2 * Copyright (c) 2010 The FreeBSD Foundation
5 * This software was developed by Shteryana Sotirova Shopova under
6 * sponsorship from the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 #include <sys/queue.h>
32 #include <sys/types.h>
46 #define SNMPTREE_TYPES
50 static struct lmodule *usm_module;
51 /* For the registration. */
52 static const struct asn_oid oid_usm = OIDX_snmpUsmMIB;
54 static const struct asn_oid oid_usmNoAuthProtocol = OIDX_usmNoAuthProtocol;
55 static const struct asn_oid oid_usmHMACMD5AuthProtocol = \
56 OIDX_usmHMACMD5AuthProtocol;
57 static const struct asn_oid oid_usmHMACSHAAuthProtocol = \
58 OIDX_usmHMACSHAAuthProtocol;
60 static const struct asn_oid oid_usmNoPrivProtocol = OIDX_usmNoPrivProtocol;
61 static const struct asn_oid oid_usmDESPrivProtocol = OIDX_usmDESPrivProtocol;
62 static const struct asn_oid oid_usmAesCfb128Protocol = OIDX_usmAesCfb128Protocol;
64 static const struct asn_oid oid_usmUserSecurityName = OIDX_usmUserSecurityName;
66 /* The registration. */
69 static int32_t usm_lock;
71 static struct usm_user * usm_get_user(const struct asn_oid *, uint);
72 static struct usm_user * usm_get_next_user(const struct asn_oid *, uint);
73 static void usm_append_userindex(struct asn_oid *, uint,
74 const struct usm_user *);
75 static int usm_user_index_decode(const struct asn_oid *, uint, uint8_t *,
79 op_usm_stats(struct snmp_context *ctx __unused, struct snmp_value *val,
80 uint32_t sub __unused, uint32_t iidx __unused, enum snmp_op op)
82 struct snmpd_usmstat *usmstats;
84 if (op == SNMP_OP_SET)
85 return (SNMP_ERR_NOT_WRITEABLE);
87 if ((usmstats = bsnmpd_get_usm_stats()) == NULL)
88 return (SNMP_ERR_GENERR);
90 if (op == SNMP_OP_GET) {
91 switch (val->var.subs[sub - 1]) {
92 case LEAF_usmStatsUnsupportedSecLevels:
93 val->v.uint32 = usmstats->unsupported_seclevels;
95 case LEAF_usmStatsNotInTimeWindows:
96 val->v.uint32 = usmstats->not_in_time_windows;
98 case LEAF_usmStatsUnknownUserNames:
99 val->v.uint32 = usmstats->unknown_users;
101 case LEAF_usmStatsUnknownEngineIDs:
102 val->v.uint32 = usmstats->unknown_engine_ids;
104 case LEAF_usmStatsWrongDigests:
105 val->v.uint32 = usmstats->wrong_digests;
107 case LEAF_usmStatsDecryptionErrors:
108 val->v.uint32 = usmstats->decrypt_errors;
111 return (SNMP_ERR_NOSUCHNAME);
113 return (SNMP_ERR_NOERROR);
119 op_usm_lock(struct snmp_context *ctx __unused, struct snmp_value *val,
120 uint32_t sub, uint32_t iidx __unused, enum snmp_op op)
122 if (val->var.subs[sub - 1] != LEAF_usmUserSpinLock)
123 return (SNMP_ERR_NOSUCHNAME);
127 if (++usm_lock == INT32_MAX)
129 val->v.integer = usm_lock;
131 case SNMP_OP_GETNEXT:
134 if (val->v.integer != usm_lock)
135 return (SNMP_ERR_INCONS_VALUE);
137 case SNMP_OP_ROLLBACK:
143 return (SNMP_ERR_NOERROR);
147 op_usm_users(struct snmp_context *ctx, struct snmp_value *val,
148 uint32_t sub, uint32_t iidx __unused, enum snmp_op op)
151 struct usm_user *uuser, *clone;
152 char uname[SNMP_ADM_STR32_SIZ];
153 uint8_t eid[SNMP_ENGINE_ID_SIZ];
157 if ((uuser = usm_get_user(&val->var, sub)) == NULL)
158 return (SNMP_ERR_NOSUCHNAME);
161 case SNMP_OP_GETNEXT:
162 if ((uuser = usm_get_next_user(&val->var, sub)) == NULL)
163 return (SNMP_ERR_NOSUCHNAME);
164 usm_append_userindex(&val->var, sub, uuser);
168 if ((uuser = usm_get_user(&val->var, sub)) == NULL &&
169 val->var.subs[sub - 1] != LEAF_usmUserStatus &&
170 val->var.subs[sub - 1] != LEAF_usmUserCloneFrom)
171 return (SNMP_ERR_NOSUCHNAME);
174 * XXX (ngie): need to investigate the MIB to determine how
175 * this is possible given some of the transitions below.
177 if (community != COMM_INITIALIZE &&
178 uuser != NULL && uuser->type == StorageType_readOnly)
179 return (SNMP_ERR_NOT_WRITEABLE);
181 switch (val->var.subs[sub - 1]) {
182 case LEAF_usmUserSecurityName:
183 return (SNMP_ERR_NOT_WRITEABLE);
185 case LEAF_usmUserCloneFrom:
186 if (uuser != NULL || usm_user_index_decode(&val->var,
187 sub, eid, &elen, uname) < 0 ||
188 !(asn_is_suboid(&oid_usmUserSecurityName, &val->v.oid)))
189 return (SNMP_ERR_WRONG_VALUE);
190 if ((clone = usm_get_user(&val->v.oid, sub)) == NULL)
191 return (SNMP_ERR_INCONS_VALUE);
192 if ((uuser = usm_new_user(eid, elen, uname)) == NULL)
193 return (SNMP_ERR_GENERR);
194 uuser->status = RowStatus_notReady;
195 if (community != COMM_INITIALIZE)
196 uuser->type = StorageType_volatile;
198 uuser->type = StorageType_readOnly;
200 uuser->suser.auth_proto = clone->suser.auth_proto;
201 uuser->suser.priv_proto = clone->suser.priv_proto;
202 memcpy(uuser->suser.auth_key, clone->suser.auth_key,
203 sizeof(uuser->suser.auth_key));
204 memcpy(uuser->suser.priv_key, clone->suser.priv_key,
205 sizeof(uuser->suser.priv_key));
206 ctx->scratch->int1 = RowStatus_createAndWait;
209 case LEAF_usmUserAuthProtocol:
210 ctx->scratch->int1 = uuser->suser.auth_proto;
211 if (asn_compare_oid(&oid_usmNoAuthProtocol,
213 uuser->suser.auth_proto = SNMP_AUTH_NOAUTH;
214 else if (asn_compare_oid(&oid_usmHMACMD5AuthProtocol,
216 uuser->suser.auth_proto = SNMP_AUTH_HMAC_MD5;
217 else if (asn_compare_oid(&oid_usmHMACSHAAuthProtocol,
219 uuser->suser.auth_proto = SNMP_AUTH_HMAC_SHA;
221 return (SNMP_ERR_WRONG_VALUE);
224 case LEAF_usmUserAuthKeyChange:
225 case LEAF_usmUserOwnAuthKeyChange:
226 if (val->var.subs[sub - 1] ==
227 LEAF_usmUserOwnAuthKeyChange &&
228 (usm_user == NULL || strcmp(uuser->suser.sec_name,
229 usm_user->suser.sec_name) != 0))
230 return (SNMP_ERR_NO_ACCESS);
231 if (val->v.octetstring.len > SNMP_AUTH_KEY_SIZ)
232 return (SNMP_ERR_INCONS_VALUE);
233 ctx->scratch->ptr1 = malloc(SNMP_AUTH_KEY_SIZ);
234 if (ctx->scratch->ptr1 == NULL)
235 return (SNMP_ERR_GENERR);
236 memcpy(ctx->scratch->ptr1, uuser->suser.auth_key,
238 memcpy(uuser->suser.auth_key, val->v.octetstring.octets,
239 val->v.octetstring.len);
242 case LEAF_usmUserPrivProtocol:
243 ctx->scratch->int1 = uuser->suser.priv_proto;
244 if (asn_compare_oid(&oid_usmNoPrivProtocol,
246 uuser->suser.priv_proto = SNMP_PRIV_NOPRIV;
247 else if (asn_compare_oid(&oid_usmDESPrivProtocol,
249 uuser->suser.priv_proto = SNMP_PRIV_DES;
250 else if (asn_compare_oid(&oid_usmAesCfb128Protocol,
252 uuser->suser.priv_proto = SNMP_PRIV_AES;
254 return (SNMP_ERR_WRONG_VALUE);
257 case LEAF_usmUserPrivKeyChange:
258 case LEAF_usmUserOwnPrivKeyChange:
259 if (val->var.subs[sub - 1] ==
260 LEAF_usmUserOwnPrivKeyChange &&
261 (usm_user == NULL || strcmp(uuser->suser.sec_name,
262 usm_user->suser.sec_name) != 0))
263 return (SNMP_ERR_NO_ACCESS);
264 if (val->v.octetstring.len > SNMP_PRIV_KEY_SIZ)
265 return (SNMP_ERR_INCONS_VALUE);
266 ctx->scratch->ptr1 = malloc(SNMP_PRIV_KEY_SIZ);
267 if (ctx->scratch->ptr1 == NULL)
268 return (SNMP_ERR_GENERR);
269 memcpy(ctx->scratch->ptr1, uuser->suser.priv_key,
270 sizeof(uuser->suser.priv_key));
271 memcpy(uuser->suser.priv_key, val->v.octetstring.octets,
272 val->v.octetstring.len);
275 case LEAF_usmUserPublic:
276 if (val->v.octetstring.len > SNMP_ADM_STR32_SIZ)
277 return (SNMP_ERR_INCONS_VALUE);
278 if (uuser->user_public_len > 0) {
280 malloc(uuser->user_public_len);
281 if (ctx->scratch->ptr2 == NULL)
282 return (SNMP_ERR_GENERR);
283 memcpy(ctx->scratch->ptr2, uuser->user_public,
284 uuser->user_public_len);
285 ctx->scratch->int2 = uuser->user_public_len;
287 if (val->v.octetstring.len > 0) {
288 memcpy(uuser->user_public,
289 val->v.octetstring.octets,
290 val->v.octetstring.len);
291 uuser->user_public_len = val->v.octetstring.len;
293 memset(uuser->user_public, 0,
294 sizeof(uuser->user_public));
295 uuser->user_public_len = 0;
299 case LEAF_usmUserStorageType:
300 return (SNMP_ERR_INCONS_VALUE);
302 case LEAF_usmUserStatus:
304 if (val->v.integer != RowStatus_createAndWait ||
305 usm_user_index_decode(&val->var, sub, eid,
307 return (SNMP_ERR_INCONS_VALUE);
308 uuser = usm_new_user(eid, elen, uname);
310 return (SNMP_ERR_GENERR);
311 uuser->status = RowStatus_notReady;
312 if (community != COMM_INITIALIZE)
313 uuser->type = StorageType_volatile;
315 uuser->type = StorageType_readOnly;
316 } else if (val->v.integer != RowStatus_active &&
317 val->v.integer != RowStatus_destroy)
318 return (SNMP_ERR_INCONS_VALUE);
320 uuser->status = val->v.integer;
323 return (SNMP_ERR_NOERROR);
326 switch (val->var.subs[sub - 1]) {
327 case LEAF_usmUserAuthKeyChange:
328 case LEAF_usmUserOwnAuthKeyChange:
329 case LEAF_usmUserPrivKeyChange:
330 case LEAF_usmUserOwnPrivKeyChange:
331 free(ctx->scratch->ptr1);
333 case LEAF_usmUserPublic:
334 if (ctx->scratch->ptr2 != NULL)
335 free(ctx->scratch->ptr2);
337 case LEAF_usmUserStatus:
338 if (val->v.integer != RowStatus_destroy)
340 if ((uuser = usm_get_user(&val->var, sub)) == NULL)
341 return (SNMP_ERR_GENERR);
342 usm_delete_user(uuser);
347 return (SNMP_ERR_NOERROR);
349 case SNMP_OP_ROLLBACK:
350 if ((uuser = usm_get_user(&val->var, sub)) == NULL)
351 return (SNMP_ERR_GENERR);
352 switch (val->var.subs[sub - 1]) {
353 case LEAF_usmUserAuthProtocol:
354 uuser->suser.auth_proto = ctx->scratch->int1;
356 case LEAF_usmUserAuthKeyChange:
357 case LEAF_usmUserOwnAuthKeyChange:
358 memcpy(uuser->suser.auth_key, ctx->scratch->ptr1,
359 sizeof(uuser->suser.auth_key));
360 free(ctx->scratch->ptr1);
362 case LEAF_usmUserPrivProtocol:
363 uuser->suser.priv_proto = ctx->scratch->int1;
365 case LEAF_usmUserPrivKeyChange:
366 case LEAF_usmUserOwnPrivKeyChange:
367 memcpy(uuser->suser.priv_key, ctx->scratch->ptr1,
368 sizeof(uuser->suser.priv_key));
369 free(ctx->scratch->ptr1);
371 case LEAF_usmUserPublic:
372 if (ctx->scratch->ptr2 != NULL) {
373 memcpy(uuser->user_public, ctx->scratch->ptr2,
375 uuser->user_public_len = ctx->scratch->int2;
376 free(ctx->scratch->ptr2);
378 memset(uuser->user_public, 0,
379 sizeof(uuser->user_public));
380 uuser->user_public_len = 0;
383 case LEAF_usmUserCloneFrom:
384 case LEAF_usmUserStatus:
385 if (ctx->scratch->int1 == RowStatus_createAndWait)
386 usm_delete_user(uuser);
391 return (SNMP_ERR_NOERROR);
397 switch (val->var.subs[sub - 1]) {
398 case LEAF_usmUserSecurityName:
399 return (string_get(val, uuser->suser.sec_name, -1));
400 case LEAF_usmUserCloneFrom:
401 memcpy(&val->v.oid, &oid_zeroDotZero, sizeof(oid_zeroDotZero));
403 case LEAF_usmUserAuthProtocol:
404 switch (uuser->suser.auth_proto) {
405 case SNMP_AUTH_HMAC_MD5:
406 memcpy(&val->v.oid, &oid_usmHMACMD5AuthProtocol,
407 sizeof(oid_usmHMACMD5AuthProtocol));
409 case SNMP_AUTH_HMAC_SHA:
410 memcpy(&val->v.oid, &oid_usmHMACSHAAuthProtocol,
411 sizeof(oid_usmHMACSHAAuthProtocol));
414 memcpy(&val->v.oid, &oid_usmNoAuthProtocol,
415 sizeof(oid_usmNoAuthProtocol));
419 case LEAF_usmUserAuthKeyChange:
420 case LEAF_usmUserOwnAuthKeyChange:
421 return (string_get(val, (char *)uuser->suser.auth_key, 0));
422 case LEAF_usmUserPrivProtocol:
423 switch (uuser->suser.priv_proto) {
425 memcpy(&val->v.oid, &oid_usmDESPrivProtocol,
426 sizeof(oid_usmDESPrivProtocol));
429 memcpy(&val->v.oid, &oid_usmAesCfb128Protocol,
430 sizeof(oid_usmAesCfb128Protocol));
433 memcpy(&val->v.oid, &oid_usmNoPrivProtocol,
434 sizeof(oid_usmNoPrivProtocol));
438 case LEAF_usmUserPrivKeyChange:
439 case LEAF_usmUserOwnPrivKeyChange:
440 return (string_get(val, (char *)uuser->suser.priv_key, 0));
441 case LEAF_usmUserPublic:
442 return (string_get(val, uuser->user_public,
443 uuser->user_public_len));
444 case LEAF_usmUserStorageType:
445 val->v.integer = uuser->type;
447 case LEAF_usmUserStatus:
448 val->v.integer = uuser->status;
452 return (SNMP_ERR_NOERROR);
456 usm_user_index_decode(const struct asn_oid *oid, uint sub, uint8_t *engine,
457 uint32_t *elen, char *uname)
462 if (oid->subs[sub] > SNMP_ENGINE_ID_SIZ)
465 for (i = 0; i < oid->subs[sub]; i++)
466 engine[i] = oid->subs[sub + i + 1];
469 uname_off = sub + oid->subs[sub] + 1;
470 if ((nlen = oid->subs[uname_off]) >= SNMP_ADM_STR32_SIZ)
473 for (i = 0; i < nlen; i++)
474 uname[i] = oid->subs[uname_off + i + 1];
481 usm_append_userindex(struct asn_oid *oid, uint sub,
482 const struct usm_user *uuser)
486 oid->len = sub + uuser->user_engine_len + strlen(uuser->suser.sec_name);
488 oid->subs[sub] = uuser->user_engine_len;
489 for (i = 1; i < uuser->user_engine_len + 1; i++)
490 oid->subs[sub + i] = uuser->user_engine_id[i - 1];
492 sub += uuser->user_engine_len + 1;
493 oid->subs[sub] = strlen(uuser->suser.sec_name);
494 for (i = 1; i <= oid->subs[sub]; i++)
495 oid->subs[sub + i] = uuser->suser.sec_name[i - 1];
498 static struct usm_user *
499 usm_get_user(const struct asn_oid *oid, uint sub)
502 char username[SNMP_ADM_STR32_SIZ];
503 uint8_t engineid[SNMP_ENGINE_ID_SIZ];
505 if (usm_user_index_decode(oid, sub, engineid, &enginelen, username) < 0)
508 return (usm_find_user(engineid, enginelen, username));
511 static struct usm_user *
512 usm_get_next_user(const struct asn_oid *oid, uint sub)
515 char username[SNMP_ADM_STR32_SIZ];
516 uint8_t engineid[SNMP_ENGINE_ID_SIZ];
517 struct usm_user *uuser;
519 if (oid->len - sub == 0)
520 return (usm_first_user());
522 if (usm_user_index_decode(oid, sub, engineid, &enginelen, username) < 0)
525 if ((uuser = usm_find_user(engineid, enginelen, username)) != NULL)
526 return (usm_next_user(uuser));
532 * USM snmp module initialization hook.
533 * Returns 0 on success, < 0 on error.
536 usm_init(struct lmodule * mod, int argc __unused, char *argv[] __unused)
540 bsnmpd_reset_usm_stats();
545 * USM snmp module finalization hook.
551 or_unregister(reg_usm);
557 * USM snmp module start operation.
562 reg_usm = or_register(&oid_usm,
563 "The MIB module for managing SNMP User-Based Security Model.",
570 struct usm_user *uuser;
571 struct snmpd_usmstat *usmstats;
572 const char *const authstr[] = {
578 const char *const privstr[] = {
585 if ((usmstats = bsnmpd_get_usm_stats()) != NULL) {
586 syslog(LOG_ERR, "UnsupportedSecLevels\t\t%u",
587 usmstats->unsupported_seclevels);
588 syslog(LOG_ERR, "NotInTimeWindows\t\t%u",
589 usmstats->not_in_time_windows);
590 syslog(LOG_ERR, "UnknownUserNames\t\t%u",
591 usmstats->unknown_users);
592 syslog(LOG_ERR, "UnknownEngineIDs\t\t%u",
593 usmstats->unknown_engine_ids);
594 syslog(LOG_ERR, "WrongDigests\t\t%u",
595 usmstats->wrong_digests);
596 syslog(LOG_ERR, "DecryptionErrors\t\t%u",
597 usmstats->decrypt_errors);
600 syslog(LOG_ERR, "USM users");
601 for (uuser = usm_first_user(); uuser != NULL;
602 (uuser = usm_next_user(uuser)))
603 syslog(LOG_ERR, "user %s\t\t%s, %s", uuser->suser.sec_name,
604 authstr[uuser->suser.auth_proto],
605 privstr[uuser->suser.priv_proto]);
608 static const char usm_comment[] = \
609 "This module implements SNMP User-based Security Model defined in RFC 3414.";
611 extern const struct snmp_module config;
612 const struct snmp_module config = {
613 .comment = usm_comment,
619 .tree_size = usm_CTREE_SIZE,