Up to [local] / src / usr.sbin / snmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.46, Tue Jun 30 17:11:49 2020 UTC (3 years, 11 months ago) by martijn
Branch: MAIN
CVS Tags: HEAD
Changes since 1.45: +1 -1 lines
FILE REMOVED
Remove agentx and control socket support. snmpctl has been removed two releases ago, which makes the control interface obsolete. agentx support has always been quirky at best, but got completely broken with the BER_MAX_OID_LEN increase in ber.h. This change resulted in the oid length on the snmp side being left uninitialized because of size difference, resulting in weird behaviour. No one reported the breakage, even after 6.7 was released. This change requires users to remove the socket keyword from their snmpd.conf. OK denis@
Revision 1.45 / (download) - annotate - [select for diffs], Tue Jan 28 15:42:10 2020 UTC (4 years, 4 months ago) by bket
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.44: +2 -5 lines
Diff to previous 1.44 (colored)
usr.sbin/snmpd: replace TAILQ concatenation loop with TAILQ_CONCAT OK florian@, martijn@. reads ok benno@
Revision 1.44 / (download) - annotate - [select for diffs], Sun Aug 5 09:33:13 2018 UTC (5 years, 10 months ago) by mestre
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.43: +1 -10 lines
Diff to previous 1.43 (colored)
Remove cpath pledge(2) promise. We decided that not deleting the unix control sockets cause no harm and this way we close another attack surface by not allowing the daemon to create/delete any more files. While here also scramble pledge promises to their canonical form. OK florian@
Revision 1.43 / (download) - annotate - [select for diffs], Sun Jun 17 18:19:59 2018 UTC (5 years, 11 months ago) by rob
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
Bring snmpd agentx.c closer in line with relayd. ok benno@, "sure" deraadt@
Revision 1.42 / (download) - annotate - [select for diffs], Fri Apr 21 13:50:23 2017 UTC (7 years, 1 month ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
Repair AgentX support. which I broke when adding support for multiple listen address. SNMP data should be sent to the client using the appropriate socket, which we now store when we receive the query. Reported & fix tested by Rivo Nurges.
Revision 1.41 / (download) - annotate - [select for diffs], Mon Jan 9 14:49:22 2017 UTC (7 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
Stop accessing verbose and debug variables from log.c directly. This replaces log_verbose() and "extern int verbose" with the two functions log_setverbose() and log_getverbose(). Pointed out by benno@ OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
Revision 1.40 / (download) - annotate - [select for diffs], Fri Nov 18 16:16:39 2016 UTC (7 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
Add support for multiple listening sockets One can now specify multiple "listen on" statements. The default is to listen on 0.0.0.0 and ::, which means better handling of dual-stack setups. ok sthen@ on a previous version, input and ok reyk@.
Revision 1.39 / (download) - annotate - [select for diffs], Fri Sep 2 13:28:36 2016 UTC (7 years, 9 months ago) by eric
Branch: MAIN
Changes since 1.38: +4 -7 lines
Diff to previous 1.38 (colored)
use imsg_read_nofd() implementation from bgpd. let the caller handle EAGAIN. ok reyk@ gilles@
Revision 1.38 / (download) - annotate - [select for diffs], Mon Jan 25 08:24:30 2016 UTC (8 years, 4 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)
avoid a potential double free ok blambert@
Revision 1.37 / (download) - annotate - [select for diffs], Sat Dec 5 13:14:40 2015 UTC (8 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.36: +3 -2 lines
Diff to previous 1.36 (colored)
EAGAIN handling for imsg_read. OK henning@ benno@
Revision 1.36 / (download) - annotate - [select for diffs], Sat Dec 5 06:42:18 2015 UTC (8 years, 6 months ago) by mmcc
Branch: MAIN
Changes since 1.35: +3 -5 lines
Diff to previous 1.35 (colored)
strings.h -> string.h to prevent an implicit declaration warning. Also remove a handful of NULL-checks before free().
Revision 1.35 / (download) - annotate - [select for diffs], Mon Nov 23 19:31:52 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.34: +4 -7 lines
Diff to previous 1.34 (colored)
Use SOCK_NONBLOCK to replace socket_set_blockmode() and fcntl(..O_NONBLOCK). (SOCK_CLOEXEC should also be added where it is appropriate, but this is OBnot done in this commit yet.) OK claudio@
Revision 1.34 / (download) - annotate - [select for diffs], Sat Nov 21 13:09:47 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
While here, fix two size format string warnings.
Revision 1.33 / (download) - annotate - [select for diffs], Mon Oct 19 09:32:51 2015 UTC (8 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
Fix control_imsg_forward() by changing imsg_compose() to imsg_compose_event(). This was done by pyr@'s in relayd/control.c -r1.32 (2009/06/05, ok eric@) but somehow didn't slip into other daemons that imported control.c.
Revision 1.32 / (download) - annotate - [select for diffs], Mon Oct 19 09:17:23 2015 UTC (8 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.31: +5 -5 lines
Diff to previous 1.31 (colored)
Print control socket client fd in debug message to differentiate between control connections. Helps to debug problems.
Revision 1.31 / (download) - annotate - [select for diffs], Sat Oct 17 10:20:33 2015 UTC (8 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.30: +38 -23 lines
Diff to previous 1.30 (colored)
Tighten up snmpd's control socket: do not allow users to terminate the daemon by sending corrupted imsgs to snmpd. This is especially important for the optional world-writeable restricted socket that is used for AgentX. In particular, don't fatal() in the daemon when imsg size checks on control messages fail, do stricter validation of expected messages (even assert zero-length imsgs), don't continue and close the control socket on suspicious input, print a debug log message on error. OK gilles@ "the rationale behind it is quite clear"
Revision 1.30 / (download) - annotate - [select for diffs], Fri Oct 2 13:13:05 2015 UTC (8 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.29: +26 -2 lines
Diff to previous 1.29 (colored)
Adopt smtpd's imsg_read_nofd() to mitigate the risk of user-injected file descriptor leakage from the optional world-writable _restricted_ control socket. OK gilles@ blambert@
Revision 1.29 / (download) - annotate - [select for diffs], Thu May 28 17:08:09 2015 UTC (9 years ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.28: +1 -2 lines
Diff to previous 1.28 (colored)
Do not try to unlink the control socket in an unprivileged child process on shutdown. Found while working on tame(2). OK benno@
Revision 1.28 / (download) - annotate - [select for diffs], Fri Jan 16 00:05:13 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.27: +1 -2 lines
Diff to previous 1.27 (colored)
first batch of cleanup to programs based upon the namespace cleanups in net/pfvar.h sys/proc.h sys/ucred.h arpa/nameser.h change to PATH_MAX, reduce use of MIN() and MAX(), HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc etc ok millert guenther, some review by doug
Revision 1.27 / (download) - annotate - [select for diffs], Wed Nov 19 10:19:00 2014 UTC (9 years, 6 months ago) by blambert
Branch: MAIN
Changes since 1.26: +158 -10 lines
Diff to previous 1.26 (colored)
add support for AgentX subagents in snmpd snmp requests are now packaged into pseudo-continuations to allow for being dispatched to seperate processes; lightly tested for interoperability with NetSNMP, but doesn't implement the complete set of AgentX messages while here, clean up return types of mps_get* functions, and make smi_insert refuse to insert duplicate OIDs okay benno@ reyk@
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jul 12 14:15:04 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
Sync msgbuf_write() changes from relayd. Please note that proc.c should be kept identical in relayd, iked and snmpd (currently without the includes). ok benno@
Revision 1.25 / (download) - annotate - [select for diffs], Tue Jun 3 06:25:47 2014 UTC (10 years ago) by yasuoka
Branch: MAIN
Changes since 1.24: +4 -8 lines
Diff to previous 1.24 (colored)
Handle the event parameter of libevent callback function as a bit mask. Also remove redundant imsg_event_add calls. Fixes come from usr.sbin/ospfd/control.c ok reyk
Revision 1.24 / (download) - annotate - [select for diffs], Fri Apr 25 11:12:14 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.23: +2 -3 lines
Diff to previous 1.23 (colored)
Remove NULL pointer dereference, which jsg insists I not call a use-after free, from error path. found by and ok jsg@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Apr 21 19:47:27 2014 UTC (10 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
Copy the updated proc.c from relayd to use the same file. Adjust snmpd accordingly. ok sthen@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Apr 14 12:55:10 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.21: +218 -43 lines
Diff to previous 1.21 (colored)
Make snmpd use the AgentX protcol for accepting trap requests. AgentX notifications are the only portion implemented right now; get in the tree to flesh out the remainder. ok reyk@ benno@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Nov 26 12:02:22 2013 UTC (10 years, 6 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.20: +1 -2 lines
Diff to previous 1.20 (colored)
remove "clever" shortcut that might bite later, ok gilles benno
Revision 1.20 / (download) - annotate - [select for diffs], Wed Nov 13 20:45:19 2013 UTC (10 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
handle msgbuf_write() returning EAGAIN ok reyk
Revision 1.19 / (download) - annotate - [select for diffs], Thu Oct 17 08:42:44 2013 UTC (10 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.18: +53 -45 lines
Diff to previous 1.18 (colored)
Update snmpd(8) to use the proc.c privsep style from iked and relayd. ok sthen@ deraadt@
Revision 1.18 / (download) - annotate - [select for diffs], Mon Mar 11 17:40:11 2013 UTC (11 years, 3 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.17: +3 -2 lines
Diff to previous 1.17 (colored)
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
Revision 1.17 / (download) - annotate - [select for diffs], Thu Nov 29 14:53:24 2012 UTC (11 years, 6 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)
Wrong argument was passed to control_dispatch_imsg(). Use always (struct imsgev *)->data for the argument of imsgev handlers. ok reyk
Revision 1.16 / (download) - annotate - [select for diffs], Tue Sep 18 08:29:09 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.15: +6 -5 lines
Diff to previous 1.15 (colored)
knf
Revision 1.15 / (download) - annotate - [select for diffs], Wed Apr 11 08:33:53 2012 UTC (12 years, 2 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.14: +2 -3 lines
Diff to previous 1.14 (colored)
delete excessive evtimer_pending; ok claudio
Revision 1.14 / (download) - annotate - [select for diffs], Sun Apr 8 02:57:40 2012 UTC (12 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.13: +34 -10 lines
Diff to previous 1.13 (colored)
add the evtimout rate-limiting code for accept() here too. eyed a little by joel
Revision 1.13 / (download) - annotate - [select for diffs], Fri May 14 11:52:19 2010 UTC (14 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
Use calloc() instead of malloc() to allocate the connection structure. This way the memory is zeroed. This is equivalent to the relayd commit by reyk. OK reyk, jsg
Revision 1.12 / (download) - annotate - [select for diffs], Wed Dec 2 19:10:02 2009 UTC (14 years, 6 months ago) by mk
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
log_warn() consistency. `OK' claudio
Revision 1.11 / (download) - annotate - [select for diffs], Thu Nov 26 17:32:47 2009 UTC (14 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)
sync snmp_imsg_hdr with imsg_hdr and unbreak the snmp trap interface
Revision 1.10 / (download) - annotate - [select for diffs], Sat Jun 6 05:52:01 2009 UTC (15 years ago) by pyr
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.9: +19 -18 lines
Diff to previous 1.9 (colored)
sync snmpd with the common imsg code, making it lib ready as well. ok eric@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Feb 25 17:09:55 2009 UTC (15 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.8: +4 -2 lines
Diff to previous 1.8 (colored)
Fix an invalid pointer dereference in control_close(). If control_connbyfd() fails -- which should never happen -- the function does not return and is accession the NULL set control pointer later on. Found by Matthew Haub. OK deraadt@
Revision 1.8 / (download) - annotate - [select for diffs], Fri Sep 26 15:19:55 2008 UTC (15 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.7: +37 -25 lines
Diff to previous 1.7 (colored)
allow to add an additional restricted control socket for trap sending only (not even show commands). this allows to place a socket for traps in another daemon's chroot. (based on restricted socket support from bgpd)
Revision 1.7 / (download) - annotate - [select for diffs], Thu Feb 7 11:33:26 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.6: +20 -1 lines
Diff to previous 1.6 (colored)
add a imsg which allows to "lock" the control connection, the restricted connection will reject any commands except snmp traps.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Feb 7 11:11:59 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
spacing
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 31 12:17:35 2008 UTC (16 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jan 16 19:36:06 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
implementation of the SNMP trap sender interface
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jan 16 09:42:29 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
move trap code to an own file; there will be more
Revision 1.2 / (download) - annotate - [select for diffs], Wed Jan 16 09:36:30 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.1: +11 -1 lines
Diff to previous 1.1 (colored)
start working on an interface to send traps via snmpd.sock. userland applications will be able to send imsgs defining the trap to snmpd and the daemon will do the ASN.1/BER encoding before sending traps to the registered receivers. there are two advantages of this approach that a) the applications do not need to handle any ASN.1/BER encoding and b) snmpd will provide a central interface to define trap receivers. discussed with thib and others
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 5 09:22:44 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Start working on snmpd(8) and snmpctl(8), a lightweight SNMP implementation for OpenBSD. SNMP is a necessary evil. This is work in progress, don't expect too much from it yet. ok deraadt@