Index: /branches/rel_apv_10_7/usr/click/lib/libca_snmp/snmp_cadmin.c =================================================================== --- /branches/rel_apv_10_7/usr/click/lib/libca_snmp/snmp_cadmin.c (revision 39458) +++ /branches/rel_apv_10_7/usr/click/lib/libca_snmp/snmp_cadmin.c (working copy) @@ -158,6 +158,8 @@ int is_ippermit_exist(int isipv6, void *address); int show_snmp_host_helper(char *buff, int length); +int show_snmp_host_engineid_helper(char *buff, int length); +int show_snmp_host_auth_helper(char *buff, int length); static int snmp_update_snmpd_conf(snmp_info_t *pInfo); static int convert_lower_characters_to_upper(char *protocol_str); @@ -1158,7 +1160,7 @@ int show_snmp_host_helper(char *buff, int length) -{ +{ int i, idx = 0; snmp_info_t *pInfo = snmp_server_attach(); @@ -1175,12 +1177,84 @@ } if (pInfo->host[i].snmp_version != 3) { - idx += snprintf(buff + idx, length - idx, " \"%s\" \"\" \"\" \"\" \"\"", + idx += snprintf(buff + idx, length - idx, " \"%s\" ", pInfo->host[i].community); - } else { - idx += snprintf(buff + idx, length - idx, " \"%s\" \"%s\" \"%s\" ", - pInfo->host[i].user_name, - pInfo->host[i].auth_eng_id, + } else { + idx += snprintf(buff + idx, length - idx, " \"%s\" ", + pInfo->host[i].user_name); + if (idx >= length) { + break; + } + } + idx += snprintf(buff + idx, length - idx, "\n"); + if (idx >= length) { + break; + } + + } + } + + return idx; +} +int +show_snmp_host_engineid_helper(char *buff, int length) +{ + int i, idx = 0; + snmp_info_t *pInfo = snmp_server_attach(); + + if (buff == NULL || pInfo == NULL) { + return 0; + } + buff[0] = '\0'; + + for (i = 0; i < CA_SNMP_MAX_HOST; i++) { + if (pInfo->host[i].ipstr[0] != '\0') { + idx += snprintf(buff + idx, length - idx, "snmp engineid %s", pInfo->host[i].ipstr); + if (idx >= length) { + break; + } + + if (pInfo->host[i].snmp_version != 3) { + idx += snprintf(buff + idx, length - idx, " \"\""); + } else { + idx += snprintf(buff + idx, length - idx, " \"%s\" ", + pInfo->host[i].auth_eng_id); + if (idx >= length) { + break; + } + } + idx += snprintf(buff + idx, length - idx, "\n"); + if (idx >= length) { + break; + } + + } + } + + return idx; +} +int +show_snmp_host_auth_helper(char *buff, int length) +{ + int i, idx = 0; + snmp_info_t *pInfo = snmp_server_attach(); + + if (buff == NULL || pInfo == NULL) { + return 0; + } + buff[0] = '\0'; + + for (i = 0; i < CA_SNMP_MAX_HOST; i++) { + if (pInfo->host[i].ipstr[0] != '\0') { + idx += snprintf(buff + idx, length - idx, "snmp auth %s", pInfo->host[i].ipstr); + if (idx >= length) { + break; + } + + if (pInfo->host[i].snmp_version != 3) { + idx += snprintf(buff + idx, length - idx, " \"\" \"\" \"\" \"\""); + } else { + idx += snprintf(buff + idx, length - idx, " \"%s\" ", pInfo->host[i].authPassword); if (idx >= length) { break; @@ -1214,13 +1288,13 @@ } } } - + idx += snprintf(buff + idx, length - idx, "\n"); if (idx >= length) { break; } } - } + } return idx; } @@ -1632,143 +1706,284 @@ * add a SNMP NMS host */ int -snmp_server_host(char * ipstr, - uint32_t trap_version, - char* comm_user, - char * engine_id, - char* auth_password, - char* security_level, - char* priv_password, - uint16_t port, - char* auth_proto, - char* priv_proto) +snmp_server_host(char * ipstr, + uint32_t trap_version, + char* comm_user) { + int security_flag = 0; bool server_host_exist = false; int host_index = CA_SNMP_MAX_HOST; int i, isipv6; struct in_addr addr; struct in6_addr in6; - char * p_str; - int security_flag = 0; + char g_engine_id[ENGINE_ID_MAX_LEN + 1] = "\"\""; int comm_user_len = strlen(comm_user); - int auth_pw_len = strlen(auth_password); - int priv_pw_len = strlen(priv_password); - int engine_id_len = strlen(engine_id); - int encry_auth_pw = 0; - int encry_priv_pw = 0; - char encry_auth_passwd[MAX_ENCRPT_PASSWD_LEN + 1] = {0}; - char encry_priv_passwd[MAX_ENCRPT_PASSWD_LEN + 1] = {0}; - char decrypt_auth_passwd[PASSWORD_MAXLEN + 1] = {0}; - char decrypt_priv_passwd[PASSWORD_MAXLEN + 1] = {0}; - char auth_protocol[PASSWORD_MAXLEN + 1] = {0}; - char priv_protocol[PASSWORD_MAXLEN + 1] = {0}; snmp_info_t *pInfo = snmp_server_attach(); if (pInfo == NULL) { return CA_ERR_SNMP_SHM_ATT; - } + } + if (IS_IP6_ADDRESS(ipstr)) { if ((inet_pton(AF_INET6, ipstr, &in6) != 1) || - IN6_IS_ADDR_UNSPECIFIED(&in6) || - IN6_IS_ADDR_MULTICAST(&in6) || - IN6_IS_ADDR_LINKLOCAL(&in6) || - IN6_IS_ADDR_LOOPBACK(&in6) || - IN6_IS_ADDR_V4COMPAT(&in6)) { + IN6_IS_ADDR_UNSPECIFIED(&in6) || + IN6_IS_ADDR_MULTICAST(&in6) || + IN6_IS_ADDR_LINKLOCAL(&in6) || + IN6_IS_ADDR_LOOPBACK(&in6) || + IN6_IS_ADDR_V4COMPAT(&in6)) { printf("Invalid IPv6 address!\n"); return CA_ERR_SNMP_INVAL; } isipv6 = 1; } else { - if (inet_pton(AF_INET, ipstr, &addr) != 1 || - addr.s_addr == 0 || addr.s_addr == 0xffffffff) { + if (inet_pton(AF_INET, ipstr, &addr) != 1 || + addr.s_addr == 0 || addr.s_addr == 0xffffffff) { printf("Invalid IPv4 address!\n"); return CA_ERR_SNMP_INVAL; } isipv6 = 0; } - if (trap_version != 1 && trap_version != 2 && trap_version != 3) { printf("SNMP trap version only chooses from {1|2|3}\n"); - return CA_ERR_SNMP_INVAL; - } - - if ((trap_version == 3) && (engine_id_len & 1)) { - printf("the length of authoritative engine id for SNMPv3 can't be odd number\n"); - return CA_ERR_SNMP_INVAL; - } - - strcpy(auth_protocol, auth_proto); - strcpy(priv_protocol, priv_proto); - convert_lower_characters_to_upper(auth_protocol); - convert_lower_characters_to_upper(priv_protocol); - - if ( (strcmp(auth_protocol, "MD5") != 0) && (strcmp(auth_protocol, "SHA1") != 0)) { - printf("Invalid authentication protocol. It only be MD5 or SHA1, default:MD5.\n"); - return CA_ERR_SNMP_INVAL; - } - if ( (strcmp(priv_protocol, "DES") != 0) && (strcmp(priv_protocol, "AES") != 0)) { - printf("Invalid encryption protocol. It only be DES or AES, default:DES.\n"); return CA_ERR_SNMP_INVAL; } - - if (comm_user_len < 1 || comm_user_len > SNMPV3_USERNAME_MAXLEN) { printf("%s length error!\n", comm_user); return CA_ERR_SNMP_INVAL; } - /* make sure there is no duplication */ + /* make sure there is no duplication */ for (i = 0; i < CA_SNMP_MAX_HOST; i++) { - if ((pInfo->host[i].ipstr[0] != '\0') && - (pInfo->host[i].isipv6 == isipv6)) { - if ((isipv6 && IN6_ARE_ADDR_EQUAL(&in6, &pInfo->host[i].ipaddr6)) || - (!isipv6 && (pInfo->host[i].ipaddr == addr.s_addr))) { + if ((pInfo->host[i].ipstr[0] != '\0') && + (pInfo->host[i].isipv6 == isipv6)) { + if ((isipv6 && IN6_ARE_ADDR_EQUAL(&in6, &pInfo->host[i].ipaddr6)) || + (!isipv6 && (pInfo->host[i].ipaddr == addr.s_addr))) { server_host_exist = true; } } } + if (snmp_server_lock(pInfo)) { + return (CA_ERR_SNMP_SHM_LOCK); + } + if (server_host_exist) { + /* delete one host to trap receiver list */ + for (i = 0; i < CA_SNMP_MAX_HOST; i++) { + if ((pInfo->host[i].ipstr[0] != '\0') && (pInfo->host[i].isipv6 == isipv6)) { + if ((isipv6 && IN6_ARE_ADDR_EQUAL(&in6, &pInfo->host[i].ipaddr6)) || (!isipv6 && (pInfo->host[i].ipaddr == addr.s_addr))) { + kern_snmp_remove_trap_host(pInfo->host[i].ipstr); + pInfo->host[i].ipstr[0] = '\0'; + pInfo->ipaddrcnt--; + break; + } + } + } + } + /* add one host to trap receiver list */ + for (i = 0; i < CA_SNMP_MAX_HOST; i++) { + if (pInfo->host[i].ipstr[0] == '\0') { + break; + } + } + if (i >= CA_SNMP_MAX_HOST) { + printf("The number of SNMP remote host has already reached upper limit %d\n", CA_SNMP_MAX_HOST); + snmp_server_unlock(); + return CA_ERR_SNMP_INVAL; + } + strlcpy(pInfo->host[i].ipstr, ipstr, IPADDR_STR_LEN); + pInfo->host[i].isipv6 = isipv6; + pInfo->host[i].snmp_version = trap_version; + if (isipv6) { + pInfo->host[i].ipaddr6 = in6; + } else { + pInfo->host[i].ipaddr = addr.s_addr; + } + if (trap_version == 3) { + strlcpy(pInfo->host[i].user_name, comm_user, SNMPV3_USERNAME_MAXLEN + 1); + pInfo->host[i].community[0] = '\0'; + } else { + strlcpy(pInfo->host[i].community, comm_user, CA_SNMP_COMM_LEN + 1); + pInfo->host[i].user_name[0] = '\0'; + } + pInfo->ipaddrcnt++; - if (comm_user_len < 1 || comm_user_len > SNMPV3_USERNAME_MAXLEN) { - printf("%s length error!\n", comm_user); + if (trap_version != 3) { + char *auth_password = "\"\""; + char *priv_password = "\"\""; + char auth_protocol[PASSWORD_MAXLEN + 1] = {0}; + char priv_protocol[PASSWORD_MAXLEN + 1] = {0}; + uint16_t port = 162; + + strncpy(auth_protocol, "", ENCRYPTSTR_LEN); + strncpy(priv_protocol, "", ENCRYPTSTR_LEN); + /* push configure data into kernel */ + kern_snmp_add_trap_host(ipstr, trap_version, comm_user, g_engine_id, auth_password, + security_flag, priv_password, port, auth_protocol, priv_protocol); + } else { + printf("please run \"snmp engineid\" and \"snmp auth\" for trap version 3 to be functional"); + } + + snmp_server_unlock(); + + return CA_SNMP_OK; +} + + +int +snmp_server_host_engine_id(char * ipstr, + char * engine_id + ) +{ + int i; + int idx; + char * p_str; + int engine_id_len = strlen(engine_id); + snmp_info_t *pInfo = snmp_server_attach(); + + if (pInfo == NULL) { + return CA_ERR_SNMP_SHM_ATT; + } + if (snmp_server_lock(pInfo)) { + return (CA_ERR_SNMP_SHM_LOCK); + } + for (idx = 0; idx < CA_SNMP_MAX_HOST; idx++) { + if (strcmp(pInfo->host[idx].ipstr, ipstr) == 0) { + break; + } + } + + /* not find, return */ + if (idx >= CA_SNMP_MAX_HOST) { + printf("Please run \"snmp host\" command first\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } - if (trap_version == 3) { + if ((pInfo->host[idx].snmp_version == 3) && (engine_id_len & 1)) { + printf("the length of authoritative engine id for SNMPv3 can't be odd number\n"); + snmp_server_unlock(); + return CA_ERR_SNMP_INVAL; + } + if (pInfo->host[idx].snmp_version == 3) { if (engine_id_len < 1) { printf("engine id should not be empty!\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } - if (engine_id_len > ENGINE_ID_MAX_LEN) { + if (engine_id_len > ENGINE_ID_MAX_LEN) { printf("Invalid engine id length, the max length is %d\n", ENGINE_ID_MAX_LEN); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } p_str = engine_id; for (i = 0; i < engine_id_len; i++) { if (!isxdigit(p_str[i]) && p_str[i] != 'x' && p_str[i] != 'X') { printf("engine id must be one hex number\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } } + } + if (pInfo->host[idx].snmp_version == 3) { + strlcpy(pInfo->host[idx].auth_eng_id, engine_id, ENGINE_ID_MAX_LEN + 1); + } + + snmp_server_unlock(); + + return CA_SNMP_OK; + +} + + + +int +snmp_server_host_auth(char * ipstr, + char* auth_password, + char* security_level, + char* priv_password, + uint16_t port, + char* auth_proto, + char* priv_proto) +{ + int i; + int security_flag = 0; + int auth_pw_len = strlen(auth_password); + int priv_pw_len = strlen(priv_password); + int encry_auth_pw = 0; + int encry_priv_pw = 0; + char encry_auth_passwd[MAX_ENCRPT_PASSWD_LEN + 1] = {0}; + char encry_priv_passwd[MAX_ENCRPT_PASSWD_LEN + 1] = {0}; + char decrypt_auth_passwd[PASSWORD_MAXLEN + 1] = {0}; + char decrypt_priv_passwd[PASSWORD_MAXLEN + 1] = {0}; + char auth_protocol[PASSWORD_MAXLEN + 1] = {0}; + char priv_protocol[PASSWORD_MAXLEN + 1] = {0}; + char g_comm_user[SNMPV3_USERNAME_MAXLEN + 1]; + char g_engine_id[ENGINE_ID_MAX_LEN + 1] = "\"\""; + uint32_t trap_ver; + snmp_info_t *pInfo = snmp_server_attach(); + + if (pInfo == NULL) { + return CA_ERR_SNMP_SHM_ATT; + } + if (snmp_server_lock(pInfo)) { + return (CA_ERR_SNMP_SHM_LOCK); + } + for (i = 0; i < CA_SNMP_MAX_HOST; i++) { + if (strcmp(pInfo->host[i].ipstr, ipstr) == 0) { + break; + } + } + + /* not find, return */ + if (i >= CA_SNMP_MAX_HOST) { + printf("The number of SNMP remote host has already reached upper limit %d\n", CA_SNMP_MAX_HOST); + printf("Please run \"snmp host\" command first\n"); + snmp_server_unlock(); + return CA_ERR_SNMP_INVAL; + } + strcpy(auth_protocol, auth_proto); + strcpy(priv_protocol, priv_proto); + convert_lower_characters_to_upper(auth_protocol); + convert_lower_characters_to_upper(priv_protocol); + if ( (strcmp(auth_protocol, "MD5") != 0) && (strcmp(auth_protocol, "SHA1") != 0)) { + printf("Invalid authentication protocol. It only be MD5 or SHA1, default:MD5.\n"); + return CA_ERR_SNMP_INVAL; + } + if ( (strcmp(priv_protocol, "DES") != 0) && (strcmp(priv_protocol, "AES") != 0)) { + printf("Invalid encryption protocol. It only be DES or AES, default:DES.\n"); + return CA_ERR_SNMP_INVAL; + } + trap_ver = pInfo->host[i].snmp_version; + if (trap_ver == 3) { + if (strcmp(pInfo->host[i].auth_eng_id, "") != 0) { + strlcpy(g_engine_id, pInfo->host[i].auth_eng_id, ENGINE_ID_MAX_LEN + 1); + } else { + printf("please enter \"snmp engineid\" command"); + snmp_server_unlock(); + return CA_ERR_SNMP_INVAL; + } if (0 == strncmp(auth_password, ENCRYPTSTR, ENCRYPTSTR_LEN)) { encry_auth_pw = 1; } if (auth_pw_len < PASSWORD_MINLEN) { printf("password must be not less than 8 characters\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } if ((encry_auth_pw && auth_pw_len > MAX_ENCRPT_PASSWD_LEN) || - (!encry_auth_pw && auth_pw_len > PASSWORD_MAXLEN)) { + (!encry_auth_pw && auth_pw_len > PASSWORD_MAXLEN)) { printf("password is too long\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } if (encry_auth_pw && cli_interactive()) { printf("Invalid password. It can not be an encrypted password.\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } @@ -1778,6 +1993,7 @@ security_flag = SNMPV3_AUTH; } else { printf("security level error, please choose from {authNopriv|authPriv}\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } @@ -1787,17 +2003,20 @@ } if (priv_pw_len < PASSWORD_MINLEN) { printf("password must be not less than 8 characters\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } if ((encry_priv_pw && priv_pw_len > MAX_ENCRPT_PASSWD_LEN) || - (!encry_priv_pw && priv_pw_len > PASSWORD_MAXLEN)) { + (!encry_priv_pw && priv_pw_len > PASSWORD_MAXLEN)) { printf("password is too long\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } if (encry_priv_pw && cli_interactive()) { printf("Invalid password. It can not be an encrypted password.\n"); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } @@ -1805,6 +2024,7 @@ strlcpy(encry_priv_passwd, priv_password, sizeof(encry_priv_passwd)); if (decrypt_passwd((unsigned char *)priv_password + ENCRYPTSTR_LEN, SNMP_RANDOM_KEY, decrypt_priv_passwd, sizeof(decrypt_priv_passwd))) { printf("Password %s decrypt fail!\n", priv_password); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } priv_password = decrypt_priv_passwd; @@ -1812,6 +2032,7 @@ strncpy(encry_priv_passwd, ENCRYPTSTR, ENCRYPTSTR_LEN); if (encrypt_passwd((unsigned char*)priv_password, SNMP_RANDOM_KEY, encry_priv_passwd + ENCRYPTSTR_LEN, sizeof(encry_priv_passwd) - ENCRYPTSTR_LEN)) { printf("Password %s encrypt fail!\n", priv_password); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } } @@ -1821,6 +2042,7 @@ strlcpy(encry_auth_passwd, auth_password, sizeof(encry_auth_passwd)); if (decrypt_passwd((unsigned char *)auth_password + ENCRYPTSTR_LEN, SNMP_RANDOM_KEY, decrypt_auth_passwd, sizeof(decrypt_auth_passwd))) { printf("Password %s decrypt fail!\n", auth_password); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } auth_password = decrypt_auth_passwd; @@ -1828,6 +2050,7 @@ strncpy(encry_auth_passwd, ENCRYPTSTR, ENCRYPTSTR_LEN); if (encrypt_passwd((unsigned char*)auth_password, SNMP_RANDOM_KEY, encry_auth_passwd + ENCRYPTSTR_LEN, sizeof(encry_auth_passwd) - ENCRYPTSTR_LEN)) { printf("Password %s encrypt fail!\n", auth_password); + snmp_server_unlock(); return CA_ERR_SNMP_INVAL; } } @@ -1836,54 +2059,8 @@ strncpy(auth_protocol, "", ENCRYPTSTR_LEN); strncpy(priv_protocol, "", ENCRYPTSTR_LEN); } - - - if (snmp_server_lock(pInfo)) { - return (CA_ERR_SNMP_SHM_LOCK); - } - - if (server_host_exist) { - /* delete one host to trap receiver list */ - for (i = 0; i < CA_SNMP_MAX_HOST; i++) { - if ((pInfo->host[i].ipstr[0] != '\0') && (pInfo->host[i].isipv6 == isipv6)) { - if ((isipv6 && IN6_ARE_ADDR_EQUAL(&in6, &pInfo->host[i].ipaddr6)) || (!isipv6 && (pInfo->host[i].ipaddr == addr.s_addr))) { - kern_snmp_remove_trap_host(pInfo->host[i].ipstr); - pInfo->host[i].ipstr[0] = '\0'; - pInfo->ipaddrcnt--; - break; - } - } - } - } - - /* add one host to trap receiver list */ - for (i = 0; i < CA_SNMP_MAX_HOST; i++) { - if (pInfo->host[i].ipstr[0] == '\0') { - break; - } - } - - /* not find, return */ - if (i >= CA_SNMP_MAX_HOST) { - printf("The number of SNMP remote host has already reached upper limit %d\n", CA_SNMP_MAX_HOST); - snmp_server_unlock(); - return CA_ERR_SNMP_INVAL; - } - - strlcpy(pInfo->host[i].ipstr, ipstr, IPADDR_STR_LEN); - pInfo->host[i].isipv6 = isipv6; pInfo->host[i].port = port; - pInfo->host[i].snmp_version = trap_version; - if (isipv6) { - pInfo->host[i].ipaddr6 = in6; - } else { - pInfo->host[i].ipaddr = addr.s_addr; - } - - if (trap_version == 3) { - strlcpy(pInfo->host[i].user_name, comm_user, SNMPV3_USERNAME_MAXLEN + 1); - pInfo->host[i].community[0] = '\0'; - strlcpy(pInfo->host[i].auth_eng_id, engine_id, ENGINE_ID_MAX_LEN + 1); + if (trap_ver == 3) { strlcpy(pInfo->host[i].authPassword, encry_auth_passwd, MAX_ENCRPT_PASSWD_LEN + 1); strlcpy(pInfo->host[i].authProtocol, auth_protocol, PASSWORD_MAXLEN + 1); pInfo->host[i].security_level = security_flag; @@ -1895,23 +2072,24 @@ pInfo->host[i].privProtocol[0] = '\0'; priv_protocol[0] = '\0'; } + } + if (trap_ver == 3) { + strlcpy(g_comm_user, pInfo->host[i].user_name, SNMPV3_USERNAME_MAXLEN + 1); + pInfo->host[i].community[0] = '\0'; } else { - strlcpy(pInfo->host[i].community, comm_user, CA_SNMP_COMM_LEN + 1); + strlcpy(g_comm_user, pInfo->host[i].community, CA_SNMP_COMM_LEN + 1); pInfo->host[i].user_name[0] = '\0'; } - pInfo->ipaddrcnt++; - /* push configure data into kernel */ - kern_snmp_add_trap_host(ipstr, trap_version, comm_user, engine_id, auth_password, - security_flag, priv_password, port, auth_protocol, priv_protocol); + kern_snmp_add_trap_host(ipstr, trap_ver, g_comm_user, g_engine_id, auth_password, + security_flag, priv_password, port, auth_protocol, priv_protocol); snmp_server_unlock(); - return CA_SNMP_OK; + return CA_SNMP_OK; } - int snmp_add_v3user(char *user_name, char* auth_password, char* security_level, char* priv_password, char *auth_proto, char *priv_proto) { @@ -2081,11 +2259,7 @@ if( pInfo->host[i].ipstr[0] != '\0' ) kern_snmp_remove_trap_host(pInfo->host[i].ipstr); /*****kernel only deletes valid ip's connection*********/ - pInfo->host[i].ipstr[0] = '\0'; /* flag for validity of data item validity */ - strcpy(pInfo->host[i].community, "public"); - pInfo->host[i].ctl_flag = 0; - pInfo->host[i].trap_cnt =0; - pInfo->host[i].snmp_version = 0; + memset(&pInfo->host[i], 0, sizeof(pInfo->host[i])); } pInfo->snmp_version = SNMPCONF_VER_DEFAULT; @@ -2150,7 +2324,13 @@ printf("snmp traps loglevel %s\n", fast_log_level_to_string(pInfo->traps_log_level)); show_snmp_host_helper(buff, SNMP_BUFFER_SIZE); - printf("%s", buff); + printf("%s", buff); + + show_snmp_host_engineid_helper(buff, SNMP_BUFFER_SIZE); + printf("%s", buff); + + show_snmp_host_auth_helper(buff, SNMP_BUFFER_SIZE); + printf("%s", buff); show_snmpv3user_helper(buff, SNMP_BUFFER_SIZE); printf("%s", buff); @@ -2204,6 +2384,14 @@ if (idx >= buflen) { goto out; } + idx += show_snmp_host_engineid_helper(buf + idx, buflen - idx); + if (idx >= buflen) { + goto out; + } + idx += show_snmp_host_auth_helper(buf + idx, buflen - idx); + if (idx >= buflen) { + goto out; + } idx += snprintf(buf + idx, buflen - idx, "%s\n", (pInfo->enable_traps > 0 ? "snmp enable traps" : "no snmp enable traps")); if (idx > buflen) { @@ -2344,7 +2532,7 @@ pInfo->host[i].isipv6 == isipv6){ if ((isipv6 && IN6_ARE_ADDR_EQUAL(&in6, &pInfo->host[i].ipaddr6)) || (!isipv6 && (addr.s_addr == pInfo->host[i].ipaddr))) { - pInfo->host[i].ipstr[0] = '\0'; + memset(&pInfo->host[i], 0, sizeof(pInfo->host[i])); pInfo->ipaddrcnt--; kern_snmp_remove_trap_host(ipstr); foundflag = 1; Index: /branches/rel_apv_10_7/usr/click/lib/libhalib/ha_lib.c =================================================================== --- /branches/rel_apv_10_7/usr/click/lib/libhalib/ha_lib.c (revision 39458) +++ /branches/rel_apv_10_7/usr/click/lib/libhalib/ha_lib.c (working copy) @@ -1130,6 +1130,7 @@ "no vlan", "clear vlan", "webui ip", + "snmp engineid", "webui port", "xmlrpc ip", "restapi ip", Index: /branches/rel_apv_10_7/usr/click/lib/libparser/commands.pm =================================================================== --- /branches/rel_apv_10_7/usr/click/lib/libparser/commands.pm (revision 39458) +++ /branches/rel_apv_10_7/usr/click/lib/libparser/commands.pm (working copy) @@ -33782,12 +33782,44 @@ optional => "YES", default_value => "\"public\"", }, + ], + }, + { + obj_type => "ITEM", + name => "engineid", + menu => "root_snmp", + help_string => "Set SNMP engine ID", + cmd_attribute => "CMD_ARRAYOS|CMD_SPROXY|CMD_NORMAL|CMD_GLOBAL|CMD_SPECIAL_LOG", + user_level => "CLI_LEVEL_CONFIG", + function_name => "snmp_server_host_engine_id", + function_args => [ + { + type => "IPADDR", + help_string => "SNMP receiver IP", + optional => "NO", + }, { type => "STRING", help_string => "authoritative engine id of remote SNMP trap receiver for SNMP v3(which length can't be odd number)", optional => "YES", default_value => "\"\"", }, + ], + }, + { + obj_type => "ITEM", + name => "auth", + menu => "root_snmp", + help_string => "Set SNMP security and Authentication Settings", + cmd_attribute => "CMD_ARRAYOS|CMD_SPROXY|CMD_NORMAL|CMD_GLOBAL|CMD_SPECIAL_LOG", + user_level => "CLI_LEVEL_CONFIG", + function_name => "snmp_server_host_auth", + function_args => [ + { + type => "IPADDR", + help_string => "SNMP receiver IP", + optional => "NO", + }, { type=> "STRING", help_string => "authentication password (ranges from 8 to 32 characters)",