Re: snmpd(8) Better traphandler flow

Wed, 23 Jun 2021 02:01:23 -0700 

On 2021/06/20 22:31, Martijn van Duren wrote:
> On Fri, 2021-06-11 at 16:13 +0200, Martijn van Duren wrote:
> > any takers?
> > 
> > On Fri, 2021-06-04 at 22:11 +0200, Martijn van Duren wrote:
> > > ping
> > > 
> > > On Fri, 2021-05-28 at 08:19 +0200, Martijn van Duren wrote:
> > > > As the original comment said:
> > > > /*
> > > >  * This should probably go into parsevarbinds, but that's for a
> > > >  * next refactor
> > > >  */
> > > > 
> > > > This moves the pdu parsing of traps into parsevarbinds.
> > > > Added bonus, we can now see the packets in debugging mode:
> > > > startup
> > > > snmpe: listening on udp 127.0.0.1:162
> > > > ktable_new: new ktable for rtableid 0
> > > > snmpe_parse: 127.0.0.1:162: SNMPv2 'public' pdutype SNMPv2-Trap request 
> > > > 1329591927
> > > > snmpe_parse: 127.0.0.1:162: SNMPv1 'public' pdutype Trap request 0
> > > > 
> > > > OK?
> > > > 
> > > > martijn@
> > > > 
> Somehow this one survived the tightened security mayhem with only a few
> offset warnings. Still looking for OKs.

I don't know snmpd well enough to give a considered OK for this
(and don't use snmpd's trap handler, figure that if I'm going to
need to call net-snmp code to translate the numeric oid anyway
I might as well use their trapd), it does seem generally neater
to me

> @@ -460,7 +457,14 @@ snmpe_parsevarbinds(struct snmp_message 
>       struct ber_element      *pvarbind = NULL, *end;
>       char                     buf[BUFSIZ];
>       struct ber_oid           o;
> -     int                      i;
> +     int                      i = 1;
> +
> +     if (msg->sm_pdutype == SNMP_C_TRAP ||
> +         msg->sm_pdutype == SNMP_C_TRAPV2) {
> +             if (traphandler_parse(msg) == -1)
> +                     goto varfail;
> +             return 0;
> +     }
>  
>       msg->sm_errstr = "invalid varbind element";
>  
> @@ -468,7 +472,7 @@ snmpe_parsevarbinds(struct snmp_message 
>       msg->sm_varbindresp = NULL;
>       end = NULL;
>  
> -     for (i = 1; varbind != NULL && i < SNMPD_MAXVARBIND;
> +     for (; varbind != NULL && i < SNMPD_MAXVARBIND;
>           varbind = varbind->be_next, i++) {
>               if (ober_scanf_elements(varbind, "{oeS$}", &o, &value) == -1) {
>                       stats->snmp_inasnparseerrs++;

not sure moving the initializer for i here is an improvement though,
seems better to have the loop more self-contained?

Reply via email to