snmp_agent_vacm.c
Go to the documentation of this file.
1 /**
2  * @file snmp_agent_vacm.c
3  * @brief View-based Access Control Model (VACM) for SNMP
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2020 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneTCP Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @section Description
28  *
29  * This module implements the View-based Access Control Model (VACM) for Simple
30  * Network Management Protocol (SNMP). Refer to RFC 3415 for complete details
31  *
32  * @author Oryx Embedded SARL (www.oryx-embedded.com)
33  * @version 1.9.8
34  **/
35 
36 //Switch to the appropriate trace level
37 #define TRACE_LEVEL SNMP_TRACE_LEVEL
38 
39 //Dependencies
40 #include "core/net.h"
41 #include "snmp/snmp_agent.h"
42 #include "snmp/snmp_agent_vacm.h"
43 #include "core/crypto.h"
44 #include "encoding/asn1.h"
45 #include "encoding/oid.h"
46 #include "debug.h"
47 
48 //Check TCP/IP stack configuration
49 #if (SNMP_AGENT_SUPPORT == ENABLED && SNMP_AGENT_VACM_SUPPORT == ENABLED)
50 
51 
52 /**
53  * @brief Access control verification
54  * @param[in] context Pointer to the SNMP agent context
55  * @param[in] message Pointer to the received SNMP message
56  * @param[in] oid OID for the managed object
57  * @param[in] oidLen Length of the OID, in bytes
58  * @return Error code
59  **/
60 
62  const SnmpMessage *message, const uint8_t *oid, size_t oidLen)
63 {
64  SnmpSecurityModel securityModel;
65  SnmpSecurityLevel securityLevel;
66  const char_t *securityName;
67  size_t securityNameLen;
68  const char_t *contextName;
69  size_t contextNameLen;
70  const char_t *viewName;
71  const SnmpGroupEntry *groupEntry;
72  const SnmpAccessEntry *accessEntry;
73  const SnmpViewEntry *viewEntry;
74 
75 #if (SNMP_V1_SUPPORT == ENABLED)
76  //SNMPv1 version?
77  if(message->version == SNMP_VERSION_1)
78  {
79  //Set security parameters
80  securityModel = SNMP_SECURITY_MODEL_V1;
82  securityName = message->community;
83  securityNameLen = message->communityLen;
84  contextName = context->contextName;
85  contextNameLen = osStrlen(context->contextName);
86  }
87  else
88 #endif
89 #if (SNMP_V2C_SUPPORT == ENABLED)
90  //SNMPv2c version?
91  if(message->version == SNMP_VERSION_2C)
92  {
93  //Set security parameters
94  securityModel = SNMP_SECURITY_MODEL_V2C;
96  securityName = message->community;
97  securityNameLen = message->communityLen;
98  contextName = context->contextName;
99  contextNameLen = osStrlen(context->contextName);
100  }
101  else
102 #endif
103 #if (SNMP_V3_SUPPORT == ENABLED)
104  //SNMPv3 version?
105  if(message->version == SNMP_VERSION_3)
106  {
107  //Set security parameters
108  securityModel = (SnmpSecurityModel) message->msgSecurityModel;
109  securityLevel = SNMP_SECURITY_LEVEL_NO_AUTH_NO_PRIV;
110  securityName = message->msgUserName;
111  securityNameLen = message->msgUserNameLen;
112  contextName = message->contextName;
113  contextNameLen = message->contextNameLen;
114 
115  //Check whether the authFlag is set
116  if(message->msgFlags & SNMP_MSG_FLAG_AUTH)
117  {
118  //Check whether the privFlag is set
119  if(message->msgFlags & SNMP_MSG_FLAG_PRIV)
120  securityLevel = SNMP_SECURITY_LEVEL_AUTH_PRIV;
121  else
122  securityLevel = SNMP_SECURITY_LEVEL_AUTH_NO_PRIV;
123  }
124  }
125  else
126 #endif
127  //Invalid SNMP version?
128  {
129  //Report an error
130  return ERROR_INVALID_VERSION;
131  }
132 
133  //The vacmContextTable is consulted for information about the SNMP
134  //context identified by the contextName. If information about this
135  //SNMP context is absent from the table, then an errorIndication
136  //(noSuchContext) is returned to the calling module
137  if(contextNameLen != osStrlen(context->contextName))
138  return ERROR_UNKNOWN_CONTEXT;
139 
140  //Check context name
141  if(osStrncmp(contextName, context->contextName, contextNameLen))
142  return ERROR_UNKNOWN_CONTEXT;
143 
144  //The vacmSecurityToGroupTable is consulted for mapping the securityModel
145  //and securityName to a groupName
146  groupEntry = snmpFindGroupEntry(context, securityModel,
147  securityName, securityNameLen);
148 
149  //If the information about this combination is absent from the table, then
150  //an errorIndication (noGroupName) is returned to the calling module
151  if(groupEntry == NULL)
153 
154  //The vacmAccessTable is consulted for information about the groupName,
155  //contextName, securityModel and securityLevel
156  accessEntry = snmpSelectAccessEntry(context, groupEntry->groupName,
157  contextName, contextNameLen, securityModel, securityLevel);
158 
159  //If information about this combination is absent from the table, then
160  //an errorIndication (noAccessEntry) is returned to the calling module
161  if(accessEntry == NULL)
163 
164  //Select the proper MIB view
165  if(message->pduType == SNMP_PDU_GET_REQUEST ||
166  message->pduType == SNMP_PDU_GET_NEXT_REQUEST ||
168  {
169  //The read view is used for checking access rights
170  viewName = accessEntry->readViewName;
171  }
172  else if(message->pduType == SNMP_PDU_SET_REQUEST)
173  {
174  //The write view is used for checking access rights
175  viewName = accessEntry->writeViewName;
176  }
177  else if(message->pduType == SNMP_PDU_TRAP ||
178  message->pduType == SNMP_PDU_TRAP_V2 ||
179  message->pduType == SNMP_PDU_INFORM_REQUEST)
180  {
181  //The notify view is used for checking access rights
182  viewName = accessEntry->notifyViewName;
183  }
184  else
185  {
186  //Report an error
188  }
189 
190  //If the view to be used is the empty view (zero length viewName) then
191  //an errorIndication (noSuchView) is returned to the calling module
192  if(viewName[0] == '\0')
194 
195  //Check whether the specified variableName is in the MIB view
196  viewEntry = snmpSelectViewEntry(context, viewName, oid, oidLen);
197 
198  //If there is no view configured for the specified viewType, then an
199  //errorIndication (noSuchView) is returned to the calling module
200  if(viewEntry == NULL)
202 
203  //If the specified variableName (object instance) is not in the MIB view,
204  //then an errorIndication (notInView) is returned to the calling module
205  if(viewEntry->type != SNMP_VIEW_TYPE_INCLUDED)
207 
208  //Otherwise, the specified variableName is in the MIB view
209  return NO_ERROR;
210 }
211 
212 
213 /**
214  * @brief Create a new group entry
215  * @param[in] context Pointer to the SNMP agent context
216  * @return Pointer to the newly created entry
217  **/
218 
220 {
221  uint_t i;
222  SnmpGroupEntry *entry;
223 
224  //Initialize pointer
225  entry = NULL;
226 
227  //Loop through the list of groups
228  for(i = 0; i < SNMP_AGENT_GROUP_TABLE_SIZE; i++)
229  {
230  //Check current status
231  if(context->groupTable[i].status == MIB_ROW_STATUS_UNUSED)
232  {
233  //An unused entry has been found
234  entry = &context->groupTable[i];
235  //We are done
236  break;
237  }
238  }
239 
240  //Check whether the group table runs out of space
241  if(entry == NULL)
242  {
243  //Loop through the list of groups
244  for(i = 0; i < SNMP_AGENT_GROUP_TABLE_SIZE; i++)
245  {
246  //Check current status
247  if(context->groupTable[i].status == MIB_ROW_STATUS_NOT_READY)
248  {
249  //Reuse the current entry
250  entry = &context->groupTable[i];
251  //We are done
252  break;
253  }
254  }
255  }
256 
257  //Return a pointer to the newly created entry
258  return entry;
259 }
260 
261 
262 /**
263  * @brief Search the group table
264  * @param[in] context Pointer to the SNMP agent context
265  * @param[in] securityModel Security model
266  * @param[in] securityName Pointer to the security name
267  * @param[in] securityNameLen Length of the security name
268  * @return Pointer to the matching entry
269  **/
270 
272  uint_t securityModel, const char_t *securityName, size_t securityNameLen)
273 {
274  uint_t i;
275  SnmpGroupEntry *entry;
276 
277  //Loop through the list of groups
278  for(i = 0; i < SNMP_AGENT_GROUP_TABLE_SIZE; i++)
279  {
280  //Point to the current entry
281  entry = &context->groupTable[i];
282 
283  //Check current status
284  if(entry->status != MIB_ROW_STATUS_UNUSED)
285  {
286  //Compare security model
287  if(entry->securityModel == securityModel)
288  {
289  //Check the length of the security name
290  if(osStrlen(entry->securityName) == securityNameLen)
291  {
292  //Compare security name
293  if(!osStrncmp(entry->securityName, securityName, securityNameLen))
294  {
295  //A matching entry has been found
296  break;
297  }
298  }
299  }
300  }
301  }
302 
303  //Any matching entry found?
305  return entry;
306  else
307  return NULL;
308 }
309 
310 
311 /**
312  * @brief Create a new access entry
313  * @param[in] context Pointer to the SNMP agent context
314  * @return Pointer to the newly created entry
315  **/
316 
318 {
319  uint_t i;
320  SnmpAccessEntry *entry;
321 
322  //Initialize pointer
323  entry = NULL;
324 
325  //Loop through the list of access rights
326  for(i = 0; i < SNMP_AGENT_ACCESS_TABLE_SIZE; i++)
327  {
328  //Check current status
329  if(context->accessTable[i].status == MIB_ROW_STATUS_UNUSED)
330  {
331  //An unused entry has been found
332  entry = &context->accessTable[i];
333  //We are done
334  break;
335  }
336  }
337 
338  //Check whether the group table runs out of space
339  if(entry == NULL)
340  {
341  //Loop through the list of access rights
342  for(i = 0; i < SNMP_AGENT_ACCESS_TABLE_SIZE; i++)
343  {
344  //Check current status
345  if(context->accessTable[i].status == MIB_ROW_STATUS_NOT_READY)
346  {
347  //Reuse the current entry
348  entry = &context->accessTable[i];
349  //We are done
350  break;
351  }
352  }
353  }
354 
355  //Return a pointer to the newly created entry
356  return entry;
357 }
358 
359 
360 /**
361  * @brief Search the access table for a given entry
362  * @param[in] context Pointer to the SNMP agent context
363  * @param[in] groupName Group name
364  * @param[in] contextPrefix Context name prefix
365  * @param[in] securityModel Security model
366  * @param[in] securityLevel Security level
367  * @return Pointer to the matching entry
368  **/
369 
371  const char_t *groupName, const char_t *contextPrefix,
372  uint_t securityModel, uint_t securityLevel)
373 {
374  uint_t i;
375  SnmpAccessEntry *entry;
376 
377  //Loop through the list of access rights
378  for(i = 0; i < SNMP_AGENT_ACCESS_TABLE_SIZE; i++)
379  {
380  //Point to the current entry
381  entry = &context->accessTable[i];
382 
383  //Check current status
384  if(entry->status != MIB_ROW_STATUS_UNUSED)
385  {
386  //Compare group name
387  if(!osStrcmp(entry->groupName, groupName))
388  {
389  //Compare context name prefix
390  if(!osStrcmp(entry->contextPrefix, contextPrefix))
391  {
392  //Compare security model and security level
393  if(entry->securityModel == securityModel &&
394  entry->securityLevel == securityLevel)
395  {
396  //A matching entry has been found
397  break;
398  }
399  }
400  }
401  }
402  }
403 
404  //Return a pointer to the matching entry
406  return entry;
407  else
408  return NULL;
409 }
410 
411 
412 /**
413  * @brief Find an access entry that matches the selection criteria
414  * @param[in] context Pointer to the SNMP agent context
415  * @param[in] groupName NULL-terminated string that contains the group name
416  * @param[in] contextName Pointer to the context name
417  * @param[in] contextNameLen Length of the context name
418  * @param[in] securityModel Security model
419  * @param[in] securityLevel Security level
420  * @return Pointer to the matching entry
421  **/
422 
424  const char_t *groupName, const char_t *contextName, size_t contextNameLen,
425  SnmpSecurityModel securityModel, SnmpSecurityLevel securityLevel)
426 {
427  uint_t i;
428  size_t n;
429  bool_t acceptable;
430  SnmpAccessEntry *entry;
431  SnmpAccessEntry *selectedEntry;
432 
433  //Initialize pointer
434  selectedEntry = NULL;
435 
436  //Loop through the list of access rights
437  for(i = 0; i < SNMP_AGENT_ACCESS_TABLE_SIZE; i++)
438  {
439  //Point to the current entry
440  entry = &context->accessTable[i];
441 
442  //Check current status
443  if(entry->status == MIB_ROW_STATUS_UNUSED)
444  continue;
445 
446  //Compare group name
447  if(osStrcmp(entry->groupName, groupName))
448  continue;
449 
450  //Compare security model
452  {
453  if(entry->securityModel != securityModel)
454  continue;
455  }
456 
457  //Compare security level
458  if(entry->securityLevel > securityLevel)
459  continue;
460 
461  //Retrieve the length of the context name prefix
462  n = osStrlen(entry->contextPrefix);
463 
464  //Check the length of the context name prefix
465  if(n > contextNameLen)
466  continue;
467 
468  //Compare context name prefix
469  if(osStrncmp(entry->contextPrefix, contextName, n))
470  continue;
471 
472  //Exact match?
474  {
475  //The contextName must match exactly
476  if(n != contextNameLen)
477  continue;
478  }
479 
480  //If this set has only one member, we're done otherwise, it comes down
481  //to deciding how to weight the preferences between ContextPrefixes,
482  //SecurityModels, and SecurityLevels (refer to RFC 3415, section 4)
483  if(selectedEntry == NULL)
484  acceptable = TRUE;
485  else if(entry->securityModel == SNMP_SECURITY_MODEL_ANY)
486  acceptable = FALSE;
487  else if(selectedEntry->securityModel == SNMP_SECURITY_MODEL_ANY)
488  acceptable = TRUE;
489  else if(osStrlen(selectedEntry->contextPrefix) == contextNameLen)
490  acceptable = FALSE;
491  else if(osStrlen(entry->contextPrefix) == contextNameLen)
492  acceptable = TRUE;
493  else if(osStrlen(selectedEntry->contextPrefix) > osStrlen(entry->contextPrefix))
494  acceptable = FALSE;
495  else if(osStrlen(entry->contextPrefix) > osStrlen(selectedEntry->contextPrefix))
496  acceptable = TRUE;
497  else if(selectedEntry->securityLevel >= entry->securityLevel)
498  acceptable = FALSE;
499  else
500  acceptable = TRUE;
501 
502  //Select the proper entry
503  if(acceptable)
504  selectedEntry = entry;
505  }
506 
507  //Return a pointer to the matching entry
508  return selectedEntry;
509 }
510 
511 
512 /**
513  * @brief Create a new view entry
514  * @param[in] context Pointer to the SNMP agent context
515  * @return Pointer to the newly created entry
516  **/
517 
519 {
520  uint_t i;
521  SnmpViewEntry *entry;
522 
523  //Initialize pointer
524  entry = NULL;
525 
526  //Loop through the list of MIB views
527  for(i = 0; i < SNMP_AGENT_VIEW_TABLE_SIZE; i++)
528  {
529  //Check current status
530  if(context->viewTable[i].status == MIB_ROW_STATUS_UNUSED)
531  {
532  //An unused entry has been found
533  entry = &context->viewTable[i];
534  //We are done
535  break;
536  }
537  }
538 
539  //Check whether the group table runs out of space
540  if(entry == NULL)
541  {
542  //Loop through the list of MIB views
543  for(i = 0; i < SNMP_AGENT_VIEW_TABLE_SIZE; i++)
544  {
545  //Check current status
546  if(context->viewTable[i].status == MIB_ROW_STATUS_NOT_READY)
547  {
548  //Reuse the current entry
549  entry = &context->viewTable[i];
550  //We are done
551  break;
552  }
553  }
554  }
555 
556  //Return a pointer to the newly created entry
557  return entry;
558 }
559 
560 
561 /**
562  * @brief Search the view table for a given entry
563  * @param[in] context Pointer to the SNMP agent context
564  * @param[in] viewName View name
565  * @param[in] subtree Pointer to the MIB subtree
566  * @param[in] subtreeLen Length of the MIB subtree
567  * @return Pointer to the matching entry
568  **/
569 
571  const char_t *viewName, const uint8_t *subtree, size_t subtreeLen)
572 {
573  uint_t i;
574  SnmpViewEntry *entry;
575 
576  //Loop through the list of MIB views
577  for(i = 0; i < SNMP_AGENT_VIEW_TABLE_SIZE; i++)
578  {
579  //Point to the current entry
580  entry = &context->viewTable[i];
581 
582  //Check current status
583  if(entry->status != MIB_ROW_STATUS_UNUSED)
584  {
585  //Compare view name
586  if(!osStrcmp(entry->viewName, viewName))
587  {
588  //Check the length of the subtree
589  if(entry->subtreeLen == subtreeLen)
590  {
591  //Compare subtree
592  if(!osMemcmp(entry->subtree, subtree, subtreeLen))
593  {
594  //A matching entry has been found
595  break;
596  }
597  }
598  }
599  }
600  }
601 
602  //Return a pointer to the matching entry
604  return entry;
605  else
606  return NULL;
607 }
608 
609 
610 /**
611  * @brief Find a view entry that matches the selection criteria
612  * @param[in] context Pointer to the SNMP agent context
613  * @param[in] viewName NULL-terminated string that contains the view name
614  * @param[in] oid OID for the managed object
615  * @param[in] oidLen Length of the OID, in bytes
616  * @return Pointer to the matching entry
617  **/
618 
620  const char_t *viewName, const uint8_t *oid, size_t oidLen)
621 {
622  uint_t i;
623  uint_t subtreeLen;
624  uint_t selectedSubtreeLen;
625  bool_t acceptable;
626  SnmpViewEntry *entry;
627  SnmpViewEntry *selectedEntry;
628 
629  //Initialize pointer
630  selectedEntry = NULL;
631 
632  //Loop through the list of MIB views
633  for(i = 0; i < SNMP_AGENT_VIEW_TABLE_SIZE; i++)
634  {
635  //Point to the current entry
636  entry = &context->viewTable[i];
637 
638  //Check current status
639  if(entry->status == MIB_ROW_STATUS_UNUSED)
640  continue;
641 
642  //Compare view name
643  if(osStrcmp(entry->viewName, viewName))
644  continue;
645 
646  //Check whether the OID matches the subtree (the mask allows for a
647  //simple form of wildcarding)
648  if(!oidMatch(oid, oidLen, entry->subtree, entry->subtreeLen,
649  entry->mask, entry->maskLen))
650  {
651  continue;
652  }
653 
654  //First matching entry?
655  if(selectedEntry == NULL)
656  {
657  acceptable = TRUE;
658  }
659  else
660  {
661  //Calculate the number of sub-identifiers of the subtree
662  subtreeLen = oidCountSubIdentifiers(entry->subtree,
663  entry->subtreeLen);
664 
665  //Calculate the number of sub-identifiers of the currently selected
666  //subtree
667  selectedSubtreeLen = oidCountSubIdentifiers(selectedEntry->subtree,
668  selectedEntry->subtreeLen);
669 
670  //If multiple entries match, then select the entry whose value of
671  //vacmViewTreeFamilySubtree has the most sub-identifiers. If multiple
672  //entries match and have the same number of sub-identifiers, then the
673  //lexicographically greatest instance of vacmViewTreeFamilyType is
674  //selected
675  if(selectedSubtreeLen > subtreeLen)
676  {
677  acceptable = FALSE;
678  }
679  else if(subtreeLen > selectedSubtreeLen)
680  {
681  acceptable = TRUE;
682  }
683  else if(oidComp(selectedEntry->subtree, selectedEntry->subtreeLen,
684  entry->subtree, entry->subtreeLen) > 0)
685  {
686  acceptable = FALSE;
687  }
688  else if(oidComp(entry->subtree, entry->subtreeLen,
689  selectedEntry->subtree, selectedEntry->subtreeLen) > 0)
690  {
691  acceptable = TRUE;
692  }
693  else if(selectedEntry->type >= entry->type)
694  {
695  acceptable = FALSE;
696  }
697  else
698  {
699  acceptable = TRUE;
700  }
701  }
702 
703  //Select the proper entry
704  if(acceptable)
705  selectedEntry = entry;
706  }
707 
708  //Return a pointer to the matching entry
709  return selectedEntry;
710 }
711 
712 #endif
uint8_t subtree[SNMP_MAX_OID_SIZE]
char_t writeViewName[SNMP_MAX_VIEW_NAME_LEN+1]
SnmpSecurityModel securityModel
int bool_t
Definition: compiler_port.h:49
SnmpViewEntry * snmpCreateViewEntry(SnmpAgentContext *context)
Create a new view entry.
SnmpSecurityModel
Security models.
OID (Object Identifier)
char_t contextPrefix[SNMP_MAX_CONTEXT_NAME_LEN+1]
#define TRUE
Definition: os_port.h:50
char_t groupName[SNMP_MAX_GROUP_NAME_LEN+1]
size_t subtreeLen
#define osMemcmp(p1, p2, length)
Definition: os_port.h:146
SnmpGroupEntry * snmpFindGroupEntry(SnmpAgentContext *context, uint_t securityModel, const char_t *securityName, size_t securityNameLen)
Search the group table.
SnmpGroupEntry * snmpCreateGroupEntry(SnmpAgentContext *context)
Create a new group entry.
#define SNMP_AGENT_VIEW_TABLE_SIZE
Definition: snmp_agent.h:104
#define osStrcmp(s1, s2)
Definition: os_port.h:158
SnmpViewEntry * snmpSelectViewEntry(SnmpAgentContext *context, const char_t *viewName, const uint8_t *oid, size_t oidLen)
Find a view entry that matches the selection criteria.
char_t securityName[SNMP_MAX_GROUP_NAME_LEN+1]
#define osStrlen(s)
Definition: os_port.h:152
SnmpAccessEntry * snmpCreateAccessEntry(SnmpAgentContext *context)
Create a new access entry.
char_t groupName[SNMP_MAX_GROUP_NAME_LEN+1]
SnmpAccessEntry * snmpSelectAccessEntry(SnmpAgentContext *context, const char_t *groupName, const char_t *contextName, size_t contextNameLen, SnmpSecurityModel securityModel, SnmpSecurityLevel securityLevel)
Find an access entry that matches the selection criteria.
int_t oidComp(const uint8_t *oid1, size_t oidLen1, const uint8_t *oid2, size_t oidLen2)
Compare object identifiers.
Definition: oid.c:101
size_t maskLen
#define SNMP_AGENT_ACCESS_TABLE_SIZE
Definition: snmp_agent.h:97
SNMP agent (Simple Network Management Protocol)
char_t readViewName[SNMP_MAX_VIEW_NAME_LEN+1]
#define FALSE
Definition: os_port.h:46
char_t notifyViewName[SNMP_MAX_VIEW_NAME_LEN+1]
error_t
Error codes.
Definition: error.h:42
SnmpContextMatch contextMatch
SnmpViewType type
bool_t oidMatch(const uint8_t *oid, size_t oidLen, const uint8_t *subtree, size_t subtreeLen, const uint8_t *mask, size_t maskLen)
Check whether an OID matches the specified subtree.
Definition: oid.c:146
MibRowStatus status
General definitions for cryptographic algorithms.
uint8_t oid[1]
Definition: mib_common.h:186
SnmpViewEntry * snmpFindViewEntry(SnmpAgentContext *context, const char_t *viewName, const uint8_t *subtree, size_t subtreeLen)
Search the view table for a given entry.
View-based Access Control Model (VACM) for SNMP.
char_t viewName[SNMP_MAX_VIEW_NAME_LEN+1]
char char_t
Definition: compiler_port.h:43
Ipv6Addr contextPrefix
Definition: ndp.h:518
error_t snmpIsAccessAllowed(SnmpAgentContext *context, const SnmpMessage *message, const uint8_t *oid, size_t oidLen)
Access control verification.
SnmpSecurityLevel securityLevel
MibRowStatus status
uint_t oidCountSubIdentifiers(const uint8_t *oid, size_t oidLen)
Calculate the number of sub-identifiers.
Definition: oid.c:287
uint8_t n
uint8_t mask[SNMP_MAX_BIT_MASK_SIZE]
View table entry.
Access table entry.
uint8_t message[]
Definition: chap.h:152
SNMP message.
SnmpSecurityModel securityModel
#define SnmpAgentContext
Definition: snmp_agent.h:36
#define osStrncmp(s1, s2, length)
Definition: os_port.h:164
SnmpSecurityLevel
Security levels.
Group table entry.
unsigned int uint_t
Definition: compiler_port.h:45
TCP/IP stack core.
Success.
Definition: error.h:44
Debugging facilities.
ASN.1 (Abstract Syntax Notation One)
#define SNMP_AGENT_GROUP_TABLE_SIZE
Definition: snmp_agent.h:90
SnmpAccessEntry * snmpFindAccessEntry(SnmpAgentContext *context, const char_t *groupName, const char_t *contextPrefix, uint_t securityModel, uint_t securityLevel)
Search the access table for a given entry.
MibRowStatus status