![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / snmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.90 / (download) - annotate - [select for diffs], Tue Feb 20 12:32:48 2024 UTC (3 months, 1 week ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.89: +8 -4 lines
Diff to previous 1.89 (colored)
trap receiver is special in that the OID is optional. Make sure that we accept a NULL descriptor, which results in an OID length of 0. Found by and OK sthen@
Revision 1.89 / (download) - annotate - [select for diffs], Tue Feb 6 15:36:11 2024 UTC (3 months, 3 weeks ago) by martijn
Branch: MAIN
Changes since 1.88: +228 -92 lines
Diff to previous 1.88 (colored)
Let the config parser make use of the mib_string2oid(). If a descriptor is not found in the loaded MIB files it falls back to the old smi_oid2string(), which then throws a deprecation warning. This won't trigger for most cases in the default install, but the UCD-DISKIO-MIB and dependencies aren't included (yet?) (which can be fixed by manually including them via "mib directory") and there's a couple of misspellings (e.g. mib_2 vs mib-2, and usmStatsNotInTimeWindow vs usmStatsNotInTimeWindows). Feedback and OK tb@
Revision 1.88 / (download) - annotate - [select for diffs], Tue Feb 6 12:44:27 2024 UTC (3 months, 3 weeks ago) by martijn
Branch: MAIN
Changes since 1.87: +3 -1 lines
Diff to previous 1.87 (colored)
Replace most smi_oid2string() calls with the new mib_oid2string(). smi_oid2string() is still called from trap handle context to not break any existing scripts. OK tb@
Revision 1.87 / (download) - annotate - [select for diffs], Tue Feb 6 12:39:13 2024 UTC (3 months, 3 weeks ago) by martijn
Branch: MAIN
Changes since 1.86: +16 -1 lines
Diff to previous 1.86 (colored)
Load MIB files during startup. The default directory is /usr/share/snmp/mibs, but one or more directories can be configured via the "mib directory" option. OK tb@
Revision 1.86 / (download) - annotate - [select for diffs], Thu Dec 21 12:43:31 2023 UTC (5 months, 1 week ago) by martijn
Branch: MAIN
Changes since 1.85: +16 -15 lines
Diff to previous 1.85 (colored)
Clean up snmpd's header situation. With the help of tb@ and include-what-you-use. OK tb@
Revision 1.85 / (download) - annotate - [select for diffs], Mon Dec 18 16:58:26 2023 UTC (5 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.84: +14 -11 lines
Diff to previous 1.84 (colored)
Add a family argument to host(). This allows us to force a specific address family for source-address, which must be in line with the destination address. OK jca@
Revision 1.84 / (download) - annotate - [select for diffs], Mon Dec 18 16:56:01 2023 UTC (5 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.83: +4 -3 lines
Diff to previous 1.83 (colored)
Fix copy-paste error for setting source-address in trap receiver. OK jca@
Revision 1.83 / (download) - annotate - [select for diffs], Tue Nov 21 08:47:04 2023 UTC (6 months, 1 week ago) by martijn
Branch: MAIN
Changes since 1.82: +2 -8 lines
Diff to previous 1.82 (colored)
Make RTFILTER/filter-routes a simple boolean assignment, since the specific value isn't used anymore, and is just used to generate an argument for snmpd_metrics. OK tb@
Revision 1.82 / (download) - annotate - [select for diffs], Sun Nov 12 20:04:35 2023 UTC (6 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.81: +14 -20 lines
Diff to previous 1.81 (colored)
Now that smi.c is basically an oid/name translator, let smi_insert() create the struct oid and let parse.y supply the arguments. OK tb@
Revision 1.81 / (download) - annotate - [select for diffs], Sun Nov 12 16:03:41 2023 UTC (6 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.80: +41 -34 lines
Diff to previous 1.80 (colored)
Move snmpd.conf's oid keyword into application_internal.c. These objects get registered under their own backend name, so that they can't overlap with the internal regions. This removes the last consumer of mps.c OK tb@
Revision 1.80 / (download) - annotate - [select for diffs], Sat Nov 4 09:38:47 2023 UTC (6 months, 3 weeks ago) by martijn
Branch: MAIN
Changes since 1.79: +94 -13 lines
Diff to previous 1.79 (colored)
Move SNMPv2-MIB::system from mib.c into the new application_internal.c.
This was the last consumer of mib.c, so send it to the great bitbucket
in the sky.
This move removes the sysORTable, but it was basically non-functioning
anyway and removal of previous entries from the table didn't caused
any fallout that reached my ears.
I hope to add proper sysORTable/agent-capabilities support, which
is compatible with AgentX's {Add,Remove}AgentCaps, soon.
OK tb@
Revision 1.79 / (download) - annotate - [select for diffs], Tue Oct 24 08:41:20 2023 UTC (7 months, 1 week ago) by martijn
Branch: MAIN
Changes since 1.78: +2 -23 lines
Diff to previous 1.78 (colored)
Remove filter-pf-addresses. This feature has been deprecated since 7.2 in favour of 'blocklist pfTblAddrTable'. OK tb@
Revision 1.78 / (download) - annotate - [select for diffs], Thu Oct 6 14:41:08 2022 UTC (19 months, 3 weeks ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.77: +1 -5 lines
Diff to previous 1.77 (colored)
Remove a lot of old (dead) code that's either been superseded, or moved to snmpd_metrics. OK benno@ sthen@
Revision 1.77 / (download) - annotate - [select for diffs], Tue Aug 23 08:56:20 2022 UTC (21 months, 1 week ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.76: +171 -1 lines
Diff to previous 1.76 (colored)
(Re)add support for agentx in snmpd Current omissions in protocol support are notifications, index (de)allocation, and agent capabilities. Help testing sthen@ Feedback/tweaks/OK jmatthew@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Jun 30 11:53:07 2022 UTC (23 months ago) by martijn
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)
Be more explicit in filter-pf-addresses deprication message by mentioning blocklist pfTblAddrTable in full. Requested by and OK sthen@, who also OKed the previous commit.
Revision 1.75 / (download) - annotate - [select for diffs], Thu Jun 30 11:28:36 2022 UTC (23 months ago) by martijn
Branch: MAIN
Changes since 1.74: +35 -3 lines
Diff to previous 1.74 (colored)
Introduce a blocklist backend and keyword. This allows the admin to specify a full region of the OID tree to be blocked and simply returns NOSUCHOBJECT/ENDOFMIBVIEW. This deprecates filter-pf-addresses in favour of: blocklist pfTblAddrTable OK tb@
Revision 1.74 / (download) - annotate - [select for diffs], Tue Jun 28 09:11:33 2022 UTC (23 months ago) by martijn
Branch: MAIN
Changes since 1.73: +6 -7 lines
Diff to previous 1.73 (colored)
Use smi_string2oid instead of ober_string2oid in parse.y's oid definition. This allows admins to configure oids as pretty symbolic names, next to the current numeric names. OK sthen@
Revision 1.73 / (download) - annotate - [select for diffs], Sun Nov 21 13:33:53 2021 UTC (2 years, 6 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.72: +10 -1 lines
Diff to previous 1.72 (colored)
getaddrinfo doesn't resolve numeric hostname in the !AI_NUMERICHOST case if family in resolv.conf is not set to its specific family. e.g. 0.0.0.0 will not resolve if family is set to "family inet6" Fix this by first trying to resolve with AI_NUMERIC set and if EAI_NONAME is returned (it's an actual hostname) retry with an empty ai_flags. bug reported by and OK sthen@
Revision 1.72 / (download) - annotate - [select for diffs], Mon Oct 25 11:21:32 2021 UTC (2 years, 7 months ago) by martijn
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)
If we use type to SNMP_V2 we should check against that. Reported by Johan Huldtgren (jhuldtgren <at> gmail <dot> com) via sthen@ OK sthen@
Revision 1.71 / (download) - annotate - [select for diffs], Wed Oct 20 16:00:47 2021 UTC (2 years, 7 months ago) by gerhard
Branch: MAIN
Changes since 1.70: +2 -1 lines
Diff to previous 1.70 (colored)
Add missing semicolon at the end of the listen_udptcp rule ok otto@
Revision 1.70 / (download) - annotate - [select for diffs], Fri Oct 15 15:01:29 2021 UTC (2 years, 7 months ago) by naddy
Branch: MAIN
Changes since 1.69: +6 -6 lines
Diff to previous 1.69 (colored)
Don't declare variables as "unsigned char *" that are passed to functions that take "char *" arguments. Where such chars are assigned to int or passed to ctype functions, explicitly cast them to unsigned char. For OpenBSD's clang, -Wpointer-sign has been disabled by default, but when the parse.y code was built elsewhere, the compiler would complain. With help from millert@ ok benno@ deraadt@
Revision 1.69 / (download) - annotate - [select for diffs], Sat Oct 9 18:43:50 2021 UTC (2 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.68: +1 -2 lines
Diff to previous 1.68 (colored)
delete unneccessary arpa/nameser.h includes ok millert
Revision 1.68 / (download) - annotate - [select for diffs], Thu Sep 2 05:41:02 2021 UTC (2 years, 8 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.67: +120 -25 lines
Diff to previous 1.67 (colored)
Allow snmpd(8) to send SNMPv3 traps. OK jmatthew@
Revision 1.67 / (download) - annotate - [select for diffs], Tue Aug 10 16:14:00 2021 UTC (2 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
Overlooked a listen_tcp that needed removal in previous commit. This caused listen on tcp lines to fail to parse. OK sthen@
Revision 1.66 / (download) - annotate - [select for diffs], Tue Aug 10 06:49:33 2021 UTC (2 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.65: +40 -59 lines
Diff to previous 1.65 (colored)
Allow "any" to be used as a listen on address. This is a convenient shorthand for listen on 0.0.0.0 listen on :: and was already the default behaviour if no listen on statement is present. This way it's easier to add additional listeners to the default (like trap receivers). Manpage feedback sthen@ schwarze@ Manpage OK jmc@ OK sthen@
Revision 1.65 / (download) - annotate - [select for diffs], Mon Aug 9 18:14:53 2021 UTC (2 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.64: +249 -3 lines
Diff to previous 1.64 (colored)
Allow setting the engineid. The previous engineid was based aronud the engine boottime and a random value, which gives problems when sending/receiving unacknowledged PDUs (trapv2) over SNMPv3 with authentication enabled, which need a consistent engineid across restarts to determine the correct user from the sender. The new default engineid takes a sha256 hash (chosen for its longer output) of gethostname(3) and places the first 27 bytes after the new format number 129. This should give us a very low probability of collisions, assuming all machines have a unique name. The other formats as specified in SNMP-FRAMEWORK-MIB (RFC3411) are also supported as well as arbitrary formats in the range 128-255 for other private enterprise numbers in hex format. OK jmatthew@
Revision 1.64 / (download) - annotate - [select for diffs], Sun Jun 20 19:55:48 2021 UTC (2 years, 11 months ago) by martijn
Branch: MAIN
Changes since 1.63: +37 -16 lines
Diff to previous 1.63 (colored)
Tighten default security for snmpd(8). This is done by doing several things: - Only allow SNMPv3 by default. SNMPv1 and SNMPv2c can be enabled by setting the new snmpv* flags on the "liston on" statements. - Remove the default community names. They're not secure to use. - Change the default seclevel to enc. Initial idea, help from and OK sthen@
Revision 1.63 / (download) - annotate - [select for diffs], Fri Jan 22 06:33:26 2021 UTC (3 years, 4 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.62: +71 -41 lines
Diff to previous 1.62 (colored)
Remove the traphandler process, which was nothing more then a sham. It did nothing more then receive a message over UDP, do some basic ber and ASN.1 parsing and forward the packet to the parent process. snmpe can do/does the same thing but with a far more thorough ASN.1 validation. Because we move trap receiving to snmpe we get trap over tcp for free. However, to make sure that a normal snmp port doesn't automatically start handling traps a new set of "listen on" flags are introduced: read, write, and notify. To enable trap handling either let snmpd listen on port 162 without flags, or add the notify flag. Only a flag without port results in listening on port 162. To keep current behaviour copy all UDP-based "listen on" lines without port and add the notify keyword: listen on 127.0.0.1 port 666 becomes listen on 127.0.0.1 port 666 listen on 127.0.0.1 notify This change also enforces snmpd to honor trap community on receiving a trap, where previously no community was checked before handling a packet. OK denis@, rob@
Revision 1.62 / (download) - annotate - [select for diffs], Fri Oct 30 07:43:48 2020 UTC (3 years, 7 months ago) by martijn
Branch: MAIN
Changes since 1.61: +3 -46 lines
Diff to previous 1.61 (colored)
Remove the old deprecated listen on syntax. OK deraadt@
Revision 1.61 / (download) - annotate - [select for diffs], Thu Sep 10 17:54:47 2020 UTC (3 years, 8 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.60: +134 -30 lines
Diff to previous 1.60 (colored)
Move the tcp/udp keyword before <address>. This allows for easier adding of different protocols in the future. The old syntax is still supported for for now, but will generate a deprecation warning and will be removed in a future release. While here add support for specifying a tcp/udp port. This will be used for snmp services, "trap handle" will still only run on port 162. Feedback and OK denis@
Revision 1.60 / (download) - annotate - [select for diffs], Sun Sep 6 15:51:28 2020 UTC (3 years, 8 months ago) by martijn
Branch: MAIN
Changes since 1.59: +92 -166 lines
Diff to previous 1.59 (colored)
Split "trap receiver" into its own trap_address struct and clean up the code surrounding this struct and struct address. No functional change intended, except that trap receiver's source-address may now be a resolvable hostname. Tweaks and OK jan@
Revision 1.59 / (download) - annotate - [select for diffs], Sun Aug 23 07:39:57 2020 UTC (3 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.58: +1 -2 lines
Diff to previous 1.58 (colored)
Merge listen_sock into address, since there's a 1:1 correlation. Save some overhead and 18LoC. OK jan@
Revision 1.58 / (download) - annotate - [select for diffs], Tue Jun 30 17:11:49 2020 UTC (3 years, 11 months ago) by martijn
Branch: MAIN
Changes since 1.57: +3 -44 lines
Diff to previous 1.57 (colored)
Remove agentx and control socket support. snmpctl has been removed two releases ago, which makes the control interface obsolete. agentx support has always been quirky at best, but got completely broken with the BER_MAX_OID_LEN increase in ber.h. This change resulted in the oid length on the snmp side being left uninitialized because of size difference, resulting in weird behaviour. No one reported the breakage, even after 6.7 was released. This change requires users to remove the socket keyword from their snmpd.conf. OK denis@
Revision 1.57 / (download) - annotate - [select for diffs], Thu Jan 2 10:55:53 2020 UTC (4 years, 5 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.56: +40 -36 lines
Diff to previous 1.56 (colored)
When many prefixes are stored in pf tables it is not sensible to export them via snmp. Introduce option filter-pf-addresses similar to filter-routes which prevents exporting below the OPENBSD-PF-MIB::pfTblAddrTable oid. Other pf table statistics are uneffected by this and still available. With this I can do a bulkwalk starting at pfMIBObjects without hitting timeouts and without spinning the cpu at 100% for days to export 300k prefixes. man page input kn OK claudio, sthen. martijn is also fine with it going in.
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Sun Oct 27 20:05:13 2019 UTC (4 years, 7 months ago) by tb
Branch: OPENBSD_6_6
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored) next main 1.56 (colored)
The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt OpenBSD 6.6 errata 002
Revision 1.56 / (download) - annotate - [select for diffs], Thu Oct 24 12:39:27 2019 UTC (4 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jun 11 05:36:32 2019 UTC (4 years, 11 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE
Branch point for: OPENBSD_6_6
Changes since 1.54: +13 -1 lines
Diff to previous 1.54 (colored)
Implement SHA-2 (RFC7860) support for authentication. OK claudio@, gerhard@
Revision 1.54 / (download) - annotate - [select for diffs], Wed Feb 13 22:57:08 2019 UTC (5 years, 3 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)
(unsigned) means (unsigned int) which on ptrdiff_t or size_t or other larger types really is a range reduction... Almost any cast to (unsigned) is a bug. ok millert tb benno
Revision 1.53 / (download) - annotate - [select for diffs], Thu Nov 1 00:18:44 2018 UTC (5 years, 7 months ago) by sashan
Branch: MAIN
Changes since 1.52: +3 -2 lines
Diff to previous 1.52 (colored)
- odd condition/test in PF lexer
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
Revision 1.52 / (download) - annotate - [select for diffs], Fri Sep 7 07:35:31 2018 UTC (5 years, 8 months ago) by miko
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.51: +4 -9 lines
Diff to previous 1.51 (colored)
replace malloc()+strlcpy() with strndup() in cmdline_symset(). "looks good" gilles@ halex@
Revision 1.51 / (download) - annotate - [select for diffs], Wed Jul 11 07:39:22 2018 UTC (5 years, 10 months ago) by krw
Branch: MAIN
Changes since 1.50: +4 -4 lines
Diff to previous 1.50 (colored)
Do for most running out of memory err() what was done for most running
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jul 9 12:05:11 2018 UTC (5 years, 10 months ago) by krw
Branch: MAIN
Changes since 1.49: +6 -6 lines
Diff to previous 1.49 (colored)
No need to mention which memory allocation entry point failed (malloc, calloc or strdup), we just need to log that we ran out of memory in a particular function. Recommended by florian@ and deraadt@ ok benno@ henning@ tb@
Revision 1.49 / (download) - annotate - [select for diffs], Sun Jul 8 17:15:07 2018 UTC (5 years, 10 months ago) by krw
Branch: MAIN
Changes since 1.48: +3 -3 lines
Diff to previous 1.48 (colored)
Be consistent in warn() and log_warn() usage when running out of memory. Next step, be correct *and* consistent. ok dennis@ tb@ benno@ schwarze@
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jun 11 18:16:45 2018 UTC (5 years, 11 months ago) by denis
Branch: MAIN
Changes since 1.47: +77 -47 lines
Diff to previous 1.47 (colored)
Fix an off-by-one line count when using include statements. Thanks to otto@ for the initial diff. OK benno@
Revision 1.47 / (download) - annotate - [select for diffs], Thu Apr 26 14:12:19 2018 UTC (6 years, 1 month ago) by krw
Branch: MAIN
Changes since 1.46: +3 -1 lines
Diff to previous 1.46 (colored)
Plug leak in error case of the common 'varset' implementations. ok benno@
Revision 1.46 / (download) - annotate - [select for diffs], Sun Apr 15 11:57:29 2018 UTC (6 years, 1 month ago) by mpf
Branch: MAIN
Changes since 1.45: +41 -22 lines
Diff to previous 1.45 (colored)
Add TCP support to snmpd. This implements RFC 3430, with the exception of processing multiple incoming requests in parallel (Section 2.1). This required too much code and is optional anyway. Initial review by reyk@, very thorough reviews by jca@. Thanks! OK jca@, gerhard@
Revision 1.45 / (download) - annotate - [select for diffs], Sun Aug 20 07:03:45 2017 UTC (6 years, 9 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.44: +4 -4 lines
Diff to previous 1.44 (colored)
Check that we haven't yet reached the end of the string before calling strcspn(3) instead of afterwards. Fixes an out-of-bound read that led to intermittent crashes experienced by rob in his regression test. ok rob
Revision 1.44 / (download) - annotate - [select for diffs], Fri Jul 28 13:15:32 2017 UTC (6 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
Use a format string for yyerror when printing a variable string. Pointed out by clang. (Not really a problem here since we control the string, but these things tend to get coppied around) ok gerhard@
Revision 1.43 / (download) - annotate - [select for diffs], Thu Jan 5 13:53:10 2017 UTC (7 years, 4 months ago) by krw
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.42: +2 -3 lines
Diff to previous 1.42 (colored)
Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with more modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@
Revision 1.42 / (download) - annotate - [select for diffs], Thu Jan 5 12:42:19 2017 UTC (7 years, 4 months ago) by krw
Branch: MAIN
Changes since 1.41: +7 -5 lines
Diff to previous 1.41 (colored)
Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ
with more modern TAILQ_FOREACH(). This what symget() was already
doing.
Add paranoia '{}' around body of symget()'s TAILQ_FOREACH().
No intentional functional change.
ok bluhm@ otto@
Revision 1.41 / (download) - annotate - [select for diffs], Fri Nov 18 16:16:39 2016 UTC (7 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.40: +21 -19 lines
Diff to previous 1.40 (colored)
Add support for multiple listening sockets One can now specify multiple "listen on" statements. The default is to listen on 0.0.0.0 and ::, which means better handling of dual-stack setups. ok sthen@ on a previous version, input and ok reyk@.
Revision 1.40 / (download) - annotate - [select for diffs], Wed Nov 9 20:31:56 2016 UTC (7 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.39: +38 -11 lines
Diff to previous 1.39 (colored)
Improve source IP address handling. - send replies using a source address equal to the destination address of queries, using IP_SENDSRCADDR. This help in multihomed setups and can remove the need to explicitely configure a bind address. - config knob to set the source address of packets sent to trap receivers. "trap receiver" gains an optional "source-address" setting. Source address issues reported by Andy Lemin. ok benno@
Revision 1.39 / (download) - annotate - [select for diffs], Tue Jun 21 21:35:25 2016 UTC (7 years, 11 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.38: +9 -1 lines
Diff to previous 1.38 (colored)
do not allow whitespace in macro names, i.e. "this is" = "a variable". change this in all config parsers in our tree that support macros. problem reported by sven falempin. feedback from henning@, stsp@, deraadt@ ok florian@ mikeb@
Revision 1.38 / (download) - annotate - [select for diffs], Sun Nov 22 13:27:13 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.37: +6 -6 lines
Diff to previous 1.37 (colored)
Update log.c: change fatal() and fatalx() into variadic functions, include the process name, and replace all calls of fatal*(NULL) with fatal(__func__) for better debugging. OK benno@
Revision 1.37 / (download) - annotate - [select for diffs], Sun Feb 8 04:50:32 2015 UTC (9 years, 3 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored)
Use AI_ADDRCONFIG when resolv hosts on startup. OK henning@
Revision 1.36 / (download) - annotate - [select for diffs], Thu Nov 20 05:51:21 2014 UTC (9 years, 6 months ago) by jsg
Branch: MAIN
Changes since 1.35: +4 -1 lines
Diff to previous 1.35 (colored)
Don't allow embedded nul characters in strings. Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
Revision 1.35 / (download) - annotate - [select for diffs], Wed Nov 19 10:19:00 2014 UTC (9 years, 6 months ago) by blambert
Branch: MAIN
Changes since 1.34: +7 -2 lines
Diff to previous 1.34 (colored)
add support for AgentX subagents in snmpd snmp requests are now packaged into pseudo-continuations to allow for being dispatched to seperate processes; lightly tested for interoperability with NetSNMP, but doesn't implement the complete set of AgentX messages while here, clean up return types of mps_get* functions, and make smi_insert refuse to insert duplicate OIDs okay benno@ reyk@
Revision 1.34 / (download) - annotate - [select for diffs], Sun Nov 16 19:07:51 2014 UTC (9 years, 6 months ago) by bluhm
Branch: MAIN
Changes since 1.33: +6 -6 lines
Diff to previous 1.33 (colored)
Convert the logic in yyerror(). Instead of creating a temporary format string, create a temporary message. OK doug@
Revision 1.33 / (download) - annotate - [select for diffs], Fri Nov 14 03:20:37 2014 UTC (9 years, 6 months ago) by doug
Branch: MAIN
Changes since 1.32: +4 -2 lines
Diff to previous 1.32 (colored)
Add gcc printf format attributes to yyerror() in parse.y files. No yyerror() calls needed to be changed. ok bluhm@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Apr 25 06:57:11 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.31: +78 -4 lines
Diff to previous 1.31 (colored)
Support running user-defined actions on receipt of snmp traps. testing sthen@ much man page guidance jmc@ ok reyk@
Revision 1.31 / (download) - annotate - [select for diffs], Thu Apr 24 08:51:08 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
fix copied text in error string ok reyk@
Revision 1.30 / (download) - annotate - [select for diffs], Mon Apr 14 12:55:10 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.29: +16 -6 lines
Diff to previous 1.29 (colored)
Make snmpd use the AgentX protcol for accepting trap requests. AgentX notifications are the only portion implemented right now; get in the tree to flesh out the remainder. ok reyk@ benno@
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jan 22 00:21:17 2014 UTC (10 years, 4 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
relax the cfg file secrecy check slightly to allow group readability default permissions and mtree NOT changed. prodded by benno, ok phessler benno jmatthew theo pelikan florian
Revision 1.28 / (download) - annotate - [select for diffs], Mon Nov 25 13:00:56 2013 UTC (10 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.27: +7 -7 lines
Diff to previous 1.27 (colored)
use u_char for buffers in yylex, for ctype calls found by millert@, ok deraadt@
Revision 1.27 / (download) - annotate - [select for diffs], Thu Oct 17 08:42:44 2013 UTC (10 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.26: +6 -6 lines
Diff to previous 1.26 (colored)
Update snmpd(8) to use the proc.c privsep style from iked and relayd. ok sthen@ deraadt@
Revision 1.26 / (download) - annotate - [select for diffs], Wed Oct 16 16:05:02 2013 UTC (10 years, 7 months ago) by blambert
Branch: MAIN
Changes since 1.25: +34 -2 lines
Diff to previous 1.25 (colored)
1) move the creation of 'restricted' communication sockets
into snmpd.conf
2) add the ability to specify an alternate 'control' socket location
3) allow for the creation of multiple 'restricted' sockets (but
only one control socket, for the time being)
Committing slightly ahead of schedule in order to clear the pipeline
for a few other upcoming changes.
ok reyk@, sthen@
Revision 1.25 / (download) - annotate - [select for diffs], Fri Mar 29 12:53:41 2013 UTC (11 years, 2 months ago) by gerhard
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.24: +6 -2 lines
Diff to previous 1.24 (colored)
Patch from Ilya Bakulin that allows to put snmpd(8) into read-only mode so that all "set" requests will be rejected. ok reyk@
Revision 1.24 / (download) - annotate - [select for diffs], Wed Mar 6 21:42:40 2013 UTC (11 years, 2 months ago) by sthen
Branch: MAIN
Changes since 1.23: +7 -4 lines
Diff to previous 1.23 (colored)
as done in ospf{,6}d/relayd, sync yyerror in various other daemons with
that from bgpd, so that it logs to syslog when daemonized.
Revision 1.23 / (download) - annotate - [select for diffs], Mon Sep 17 19:00:06 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.22: +9 -5 lines
Diff to previous 1.22 (colored)
let the debug message look like the configuration syntax
Revision 1.22 / (download) - annotate - [select for diffs], Mon Sep 17 16:43:59 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
Update copyright and my email address in snmpd while I'm here.
Revision 1.21 / (download) - annotate - [select for diffs], Mon Sep 17 16:30:34 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.20: +87 -4 lines
Diff to previous 1.20 (colored)
Add initial SNMPv3 support to snmpd(8). Traps are still sent via SNMPv2 protocol. They can neither be authenticated nor encrypted. - Transport mode is still UDP. Not additional transport subsystems were added. - Only the User-based Security Model (USM, RFC3414) is supported. View-Based Access Control (VACM, RFC3415) is not included. - Configuration is described in snmpd.conf(5). This diff includes a few minor changes to ber.c/h adding a necessary callback for the USM HMAC calculation and merging it with other minor changes from ldapd's ber code. From Gerhard Roth at genua ok claudio@ reyk@
Revision 1.20 / (download) - annotate - [select for diffs], Thu Apr 21 14:55:22 2011 UTC (13 years, 1 month ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.19: +28 -3 lines
Diff to previous 1.19 (colored)
Add a "filter-routes" option; when set, snmpd asks the kernel not to send route updates. If you aren't interested in examining routing tables over SNMP (e.g. if you only use it for sensors or interface stats) this reduces cpu use during heavy route updates. Makes my full-table bgp routers happier when a major peer bounces. ok reyk@
Revision 1.19 / (download) - annotate - [select for diffs], Mon Oct 18 13:29:49 2010 UTC (13 years, 7 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
Missing ; to appease yyextract, ok martinh@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Aug 3 18:42:41 2010 UTC (13 years, 10 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.17: +4 -3 lines
Diff to previous 1.17 (colored)
fix linecount bug with comments spanning multiple lines problem reported with the obvious fix for bgpd by Sebastian Benoit <benoit-lists at fb12.de>, also PR 6432 applied to all the others by yours truly. ok theo isn't it amazing how far this parser (and more) spread?
Revision 1.17 / (download) - annotate - [select for diffs], Tue Mar 31 21:03:49 2009 UTC (15 years, 2 months ago) by tobias
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.16: +7 -3 lines
Diff to previous 1.16 (colored)
Fixed memory leaks which would occur if the second of two memory allocations fails. looks right deraadt, krw ok henning
Revision 1.16 / (download) - annotate - [select for diffs], Fri Oct 17 13:02:55 2008 UTC (15 years, 7 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.15: +5 -3 lines
Diff to previous 1.15 (colored)
bring in the findeol() fix from pfctl. list of affected parsers by sthen
Revision 1.15 / (download) - annotate - [select for diffs], Fri Jul 18 12:35:27 2008 UTC (15 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.14: +22 -14 lines
Diff to previous 1.14 (colored)
merge host_v6 with relayd's version to use getaddrinfo instead of inet_pton. host_v4, host_v6, and host_dns could be merged into one function using getaddrinfo but i keep it in multiple functions to keep it in sync with the other daemons using this common code.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Feb 27 15:12:10 2008 UTC (16 years, 3 months ago) by mpf
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)
Unbreak parser by initializing topfile correctly. I got fooled by patch(1). Sorry. Found by and OK thib@.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Feb 27 10:30:11 2008 UTC (16 years, 3 months ago) by mpf
Branch: MAIN
Changes since 1.12: +13 -13 lines
Diff to previous 1.12 (colored)
Have popfile() also close the main config file, but only do the final popfile call after yyparse() is done. This also fixes config reload on SIGHUP for some daemons. Spotted by otto@. OK deraadt@
Revision 1.12 / (download) - annotate - [select for diffs], Tue Feb 26 20:06:14 2008 UTC (16 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.11: +6 -1 lines
Diff to previous 1.11 (colored)
Fix memory leak in the parser. Found by Matthew Dempsky but using the more common way to clear the TAILQ. OK thib@
Revision 1.11 / (download) - annotate - [select for diffs], Wed Jan 30 10:12:45 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
spacing
Revision 1.10 / (download) - annotate - [select for diffs], Thu Jan 17 17:35:06 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.9: +35 -23 lines
Diff to previous 1.9 (colored)
allow to configure optional per trap receiver communities and to restrict the receivers to a specified mib.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jan 16 19:36:06 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.8: +35 -4 lines
Diff to previous 1.8 (colored)
implementation of the SNMP trap sender interface
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jan 16 09:51:15 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
bump copyright
Revision 1.7 / (download) - annotate - [select for diffs], Fri Dec 28 17:36:55 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
set the default port in host byte order to get the correct result
Revision 1.6 / (download) - annotate - [select for diffs], Fri Dec 28 16:59:31 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
split code handling the "structure of management information" and the "message processing subsystem" into separate files smi.c and mps.c
Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 28 15:33:37 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
spacing
Revision 1.4 / (download) - annotate - [select for diffs], Fri Dec 28 15:32:02 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.3: +7 -7 lines
Diff to previous 1.3 (colored)
use the snmp camelCase for MIB definitions, this allows to simplify the code a bit and is mostly a stylistic change.
Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 7 10:22:38 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.2: +1 -12 lines
Diff to previous 1.2 (colored)
remove unreduced rules
Revision 1.2 / (download) - annotate - [select for diffs], Wed Dec 5 22:57:02 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
re-sync yylex to the other parsers found by deraadt@
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 5 09:22:44 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Start working on snmpd(8) and snmpctl(8), a lightweight SNMP implementation for OpenBSD. SNMP is a necessary evil. This is work in progress, don't expect too much from it yet. ok deraadt@