lwip_snmp_traps.c

00001 /**
00002  * @file
00003  * SNMPv1 traps implementation.
00004  */
00005 
00006 /*
00007  * Copyright (c) 2001-2004 Swedish Institute of Computer Science.
00008  * All rights reserved.
00009  *
00010  * Redistribution and use in source and binary forms, with or without modification,
00011  * are permitted provided that the following conditions are met:
00012  *
00013  * 1. Redistributions of source code must retain the above copyright notice,
00014  *    this list of conditions and the following disclaimer.
00015  * 2. Redistributions in binary form must reproduce the above copyright notice,
00016  *    this list of conditions and the following disclaimer in the documentation
00017  *    and/or other materials provided with the distribution.
00018  * 3. The name of the author may not be used to endorse or promote products
00019  *    derived from this software without specific prior written permission.
00020  *
00021  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
00022  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
00023  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
00024  * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
00025  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
00026  * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00027  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00028  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
00029  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
00030  * OF SUCH DAMAGE.
00031  *
00032  * This file is part of the lwIP TCP/IP stack.
00033  *
00034  * Author: Martin Hentschel
00035  *         Christiaan Simons <christiaan.simons@axon.tv>
00036  *
00037  */
00038 
00039 #include "lwip/apps/snmp_opts.h"
00040 
00041 #if LWIP_SNMP /* don't build if not configured for use in lwipopts.h */
00042 
00043 #include <string.h>
00044 
00045 #include "lwip/snmp.h"
00046 #include "lwip/sys.h"
00047 #include "lwip/apps/snmp.h"
00048 #include "lwip/apps/snmp_core.h"
00049 #include "snmp_msg.h"
00050 #include "snmp_asn1.h"
00051 #include "snmp_core_priv.h"
00052 
00053 struct snmp_msg_trap
00054 {
00055   /* source enterprise ID (sysObjectID) */
00056   const struct snmp_obj_id *enterprise;
00057   /* source IP address, raw network order format */
00058   ip_addr_t sip;
00059   /* generic trap code */
00060   u32_t gen_trap;
00061   /* specific trap code */
00062   u32_t spc_trap;
00063   /* timestamp */
00064   u32_t ts;
00065   /* snmp_version */
00066   u32_t snmp_version;
00067 
00068   /* output trap lengths used in ASN encoding */
00069   /* encoding pdu length */
00070   u16_t pdulen;
00071   /* encoding community length */
00072   u16_t comlen;
00073   /* encoding sequence length */
00074   u16_t seqlen;
00075   /* encoding varbinds sequence length */
00076   u16_t vbseqlen;
00077 };
00078 
00079 static u16_t snmp_trap_varbind_sum(struct snmp_msg_trap *trap, struct snmp_varbind *varbinds);
00080 static u16_t snmp_trap_header_sum(struct snmp_msg_trap *trap, u16_t vb_len);
00081 static void snmp_trap_header_enc(struct snmp_msg_trap *trap, struct snmp_pbuf_stream *pbuf_stream);
00082 static void snmp_trap_varbind_enc(struct snmp_msg_trap *trap, struct snmp_pbuf_stream *pbuf_stream, struct snmp_varbind *varbinds);
00083 
00084 /** Agent community string for sending traps */
00085 extern const char *snmp_community_trap;
00086 
00087 void* snmp_traps_handle;
00088 
00089 struct snmp_trap_dst
00090 {
00091   /* destination IP address in network order */
00092   ip_addr_t dip;
00093   /* set to 0 when disabled, >0 when enabled */
00094   u8_t enable;
00095 };
00096 static struct snmp_trap_dst trap_dst[SNMP_TRAP_DESTINATIONS];
00097 
00098 static u8_t snmp_auth_traps_enabled = 0;
00099 
00100 /**
00101  * @ingroup snmp_traps
00102  * Sets enable switch for this trap destination.
00103  * @param dst_idx index in 0 .. SNMP_TRAP_DESTINATIONS-1
00104  * @param enable switch if 0 destination is disabled >0 enabled.
00105  */
00106 void
00107 snmp_trap_dst_enable(u8_t dst_idx, u8_t enable)
00108 {
00109   if (dst_idx < SNMP_TRAP_DESTINATIONS) {
00110     trap_dst[dst_idx].enable = enable;
00111   }
00112 }
00113 
00114 /**
00115  * @ingroup snmp_traps
00116  * Sets IPv4 address for this trap destination.
00117  * @param dst_idx index in 0 .. SNMP_TRAP_DESTINATIONS-1
00118  * @param dst IPv4 address in host order.
00119  */
00120 void
00121 snmp_trap_dst_ip_set(u8_t dst_idx, const ip_addr_t *dst)
00122 {
00123   if (dst_idx < SNMP_TRAP_DESTINATIONS) {
00124     ip_addr_set(&trap_dst[dst_idx].dip, dst);
00125   }
00126 }
00127 
00128 /**
00129  * @ingroup snmp_traps
00130  * Enable/disable authentication traps
00131  */
00132 void
00133 snmp_set_auth_traps_enabled(u8_t enable)
00134 {
00135   snmp_auth_traps_enabled = enable;
00136 }
00137 
00138 /**
00139  * @ingroup snmp_traps
00140  * Get authentication traps enabled state
00141  */
00142 u8_t
00143 snmp_get_auth_traps_enabled(void)
00144 {
00145   return snmp_auth_traps_enabled;
00146 }
00147 
00148 
00149 /**
00150  * @ingroup snmp_traps
00151  * Sends a generic or enterprise specific trap message.
00152  *
00153  * @param eoid points to enterprise object identifier
00154  * @param generic_trap is the trap code
00155  * @param specific_trap used for enterprise traps when generic_trap == 6
00156  * @param varbinds linked list of varbinds to be sent
00157  * @return ERR_OK when success, ERR_MEM if we're out of memory
00158  *
00159  * @note the use of the enterprise identifier field
00160  * is per RFC1215.
00161  * Use .iso.org.dod.internet.mgmt.mib-2.snmp for generic traps
00162  * and .iso.org.dod.internet.private.enterprises.yourenterprise
00163  * (sysObjectID) for specific traps.
00164  */
00165 err_t
00166 snmp_send_trap(const struct snmp_obj_id* eoid, s32_t generic_trap, s32_t specific_trap, struct snmp_varbind *varbinds)
00167 {
00168   struct snmp_msg_trap trap_msg;
00169   struct snmp_trap_dst *td;
00170   struct pbuf *p;
00171   u16_t i, tot_len;
00172   err_t err = ERR_OK;
00173 
00174   trap_msg.snmp_version = 0;
00175 
00176   for (i = 0, td = &trap_dst[0]; i < SNMP_TRAP_DESTINATIONS; i++, td++) {
00177     if ((td->enable != 0) && !ip_addr_isany(&td->dip)) {
00178       /* lookup current source address for this dst */
00179       if (snmp_get_local_ip_for_dst(snmp_traps_handle, &td->dip, &trap_msg.sip)) {
00180         if (eoid == NULL) {
00181           trap_msg.enterprise = snmp_get_device_enterprise_oid();
00182         } else {
00183           trap_msg.enterprise = eoid;
00184         }
00185 
00186         trap_msg.gen_trap = generic_trap;
00187         if (generic_trap == SNMP_GENTRAP_ENTERPRISE_SPECIFIC) {
00188           trap_msg.spc_trap = specific_trap;
00189         } else {
00190           trap_msg.spc_trap = 0;
00191         }
00192 
00193         MIB2_COPY_SYSUPTIME_TO(&trap_msg.ts);
00194 
00195         /* pass 0, calculate length fields */
00196         tot_len = snmp_trap_varbind_sum(&trap_msg, varbinds);
00197         tot_len = snmp_trap_header_sum(&trap_msg, tot_len);
00198 
00199         /* allocate pbuf(s) */
00200         p = pbuf_alloc(PBUF_TRANSPORT, tot_len, PBUF_RAM);
00201         if (p != NULL) {
00202           struct snmp_pbuf_stream pbuf_stream;
00203           snmp_pbuf_stream_init(&pbuf_stream, p, 0, tot_len);
00204 
00205           /* pass 1, encode packet ino the pbuf(s) */
00206           snmp_trap_header_enc(&trap_msg, &pbuf_stream);
00207           snmp_trap_varbind_enc(&trap_msg, &pbuf_stream, varbinds);
00208 
00209           snmp_stats.outtraps++;
00210           snmp_stats.outpkts++;
00211 
00212           /** send to the TRAP destination */
00213           snmp_sendto(snmp_traps_handle, p, &td->dip, SNMP_TRAP_PORT);
00214           pbuf_free(p);
00215         } else {
00216           err = ERR_MEM;
00217         }
00218       } else {
00219         /* routing error */
00220         err = ERR_RTE;
00221       }
00222     }
00223   }
00224   return err;
00225 }
00226 
00227 /**
00228  * @ingroup snmp_traps
00229  * Send generic SNMP trap
00230  */
00231 err_t 
00232 snmp_send_trap_generic(s32_t generic_trap)
00233 {
00234   static const struct snmp_obj_id oid = { 7, { 1, 3, 6, 1, 2, 1, 11 } };
00235   return snmp_send_trap(&oid, generic_trap, 0, NULL);
00236 }
00237 
00238 /**
00239  * @ingroup snmp_traps
00240  * Send specific SNMP trap with variable bindings
00241  */
00242 err_t
00243 snmp_send_trap_specific(s32_t specific_trap, struct snmp_varbind *varbinds)
00244 {
00245   return snmp_send_trap(NULL, SNMP_GENTRAP_ENTERPRISE_SPECIFIC, specific_trap, varbinds);
00246 }
00247 
00248 /**
00249  * @ingroup snmp_traps
00250  * Send coldstart trap
00251  */
00252 void
00253 snmp_coldstart_trap(void)
00254 {
00255   snmp_send_trap_generic(SNMP_GENTRAP_COLDSTART);
00256 }
00257 
00258 /**
00259  * @ingroup snmp_traps
00260  * Send authentication failure trap (used internally by agent) 
00261  */
00262 void
00263 snmp_authfail_trap(void)
00264 {
00265   if (snmp_auth_traps_enabled != 0) {
00266     snmp_send_trap_generic(SNMP_GENTRAP_AUTH_FAILURE);
00267   }
00268 }
00269 
00270 static u16_t
00271 snmp_trap_varbind_sum(struct snmp_msg_trap *trap, struct snmp_varbind *varbinds)
00272 {
00273   struct snmp_varbind *varbind;
00274   u16_t tot_len;
00275   u8_t tot_len_len;
00276 
00277   tot_len = 0;
00278   varbind = varbinds;
00279   while (varbind != NULL) {
00280     struct snmp_varbind_len len;
00281 
00282     if (snmp_varbind_length(varbind, &len) == ERR_OK) {
00283       tot_len += 1 + len.vb_len_len + len.vb_value_len;
00284     }
00285 
00286     varbind = varbind->next;
00287   }
00288 
00289   trap->vbseqlen = tot_len;
00290   snmp_asn1_enc_length_cnt(trap->vbseqlen, &tot_len_len);
00291   tot_len += 1 + tot_len_len;
00292 
00293   return tot_len;
00294 }
00295 
00296 /**
00297  * Sums trap header field lengths from tail to head and
00298  * returns trap_header_lengths for second encoding pass.
00299  *
00300  * @param trap Trap message
00301  * @param vb_len varbind-list length
00302  * @return the required length for encoding the trap header
00303  */
00304 static u16_t
00305 snmp_trap_header_sum(struct snmp_msg_trap *trap, u16_t vb_len)
00306 {
00307   u16_t tot_len;
00308   u16_t len;
00309   u8_t lenlen;
00310 
00311   tot_len = vb_len;
00312 
00313   snmp_asn1_enc_u32t_cnt(trap->ts, &len);
00314   snmp_asn1_enc_length_cnt(len, &lenlen);
00315   tot_len += 1 + len + lenlen;
00316 
00317   snmp_asn1_enc_s32t_cnt(trap->spc_trap, &len);
00318   snmp_asn1_enc_length_cnt(len, &lenlen);
00319   tot_len += 1 + len + lenlen;
00320 
00321   snmp_asn1_enc_s32t_cnt(trap->gen_trap, &len);
00322   snmp_asn1_enc_length_cnt(len, &lenlen);
00323   tot_len += 1 + len + lenlen;
00324 
00325   if (IP_IS_V6_VAL(trap->sip)) {
00326 #if LWIP_IPV6
00327     len = sizeof(ip_2_ip6(&trap->sip)->addr);
00328 #endif
00329   } else {
00330 #if LWIP_IPV4
00331     len = sizeof(ip_2_ip4(&trap->sip)->addr);
00332 #endif
00333   }
00334   snmp_asn1_enc_length_cnt(len, &lenlen);
00335   tot_len += 1 + len + lenlen;
00336 
00337   snmp_asn1_enc_oid_cnt(trap->enterprise->id, trap->enterprise->len, &len);
00338   snmp_asn1_enc_length_cnt(len, &lenlen);
00339   tot_len += 1 + len + lenlen;
00340 
00341   trap->pdulen = tot_len;
00342   snmp_asn1_enc_length_cnt(trap->pdulen, &lenlen);
00343   tot_len += 1 + lenlen;
00344 
00345   trap->comlen = (u16_t)LWIP_MIN(strlen(snmp_community_trap), 0xFFFF);
00346   snmp_asn1_enc_length_cnt(trap->comlen, &lenlen);
00347   tot_len += 1 + lenlen + trap->comlen;
00348 
00349   snmp_asn1_enc_s32t_cnt(trap->snmp_version, &len);
00350   snmp_asn1_enc_length_cnt(len, &lenlen);
00351   tot_len += 1 + len + lenlen;
00352 
00353   trap->seqlen = tot_len;
00354   snmp_asn1_enc_length_cnt(trap->seqlen, &lenlen);
00355   tot_len += 1 + lenlen;
00356 
00357   return tot_len;
00358 }
00359 
00360 static void
00361 snmp_trap_varbind_enc(struct snmp_msg_trap *trap, struct snmp_pbuf_stream *pbuf_stream, struct snmp_varbind *varbinds)
00362 {
00363   struct snmp_asn1_tlv tlv;
00364   struct snmp_varbind *varbind;
00365 
00366   varbind = varbinds;
00367 
00368   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_SEQUENCE, 0, trap->vbseqlen);
00369   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00370 
00371   while (varbind != NULL) {
00372     snmp_append_outbound_varbind(pbuf_stream, varbind);
00373 
00374     varbind = varbind->next;
00375   }
00376 }
00377 
00378 /**
00379  * Encodes trap header from head to tail.
00380  */
00381 static void
00382 snmp_trap_header_enc(struct snmp_msg_trap *trap, struct snmp_pbuf_stream *pbuf_stream)
00383 {
00384   struct snmp_asn1_tlv tlv;
00385 
00386   /* 'Message' sequence */
00387   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_SEQUENCE, 0, trap->seqlen);
00388   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00389 
00390   /* version */
00391   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_INTEGER, 0, 0);
00392   snmp_asn1_enc_s32t_cnt(trap->snmp_version, &tlv.value_len);
00393   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00394   snmp_asn1_enc_s32t(pbuf_stream, tlv.value_len, trap->snmp_version);
00395 
00396   /* community */
00397   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_OCTET_STRING, 0, trap->comlen);
00398   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00399   snmp_asn1_enc_raw(pbuf_stream,  (const u8_t *)snmp_community_trap, trap->comlen);
00400 
00401   /* 'PDU' sequence */
00402   SNMP_ASN1_SET_TLV_PARAMS(tlv, (SNMP_ASN1_CLASS_CONTEXT | SNMP_ASN1_CONTENTTYPE_CONSTRUCTED | SNMP_ASN1_CONTEXT_PDU_TRAP), 0, trap->pdulen);
00403   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00404 
00405   /* object ID */
00406   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_OBJECT_ID, 0, 0);
00407   snmp_asn1_enc_oid_cnt(trap->enterprise->id, trap->enterprise->len, &tlv.value_len);
00408   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00409   snmp_asn1_enc_oid(pbuf_stream, trap->enterprise->id, trap->enterprise->len);
00410 
00411   /* IP addr */
00412   if (IP_IS_V6_VAL(trap->sip)) {
00413 #if LWIP_IPV6
00414     SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_IPADDR, 0, sizeof(ip_2_ip6(&trap->sip)->addr));
00415     snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00416     snmp_asn1_enc_raw(pbuf_stream, (const u8_t *)&ip_2_ip6(&trap->sip)->addr, sizeof(ip_2_ip6(&trap->sip)->addr));
00417 #endif
00418   } else {
00419 #if LWIP_IPV4
00420     SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_IPADDR, 0, sizeof(ip_2_ip4(&trap->sip)->addr));
00421     snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00422     snmp_asn1_enc_raw(pbuf_stream, (const u8_t *)&ip_2_ip4(&trap->sip)->addr, sizeof(ip_2_ip4(&trap->sip)->addr));
00423 #endif
00424   }
00425 
00426   /* trap length */
00427   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_INTEGER, 0, 0);
00428   snmp_asn1_enc_s32t_cnt(trap->gen_trap, &tlv.value_len);
00429   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00430   snmp_asn1_enc_s32t(pbuf_stream, tlv.value_len, trap->gen_trap);
00431 
00432   /* specific trap */
00433   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_INTEGER, 0, 0);
00434   snmp_asn1_enc_s32t_cnt(trap->spc_trap, &tlv.value_len);
00435   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00436   snmp_asn1_enc_s32t(pbuf_stream, tlv.value_len, trap->spc_trap);
00437 
00438   /* timestamp */
00439   SNMP_ASN1_SET_TLV_PARAMS(tlv, SNMP_ASN1_TYPE_TIMETICKS, 0, 0);
00440   snmp_asn1_enc_s32t_cnt(trap->ts, &tlv.value_len);
00441   snmp_ans1_enc_tlv(pbuf_stream, &tlv);
00442   snmp_asn1_enc_s32t(pbuf_stream, tlv.value_len, trap->ts);
00443 }
00444 
00445 #endif /* LWIP_SNMP */