Up to [local] / src / usr.sbin / snmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.13 / (download) - annotate - [select for diffs], Sun Nov 12 16:07:34 2023 UTC (6 months, 3 weeks ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.12: +1 -5 lines
Diff to previous 1.12 (colored)
Now that the last consumer of mps.c is gone, remove it and its application_legacy.c companion. OK tb@
Revision 1.12 / (download) - annotate - [select for diffs], Sun Nov 12 16:03:41 2023 UTC (6 months, 3 weeks ago) by martijn
Branch: MAIN
Changes since 1.11: +3 -1 lines
Diff to previous 1.11 (colored)
Move snmpd.conf's oid keyword into application_internal.c. These objects get registered under their own backend name, so that they can't overlap with the internal regions. This removes the last consumer of mps.c OK tb@
Revision 1.11 / (download) - annotate - [select for diffs], Wed Nov 8 20:07:14 2023 UTC (6 months, 4 weeks ago) by martijn
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)
Let usm_make_report() utilize appl_report(). usm_make_report utilized mps_getstr(), which after moving the SNMPv2-SMI::snmpV2 into application_internal returned a noSuchObject. This doesn't seem to have broken any tools that I'm aware of, but this returns the correct result. OK tb@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Nov 8 19:46:28 2023 UTC (6 months, 4 weeks ago) by martijn
Branch: MAIN
Changes since 1.9: +2 -1 lines
Diff to previous 1.9 (colored)
export SNMP-TARGET-MIB::{snmpUnavailableContexts,snmpUnknownContexts} via application_internal. OK tb@
Revision 1.9 / (download) - annotate - [select for diffs], Mon Nov 6 11:02:57 2023 UTC (7 months ago) by martijn
Branch: MAIN
Changes since 1.8: +4 -1 lines
Diff to previous 1.8 (colored)
Readd the sysORTable based on the new struct appl_agentcap. OK tb@
Revision 1.8 / (download) - annotate - [select for diffs], Mon Nov 6 11:00:46 2023 UTC (7 months ago) by martijn
Branch: MAIN
Changes since 1.7: +5 -1 lines
Diff to previous 1.7 (colored)
Allow agent capabilities to be stored on a per appl_context basis. This is needed for AgentX's {add,remove}agentcaps, and the sysORTable. OK tb@
Revision 1.7 / (download) - annotate - [select for diffs], Sat Nov 4 09:22:52 2023 UTC (7 months ago) by martijn
Branch: MAIN
Changes since 1.6: +5 -1 lines
Diff to previous 1.6 (colored)
Introduce application_internal.c. This backend is meant to replace application_legacy.c, mps.c, and mib.c. This commit just introduces the backend. The existing MIBs inside mib.c will be copied over in subsequent commits. OK tb@
Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 24 13:28:11 2023 UTC (7 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.5: +3 -1 lines
Diff to previous 1.5 (colored)
Always check if the context is available inside appl_agentx_recv(). Not every PDU goes through application.c. OK tb@
Revision 1.5 / (download) - annotate - [select for diffs], Thu Sep 1 14:34:17 2022 UTC (21 months, 1 week ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)
Add privilege separation to snmpd. This uses the just imported snmpd_metrics as a new (agentx-based) backend. Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions registered by these binaries as authorative, so that no other agentx backends can overwrite them. The snmpe process is now pledged "stdio recvfd inet unix". This removes quite a few entries from the sysORTable, but the current entries are non-compliant anyway and should be completely revisisted at a later time. Reduces the time for a full walk by about a factor of 4, bringing us close to the original speed before application.c was introduced. General design discussed with claudio@ Tested by and OK sthen Release build test and OK tb@
Revision 1.4 / (download) - annotate - [select for diffs], Mon Aug 29 13:19:05 2022 UTC (21 months, 1 week ago) by martijn
Branch: MAIN
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)
Let snmpd check a response package against the requested searchrange end. If the returned OID is beyond the searchrange end we have two cases: - If the backend supports searchranges (agentx) we generate a GENERR and close the connection. - If the backend doesn't support searchranges (legacy and maybe a future snmp proxy) we simply fix-up the result. OK tb@
Revision 1.3 / (download) - annotate - [select for diffs], Tue Aug 23 08:56:20 2022 UTC (21 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.2: +7 -1 lines
Diff to previous 1.2 (colored)
(Re)add support for agentx in snmpd Current omissions in protocol support are notifications, index (de)allocation, and agent capabilities. Help testing sthen@ Feedback/tweaks/OK jmatthew@
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jun 30 11:28:36 2022 UTC (23 months, 1 week ago) by martijn
Branch: MAIN
Changes since 1.1: +5 -1 lines
Diff to previous 1.1 (colored)
Introduce a blocklist backend and keyword. This allows the admin to specify a full region of the OID tree to be blocked and simply returns NOSUCHOBJECT/ENDOFMIBVIEW. This deprecates filter-pf-addresses in favour of: blocklist pfTblAddrTable OK tb@
Revision 1.1 / (download) - annotate - [select for diffs], Wed Jan 19 10:59:35 2022 UTC (2 years, 4 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Add the new application layer. Changes include: - Asynchronous design, which should allow us to cleanly implement agentx support. - Cluster requests when sending them to backends - Return a better error code in a lot of cases. - Allow bulkget to return row by row instead of column by column (as per RFC3416) - Better SNMPv1 mapping as per RFC3584 - Allow registration of overlapping regions. - Stricter OID comparison. - We loose write support. Previous write support didn't guarantee atomicity, wasn't persistent across restarts and didn't implement anything useful. This can be added later if it's missed. - This is quite a bit slower, but this should clear up once the current mps.c and mib.c code gets pushed out. Other tricks could help speed things up, but I don't want to resort to extra tricks if it's not needed. - More detailed debugging output. This commit is stand-alone and gets hooked in with the following commit. "Looks good at first glance" benno@ minor issues pointed out by and OK jmatthew@ Performance loss aceptable to sthen@ tested as part of larger diff by sthen@ and Joel Carnat