CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/07/15 07:27:36 Modified files: sys/ufs/ext2fs : ext2fs.h Log message: Add ext4 field definitions. Taken from NetBSD, with some cosmetic changes to keep it in line with our style. OK miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/07/10 14:33:31 Modified files: libexec/snmpd/snmpd_metrics: pf.c Log message: Allow pfIfTable to have more than 64 entries. Taken from pfctl_table.c r1.85 by sashan@ OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/05/22 10:25:18 Modified files: sys/dev/pci: pcidevs.h pcidevs_data.h Log message: regen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/05/22 10:24:59 Modified files: sys/dev/pci: if_mwx.c pcidevs Log message: Add support for MT7922. This brings the MT7922 in line with MT7921. feedback and OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/05/22 02:44:02 Modified files: libexec/snmpd/snmpd_metrics: mib.c Log message: When localtime() fails, throw an error instead of returning a non-sensical 0 filled string. OK florian@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/05/22 02:38:57 Modified files: sys/dev/pci: if_mwx.c if_mwxreg.h Log message: Add firmware and driver own functions. These are needed to bring up the MT7922. OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/05/20 15:22:43 Modified files: sys/dev/pci: if_mwx.c Log message: Fix an off by one. OK miod@, claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/20 05:51:10 Modified files: usr.sbin/snmpd : ax.c Log message: Remove some now unused variables. Somehow missed in previous commit.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/20 05:41:13 Modified files: usr.sbin/snmpd : mib.y Log message: strptime() only touches the fields specified in the format string, meaning there could be garbage left in the other fields. Somehow this only caused issues in mktime() when /etc/localtime is set to GMT. Initialize tm to 0. While here fix a type-O in the format string and make the invalid strlen for LAST-UPDATED message more consistent with the other 2 error messages. Found by and OK sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/20 05:32:48 Modified files: usr.sbin/snmpd : parse.y Log message: trap receiver is special in that the OID is optional. Make sure that we accept a NULL descriptor, which results in an OID length of 0. Found by and OK sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/20 05:25:43 Modified files: usr.sbin/snmpd : ax.c ax.h Log message: Remove the packetid logic from ax.c. It's not used by snmpd and has some serious flaws. Issue reported and analysis by Steffen Christgau. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/08 10:38:41 Modified files: regress/usr.sbin/snmpd: Makefile backend.c regress.h snmp.c snmpd_regress.c Log message: Add tests to make sure that snmpd adheres to the RFC2578 section 7.1 octet string primitive limitations. The integer based ones are restricted by the AgentX protocol and can't be tested.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/08 10:34:09 Modified files: usr.sbin/snmpd : application.c snmp.h Log message: RFC2578 section 7.1 specifies the ranges and in the case of opaque the format to which the values need to adhere. Implement checks, so that we don't send illegal values to the client. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/08 10:09:51 Modified files: regress/usr.bin/snmp: Makefile regress/usr.sbin/snmpd: Makefile snmpd.sh Log message: No that we load MIB files at snmpd start-up chances that the sleep build into the regress test don't suffice anymore for slow regress machines. (Ab)use the agentx socket (which gets created after all the MIB files have been parsed) to detect if snmpd is available. For now we poll at 0.1s intervals for a total of 100 tries. found by and earlier diff tested by and OK anton@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/06 08:36:11 Modified files: usr.sbin/snmpd : parse.y snmpd.h trap.c traphandler.c Log message: Let the config parser make use of the mib_string2oid(). If a descriptor is not found in the loaded MIB files it falls back to the old smi_oid2string(), which then throws a deprecation warning. This won't trigger for most cases in the default install, but the UCD-DISKIO-MIB and dependencies aren't included (yet?) (which can be fixed by manually including them via "mib directory") and there's a couple of misspellings (e.g. mib_2 vs mib-2, and usmStatsNotInTimeWindow vs usmStatsNotInTimeWindows). Feedback and OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/06 05:44:28 Modified files: usr.sbin/snmpd : application.c application_agentx.c application_internal.c parse.y smi.c snmpd.h trap.c traphandler.c Log message: Replace most smi_oid2string() calls with the new mib_oid2string(). smi_oid2string() is still called from trap handle context to not break any existing scripts. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/06 05:39:13 Modified files: usr.sbin/snmpd : parse.y snmpd.conf.5 Log message: Load MIB files during startup. The default directory is /usr/share/snmp/mibs, but one or more directories can be configured via the "mib directory" option. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/02/05 04:46:58 Modified files: share/snmp : Makefile Added files: share/snmp : BRIDGE-MIB.txt HOST-RESOURCES-MIB.txt IANA-RTPROTO-MIB.txt IANA-STORAGE-MEDIA-TYPE-MIB.txt IANAifType-MIB.txt IF-MIB.txt INET-ADDRESS-MIB.txt IP-FORWARD-MIB.txt IP-MIB.txt SNMP-FRAMEWORK-MIB.txt SNMP-USER-BASED-SM-MIB.txt SNMP-USM-AES-MIB.txt SNMP-USM-HMAC-SHA2-MIB.txt SNMPv2-CONF.txt SNMPv2-MIB.txt SNMPv2-SMI.txt SNMPv2-TC.txt SNMPv2-TM.txt TRANSPORT-ADDRESS-MIB.txt UUID-TC-MIB.txt VM-MIB.txt Log message: Add a bunch of IANA/IETF MIBs that are (partially) supported by OpenBSD. These will soon be picked up by snmpd(8) for debugging output and OID names used in snmpd.conf(5). Go ahead sthen@ and tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2024/01/27 02:53:59 Modified files: usr.sbin/snmpd : Makefile mib.h Added files: usr.sbin/snmpd : mib.y Log message: Implement an initial SMIv2 parser based around RFC257[89]. RFC2580 isn't supported yet. SMIv1 is not supported. Parsing is done in a strict manner, but except for the (deprecated) IPV6-TC MIB everything from IETF/IANA that I found parses. For now this code will be used OID<->name translations, but other functionality could be added in the future. This commit just includes the parser, usage and including the MIB files will be done in separate commits. Go ahead from tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/22 06:04:30 Modified files: usr.sbin/snmpd : snmpd.c Log message: Call log_setverbosity() directly after getopt() so that debugging information during config-parsing can be displayed. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/22 06:03:16 Modified files: usr.sbin/snmpd : usm.c Log message: Remove a log_debug from usm_checkuser(). It would only display what is in the config and was never actually displayed because of insufficient verbosity level during config-parsing and would display the wrong auth algorithm for SHA2. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/21 06:54:05 Modified files: usr.sbin/snmpd : mib.h snmpd.h Log message: mib_init() and MIB() disappeared with mib.c, remove their declarations. MIBDECL() and MIBEND are only used inside mib.h, so move their definition in there. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/21 05:43:31 Modified files: usr.sbin/snmpd : application.c application_agentx.c application_blocklist.c application_internal.c ax.c ax.h log.c parse.y proc.c smi.c smi.h snmp.h snmpd.c snmpd.h snmpe.c snmpe.h trap.c traphandler.c usm.c util.c Log message: Clean up snmpd's header situation. With the help of tb@ and include-what-you-use. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/18 09:58:26 Modified files: usr.sbin/snmpd : parse.y Log message: Add a family argument to host(). This allows us to force a specific address family for source-address, which must be in line with the destination address. OK jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/18 09:56:01 Modified files: usr.sbin/snmpd : parse.y Log message: Fix copy-paste error for setting source-address in trap receiver. OK jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/18 02:42:57 Modified files: usr.sbin/snmpd : application_internal.c Log message: Fix two memory leaks: - MIB_snmpInReadOnlys was tried to be registered twice, leading to a leak of the second instance. Prevent this mistake in the future by making a double registration fatal. - The response buffer is owned by the backend, so the backend must also free it. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/12 13:18:39 Modified files: usr.sbin/snmpd : trap.c Log message: The OID inside snmpTrapOID is of type NOTIFICATION-TYPE, which does not have a zero appended. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/12 13:15:49 Modified files: usr.sbin/snmpd : application_internal.c Log message: Do a bitter cleanup after the config defined objects on shutdown. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/21 01:49:09 Modified files: libexec/snmpd/snmpd_metrics: mib.c Log message: Set sc_rtfilter to specific ROUTE_FILTER() values, as was originally intended, instead of filtering out everything. OK sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/21 01:47:04 Modified files: usr.sbin/snmpd : parse.y Log message: Make RTFILTER/filter-routes a simple boolean assignment, since the specific value isn't used anymore, and is just used to generate an argument for snmpd_metrics. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/20 03:34:21 Modified files: regress/usr.sbin/snmpd: Makefile regress.h snmp.c snmpd_regress.c Added files: regress/usr.sbin/snmpd: transport.c Log message: Add a couple of tests for handling of tcp connections.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/20 03:32:45 Modified files: usr.sbin/snmpd : snmpe.c Log message: In snmpe_writecb, don't call snmpe_prepare_read() when there's still data left inside sm_data. If there's an incomplete packet left in the buffer it will be called from snmpe_tryparse, if there's a complete packet left we can end up with new events from the tcp socket, which the tcp subsystem isn't prepared to handle. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/16 07:35:25 Modified files: usr.sbin/snmpd : application.c Log message: In appl_processpdu() no need to set avi_next, and only set av_next up to varbindlen, since its only use is to print the varbindlist via appl_pdu_log() and both are further properly initialized in appl_request_upstream_resolve(). This fixes a cosmetic off by one for getbulk requests. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/16 06:26:45 Modified files: regress/usr.sbin/snmpd: Makefile backend.c regress.h snmpd_regress.c Log message: Add 3 tests for when getbulk reaches EOMV.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/16 06:25:07 Modified files: usr.sbin/snmpd : application.c Log message: avi_origid must also be set when transitioning out of the APPL_VBSTATE_MUSTFILL state, else snmpd won't like use once we reach EOMV of our view of the world. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/15 06:36:11 Modified files: usr.sbin/snmpd : application.c Log message: Make sure we allocate the correct size for an appl_agentcap. OK claudio@ miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/13 08:05:14 Modified files: usr.sbin/snmpd : snmpd.h Log message: Apparently base-gcc doesn't like having OID() inside MIBDECL(). Handroll the OID() logic into MIBDECL(). Found, tested, and OK jca@ OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/13 03:16:51 Modified files: regress/usr.sbin/snmpd: Makefile backend.c regress.h snmpd_regress.c Log message: Add 2 tests to make sure getbulkrequests return the correct error index.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/13 03:14:29 Modified files: usr.sbin/snmpd : application.c Log message: struct appl_varbind_internal's avi_index is used to give the index to the original varbindlist's index. In the case of a GetBulkRequest this must never be larger than the length of the original varbindlist. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:14:39 Modified files: usr.sbin/snmpd : smi.c snmpd.h Log message: Move struct oid from snmpd.h into smi.c and trim a lot of the now unused fat. This includes all the o_flags member related defines. if it compiles ship it/OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:12:01 Modified files: usr.sbin/snmpd : smi.c snmpd.h Log message: Remove a bunch of unused smi_ functions and move a couple of definitions out of snmpd.h, which aren't used outside of smi.c OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:10:13 Modified files: usr.sbin/snmpd : smi.c Log message: Now that smi_oid_cmp() is only used by the oidtree RB-tree, and nothing fancy is using it, we can simply rely on ober_oid_cmp(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:07:48 Modified files: usr.sbin/snmpd : smi.c Log message: Now that MIBDECL() fills in bo_n, no need to call smi_oidlen() anymore. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:06:53 Modified files: usr.sbin/snmpd : snmpd.h Log message: Let MIBDECL() make use of OID(). This gives use bo_n for free and we won't have to rely on error-prone smi_oidlen. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:04:35 Modified files: usr.sbin/snmpd : parse.y smi.c snmpd.h Log message: Now that smi.c is basically an oid/name translator, let smi_insert() create the struct oid and let parse.y supply the arguments. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 13:02:05 Modified files: usr.sbin/snmpd : trap.c Log message: No need to use struct oid to compare two struct ber_oids. Just call ober_oid_cmp() directly. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 12:59:56 Modified files: usr.sbin/snmpd : snmpe.c Log message: Printing all known objects inside smi when build with -DDEBUG has no benefit. Remove it and the last consumer of smi_foreach(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 12:58:15 Modified files: usr.sbin/snmpd : trap.c Log message: No reason to call (error-prone) smi_scalar_oidlen when we include the scalar .0 ourselves. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 09:07:34 Modified files: usr.sbin/snmpd : Makefile application.c application.h snmpd.h Removed files: usr.sbin/snmpd : application_legacy.c mps.c Log message: Now that the last consumer of mps.c is gone, remove it and its application_legacy.c companion. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/12 09:03:41 Modified files: usr.sbin/snmpd : application.h application_internal.c parse.y Log message: Move snmpd.conf's oid keyword into application_internal.c. These objects get registered under their own backend name, so that they can't overlap with the internal regions. This removes the last consumer of mps.c OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/10 05:16:53 Modified files: regress/usr.sbin/snmpd: Makefile regress.h snmp.c snmpd_regress.c Log message: Add an initial SNMPv3 regression test.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/10 05:12:02 Modified files: lib/libutil: ber.c Log message: Give ober_printf_elements() a ber_element array, similar to ober_scanf_elements(). This allows us to move down and back up multiple levels in with nested sequences and sets. While here, on failure, make sure we free (and unlink if needed) all elements we created. OK claudio@, tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 13:09:18 Modified files: usr.sbin/snmpd : usm.c Log message: Don't do the time window check if we're noAuthNoPriv. It's only needed if we're authenticating according to RFC3414 section 2.3. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 13:07:14 Modified files: usr.sbin/snmpd : application.c application.h snmpe.c usm.c Log message: Let usm_make_report() utilize appl_report(). usm_make_report utilized mps_getstr(), which after moving the SNMPv2-SMI::snmpV2 into application_internal returned a noSuchObject. This doesn't seem to have broken any tools that I'm aware of, but this returns the correct result. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 13:02:52 Modified files: usr.sbin/snmpd : application.c smi.h Log message: Let appl_report() collect its own metrics. This simplifies the interface and gives us a free report-pdu log line in debug mode. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 12:59:46 Modified files: usr.sbin/snmpd : application.c Log message: Don't rely on aru_pdu to rebuild the original varbindlist on error. Now that we have avi_origid it's not needed anymore and aru_pdu needs to go. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 12:54:52 Modified files: usr.sbin/snmpd : application.c Log message: Don't use aru_pdu for determining the requesttype. It's owned by snmp_message and getting rid of it is also needed for appl_report() to gather its own information. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 12:50:24 Modified files: usr.sbin/snmpd : snmpe.c Log message: On second thought let's not overwrite sm_pdutype with a hardcoded value after just setting it, it's a silly idea. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2023/11/08 12:46:28
Modified files:
usr.sbin/snmpd : application.c application.h
application_internal.c
Log message:
export SNMP-TARGET-MIB::{snmpUnavailableContexts,snmpUnknownContexts}
via application_internal.
OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/08 12:43:29 Modified files: usr.sbin/snmpd : mib.h Log message: Hook up snmpTargetMIB to MIB_TREE. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2023/11/06 04:04:41
Modified files:
usr.sbin/snmpd : application_agentx.c
Log message:
Hook up agentx-{Add,Remove}AgentCaps-PDU to appl_{add,remove}agentcaps.
OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/06 04:02:57 Modified files: usr.sbin/snmpd : application.c application.h application_internal.c Log message: Readd the sysORTable based on the new struct appl_agentcap. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2023/11/06 04:00:46
Modified files:
usr.sbin/snmpd : application.c application.h
Log message:
Allow agent capabilities to be stored on a per appl_context basis.
This is needed for AgentX's {add,remove}agentcaps, and the sysORTable.
OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/06 03:58:13 Modified files: usr.sbin/snmpd : application_internal.c Log message: Allow appl_internal_object's getnext to be called. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/11/06 02:46:04 Modified files: regress/usr.bin/snmp: Makefile Log message: Mark a couple of tests as broken, now that the sysORTable is gone/empty. Relying on the live snmpd(8) metrics is brittle and this regress test should probably move to a custom agent in a similar fashion to the custom manager from the snmpd(8) regress. Pointed out by anton@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/29 05:26:12 Modified files: regress/usr.sbin/snmpd: Makefile backend.c regress.h snmpd_regress.c Log message: Add a few tests to make sure that getnext requests on/under a registered instance with a registered region above cause a recursion in the tree.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2023/10/29 05:20:06
Modified files:
usr.sbin/snmpd : application.c
Log message:
When doing a get{next,bulk} below an instance we must move the OID to
the next sibling. Not simply copying over the value of the next to use
region, since that might be the parent and we would walk backwards in
the tree.
OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/29 05:15:09 Modified files: regress/usr.sbin/snmpd: Makefile backend.c regress.h snmpd_regress.c Log message: Add a regress test to make sure that agentx responses equal to searchrange.end are rejected.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/29 05:12:57 Modified files: usr.sbin/snmpd : application.c Log message: searchrange.end is non-inclusive. Adjust the tests for that. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/29 05:10:07 Modified files: lib/libagentx : agentx.c Log message: Add a test to the end of agentx_varbind_finalize(), after completing the full OID, that checks if we're >= searchrange.end. If so, just make it an endOfMIBView. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/27 04:32:11 Modified files: usr.sbin/snmpd : application.c Log message: If an invalid varbindlist was returned by a backend we would call appl_request_upstream_resolve() twice where the first call would already return a reply and free the upstream request, leading to a use after free. Make appl_request_downstream_free() call appl_request_upstream_resolve() unconditionally and remove the call from appl_response(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/27 04:26:20 Modified files: regress/usr.sbin/snmpd: Makefile agentx.c regress.h snmpd_regress.c Log message: Add a test that would cause a use after free previously by sending a protocol error-ed message and immediately followed up by a connection close. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/27 04:23:58 Modified files: usr.sbin/snmpd : application_agentx.c Log message: Use event_add(), instead of calling appl_agentx_send() directly. If an error occurs the connection will be freed and if the caller uses the connection afterwards it will lead to a use after free. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 12:27:26 Modified files: libexec/snmpd/snmpd_metrics: mib.c Log message: Make hrSWRunPath use argv[0], instead of p_comm. hrSWRunName is supposed to be a descriptive name, where hrSWRunPath should give the full path to the binary. While argv[0] can contain any of a simple binary name, the full path, or a custom name given by the application itself, it gives us the option to retrieve both pieces of information. This is also the same distinction made by netsnmp. This also keeps the default command column from top(1) and snmptop in sync, and now allows for identical output in the column between `top -C` and `snmptop -Cpa` OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 12:16:05 Modified files: libexec/snmpd/snmpd_metrics: mib.c Log message: Add support for HOST-RESOURCES-MIB:hrSWRunPerfTable by adding hrSWRunPerfCPU and hrSWRunPerfMem. This allows snmptop to work with snmpd(8). Math copied from top(1). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:34:40 Modified files: regress/usr.sbin/snmpd: Makefile Added files: regress/usr.sbin/snmpd: agentx.c backend.c regress.h snmp.c snmpd.conf snmpd_regress.c Log message: Add a new regression framework for snmpd. There are still many test cases left to write, so leave snmpd.sh in place to test for cases not yet implemented by the new code.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:21:58 Modified files: usr.sbin/snmpd : application.c Log message: FC3416 section 4.2.1 (and others) tells us that if an error occurs the varbindlist in the response must be identical to the original request. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:19:44 Modified files: usr.sbin/snmpd : application.c Log message: Certain error codes are only intended for certain request-types. Add an appl_error_valid() function to test for this. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:17:20 Modified files: usr.sbin/snmpd : application.c Log message: If a backend registers as an instance it must never return OIDs below their registration. Add a test for this in appl_varbind_valid(). OK and minor nit tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:11:14 Modified files: usr.sbin/snmpd : application_agentx.c Log message: set ab_range explicitly to 1 for appl_agentx_session instead of relying on malloc random garbage. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:06:00 Modified files: usr.sbin/snmpd : application.c Log message: When returning an endOfMibView we must always set it on the requested OID. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 08:02:52 Modified files: usr.sbin/snmpd : application_agentx.c Log message: When opening 2 sessions on an agentx connection and registering 2 overlapping regions on the different sessions, e.g. by differing in priority and we close the underlying connection with an outstanding request to the dominant region we will call appl_agentx_free(), which sequentially closes all sessions. If the session with the outstanding request is closed before the second session the request is retried before said session is cleaned up and it will try to send it over a conn_ax which at that point has been set to NULL, resulting in a SIGSEGV. Simply return early and let this second request be cancelled by the cleanup of the second session. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 07:50:47 Modified files: usr.sbin/snmpd : application.c Log message: Fix appl_unregister() when called with range_subid set to !0. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 07:46:11 Modified files: usr.sbin/snmpd : application.c Log message: Fix appl_register() when called with range_subid set to !0. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 07:41:16 Modified files: usr.sbin/snmpd : application_agentx.c Log message: RFC2741 section 6.2.2 says that reasonByManager can only be used by the agentx master. Treat this reason as a parseerror. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 07:37:02 Modified files: usr.sbin/snmpd : application_agentx.c Log message: appl_agentx_free() closes any open sessions before freeing everything up. Up until now all sessions were closed with reasonShutdown, which is not accurate for every situation. Give it an additional reason argument that propagates to appl_agentx_forceclose(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 07:28:12 Modified files: usr.sbin/snmpd : application.c application.h application_agentx.c Log message: Always check if the context is available inside appl_agentx_recv(). Not every PDU goes through application.c. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 06:57:40 Modified files: usr.sbin/snmpd : application_agentx.c Log message: Verify if supplied AgentX PDU header flags are valid for given PDU type inside appl_agentx_recv(). While here clean up the logging a bit. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 03:00:53 Modified files: usr.sbin/snmpd : application_agentx.c Log message: RFC2741 section 7.1.1 tells us that if a pdu can't be parsed we must return a parseerror. Make sure we can differentiate between parseerror and openfailed. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 02:54:52 Modified files: usr.sbin/snmpd : application_agentx.c ax.c ax.h lib/libagentx : agentx.c ax.c ax.h Log message: According to RFC2741 section 6.1.1 an agentx-response-pdu shouldn't have the NON_DEFAULT_CONTEXT set. Remove the argument from ax_response(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 02:48:41 Modified files: usr.sbin/snmpd : ax.c lib/libagentx : ax.c Log message: Make sure that unpacking of an AgentX OID doesn't contain more than 128 elements. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/10/24 02:41:20 Modified files: usr.sbin/snmpd : parse.y Log message: Remove filter-pf-addresses. This feature has been deprecated since 7.2 in favour of 'blocklist pfTblAddrTable'. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/12/20 13:12:27 Modified files: usr.bin/snmp : snmpc.c Log message: If we don't have usecommonopt for our application we shouldn't check the default values for snmp protocol level stuff. Makes snmp mibtree work again which got broken since the defaults changed back in 2021. Reported by Matthias Pitzl (pitzl genua de) Hint to use usecommonopt and OK gerhard@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/12/20 13:06:47 Modified files: usr.sbin/snmpd : snmpe.c Log message: Apply proper bounds checking to non-repeaters and max-repetitions. OK sthen@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2022/12/20 13:04:55
Modified files:
usr.sbin/snmpd : application.c
Log message:
Make ar[du]_{nonrepeaters,maxrepetitions} uint16_t instead of int16_t.
snmp uses signed 32 bits integers and agentx uses unsigned 16 bits
integers. I somehow ended up somewhere in between.
OK sthen@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/12/20 13:01:25 Modified files: usr.sbin/snmpd : usm.c Log message: When writing out a PDU with authpriv that's larger than READ_BUF_SIZE we overflow the encbuf. Allocate encbuf on the fly so that we always have enough room. Give decryption the same treatment, although this one is not at risk, since the input is limited to READ_BUF_SIZE. OK sthen@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/12/20 12:53:33 Modified files: usr.sbin/snmpd : snmpe.c Log message: When writing a message out over tcp that's too large to fit in a single write(2), make sure that we don't restart the message on the next write out, but continue where we left of. OK sthen@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/12/02 03:57:12 Modified files: lib/libagentx : agentx.c Log message: When checking if we're implied we must also check if we're working on a string or an oid, else we can generate invalid OIDs. Found by bluhm@ on powerpc64 OK bluhm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/11/03 11:58:10 Modified files: lib/libutil: ber.c Log message: When decoding a sequence/set, make sure that: - We don't create an uninitialized element when there are no subelements to decode - If subelements overflow we return EINVAL While here fix an eyesore of a line continuation. OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2022/11/01 07:34:44 Modified files: lib/libagentx : agentx.c Log message: On endOfMibView reset OID back to the original requested OID as per RFC3416 section 4.2.2, instead of returning the (internal) current OID, which could happen on empty tables. Found and diff tested by Ryan Freeman (ryan slipgate org) OK sthen@
