Hi Bill et. al, In meanwhile I hacked in custom version of net-snmp where I just added additional export for netsnmp_udp_com2SecList_free.
With this I was able to do what I needed to do. Problem in the use case is that device is embedded devices and we prefer not to keep rootfs as read/write. We have configuration storage system that has better endurance for power loss. Standard that we need to implement includes live modification of authentication data over SNMP (don't ask...). I could try to hack in a patch which would unify udp/udpv6/tcp community "authentication" under one API if that is within project's interest? Currently it seems that udp and tcp community "authentication" shares same mechanism and for some reason udpv6 is having own management. Simplest solution is to just export netsnmp_udp_com2SecList_free. I can also send patch for that if there is interest for that solution. Thanks, Vesa Jääskeläinen On 15/11/14 00:58, Bill Fenner wrote: > Hi Vesa, > > I think the reason that you aren't getting any response is that most > people who integrate net-snmp into their system use the configuration > file and SIGHUP / snmpd restart to load changes. With SIGHUP the > authentication info gets cleared out and re-read from the config file. > > If you're creating new APIs, I would think about the data structure > that's actually used - e.g., com2secList: split > out netsnmp_udp_parse_security() into two halves: the half that parses > the string and the half that adds is to the list, and you can use the > latter half in your code. > > There has been no need to free an individual entry, since the normal > reconfiguration path via the configuration file starts > with netsnmp_udp_com2SecList_free() (i.e., free the whole list) and > then re-reads the whole configuration file and re-creates all of the > relevant entries. > > Bill > > > On Wed, Oct 29, 2014 at 10:41 PM, Vesa Jääskeläinen <dach...@gmail.com > <mailto:dach...@gmail.com>> wrote: > > Hi, > > Perhaps I sent this email to wrong audience first, so here is resend > to coders ml. > > I need to implement feature that allows on the fly modification to > community names. > > I have been using "dlmod" feature to load my own extension plugin to > snmpd process and do every other custom OID and necessarily operation > from there. > > vacm_parse_rocommunity and vacm_parse_rwcommunity (eventually > vacm_create_simple) seems to be callbacks for configuration file > parser that eventually adds the community names and other > configurations for those into the system. > > These are not callable from extension plugin. Also there is no > matching remove/clear operations even if I would export those. > > Next thing would of course be to use the real operations behind this > to manage the entries. > > Problem becomes from fact that I would need to use: > vacm_gen_com2sec, netsnmp_udp_parse_security, > netsnmp_udp6_parse_security > > vacm_gen_com2sec is local static function. Functionality in here could > be broken to pieces so that can be handled by splitting to calling of > netsmp_udp/udp6_parser_security and vacm_createGroupEntry. > > Those all would be exportable so I could call them. Then next step > would be removing entries so that new entries could replace them. This > functionality is not exported (and there is only > netsnmp_udp_com2SecList_free). > > In theory I could go and modify the net-snmp that we use but calling > those functions does not sound clean solution for the management of > the community names. > > So I would like to get advice what should be modified (preferably so > that we can upstream the change) to enable community name management. > > Also community names do not have get-list feature like other items > in vacm has. > > Thanks, > Vesa Jääskeläinen > > > ------------------------------------------------------------------------------ > _______________________________________________ > Net-snmp-coders mailing list > Net-snmp-coders@lists.sourceforge.net > <mailto:Net-snmp-coders@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/net-snmp-coders > > ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
