpd sending/receiving with multi-homed configurations or INADDR_ANY used
as the listening address in snmpd_input(..)

Stash the IPv4 address of the receiver via the recv(..) callback and use it in
the send(..) callback for the transport by specifying IP_SENDSRCADDR for the
control message type.

Add sendmsg logic to the UDP transport's send(..) callback and use the
respective send(..) callback for the transport instead of calling sendto in
snmpd_input(..).

MFC after:      3 weeks
Obtained from:  Isilon OneFS (^/onefs/branches/BR_8_0_0_DEV@r507595)
Submitted by:   Thor Steingrimsson <thor.steingrimsson@isilon.com>
Sponsored by:   Dell EMC Isilon
2016-12-28 04:29:09 +00:00
Enji Cooper
e1d581b289 style(9): clean up trailing whitespace
MFC after:	3 weeks
2016-12-27 23:32:54 +00:00
Enji Cooper
23516259fd style(9): fix trailing whitespace
MFC after:	3 days
2016-12-26 11:16:55 +00:00
Enji Cooper
3b7e3b0ae5 Update engine time using update_snmpd_engine_time(..)
MFC after:	6 days
X-MFC with:	r310498
Sponsored by:	Dell EMC Isilon
2016-12-26 11:11:30 +00:00
Enji Cooper
0077de5654 Fix return type for ret (recv callback) and sort variables by alignment
Again, for reasons I don't yet understand, this is not being flagged by the
compiler. Unlike the issue addressed in r310587, this problem existed prior
to r310586

MFC after:	2 weeks
X-MFC with:	r310586, r310587
2016-12-26 10:24:48 +00:00
Enji Cooper
2bc1d16ea7 Fix definition for recv_dgram(..); it should be "ssize_t", not "int"
I'm not sure why this wasn't flagged as an issue by the compiler, yet

MFC after:	3 weeks
X-MFC with:	r310586
2016-12-26 10:21:28 +00:00
Enji Cooper
0ba351ef58 Refactor transport sources a bit to facilitate changes coming down pipeline
Add recv callback to transport layer to better facilitate code reuse and
readability and for symmetry with send callback. Move recv_dgram and
recv_stream to udp_recv and lsock_recv, respectively, and make the
beforementioned functions recv callbacks for the udp and lsock transports,
respectively.

Consolidate the check_priv* functions in their relevant trans*.c source to
limit scope/use.

Note: this code is roughly based content from the submitter, although this
was modified to be more of a direct move from snmpd/main.c to the trans_*.c
sources, and to reduce unnecessary static function declarations.

MFC after:	2 weeks
Submitted by:	Thor Steingrimsson <thor.steingrimsson@isilon.com>
Sponsored by:	Dell EMC Isilon
2016-12-26 10:17:22 +00:00
Enji Cooper
0327a0e823 Fix style(9)
- Sort #includes
- Delete trailing whitespace

No functional change

MFC after:	3 days
2016-12-26 07:31:16 +00:00
Enji Cooper
9ca3777288 style(9): delete stray trailing whitespace after break statement
MFC after:	3 days
2016-12-24 11:49:25 +00:00
Enji Cooper
6521e5f846 Be more strict about IpAddress type in snmp_value_parse(..)
- Use inet_pton with AF_INET instead of doing longhand with sscanf.
- Use gethostbyname2 with AF_INET to ensure that the hostname isn't
  accidentally parsed with another address family, e.g. AF_INET6.

NB: IpAddress per RFC-2578 is IPv4 only. Work is in progress to add
    the InetAddress type and friends documented in RFC-4001 and
    elsewhere (which supports IPv4, IPv6, and more).

MFC after:	2 weeks
2016-12-24 11:41:16 +00:00
Enji Cooper
3b9712fa95 Minor style(9) fixes
- Trailing whitespace cleanup
- Sort variables in snmp_dialog(..) by alignment

No functional change

MFC after:	1 week
2016-12-24 11:30:24 +00:00
Enji Cooper
846157438d Sort #includes
No functional change

MFC after:	3 days
2016-12-24 11:26:55 +00:00
Enji Cooper
88cdfafad2 Allow SNMPv3 authNoPriv and noAuthNoPriv protocols to discover snmpEngineTime
as discussed in RFC-5343

This fixes interoperability with net-snmp.

Tested with the following invocations of snmpwalk (from net-snmp):

- noAuthNoPriv:

  % snmpwalk -v 3 -n '' -u public localhost snmpEngineTime

- authNoPriv:

  % snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authNoPriv -a sha localhost \
    localhost snmpEngineTime

- authPriv:

  % snmpwalk -v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des \
    -X bsnmptest localhost snmpEngineTime

MFC after:	1 week
Obtained from:	Isilon OneFS (5ec6d772cacbc, with minor tweaks)
Submitted by:	Austin Voecks <austin.voecks@isilon.com>
Sponsored by:	Dell EMC Isilon
2016-12-24 11:23:18 +00:00
Enji Cooper
650eded917 Sort #includes per style(9)
No functional change

MFC after:	3 days
2016-12-23 07:55:13 +00:00
Enji Cooper
f29369b7fb Clarify failure in snmp_output(..) with call to snmp_pdu_decode
- Explicitly test snmp_pdu_encode against SNMP_CODE_OK instead of assuming
  any non-zero value is bad.
- Print out the code before calling abort() to give the end-user something
  actionable to debug without having to recompile the binary, since the
  core might not have these details.

MFC after:	1 week
2016-12-23 05:07:28 +00:00
Enji Cooper
7c25494706 Clean up trailing and leading whitespace
Fix variable type alignment in snmp_dialog(..)

MFC after:	1 week
2016-12-18 05:31:54 +00:00
Shteryana Shopova
3b49535a5a Reply to a snmpEngineID discovery PDU with a Report PDU as per the
requirements of RFC 3414 section 4.

PR:	174974
Submitted by:	pguyot@kallisys.net
Reported by:	several people
Reviewed by:	bz@
2016-11-10 20:51:26 +00:00
Shteryana Shopova
1108712cb5 Fix a regression introduced in SVN r256678 that breaks USM header parsing
Reviewed by:	bz@
2016-10-24 21:05:23 +00:00
Gleb Smirnoff
9aa8749970 Revert r299830, it has couple of fatal errors.
The CMSG_ family of macros take care of alignment, so we don't need r299830
at all, even if it was correct.  Put NO_WCAST_ALIGN into Makefile.

Together with:	peter
2016-05-18 22:02:19 +00:00
Enji Cooper
9ea0bf43e5 Fix .Dd
Today is the 14th, not the 10th of May

Reported by: igor (derp)
Sponsored by: EMC / Isilon Storage Division
2016-05-15 03:44:32 +00:00
Enji Cooper
9e1f7d9aa0 Fix fully canonicalized example for myvariable.27...
`6` doesn't occur in the OID; it was spurious

Bump .Dd for the change

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-15 03:43:36 +00:00
Enji Cooper
3b8e9f554f Remove trailing whitespace in license tort
MFC after: 1 week
Reported by: igor
Sponsored by: EMC / Isilon Storage Division
2016-05-15 03:41:01 +00:00
Enji Cooper
09ac27c318 Fix -Wcast-align warnings
Use memcpy instead of using direct assignment of void* pointers with
CMSG_DATA(..), which changes alignment

MFC after: 3 weeks
Reported by: clang
Sponsored by: EMC / Isilon Storage Division
2016-05-15 03:36:19 +00:00
Enji Cooper
126b5bb6a4 Use SNMPD_INPUT_FAILED instead of SNMP_CODE_FAILED
SNMPD_INPUT_FAILED is `enum snmpd_input_err` type (which matches the return
code from the function). SNMP_CODE_FAILED is `enum snmp_code` type.

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2016-05-15 00:54:21 +00:00
Enji Cooper
a7ff045627 Use sizeof(..)s for the destination buffers instead of hardcoded values corresponding
to the destination buffer sizes

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2016-05-15 00:13:36 +00:00
Enji Cooper
d208c8fa3f Replace QUADFMT with %ju and QUADXFMT with %jx and cast values with uintmax_t
This will cure some -Wformat warnings

MFC after: 1 week
Reported by: clang, gcc
Sponsored by: EMC / Isilon Storage Division
2016-05-15 00:10:37 +00:00
Conrad Meyer
4aa1608aee bsnmpd: Fix size of trapsink::comm to match other community arrays
This fixes a number of possible strcpy() buffer overruns between the various
community strings in trap.c.

Reported by:	Coverity
CIDs:		1006820, 1006821, 1006822
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 17:06:03 +00:00
Conrad Meyer
5f0d846034 bsnmp: Don't overrun privkey buffer by copying wrong size
The 'priv_key' array is SNMP_PRIV_KEY_SIZ bytes, not SNMP_AUTH_KEY_SIZ.

Reported by:	Coverity
CIDs:		1008326, 1009675
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 16:54:34 +00:00
Enji Cooper
8ad8cdc95f Use sizeof(*uuser) instead of sizeof(struct usm_user) for consistency with
the rest of the users in the file

No functional change

MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2016-04-22 08:11:26 +00:00
Enji Cooper
e9f8d18ebe Return ret in op_ifentry(..) to mute a -Wunused-but-set-variable warning
This will also now detect error conditions with
value->var.subs[sub - 1] == LEAF_ifPhysAddress where `string_get(..)`
could fail if iifp->physaddr and/or iifp->physaddrlen were deemed
invalid.

MFC after: 2 weeks
CID: 1006551
Reported by: Coverity, gcc
Sponsored by: EMC / Isilon Storage Division
2016-04-22 07:51:38 +00:00
Enji Cooper
1422b66c64 Simplify always evaluated branch (e != NULL)
- xalloc(..) ensures that e will be non-null via malloc + err.
- `e` is already dereferenced above, so logically it's impossible
  to hit the lower test without crashing if it was indeed NULL.

MFC after: 3 days
CID: 1007408
Reported by: Coverity
Sponsored by: EMC / Isilon Storage Division
2016-04-22 05:24:15 +00:00
Enji Cooper
f517a30206 Don't leak string in parse_define(..) when a macro has been found
and the parser token != TOK_ASSIGN

MFC after: 1 week
CID: 1007187, 1007188
Reported by: Coverity
Obtained from: Isilon OneFS (part of r445479)
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2016-04-22 05:14:12 +00:00
Gleb Smirnoff
bf840a1707 Redo r294869. The array of counters for TCP states doesn't belong to
struct tcpstat, because the structure can be zeroed out by netstat(1) -z,
and of course running connection counts shouldn't be touched.

Place running connection counts into separate array, and provide
separate read-only sysctl oid for it.
2016-03-15 00:15:10 +00:00
Bjoern A. Zeeb
ce42ce038e Try to fix a bug introduced in r228623. We started to copy the ifa_msghdr
as otherwise platforms with strict alignment would break.  It's unclear
to me if there's also a problem with access to the address list following
the structure.  However we never copied the address list after the structure
and thus are pointing at random memory.  For now just use a pointer to the
original memory for accessing the address list making it at least work on
platforms with weak memory access.

PR:			195445
Reported by:		wolfgang lyxys.ka.sub.org
Tested by:		wolfgang lyxys.ka.sub.org (x86)
MFC after:		3 days
2016-02-03 11:03:44 +00:00
Gleb Smirnoff
a781766836 Grab value for LEAF_tcpCurrEstab from net.inet.tcp.stats instead of
net.inet.tcp.pcblist, which is much cheaper.
2016-01-27 00:50:27 +00:00
Bjoern A. Zeeb
54902c0a6a Change the variable to a #define in order to make gcc happy which
otherwise will complain about "variably modified 'alias' at file scope".
Unbreaks the build on gcc platforms.
2016-01-22 15:03:22 +00:00
Hartmut Brandt
5edd0d3a4d Fill the ifAlias leaf of the ifXTable with the interface description
if there is one available and it fits into the maximum size (64 characters).
2016-01-21 16:11:20 +00:00
Enji Cooper
8cd5a258fb Staticize several variables that are used exclusively in bsnmpd/main.c and
bsnmpd/trap.c

This fixes several -Wmissing-variable-declaration warnings noted by clang

Differential Revision: https://reviews.freebsd.org/D4718
MFC after: 1 week
Reported by: Jenkins
Reviewed by: araujo
Sponsored by: EMC / Isilon Storage Division
2015-12-28 01:51:20 +00:00
Enji Cooper
30dfa264d0 Remove unused function act_getkernstring
This fixes a clang -Wunused warning

Differential Revision: https://reviews.freebsd.org/D4697
MFC after: 1 week
Reported by: Jenkins
Reviewed by: araujo, bapt
Sponsored by: EMC / Isilon Storage Division
2015-12-24 22:22:02 +00:00
Marcelo Araujo
fa77157916 Fix variable 'old' is used uninitialized whenever '&&' condition is false.
Spotted by clang.

Differential Revision:	D2721
Reviewed by:		rodrigc, bapt
2015-08-07 06:15:01 +00:00
Enji Cooper
e3ee0494af Fix the function signatures when MK_CRYPT == no for snmp_get_local_keys and
snmp_passwd_to_keys

MFC after: 1 week
Reported by: Beeblebrox <zaphod@berentweb.com>
2014-12-27 20:58:01 +00:00
Shteryana Shopova
ac89bc4f84 Fix a bug in decoding string indexes in snmp_target(3), thus causing
bsnmpd(1) to not send v3 notifications properly; while here add two
missing return statements which could lead to abort() in case of a
rollback
2014-10-10 00:26:28 +00:00
Hartmut Brandt
30b5118d51 Fix a problem with OBJECT IDENTIFIER encoding: need to check the
second subid to be less than 40, not the first when the first
subid is 0 or 1.
2014-01-21 16:49:54 +00:00
Xin LI
ecd241b619 Fix bsnmpd remote denial of service vulnerability.
Reported by:	dinoex
Submitted by:	harti
Security:	FreeBSD-SA-14:01.bsnmpd
Security:	CVE-2014-1452
2014-01-14 18:58:57 +00:00
Shteryana Shopova
546401ce54 Fix the -Wconversion warnings produced when compiling the SNMP agent. 2013-10-17 12:03:17 +00:00
Shteryana Shopova
0698344859 Fix SNMP Error response PDUs and properly encode them when using v3 auth/encryption.
Reported by:	harti@
2013-10-17 11:49:46 +00:00
Mikolaj Golub
b96e78e02c Register OID for HAST module.
MFC after:	2 weeks
2013-05-08 20:04:32 +00:00
Gleb Smirnoff
8cc5fb3d91 Restore the ipNetToMedia MIB, that was broken with new ARP commit
in the r186119.

Submitted by:	Konstantin Kukushkin <dark rambler-co.ru>
2013-04-25 16:23:22 +00:00
Pedro F. Giffuni
646a7fea0c Clean some 'svn:executable' properties in the tree.
Submitted by:	Christoph Mallon
MFC after:	3 days
2013-01-26 22:08:21 +00:00
Gleb Smirnoff
bc17db9558 Looks like support.h is really not needed here. 2012-10-18 13:46:26 +00:00
Maksim Yevmenkin
8651c115b8 put another bandaid on the build until i figure out bsnmp headers 2012-10-18 00:20:02 +00:00
Maksim Yevmenkin
aa21cf7851 fix build
MFC after:	1 week
2012-10-17 21:53:38 +00:00
Gleb Smirnoff
23cea7199b Re-do r240271:
- Set IP_RECVDSTADDR sockopt on the socket only in case if
  it is INADDR_ANY bound.
- Supply IP_SENDSRCADDR control message only if we did receive
  IP_RECVDSTADDR control message.

This fixes operation of snmpd bound to a specific local IP address.

PR:		bin/171279
2012-09-20 05:41:20 +00:00
Gleb Smirnoff
f2ddd22eac For UDP transport set IP_RECVDSTADDR sockopt on the socket, and provide
IP_SENDSRCADDR control with datagram message we reply with. This makes
bsnmpd reply from exactly same address that request was sent to, thus
successfully bypassing stateful firewalls or other kinds of strict checking.

PR:		bin/171279
2012-09-09 09:46:48 +00:00
Gleb Smirnoff
0cf0d912b7 The first part of check_priv() function, that attempts to obtain creds
from the control message, actually never worked. This means check_priv()
didn't work for local dgram sockets.

The SCM_CREDS control messages is received only in two cases:

1) If we did setsockopt(LOCAL_CREDS) on our socket, and in this case
   the message is struct sockcred.
2) If sender did supplied SCM_CREDS control message in his sendmsg()
   syscall. In this case the message is struct cmsgcred.

We can't rely on 2), so we will use 1) for dgram sockets. For stream
sockets it is more reliable to obtain accept-time credentials, since
SCM_CREDS control message is attached only on first read. Thus:

o Do setsockopt(LOCAL_CREDS) on local dgram sockets.
o Split check_priv() into check_priv_stream() and check_priv_dgram(),
  and call them from recv_stream() and recv_dgram() respectively.
o Don't provide space for SCM_CREDS control message in recv_stream().
o Provide space for SCM_CREDS control message in recv_dgram(), but there
  is no need to initialize anything in it.
o In recv_dgram() do not blindly expect that first message is SCM_CREDS,
  instead use correct search cycle through control messages.
2012-09-08 07:12:00 +00:00
Kevin Lo
31f7ba0295 Fully initialize the stack-allocated "struct sockaddr_in sa" structure. 2012-09-07 08:58:30 +00:00
Joel Dahl
bef04523e3 Remove end of line whitespace. 2012-06-17 11:36:28 +00:00
Joel Dahl
0aa9c2d892 Minor mdoc fixes. 2012-06-17 11:33:55 +00:00
Maksim Yevmenkin
6c9707c3b2 Count both IPv4 and IPv6 TCP connections in tcpCurrEstab
Timeout from:	current, syrinx
MFC after:	1 week
2012-06-06 18:00:38 +00:00
Glen Barber
a3fb6da9ba General mdoc(7) and typo fixes.
PR:		167734
Submitted by:	Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after:	3 days
2012-05-11 20:06:46 +00:00
Hartmut Brandt
9972acaa15 memset() wants the size of the structure to clear, not the size
of the pointer to it.

Submitted by:	Pawel Worach
2012-03-18 19:28:52 +00:00
Bjoern A. Zeeb
1e629ba90f Adter r228571 unbreak architectures with strict alignment rules
by copying rather than casting.
2011-12-17 11:06:22 +00:00
Mikolaj Golub
b2b91ddf9d Include sys/queue.h: snmpmod.h uses TAILQ.
PR:		bin/153153
MFC after:	2 weeks
2011-12-11 17:10:33 +00:00
Ulrich Spörlein
f0720ed5f8 Fix broken mdoc.
Found by:	manlint
Approved by:	re (kib)
2011-08-01 22:21:18 +00:00
Ruslan Ermilov
87a5818245 Properly detect interface's state in the LINK_STATE_UNKNOWN case.
MFC after:	1 week
2011-05-03 10:11:44 +00:00
Ruslan Ermilov
81b587f396 Don't spam syslog with "inet_ntop(): Address family not supported
by protocol family" when processing requests received from the
UNIX domain socket.

MFC after:	3 days
2011-04-20 08:38:25 +00:00
Hartmut Brandt
5a0bba9007 Bring the list of OIDs up-to-date to prevent conflicts. 2011-02-03 15:19:18 +00:00
Shteryana Shopova
cf90ea94a0 Unbreak the build by temprorarily not using include directives in
bsnmpd(1)' def files, until bsd.snmpmod.mk & Makefiles are fixed to
pass proper include path flags to gensnmptree.
2010-12-20 22:56:50 +00:00
Shteryana Shopova
72cd7a520d Bring in a SNMP module that allows configuration of SNMPv3 Notification targets.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip
Approved by:	philip
2010-12-20 17:13:14 +00:00
Shteryana Shopova
2b8026620c Silence the compiler warnings in libbsnmp by removing several (now)
unsed parameters.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@
2010-12-16 11:20:37 +00:00
Shteryana Shopova
e9a4946830 Add a forgotten file from r216294 and unbreak the build.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@ (mostly)
Approved by:	philip@
2010-12-08 15:52:06 +00:00
Shteryana Shopova
135f7de5dd In bsnmpd(1) add support for SNMPv3 message processing model, including message authentication, packet encryption & view-based access control (RFC 3412, 3414, 3415).
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@ (mostly)
Approved by:	philip@
2010-12-08 13:51:38 +00:00
Ulrich Spörlein
d9962dc588 Remove mention of non-existant -o flag for debugging options.
MFC after:	3 days
2010-10-23 12:27:39 +00:00
Ulrich Spörlein
7cc1fde083 mdoc: drop even more redundant .Pp calls
No change in rendered output, less mandoc lint warnings.

Tool provided by:	Nobuyuki Koganemaru n-kogane at syd.odn.ne.jp
2010-10-19 12:35:40 +00:00
Joel Dahl
54be88c948 Fix two minor typos. 2010-08-16 21:12:26 +00:00
Ulrich Spörlein
f239d44ec1 Bump document date after content changes.
Pointy hat to:	uqs
2010-08-16 19:05:10 +00:00
Ulrich Spörlein
e5cce4162a Wordsmithing of bsnmpd.1
PR:		docs/149157
Submitted by:	Warren Block <wblock@wonkity.com>
MFC after:	1 week
2010-08-16 18:47:35 +00:00
Pyun YongHyeon
869ae66dfc Fix a typo introduced in r210936 which broke build. 2010-08-06 18:44:07 +00:00
John Baldwin
d99d8e2e38 Ethernet vlan(4) interfaces have valid Ethernet link layer addresses but
use a different interface type (IFT_L2VLAN vs IFT_ETHER).  Treat IFT_L2VLAN
interfaces like IFT_ETHER interfaces when handling link layer addresses.

Reviewed by:	syrinx (bsnmpd)
MFC after:	1 week
2010-08-06 15:09:21 +00:00
Ulrich Spörlein
4f13bbb691 mdoc: consistently spell our email addresses <foo@FreeBSD.org>
Reviewed by:	ru
Approved by:	harti
2010-05-24 06:26:38 +00:00
Antoine Brodin
5a64472b2a (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument.
Fix some wrong usages.
Note: this does not affect generated binaries as this argument is not used.

Approved by:	harti@
2010-03-27 13:43:18 +00:00
Ulrich Spörlein
ddedd8277a Fix typo in macro name and macro usage.
Found by:	make manlint
Reviewed by:	ru
Approved by:	harti, philip (mentor)
2010-03-12 11:05:37 +00:00
Shteryana Shopova
bd96183d5e Fix a problem with high CPU consumption (up to 30%) by bsnmpd on a loaded system.
Instead of constantly calling the mibII_idle function when the server is not busy
call the function only once every 10 seconds to avoid bsnmpd constantly doing
gettimeofday syscalls. Make the idle polling interval confugurable via
begemotIfDataPoll.

Reported and tested by: misho (at) aitbg (dot) com
Oked by: harti
MFC after:	1 week
2009-12-03 16:08:00 +00:00
Warner Losh
26ea346865 Add an extra (void *) cast. The struct if_msghdr has an 8 byte
alignment requirement, while rt_msghdr has a 4 byte alignment
requirement.  The root cause is that if_msghdr has an struct if_data
which has an 8-byte alignment requirement due to a time_t that's
embedded in it.  On MIPS, time_t is a 64-bit number, so must be 64-bit
aligned.

Since we don't access ifm_data.ifi_epoch, a simple cast is all that's
necessary here.  It is likely the case that ifi_epoch should *NOT* be
a time_t because it is an uptime (time delta) an not an absolute time
since 1970.  u_long is likely sufficient there since that gives an
uptime of 136 years will suffice for the foreseeable future.
2009-02-18 19:59:27 +00:00
Hartmut Brandt
ed0e376bca Flatten bsnmp vendor area. 2008-12-20 16:44:43 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Shteryana Shopova
691f8568ea Vendor patch: Prevent bsnmpd from dumping core when a module's init hook
returns an error.

Approved by:	bz (mentor), harti
2008-03-07 09:33:29 +00:00
Shteryana Shopova
02f27f1cfa This commit was generated by cvs2svn to compensate for changes in r176892,
which included commits to RCS files with non-trunk default branches.
2008-03-07 09:33:29 +00:00
Hartmut Brandt
cab70e0247 Vendor patch: synthesize the initial value for sysObjectId from the value
of uname -r in FreeBSD. This value can be overwritten in the configuration
file.

Suggested by:	phk
2006-10-31 09:00:35 +00:00