![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / snmpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.95 / (download) - annotate - [select for diffs], Tue May 21 05:00:48 2024 UTC (2 weeks, 6 days ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.94: +1 -2 lines
Diff to previous 1.94 (colored)
remove prototypes with no matching function and externs with no var partly checked by millert@
Revision 1.94 / (download) - annotate - [select for diffs], Tue Jan 16 13:33:13 2024 UTC (4 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)
Convert to imsg_get_fd() and remove unused proc_forward_imsg(). OK martijn@
Revision 1.93 / (download) - annotate - [select for diffs], Thu Dec 21 12:43:31 2023 UTC (5 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.92: +10 -10 lines
Diff to previous 1.92 (colored)
Clean up snmpd's header situation. With the help of tb@ and include-what-you-use. OK tb@
Revision 1.92 / (download) - annotate - [select for diffs], Mon Nov 20 10:32:45 2023 UTC (6 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.91: +1 -2 lines
Diff to previous 1.91 (colored)
In snmpe_writecb, don't call snmpe_prepare_read() when there's still data left inside sm_data. If there's an incomplete packet left in the buffer it will be called from snmpe_tryparse, if there's a complete packet left we can end up with new events from the tcp socket, which the tcp subsystem isn't prepared to handle. OK tb@
Revision 1.91 / (download) - annotate - [select for diffs], Sun Nov 12 19:59:56 2023 UTC (6 months, 4 weeks ago) by martijn
Branch: MAIN
Changes since 1.90: +1 -12 lines
Diff to previous 1.90 (colored)
Printing all known objects inside smi when build with -DDEBUG has no benefit. Remove it and the last consumer of smi_foreach(). OK tb@
Revision 1.90 / (download) - annotate - [select for diffs], Wed Nov 8 20:07:14 2023 UTC (7 months ago) by martijn
Branch: MAIN
Changes since 1.89: +1 -3 lines
Diff to previous 1.89 (colored)
Let usm_make_report() utilize appl_report(). usm_make_report utilized mps_getstr(), which after moving the SNMPv2-SMI::snmpV2 into application_internal returned a noSuchObject. This doesn't seem to have broken any tools that I'm aware of, but this returns the correct result. OK tb@
Revision 1.89 / (download) - annotate - [select for diffs], Wed Nov 8 19:50:24 2023 UTC (7 months ago) by martijn
Branch: MAIN
Changes since 1.88: +1 -2 lines
Diff to previous 1.88 (colored)
On second thought let's not overwrite sm_pdutype with a hardcoded value after just setting it, it's a silly idea. OK tb@
Revision 1.88 / (download) - annotate - [select for diffs], Wed Mar 8 04:43:15 2023 UTC (15 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.87: +1 -2 lines
Diff to previous 1.87 (colored)
Delete obsolete /* ARGSUSED */ lint comments. ok miod@ millert@
Revision 1.87 / (download) - annotate - [select for diffs], Tue Dec 20 20:06:47 2022 UTC (17 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.86: +10 -2 lines
Diff to previous 1.86 (colored)
Apply proper bounds checking to non-repeaters and max-repetitions. OK sthen@, kn@
Revision 1.86 / (download) - annotate - [select for diffs], Tue Dec 20 19:53:33 2022 UTC (17 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.85: +3 -3 lines
Diff to previous 1.85 (colored)
When writing a message out over tcp that's too large to fit in a single write(2), make sure that we don't restart the message on the next write out, but continue where we left of. OK sthen@, kn@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Oct 6 14:41:08 2022 UTC (20 months ago) by martijn
Branch: MAIN
Changes since 1.84: +1 -117 lines
Diff to previous 1.84 (colored)
Remove a lot of old (dead) code that's either been superseded, or moved to snmpd_metrics. OK benno@ sthen@
Revision 1.84 / (download) - annotate - [select for diffs], Thu Sep 1 14:34:17 2022 UTC (21 months, 1 week ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.83: +23 -4 lines
Diff to previous 1.83 (colored)
Add privilege separation to snmpd. This uses the just imported snmpd_metrics as a new (agentx-based) backend. Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions registered by these binaries as authorative, so that no other agentx backends can overwrite them. The snmpe process is now pledged "stdio recvfd inet unix". This removes quite a few entries from the sysORTable, but the current entries are non-compliant anyway and should be completely revisisted at a later time. Reduces the time for a full walk by about a factor of 4, bringing us close to the original speed before application.c was introduced. General design discussed with claudio@ Tested by and OK sthen Release build test and OK tb@
Revision 1.83 / (download) - annotate - [select for diffs], Tue Aug 23 08:56:21 2022 UTC (21 months, 2 weeks ago) by martijn
Branch: MAIN
Changes since 1.82: +7 -1 lines
Diff to previous 1.82 (colored)
(Re)add support for agentx in snmpd Current omissions in protocol support are notifications, index (de)allocation, and agent capabilities. Help testing sthen@ Feedback/tweaks/OK jmatthew@
Revision 1.82 / (download) - annotate - [select for diffs], Wed Jan 19 11:00:56 2022 UTC (2 years, 4 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.81: +17 -2 lines
Diff to previous 1.81 (colored)
Hook up the new application layer. OK jmatthew@ tested as part of larger diff by sthen@ and Joel Carnat
Revision 1.81 / (download) - annotate - [select for diffs], Wed Jan 19 10:36:35 2022 UTC (2 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.80: +15 -1 lines
Diff to previous 1.80 (colored)
Implement snmpe_send to allow to allow the new application layer to send messages through the current transport mapping code. OK jmatthew@ tested as part of larger diff by sthen@ and Joel Carnat
Revision 1.80 / (download) - annotate - [select for diffs], Wed Jan 19 10:28:13 2022 UTC (2 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.79: +6 -1 lines
Diff to previous 1.79 (colored)
Make sure that we ASN1 verify the varbindlist as soon as we unpack it. OK jmatthew@ tested as part of larger diff by sthen@ and Joel Carnat
Revision 1.79 / (download) - annotate - [select for diffs], Wed Jan 19 10:22:48 2022 UTC (2 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.78: +2 -3 lines
Diff to previous 1.78 (colored)
Move some snmpe.c functions to their own header. These functions are needed from the new application layer and don't really belong in snmpd.h. OK jmatthew@ tested as part of larger diff by sthen@ and Joel Carnat
Revision 1.78 / (download) - annotate - [select for diffs], Thu Oct 21 14:33:13 2021 UTC (2 years, 7 months ago) by martijn
Branch: MAIN
Changes since 1.77: +4 -4 lines
Diff to previous 1.77 (colored)
s/SNMP_C_GETRESP/SNMP_C_RESPONSE OK sthen@
Revision 1.77 / (download) - annotate - [select for diffs], Thu Oct 21 08:21:43 2021 UTC (2 years, 7 months ago) by martijn
Branch: MAIN
Changes since 1.76: +7 -4 lines
Diff to previous 1.76 (colored)
Retrieve the actual engineid instead of a pointer value. OK tb@
Revision 1.76 / (download) - annotate - [select for diffs], Mon Sep 6 13:32:18 2021 UTC (2 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)
repair missing paths on unveil failure
Revision 1.75 / (download) - annotate - [select for diffs], Thu Sep 2 05:41:02 2021 UTC (2 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.74: +2 -3 lines
Diff to previous 1.74 (colored)
Allow snmpd(8) to send SNMPv3 traps. OK jmatthew@
Revision 1.74 / (download) - annotate - [select for diffs], Mon Aug 9 18:14:53 2021 UTC (2 years, 10 months ago) by martijn
Branch: MAIN
Changes since 1.73: +4 -1 lines
Diff to previous 1.73 (colored)
Allow setting the engineid. The previous engineid was based aronud the engine boottime and a random value, which gives problems when sending/receiving unacknowledged PDUs (trapv2) over SNMPv3 with authentication enabled, which need a consistent engineid across restarts to determine the correct user from the sender. The new default engineid takes a sha256 hash (chosen for its longer output) of gethostname(3) and places the first 27 bytes after the new format number 129. This should give us a very low probability of collisions, assuming all machines have a unique name. The other formats as specified in SNMP-FRAMEWORK-MIB (RFC3411) are also supported as well as arbitrary formats in the range 128-255 for other private enterprise numbers in hex format. OK jmatthew@
Revision 1.73 / (download) - annotate - [select for diffs], Sun Aug 1 11:36:48 2021 UTC (2 years, 10 months ago) by martijn
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)
Allow trapv2 packages to be submitted over SNMPv3. This is a type-O that snuck in when merging traphandler into snmpe. OK jmatthew@
Revision 1.72 / (download) - annotate - [select for diffs], Sun Jun 20 19:55:48 2021 UTC (2 years, 11 months ago) by martijn
Branch: MAIN
Changes since 1.71: +27 -20 lines
Diff to previous 1.71 (colored)
Tighten default security for snmpd(8). This is done by doing several things: - Only allow SNMPv3 by default. SNMPv1 and SNMPv2c can be enabled by setting the new snmpv* flags on the "liston on" statements. - Remove the default community names. They're not secure to use. - Change the default seclevel to enc. Initial idea, help from and OK sthen@
Revision 1.71 / (download) - annotate - [select for diffs], Thu May 20 08:53:12 2021 UTC (3 years ago) by martijn
Branch: MAIN
Changes since 1.70: +52 -28 lines
Diff to previous 1.70 (colored)
Rename context to pdutype. This is in line with the naming schema from the RFCs. While here remove a duplicate sm_type that snuck in during traphandler merger and use human readable names in debug log entries from packages. OK jan@
Revision 1.70 / (download) - annotate - [select for diffs], Mon Feb 22 11:31:09 2021 UTC (3 years, 3 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.69: +6 -6 lines
Diff to previous 1.69 (colored)
Make use of the new '$' feature of ober_scanf_elements to enforce stricter ASN.1 verification. OK claudio@
Revision 1.69 / (download) - annotate - [select for diffs], Fri Feb 5 10:30:45 2021 UTC (3 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.68: +19 -1 lines
Diff to previous 1.68 (colored)
Introduce a transaction id. This is currently mostly a dummy-variable, but will later on be needed for when we reintroduce agentx master support. feedback and OK dlg@, rob@
Revision 1.68 / (download) - annotate - [select for diffs], Fri Jan 22 06:33:27 2021 UTC (3 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.67: +69 -20 lines
Diff to previous 1.67 (colored)
Remove the traphandler process, which was nothing more then a sham. It did nothing more then receive a message over UDP, do some basic ber and ASN.1 parsing and forward the packet to the parent process. snmpe can do/does the same thing but with a far more thorough ASN.1 validation. Because we move trap receiving to snmpe we get trap over tcp for free. However, to make sure that a normal snmp port doesn't automatically start handling traps a new set of "listen on" flags are introduced: read, write, and notify. To enable trap handling either let snmpd listen on port 162 without flags, or add the notify flag. Only a flag without port results in listening on port 162. To keep current behaviour copy all UDP-based "listen on" lines without port and add the notify keyword: listen on 127.0.0.1 port 666 becomes listen on 127.0.0.1 port 666 listen on 127.0.0.1 notify This change also enforces snmpd to honor trap community on receiving a trap, where previously no community was checked before handling a packet. OK denis@, rob@
Revision 1.67 / (download) - annotate - [select for diffs], Sun Sep 6 17:29:35 2020 UTC (3 years, 9 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.66: +2 -14 lines
Diff to previous 1.66 (colored)
Remove snmpe_dispatch_parent. It's an empty stub and proc.c will put implement proc_dispatch_null if not set, which does the exact same thing. OK denis@
Revision 1.66 / (download) - annotate - [select for diffs], Sun Sep 6 15:51:28 2020 UTC (3 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.65: +6 -7 lines
Diff to previous 1.65 (colored)
Split "trap receiver" into its own trap_address struct and clean up the code surrounding this struct and struct address. No functional change intended, except that trap receiver's source-address may now be a resolvable hostname. Tweaks and OK jan@
Revision 1.65 / (download) - annotate - [select for diffs], Sun Aug 23 07:39:57 2020 UTC (3 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.64: +23 -29 lines
Diff to previous 1.64 (colored)
Merge listen_sock into address, since there's a 1:1 correlation. Save some overhead and 18LoC. OK jan@
Revision 1.64 / (download) - annotate - [select for diffs], Mon Aug 17 15:48:28 2020 UTC (3 years, 9 months ago) by martijn
Branch: MAIN
Changes since 1.63: +2 -4 lines
Diff to previous 1.63 (colored)
Previous commit broke two things: 1) Bulkget broke because mps_getbulkreq doesn't exactly do what it says on the tin, so use it how it works for now. 2) A break statement got left behind resulting in only a single varbind being answered. Reported and tested by sthen@
Revision 1.63 / (download) - annotate - [select for diffs], Sat Aug 8 13:39:57 2020 UTC (3 years, 10 months ago) by martijn
Branch: MAIN
Changes since 1.62: +89 -101 lines
Diff to previous 1.62 (colored)
Greatly simplify snmpe_parsevarbinds.
except for some minor changes in the handling of snmp_intotal{req,set}vars
no functional changes intended.
OK jan@
Revision 1.62 / (download) - annotate - [select for diffs], Sat May 2 14:22:31 2020 UTC (4 years, 1 month ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.61: +5 -3 lines
Diff to previous 1.61 (colored)
If read-write is set to disabled, also disable reading with the private community. Issue reported by Steven Surdock ssurdock <at> engineered-net <dot> com OK deraadt@ claudio@ sthen@
Revision 1.61 / (download) - annotate - [select for diffs], Fri Feb 14 15:08:46 2020 UTC (4 years, 3 months ago) by martijn
Branch: MAIN
Changes since 1.60: +3 -1 lines
Diff to previous 1.60 (colored)
Don't log a generr in stats when there is no error. OK gerhard@
Revision 1.59.2.1 / (download) - annotate - [select for diffs], Sun Oct 27 20:05:13 2019 UTC (4 years, 7 months ago) by tb
Branch: OPENBSD_6_6
Changes since 1.59: +36 -36 lines
Diff to previous 1.59 (colored) next main 1.60 (colored)
The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt OpenBSD 6.6 errata 002
Revision 1.60 / (download) - annotate - [select for diffs], Thu Oct 24 12:39:27 2019 UTC (4 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.59: +36 -36 lines
Diff to previous 1.59 (colored)
The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. Problem diagnosed by jmatthew with ber_free() in samba, but there are many others as pointed out by sthen. tests & ok rob ok sthen (who had an almost identical diff for libutil) "go head hit it" deraadt
Revision 1.59 / (download) - annotate - [select for diffs], Thu Aug 8 16:50:52 2019 UTC (4 years, 10 months ago) by mestre
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE
Branch point for: OPENBSD_6_6
Changes since 1.58: +2 -1 lines
Diff to previous 1.58 (colored)
added /* no filesystem visibility */ above unveil("/", "") since "" is too easy
to misread.
as per suggestion by and OK deraadt@
Revision 1.58 / (download) - annotate - [select for diffs], Mon May 13 07:24:50 2019 UTC (5 years, 1 month ago) by martijn
Branch: MAIN
Changes since 1.57: +4 -4 lines
Diff to previous 1.57 (colored)
According to RFC3414 section 4 applications should be able to discover the snmpEngineID by sending a noAuthNoPriv request. Move the seclevel check to after the usm_decode phase, so we can reply with the mandatory usmStatsUnknownEngineIDs instead of usmStatsUnsupportedSecLevels. This brings us one step closer to using p5-Net-SNMP with seclevel enc. OK tb@, rob@
Revision 1.57 / (download) - annotate - [select for diffs], Mon Apr 29 16:04:05 2019 UTC (5 years, 1 month ago) by rob
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)
Remove unnecessary end-of-contents octets. ok claudio@
Revision 1.56 / (download) - annotate - [select for diffs], Tue Nov 13 07:29:07 2018 UTC (5 years, 6 months ago) by mestre
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.55: +1 -9 lines
Diff to previous 1.55 (colored)
Remove #if'ed 0 code around a broken pledge. Due to some ioctls and sysctls pledge cannot be used, nevertheless since we now have unveil available we can use it to guarantee that in this particular case the snmpe process cannot access the filesystem at all, therefore close a big attack vector and achieve a great level of protection even without being able to use pledge. prodded by deraadt@
Revision 1.55 / (download) - annotate - [select for diffs], Mon Nov 5 11:59:05 2018 UTC (5 years, 7 months ago) by mestre
Branch: MAIN
Changes since 1.54: +5 -1 lines
Diff to previous 1.54 (colored)
snmpd(8)'s main process needs to open the config file and /dev/pf both with
read permissions, but once it reaches pledge(2) just before the main loop both
were already opened. Since snmpd(8) doesn't have a way to load or reload the
config file, not even through SIGHUP, then rpath promise is not needed.
The snmpe process cannot yet be pledged, but it doesn't need fs access so we
can disable the access through unveil("/", ""); unveil(NULL, NULL);
"looks right" to deraadt@
Revision 1.54 / (download) - annotate - [select for diffs], Tue Jul 31 11:01:29 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Make ber type and encoding a unsigned int instead of unsigned long. This way the size is the same on all archs and 32bit should be good enough. OK rob@
Revision 1.53 / (download) - annotate - [select for diffs], Tue Jul 24 01:31:20 2018 UTC (5 years, 10 months ago) by rob
Branch: MAIN
Changes since 1.52: +1 -3 lines
Diff to previous 1.52 (colored)
Remove defunct prototype leftover from previous code cleanup. ok tb@, claudio@
Revision 1.52 / (download) - annotate - [select for diffs], Sun Apr 15 11:57:29 2018 UTC (6 years, 1 month ago) by mpf
Branch: MAIN
Changes since 1.51: +244 -29 lines
Diff to previous 1.51 (colored)
Add TCP support to snmpd. This implements RFC 3430, with the exception of processing multiple incoming requests in parallel (Section 2.1). This required too much code and is optional anyway. Initial review by reyk@, very thorough reviews by jca@. Thanks! OK jca@, gerhard@
Revision 1.51 / (download) - annotate - [select for diffs], Thu Feb 8 18:02:06 2018 UTC (6 years, 4 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)
Kill ber.c support for direct fd read/writes This mechanism is already unused and annotated with lots of XXX's, no need to keep it around. ok claudio@
Revision 1.50 / (download) - annotate - [select for diffs], Sat Aug 12 16:31:09 2017 UTC (6 years, 10 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
Make not yet implemented pledges more visible in grep output. input benno, deraadt, tedu also standardize on #if 0 since it makes tedu's editor vomit. OK benno, pirofti on a previous version
Revision 1.49 / (download) - annotate - [select for diffs], Sat Aug 12 04:29:57 2017 UTC (6 years, 10 months ago) by rob
Branch: MAIN
Changes since 1.48: +10 -1 lines
Diff to previous 1.48 (colored)
Initial pledge for snmpd. snmpe remains unpledged. Regression tests pass. Ok benno@, jca@.
Revision 1.48 / (download) - annotate - [select for diffs], Thu Jul 27 14:04:16 2017 UTC (6 years, 10 months ago) by gerhard
Branch: MAIN
Changes since 1.47: +5 -2 lines
Diff to previous 1.47 (colored)
Heed the non-repeaters of GetBulkRequests and make sure to set error-status and error-index to zero in the response PDU. ok sthen@
Revision 1.47 / (download) - annotate - [select for diffs], Fri Apr 21 13:50:23 2017 UTC (7 years, 1 month ago) by jca
Branch: MAIN
Changes since 1.46: +9 -8 lines
Diff to previous 1.46 (colored)
Repair AgentX support. which I broke when adding support for multiple listen address. SNMP data should be sent to the client using the appropriate socket, which we now store when we receive the query. Reported & fix tested by Rivo Nurges.
Revision 1.46 / (download) - annotate - [select for diffs], Fri Nov 18 16:16:39 2016 UTC (7 years, 6 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.45: +22 -13 lines
Diff to previous 1.45 (colored)
Add support for multiple listening sockets One can now specify multiple "listen on" statements. The default is to listen on 0.0.0.0 and ::, which means better handling of dual-stack setups. ok sthen@ on a previous version, input and ok reyk@.
Revision 1.45 / (download) - annotate - [select for diffs], Wed Nov 9 20:31:56 2016 UTC (7 years, 7 months ago) by jca
Branch: MAIN
Changes since 1.44: +28 -6 lines
Diff to previous 1.44 (colored)
Improve source IP address handling. - send replies using a source address equal to the destination address of queries, using IP_SENDSRCADDR. This help in multihomed setups and can remove the need to explicitely configure a bind address. - config knob to set the source address of packets sent to trap receivers. "trap receiver" gains an optional "source-address" setting. Source address issues reported by Andy Lemin. ok benno@
Revision 1.44 / (download) - annotate - [select for diffs], Fri Oct 28 09:07:08 2016 UTC (7 years, 7 months ago) by rzalamena
Branch: MAIN
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
Sync snmpd(8) with other daemons proc.c and teach him how to fork+exec. ok jca@, reyk@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Oct 28 08:01:53 2016 UTC (7 years, 7 months ago) by rzalamena
Branch: MAIN
Changes since 1.42: +13 -11 lines
Diff to previous 1.42 (colored)
Use snmpd_env as the only global variable for env to simplify the daemon and avoid problems. ok jca@
Revision 1.42 / (download) - annotate - [select for diffs], Tue Aug 16 18:41:57 2016 UTC (7 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.41: +1 -2 lines
Diff to previous 1.41 (colored)
stop including sys/param.h for nitems. define locally as needed. ok natano reyk
Revision 1.41 / (download) - annotate - [select for diffs], Thu Oct 8 08:17:30 2015 UTC (8 years, 8 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.40: +7 -3 lines
Diff to previous 1.40 (colored)
Link the result of each mps_getbulkreq() to the end of the previous list and not the start of it. Fixes getbulk requests for multiple OIDs. From Gerhard Roth, ok blambert@
Revision 1.40 / (download) - annotate - [select for diffs], Fri Jan 16 00:05:13 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
first batch of cleanup to programs based upon the namespace cleanups in net/pfvar.h sys/proc.h sys/ucred.h arpa/nameser.h change to PATH_MAX, reduce use of MIN() and MAX(), HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc etc ok millert guenther, some review by doug
Revision 1.39 / (download) - annotate - [select for diffs], Wed Nov 19 10:19:00 2014 UTC (9 years, 6 months ago) by blambert
Branch: MAIN
Changes since 1.38: +193 -134 lines
Diff to previous 1.38 (colored)
add support for AgentX subagents in snmpd snmp requests are now packaged into pseudo-continuations to allow for being dispatched to seperate processes; lightly tested for interoperability with NetSNMP, but doesn't implement the complete set of AgentX messages while here, clean up return types of mps_get* functions, and make smi_insert refuse to insert duplicate OIDs okay benno@ reyk@
Revision 1.38 / (download) - annotate - [select for diffs], Mon Apr 21 19:47:27 2014 UTC (10 years, 1 month ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.37: +4 -4 lines
Diff to previous 1.37 (colored)
Copy the updated proc.c from relayd to use the same file. Adjust snmpd accordingly. ok sthen@
Revision 1.37 / (download) - annotate - [select for diffs], Thu Oct 17 08:42:44 2013 UTC (10 years, 7 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.36: +29 -147 lines
Diff to previous 1.36 (colored)
Update snmpd(8) to use the proc.c privsep style from iked and relayd. ok sthen@ deraadt@
Revision 1.36 / (download) - annotate - [select for diffs], Wed Oct 16 16:05:03 2013 UTC (10 years, 7 months ago) by blambert
Branch: MAIN
Changes since 1.35: +12 -9 lines
Diff to previous 1.35 (colored)
1) move the creation of 'restricted' communication sockets
into snmpd.conf
2) add the ability to specify an alternate 'control' socket location
3) allow for the creation of multiple 'restricted' sockets (but
only one control socket, for the time being)
Committing slightly ahead of schedule in order to clear the pipeline
for a few other upcoming changes.
ok reyk@, sthen@
Revision 1.35 / (download) - annotate - [select for diffs], Tue Oct 1 12:41:48 2013 UTC (10 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
Add initial SNMP client utility to snmpctl(8). For example, snmpctl snmp walk 127.0.0.1 commit it deraadt@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Sep 26 09:11:30 2013 UTC (10 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.33: +4 -232 lines
Diff to previous 1.33 (colored)
shuffle some snmpd functions to make them visible in smi.c for snmpctl. ok gerhard@ blambert@
Revision 1.33 / (download) - annotate - [select for diffs], Fri Mar 29 12:53:41 2013 UTC (11 years, 2 months ago) by gerhard
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.32: +3 -2 lines
Diff to previous 1.32 (colored)
Patch from Ilya Bakulin that allows to put snmpd(8) into read-only mode so that all "set" requests will be rejected. ok reyk@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Nov 29 14:53:24 2012 UTC (11 years, 6 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.31: +2 -1 lines
Diff to previous 1.31 (colored)
Wrong argument was passed to control_dispatch_imsg(). Use always (struct imsgev *)->data for the argument of imsgev handlers. ok reyk
Revision 1.31 / (download) - annotate - [select for diffs], Tue Sep 18 08:29:09 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
knf
Revision 1.30 / (download) - annotate - [select for diffs], Mon Sep 17 16:43:59 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
Update copyright and my email address in snmpd while I'm here.
Revision 1.29 / (download) - annotate - [select for diffs], Mon Sep 17 16:30:35 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.28: +143 -44 lines
Diff to previous 1.28 (colored)
Add initial SNMPv3 support to snmpd(8). Traps are still sent via SNMPv2 protocol. They can neither be authenticated nor encrypted. - Transport mode is still UDP. Not additional transport subsystems were added. - Only the User-based Security Model (USM, RFC3414) is supported. View-Based Access Control (VACM, RFC3415) is not included. - Configuration is described in snmpd.conf(5). This diff includes a few minor changes to ber.c/h adding a necessary callback for the USM HMAC calculation and merging it with other minor changes from ldapd's ber code. From Gerhard Roth at genua ok claudio@ reyk@
Revision 1.28 / (download) - annotate - [select for diffs], Mon Sep 20 12:32:41 2010 UTC (13 years, 8 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.27: +10 -4 lines
Diff to previous 1.27 (colored)
Use strvis to encode octet strings in -DDEBUG mode. Makes my terminal happier when debugging.
Revision 1.27 / (download) - annotate - [select for diffs], Mon Sep 20 08:56:16 2010 UTC (13 years, 8 months ago) by martinh
Branch: MAIN
Changes since 1.26: +3 -2 lines
Diff to previous 1.26 (colored)
Return error on GET requests without an instance identifier, both for tables and scalar values. Fixes system/6468 by not calling table get functions with an unexpectedly short OID. Also fixes system/6071. Scalar variables without an instance specified now returns a noSuchInstance error. GetNext requests correctly returns the .0 instance. This means you can no longer rely on $ snmpget -v2c -c public localhost SNMPv2-MIB::sysDescr returning the .0 instance. You need to specify it explicitly: $ snmpget -v2c -c public localhost SNMPv2-MIB::sysDescr.0 Also return proper SNMPv2 errors per varbind instead of a noSuchName error status, unless SNMPv1 was specified in the request. An earlier version of this diff tested by Remi Laurent, thanks.
Revision 1.26 / (download) - annotate - [select for diffs], Mon Sep 20 08:33:18 2010 UTC (13 years, 8 months ago) by martinh
Branch: MAIN
Changes since 1.25: +3 -2 lines
Diff to previous 1.25 (colored)
ber_scanf_elements "i" format expects a long long pointer.
Revision 1.25 / (download) - annotate - [select for diffs], Wed Dec 16 22:17:53 2009 UTC (14 years, 5 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
knf and unused variables
Revision 1.24 / (download) - annotate - [select for diffs], Sat Jun 6 05:52:01 2009 UTC (15 years ago) by pyr
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.23: +15 -12 lines
Diff to previous 1.23 (colored)
sync snmpd with the common imsg code, making it lib ready as well. ok eric@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Dec 8 11:34:55 2008 UTC (15 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)
report memory and swap in hrStorage, and implement hrProcessor to report hrProcessorLoad (where load means the percentage of time the system was not idle during the last minute). based on HOST-RESOURCES-MIB. ok dlg@
Revision 1.22 / (download) - annotate - [select for diffs], Fri Dec 5 12:34:01 2008 UTC (15 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.21: +3 -2 lines
Diff to previous 1.21 (colored)
fix a possible crash in debugging mode (if compiled for with -DDEBUG) found by Alexander Sabourenkov
Revision 1.21 / (download) - annotate - [select for diffs], Fri Sep 26 15:19:55 2008 UTC (15 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.20: +7 -3 lines
Diff to previous 1.20 (colored)
allow to add an additional restricted control socket for trap sending only (not even show commands). this allows to place a socket for traps in another daemon's chroot. (based on restricted socket support from bgpd)
Revision 1.20 / (download) - annotate - [select for diffs], Wed Sep 3 13:41:49 2008 UTC (15 years, 9 months ago) by jsg
Branch: MAIN
Changes since 1.19: +2 -1 lines
Diff to previous 1.19 (colored)
Missing breaks. ok pyr@
Revision 1.19 / (download) - annotate - [select for diffs], Fri Jul 18 12:30:06 2008 UTC (15 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.18: +4 -4 lines
Diff to previous 1.18 (colored)
merge log_host with relayd's version using getnameinfo and rename it to print_host.
Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 12 14:11:52 2008 UTC (16 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.17: +28 -26 lines
Diff to previous 1.17 (colored)
mostly stylistic - always print the client host name in snmpe error messages and make sure that the host string is initialized.
Revision 1.17 / (download) - annotate - [select for diffs], Wed Mar 12 13:12:42 2008 UTC (16 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.16: +4 -4 lines
Diff to previous 1.16 (colored)
if (class != BER_CLASS_UNIVERSAL || type != BER_TYPE_SEQUENCE) not if (class != BER_CLASS_UNIVERSAL && type != BER_TYPE_SEQUENCE) the class and type need to be of correct. OK reyk@
Revision 1.16 / (download) - annotate - [select for diffs], Sat Feb 9 13:03:01 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.15: +3 -2 lines
Diff to previous 1.15 (colored)
fix a memleak in the snmp engine and the ber i/o; free the dynamically allocated ber write buffer after using it. extend the ber api with a ber_free() function to do the required cleanup. Thanks to Will Backman (bitgeist at yahoo dot com) for testing and for figuring out that there was a memleak.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jan 16 21:43:19 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.14: +2 -1 lines
Diff to previous 1.14 (colored)
send a coldStart trap to registered receivers on startup and cleanup the trap code a little bit.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jan 16 19:36:06 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.13: +8 -33 lines
Diff to previous 1.13 (colored)
implementation of the SNMP trap sender interface
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jan 16 09:51:15 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
bump copyright
Revision 1.12 / (download) - annotate - [select for diffs], Wed Jan 16 09:42:29 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.11: +1 -153 lines
Diff to previous 1.11 (colored)
move trap code to an own file; there will be more
Revision 1.11 / (download) - annotate - [select for diffs], Wed Jan 16 09:36:30 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.10: +153 -1 lines
Diff to previous 1.10 (colored)
start working on an interface to send traps via snmpd.sock. userland applications will be able to send imsgs defining the trap to snmpd and the daemon will do the ASN.1/BER encoding before sending traps to the registered receivers. there are two advantages of this approach that a) the applications do not need to handle any ASN.1/BER encoding and b) snmpd will provide a central interface to define trap receivers. discussed with thib and others
Revision 1.10 / (download) - annotate - [select for diffs], Sat Jan 12 13:57:43 2008 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.9: +10 -10 lines
Diff to previous 1.9 (colored)
unbreak DEBUG code
Revision 1.9 / (download) - annotate - [select for diffs], Fri Jan 11 12:12:14 2008 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.8: +15 -15 lines
Diff to previous 1.8 (colored)
rename snmp context type enum elements
Revision 1.8 / (download) - annotate - [select for diffs], Thu Jan 3 15:32:48 2008 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
send the correct length
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jan 3 15:03:47 2008 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.6: +7 -3 lines
Diff to previous 1.6 (colored)
handle no more than 2147483647 (0x7fffffff) variable bindings From RFC3416
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jan 3 14:24:15 2008 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.5: +4 -5 lines
Diff to previous 1.5 (colored)
fix parsing of get* requests with multiple varbind elements
Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 28 16:59:31 2007 UTC (16 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.4: +5 -5 lines
Diff to previous 1.4 (colored)
split code handling the "structure of management information" and the "message processing subsystem" into separate files smi.c and mps.c
Revision 1.4 / (download) - annotate - [select for diffs], Thu Dec 27 20:39:32 2007 UTC (16 years, 5 months ago) by maja
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
Make a snmpwalk against snmpd on hppa and macppc work. armish still dont work. -moj
Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 7 09:50:51 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.2: +4 -16 lines
Diff to previous 1.2 (colored)
add a new 'd' format to ber_printf_elements to pass ints instead of long longs; you have to pass the right type with vargs. this finally fixes the previous problem on i386. discussed with claudio
Revision 1.2 / (download) - annotate - [select for diffs], Fri Dec 7 09:18:00 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.1: +14 -2 lines
Diff to previous 1.1 (colored)
unbreak snmpd on 32bit archs like i386
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 5 09:22:44 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Start working on snmpd(8) and snmpctl(8), a lightweight SNMP implementation for OpenBSD. SNMP is a necessary evil. This is work in progress, don't expect too much from it yet. ok deraadt@