4
* SNMPv3 View-based Access Control Model
14
#define VACM_SUCCESS 0
15
#define VACM_NOSECNAME 1
16
#define VACM_NOGROUP 2
17
#define VACM_NOACCESS 3
19
#define VACM_NOTINVIEW 5
20
#define VACM_NOSUCHCONTEXT 6
21
#define VACM_SUBTREE_UNKNOWN 7
23
#define SECURITYMODEL 1
24
#define SECURITYNAME 2
25
#define SECURITYGROUP 3
26
#define SECURITYSTORAGE 4
27
#define SECURITYSTATUS 5
29
#define ACCESSPREFIX 1
35
#define ACCESSNOTIFY 7
36
#define ACCESSSTORAGE 8
37
#define ACCESSSTATUS 9
39
#define VACMVIEWSPINLOCK 1
47
#define VACM_MAX_STRING 32
48
#define VACMSTRINGLEN 34 /* VACM_MAX_STRING + 2 */
50
struct vacm_groupEntry {
52
char securityName[VACMSTRINGLEN];
53
char groupName[VACMSTRINGLEN];
58
struct vacm_groupEntry *reserved;
59
struct vacm_groupEntry *next;
62
#define CONTEXT_MATCH_EXACT 1
63
#define CONTEXT_MATCH_PREFIX 2
64
struct vacm_accessEntry {
65
char groupName[VACMSTRINGLEN];
66
char contextPrefix[VACMSTRINGLEN];
70
char readView[VACMSTRINGLEN];
71
char writeView[VACMSTRINGLEN];
72
char notifyView[VACMSTRINGLEN];
77
struct vacm_accessEntry *reserved;
78
struct vacm_accessEntry *next;
81
struct vacm_viewEntry {
82
char viewName[VACMSTRINGLEN];
83
oid viewSubtree[MAX_OID_LEN];
84
size_t viewSubtreeLen;
85
u_char viewMask[VACMSTRINGLEN];
93
struct vacm_viewEntry *reserved;
94
struct vacm_viewEntry *next;
97
void vacm_destroyViewEntry(const char *, oid *, size_t);
98
void vacm_destroyAllViewEntries(void);
100
#define VACM_MODE_FIND 0
101
#define VACM_MODE_IGNORE_MASK 1
102
#define VACM_MODE_CHECK_SUBTREE 2
103
struct vacm_viewEntry *vacm_getViewEntry(const char *, oid *, size_t,
106
* Returns a pointer to the viewEntry with the
107
* same viewName and viewSubtree
108
* Returns NULL if that entry does not exist.
111
int vacm_checkSubtree(const char *, oid *, size_t);
114
* Check to see if everything within a subtree is in view, not in view,
118
* VACM_SUCCESS The OID is included in the view.
119
* VACM_NOTINVIEW If no entry in the view list includes the
120
* provided OID, or the OID is explicitly excluded
122
* VACM_SUBTREE_UNKNOWN The entire subtree has both allowed and
123
* disallowed portions.
127
vacm_scanViewInit(void);
129
* Initialized the scan routines so that they will begin at the
130
* beginning of the list of viewEntries.
135
struct vacm_viewEntry *vacm_scanViewNext(void);
137
* Returns a pointer to the next viewEntry.
138
* These entries are returned in no particular order,
139
* but if N entries exist, N calls to view_scanNext() will
140
* return all N entries once.
141
* Returns NULL if all entries have been returned.
142
* view_scanInit() starts the scan over.
145
struct vacm_viewEntry *vacm_createViewEntry(const char *, oid *,
148
* Creates a viewEntry with the given index
149
* and returns a pointer to it.
150
* The status of this entry is created as invalid.
153
void vacm_destroyGroupEntry(int, const char *);
154
void vacm_destroyAllGroupEntries(void);
155
struct vacm_groupEntry *vacm_createGroupEntry(int, const char *);
156
struct vacm_groupEntry *vacm_getGroupEntry(int, const char *);
157
void vacm_scanGroupInit(void);
158
struct vacm_groupEntry *vacm_scanGroupNext(void);
160
void vacm_destroyAccessEntry(const char *, const char *,
162
void vacm_destroyAllAccessEntries(void);
163
struct vacm_accessEntry *vacm_createAccessEntry(const char *,
166
struct vacm_accessEntry *vacm_getAccessEntry(const char *,
167
const char *, int, int);
168
void vacm_scanAccessInit(void);
169
struct vacm_accessEntry *vacm_scanAccessNext(void);
171
void vacm_destroySecurityEntry(const char *);
172
struct vacm_securityEntry *vacm_createSecurityEntry(const char *);
173
struct vacm_securityEntry *vacm_getSecurityEntry(const char *);
174
void vacm_scanSecurityInit(void);
175
struct vacm_securityEntry *vacm_scanSecurityEntry(void);
176
int vacm_is_configured(void);
178
void vacm_save(const char *token, const char *type);
179
void vacm_save_view(struct vacm_viewEntry *view,
180
const char *token, const char *type);
181
void vacm_save_access(struct vacm_accessEntry *access_entry,
182
const char *token, const char *type);
183
void vacm_save_group(struct vacm_groupEntry *group_entry,
184
const char *token, const char *type);
186
void vacm_parse_config_view(const char *token, char *line);
187
void vacm_parse_config_group(const char *token, char *line);
188
void vacm_parse_config_access(const char *token,
191
int store_vacm(int majorID, int minorID, void *serverarg,