Index: src/apps/snmp/snmp_manager.c =================================================================== --- src/apps/snmp/snmp_manager.c (revision 30629) +++ src/apps/snmp/snmp_manager.c (revision 30630) @@ -67,6 +67,8 @@ #include "snmp_core_priv.h" #include "lwip/udp.h" +#include "lwip/apps/snmp_manager.h" + #define SNMP_V3_AUTH_FLAG 0x01 #define SNMP_V3_PRIV_FLAG 0x02 @@ -90,8 +92,8 @@ u8_t request_out_type; #if LWIP_SNMP_V3 - u8_t *hashedAuthKey; - u8_t *hashedPrivKey; + const u8_t *hashedAuthKey; + const u8_t *hashedPrivKey; s32_t msg_id; s32_t msg_max_size; @@ -365,9 +367,9 @@ err_t snmp_mngr_send(u8_t version, u32_t ip, struct snmp_varbind *varbinds, s32_t *ptr_request_id, int set, u16_t port, u16_t eth_interface, const char *snmp_community, - u8_t *msg_authoritative_engine_id, u8_t msg_authoritative_engine_id_len, + const u8_t *msg_authoritative_engine_id, u8_t msg_authoritative_engine_id_len, u32_t msg_authoritative_engine_boots, u32_t msg_authoritative_engine_time, - int auth_flag, int priv_flag, u8_t *hashedAuthKey, u8_t *hashedPrivKey) + int auth_flag, int priv_flag, const u8_t *hashedAuthKey, const u8_t *hashedPrivKey) { ip_addr_t dip; err_t err = ERR_OK; @@ -387,8 +389,10 @@ request.hashedAuthKey = hashedAuthKey; request.hashedPrivKey = hashedPrivKey; - if (set) + if (set == 1) request.request_out_type = SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_SET_REQ; + else if (set == 2) + request.request_out_type = SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_V2_TRAP; else request.request_out_type = SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_GET_REQ; @@ -401,8 +405,6 @@ if (priv_flag) request.msg_flags |= SNMP_V3_PRIV_FLAG; } - *ptr_request_id = req_id; - request.version = (version == 3) ? SNMP_VERSION_3 : (version == 2) ? SNMP_VERSION_2c : SNMP_VERSION_1; request.msg_security_model = version; @@ -411,6 +413,8 @@ err = snmp_send_request_generic(&request, varbinds, &dip, port, eth_interface); } + if (ptr_request_id) + *ptr_request_id = request.request_id; return err; } @@ -514,8 +518,10 @@ /* msgAuthoritativeEngineID */ #if 0 // Don't do this when SNMP manager + if (!request->msg_authoritative_engine_id_len) { snmpv3_get_engine_id(&id, &request->msg_authoritative_engine_id_len); MEMCPY(request->msg_authoritative_engine_id, id, request->msg_authoritative_engine_id_len); + } #endif SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_OCTET_STRING, 0, request->msg_authoritative_engine_id_len); OF_BUILD_EXEC(snmp_ans1_enc_tlv(pbuf_stream, &tlv)); @@ -522,8 +528,10 @@ OF_BUILD_EXEC(snmp_asn1_enc_raw(pbuf_stream, request->msg_authoritative_engine_id, request->msg_authoritative_engine_id_len)); #if 0 // Don't do this when SNMP manager + if (!request->msg_authoritative_engine_time) { request->msg_authoritative_engine_time = snmpv3_get_engine_time(); request->msg_authoritative_engine_boots = snmpv3_get_engine_boots(); + } #endif /* msgAuthoritativeEngineBoots */ Index: src/apps/snmp/snmp_traps.c =================================================================== --- src/apps/snmp/snmp_traps.c (revision 30629) +++ src/apps/snmp/snmp_traps.c (revision 30630) @@ -46,6 +46,7 @@ #include "lwip/sys.h" #include "lwip/apps/snmp.h" #include "lwip/apps/snmp_core.h" +#include "lwip/apps/snmp_manager.h" #include "lwip/prot/iana.h" #include "snmp_msg.h" #include "snmp_asn1.h" @@ -310,7 +311,7 @@ trap_msg->gen_trap = generic_trap; trap_msg->spc_trap = (generic_trap == SNMP_GENTRAP_ENTERPRISE_SPECIFIC) ? specific_trap : 0; MIB2_COPY_SYSUPTIME_TO(&trap_msg->ts); - } else if (trap_msg->snmp_version == SNMP_VERSION_2c) { + } else { /* Copy sysUpTime into the first varbind */ MIB2_COPY_SYSUPTIME_TO((u32_t *)varbinds[0].value); } @@ -409,6 +410,14 @@ NULL /* value */ } }; +#if LWIP_SNMP_V3 && SNMP_MNGR + const u8_t *id; + u8_t id_len; + snmpv3_auth_algo_t auth; + const u8_t *auth_key; + snmpv3_priv_algo_t priv; + const u8_t *priv_key; +#endif LWIP_ASSERT_SNMP_LOCKED(); @@ -420,7 +429,7 @@ snmp_v2_special_varbinds[1].next = varbinds; /* see rfc3584 */ - if (trap_msg->snmp_version == SNMP_VERSION_2c) { + if (trap_msg->snmp_version >= SNMP_VERSION_2c) { struct snmp_obj_id snmp_trap_oid = { 0 }; /* used for converting SNMPv1 generic/specific trap parameter to SNMPv2 snmpTrapOID */ err = snmp_prepare_trap_oid(&snmp_trap_oid, eoid, generic_trap, specific_trap); if (err == ERR_OK) { @@ -434,6 +443,13 @@ } } +#if LWIP_SNMP_V3 && SNMP_MNGR + if (trap_msg->snmp_version == SNMP_VERSION_3) { + snmpv3_get_engine_id((const char**)&id, &id_len); + err = snmpv3_get_trap_auth(&auth, &auth_key, &priv, &priv_key); + } +#endif + for (i = 0, td = &trap_dst[0]; (i < SNMP_TRAP_DESTINATIONS) && (err == ERR_OK); i++, td++) { if ((td->enable != 0) && !ip_addr_isany(&td->dip)) { /* lookup current source address for this dst */ @@ -454,12 +470,23 @@ if (err == ERR_OK) { snmp_prepare_necessary_msg_fields(trap_msg, eoid, generic_trap, specific_trap, varbinds); - /* pass 0, calculate length fields */ - tot_len = snmp_trap_varbind_sum(trap_msg, varbinds); - tot_len = snmp_trap_header_sum(trap_msg, tot_len); + if (trap_msg->snmp_version == SNMP_VERSION_3) { +#if LWIP_SNMP_V3 && SNMP_MNGR + err = snmp_mngr_send(3, td->dip.addr, varbinds, NULL, 2, + LWIP_IANA_PORT_SNMP_TRAP, td->if_idx - 2, snmp_community_trap, + id, id_len, snmpv3_get_engine_boots(), snmpv3_get_engine_time(), + auth, priv, auth_key, priv_key); +#else + err = ERR_ARG; +#endif + } else { + /* pass 0, calculate length fields */ + tot_len = snmp_trap_varbind_sum(trap_msg, varbinds); + tot_len = snmp_trap_header_sum(trap_msg, tot_len); - /* allocate pbuf, fill it and send it */ - err = snmp_send_msg(trap_msg, varbinds, tot_len, td); + /* allocate pbuf, fill it and send it */ + err = snmp_send_msg(trap_msg, varbinds, tot_len, td); + } } else { /* routing error */ err = ERR_RTE; @@ -466,7 +493,7 @@ } } } - if ((trap_msg->snmp_version == SNMP_VERSION_2c) && (original_varbinds != NULL)) { + if (original_prev != NULL) { original_varbinds->prev = original_prev; } req_id++; @@ -515,10 +542,8 @@ if(snmp_default_trap_version == SNMP_VERSION_1) { static const struct snmp_obj_id oid = { 7, { 1, 3, 6, 1, 2, 1, 11 } }; err = snmp_send_trap_or_notification_or_inform_generic(&trap_msg, &oid, generic_trap, 0, NULL); - } else if (snmp_default_trap_version == SNMP_VERSION_2c) { + } else { err = snmp_send_trap_or_notification_or_inform_generic(&trap_msg, NULL, generic_trap, 0, NULL); - } else { - err = ERR_VAL; } return err; } @@ -687,7 +712,7 @@ if (trap->snmp_version == SNMP_VERSION_1) { tot_len += snmp_trap_header_sum_v1_specific(trap); - } else if (trap->snmp_version == SNMP_VERSION_2c) { + } else { tot_len += snmp_trap_header_sum_v2c_specific(trap); } trap->pdulen = tot_len; @@ -757,10 +782,12 @@ /* TRAP v2 - INFORM */ SNMP_ASN1_SET_TLV_PARAMS(tlv, (SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_INFORM_REQ), 0, trap->pdulen); BUILD_EXEC( snmp_ans1_enc_tlv(pbuf_stream, &tlv) ); - } else if (trap->snmp_version == SNMP_VERSION_2c) { + } else if (trap->trap_or_inform == SNMP_IS_TRAP) { /* TRAP v2 - NOTIFICATION*/ SNMP_ASN1_SET_TLV_PARAMS(tlv, (SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_V2_TRAP), 0, trap->pdulen); BUILD_EXEC( snmp_ans1_enc_tlv(pbuf_stream, &tlv) ); + } else { + return ERR_ARG; } return ERR_OK; @@ -885,7 +912,7 @@ if (trap->snmp_version == SNMP_VERSION_1) { /* object ID, IP addr, generic trap, specific trap, timestamp */ BUILD_EXEC( snmp_trap_header_enc_v1_specific(trap, pbuf_stream) ); - } else if (SNMP_VERSION_2c == trap->snmp_version) { + } else { /* request id, error status, error index */ BUILD_EXEC( snmp_trap_header_enc_v2c_specific(trap, pbuf_stream) ); } Index: src/include/lwip/apps/snmp_manager.h =================================================================== --- src/include/lwip/apps/snmp_manager.h (revision 30629) +++ src/include/lwip/apps/snmp_manager.h (revision 30630) @@ -46,11 +46,12 @@ #if LWIP_SNMP && SNMP_MNGR +// For TRAPS, set = 2 err_t snmp_mngr_send(u8_t version, u32_t ip, struct snmp_varbind *varbinds, s32_t *ptr_request_id, int set, u16_t port, u16_t eth_interface, const char *snmp_community, - u8_t *msg_authoritative_engine_id, u8_t msg_authoritative_engine_id_len, + const u8_t *msg_authoritative_engine_id, u8_t msg_authoritative_engine_id_len, u32_t msg_authoritative_engine_boots, u32_t msg_authoritative_engine_time, - int auth_flag, int priv_flag, u8_t *hashedAuthKey, u8_t *hashedPrivKey); + int auth_flag, int priv_flag, const u8_t *hashedAuthKey, const u8_t *hashedPrivKey); #endif /* LWIP_SNMP && SNMP_MNGR */ Index: src/include/lwip/apps/snmpv3.h =================================================================== --- src/include/lwip/apps/snmpv3.h (revision 30629) +++ src/include/lwip/apps/snmpv3.h (revision 30630) @@ -87,6 +87,7 @@ u32_t snmpv3_get_engine_time(void); void snmpv3_reset_engine_time(void); +//TODO: Don't copy, just set pointer to keys? err_t snmpv3_get_user(const char* username, snmpv3_auth_algo_t *auth_algo, u8_t *auth_key, snmpv3_priv_algo_t *priv_algo, u8_t *priv_key); u8_t snmpv3_get_amount_of_users(void); err_t snmpv3_get_user_storagetype(const char *username, snmpv3_user_storagetype_t *storagetype); @@ -93,6 +94,9 @@ err_t snmpv3_get_user_rw_access(const char *username, snmpv3_rw_access_t *rw_access); err_t snmpv3_get_username(char *username, u8_t index); +//Or SNMP_V3_TRAP_USER + snmpv3_get_user()? +err_t snmpv3_get_trap_auth(snmpv3_auth_algo_t* auth, const u8_t **auth_key, snmpv3_priv_algo_t* priv, const u8_t **priv_key); + /* The following functions are provided by the SNMPv3 agent */ void snmpv3_engine_id_changed(void);