From ab3947f8ed85847d01a1fc139c4b3d71588b0ee3 Mon Sep 17 00:00:00 2001 From: aland Date: Sat, 21 Jun 2008 15:53:09 +0000 Subject: [PATCH] Remove ALL references to SNMP from the server source. Much, much better! --- Make.inc.in | 3 - acinclude.m4 | 227 --------- configure | 609 ++---------------------- configure.in | 31 +- raddb/snmp.conf | 46 -- src/include/autoconf.h.in | 13 - src/include/radius_snmp.h | 56 --- src/include/radiusd.h | 2 - src/include/smux.h | 163 ------- src/main/event.c | 51 +- src/main/radius_snmp.c | 628 ------------------------- src/main/smux.c | 1129 --------------------------------------------- src/main/version.c | 3 - src/main/vmps.c | 1 - suse/freeradius.spec | 2 - 15 files changed, 39 insertions(+), 2925 deletions(-) delete mode 100644 raddb/snmp.conf delete mode 100644 src/include/radius_snmp.h delete mode 100644 src/include/smux.h delete mode 100644 src/main/radius_snmp.c delete mode 100644 src/main/smux.c diff --git a/Make.inc.in b/Make.inc.in index 149d2e1..886d90e 100644 --- a/Make.inc.in +++ b/Make.inc.in @@ -61,9 +61,6 @@ USE_SHARED_LIBS = @USE_SHARED_LIBS@ USE_STATIC_LIBS = @USE_STATIC_LIBS@ STATIC_MODULES = @STATIC_MODULES@ -SNMP_INCLUDE = @SNMP_INCLUDE@ -SNMP_LIBS = @SNMP_LIBS@ - OPENSSL_LIBS = @OPENSSL_LIBS@ OPENSSL_INCLUDE = @OPENSSL_INCLUDE@ diff --git a/acinclude.m4 b/acinclude.m4 index 49e1f5b..cd9d134 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -111,233 +111,6 @@ AC_DEFUN([FR_CHECK_TYPE_INCLUDE], fi ]) -dnl ####################################################################### -dnl # -dnl # Look for SNMP in a variety of places. -dnl # -AC_DEFUN([SNMP_CHECKS], [ - AC_SUBST(SNMP_LIBS) - AC_SUBST(SNMP_INCLUDE) - -AC_MSG_CHECKING([for asn1.h,snmp.h,snmp_impl.h]) - -dnl # -dnl # First, see if we can build it WITHOUT using any special includes and in ucd-snmp -dnl # -AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -#include ], - [ int a = 1;], - SNMP_INCLUDE="";ucdsnmp=yes, - ucdsnmp=) - -dnl # -dnl # If not, look for it in a number of directories and in ucd-snmp. -dnl # -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include /usr/local/include $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" - AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -#include ], - [ int a = 1;], - SNMP_INCLUDE="-I$try";ucdsnmp=yes, - ucdsnmp=) - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include/ucd-snmp /usr/local/include/ucd-snmp $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" -dnl # -dnl # First, see if we can build it WITHOUT using any special includes and without ucd-snmp -dnl # -AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include ], - [ int a = 1;], - SNMP_INCLUDE="";ucdsnmp=no, - ucdsnmp=) - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -dnl # -dnl # If not, look for it in a number of directories and without ucd-snmp -dnl # -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include/ucd-snmp /usr/local/include/ucd-snmp $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" - AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include ], - [ int a = 1;], - SNMP_INCLUDE="-I$try";ucdsnmp=no, - ucdsnmp=) - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -if test "x$ucdsnmp" = "x"; then - AC_MSG_RESULT(no) -else - if test "x$ucdsnmp" = "xyes"; then - AC_MSG_RESULT((ucd-snmp)yes) - AC_DEFINE(HAVE_UCD_SNMP_ASN1_SNMP_SNMPIMPL_H, [], [Define if you have the , and header file.]) - else - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_ASN1_SNMP_SNMPIMPL_H, [], [Define if you have the , and header file.]) - fi -dnl # -dnl # Now do the same thing, looking for the SNMP library directory -dnl # - AC_MSG_CHECKING([for snmp_build_var_op in -lsnmp]) - -dnl # -dnl # First, see if we can build it WITHOUT using any special includes -dnl # - old_LIBS="$LIBS" - LIBS="$old_LIBS -lsnmp" - AC_TRY_LINK([extern char snmp_build_var_op();], - [ snmp_build_var_op()], - SNMP_LIBS="-lsnmp", - SNMP_LIBS=) - - if test "x$SNMP_LIBS" = "x"; then - for try in /usr/lib /usr/local/lib /usr/local/snmp/lib $with_snmp_lib_dir; do - LIBS="$old_LIBS -L$try -lsnmp" - AC_TRY_LINK([extern char snmp_build_var_op();], - [ snmp_build_var_op()], - SNMP_LIBS="-L$try -lsnmp", - SNMP_LIBS=) - if test "x$SNMP_LIBS" != "x"; then - break; - fi -dnl # -dnl # That didn't work. Try adding the '-lcrypto' line. -dnl # Some SNMP libraries are linked against SSL... -dnl # - LIBS="$old_LIBS -L$try -lsnmp -lcrypto" - AC_TRY_LINK([extern char snmp_build_var_op();], - [ snmp_build_var_op()], - SNMP_LIBS="-L$try -lsnmp -lcrypto", - SNMP_LIBS=) - if test "x$SNMP_LIBS" != "x"; then - break; - fi -dnl # -dnl # That didn't work. Try adding the '-lkstat' line. -dnl # Some SNMP libraries are linked against Kernel Statistics, -dnl # in particular, Solaris 9... -dnl # - LIBS="$old_LIBS -L$try -lsnmp -lcrypto -lkstat" - AC_TRY_LINK([extern char snmp_build_var_op();], - [ snmp_build_var_op()], - SNMP_LIBS="-L$try -lsnmp -lcrypto -lkstat", - SNMP_LIBS=) - if test "x$SNMP_LIBS" != "x"; then - break; - fi - done - fi - LIBS="$old_LIBS" - - dnl # - dnl # If one or the other isn't found, disable them both.. - dnl # If both are found, enable them both. - dnl # - CFLAGS="$old_CFLAGS" - if test "x$SNMP_LIBS" = "x"; then - AC_MSG_RESULT(no) - SNMP_INCLUDE= - else - AC_MSG_RESULT(yes) - AC_DEFINE(WITH_SNMP, [], [Include SNMP subagent]) - AC_DEFINE(HAVE_LIBSNMP, [], [Define if you have the snmp library (-lsnmp).]) - fi -fi -]) - - dnl # dnl # Locate the directory in which a particular file is found. dnl # diff --git a/configure b/configure index 2fa7216..603cf12 100755 --- a/configure +++ b/configure @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.in Revision: 1.261 . +# From configure.in Revision: 1.262 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61. # @@ -858,8 +858,6 @@ OPENSSL_LIBS PCAP_LIBS LIBPREFIX CRYPTLIB -SNMP_LIBS -SNMP_INCLUDE HOSTINFO LIBLTDL INCLTDL @@ -1485,8 +1483,6 @@ Optional Packages: --with-raddbdir=DIR Directory for config files SYSCONFDIR/raddb --with-ascend-binary Include support for Ascend binary filter attributes (default=yes) --with-threads Use threads, if available. (default=yes) - --with-snmp Compile in SNMP support. (default=yes) - --with-snmp-include-dir=DIR Directory to look for include files used by SNMP --with-vmps Compile in VMPS support. (default=yes) --with-dhcp Compile in DHCP support. (default=no) --with-static-modules=QUOTED-MODULE-LIST @@ -1497,7 +1493,7 @@ Optional Packages: --with-openssl-libraries=DIR Directory to look for OpenSSL library files --with-rlm-FOO-lib-dir=DIR Directory to look for library files used by module FOO --with-rlm-FOO-include-dir=DIR Directory to look for include files used by module FOO - --with-udpfromto Compile in UDPFROMTO support. (default=yes) + --with-udpfromto Compile in UDPFROMTO support. (default=no) Some influential environment variables: CC C compiler command @@ -5541,7 +5537,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 5544 "configure"' > conftest.$ac_ext + echo '#line 5540 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -7325,11 +7321,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7328: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7324: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7332: \$? = $ac_status" >&5 + echo "$as_me:7328: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -7593,11 +7589,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7596: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7592: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7600: \$? = $ac_status" >&5 + echo "$as_me:7596: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -7697,11 +7693,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7700: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7696: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:7704: \$? = $ac_status" >&5 + echo "$as_me:7700: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -10005,7 +10001,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:12444: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:12452: \$? = $ac_status" >&5 + echo "$as_me:12448: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -12549,11 +12545,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:12552: $lt_compile\"" >&5) + (eval echo "\"\$as_me:12548: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:12556: \$? = $ac_status" >&5 + echo "$as_me:12552: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -14119,11 +14115,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14122: $lt_compile\"" >&5) + (eval echo "\"\$as_me:14118: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:14126: \$? = $ac_status" >&5 + echo "$as_me:14122: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -14223,11 +14219,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14226: $lt_compile\"" >&5) + (eval echo "\"\$as_me:14222: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:14230: \$? = $ac_status" >&5 + echo "$as_me:14226: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -16425,11 +16421,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16428: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16424: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:16432: \$? = $ac_status" >&5 + echo "$as_me:16428: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16693,11 +16689,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16696: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16692: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:16700: \$? = $ac_status" >&5 + echo "$as_me:16696: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16797,11 +16793,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16800: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16796: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:16804: \$? = $ac_status" >&5 + echo "$as_me:16800: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -19679,31 +19675,6 @@ if test "${with_threads+set}" = set; then fi -WITH_SNMP=yes - -# Check whether --with-snmp was given. -if test "${with_snmp+set}" = set; then - withval=$with_snmp; case "$withval" in - yes) - ;; - *) - WITH_SNMP=no - esac - -fi - - - -# Check whether --with-snmp-include-dir was given. -if test "${with_snmp_include_dir+set}" = set; then - withval=$with_snmp_include_dir; case "$withval" in - *) - ;; - esac - -fi - - WITH_VMPS=yes # Check whether --with-vmps was given. @@ -24177,526 +24148,6 @@ fi -if test "x$WITH_SNMP" = "xyes"; then - - - - -{ echo "$as_me:$LINENO: checking for asn1.h,snmp.h,snmp_impl.h" >&5 -echo $ECHO_N "checking for asn1.h,snmp.h,snmp_impl.h... $ECHO_C" >&6; } - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -#include -int -main () -{ - int a = 1; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - SNMP_INCLUDE="";ucdsnmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ucdsnmp= -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include /usr/local/include $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -#include -int -main () -{ - int a = 1; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - SNMP_INCLUDE="-I$try";ucdsnmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ucdsnmp= -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include/ucd-snmp /usr/local/include/ucd-snmp $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -int -main () -{ - int a = 1; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - SNMP_INCLUDE="";ucdsnmp=no -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ucdsnmp= -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -if test "x$ucdsnmp" = "x"; then - old_CFLAGS="$CFLAGS" - for try in /usr/include/ucd-snmp /usr/local/include/ucd-snmp $snmp_include_dir; do - CFLAGS="$old_CFLAGS -I$try" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -#ifdef HAVE_STDIO_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include -int -main () -{ - int a = 1; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - SNMP_INCLUDE="-I$try";ucdsnmp=no -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ucdsnmp= -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test "x$ucdsnmp" != "x"; then - break; - fi - done - CFLAGS="$old_CFLAGS" -fi - -if test "x$ucdsnmp" = "x"; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -else - if test "x$ucdsnmp" = "xyes"; then - { echo "$as_me:$LINENO: result: (ucd-snmp)yes" >&5 -echo "${ECHO_T}(ucd-snmp)yes" >&6; } - -cat >>confdefs.h <<\_ACEOF -#define HAVE_UCD_SNMP_ASN1_SNMP_SNMPIMPL_H -_ACEOF - - else - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -cat >>confdefs.h <<\_ACEOF -#define HAVE_ASN1_SNMP_SNMPIMPL_H -_ACEOF - - fi - { echo "$as_me:$LINENO: checking for snmp_build_var_op in -lsnmp" >&5 -echo $ECHO_N "checking for snmp_build_var_op in -lsnmp... $ECHO_C" >&6; } - - old_LIBS="$LIBS" - LIBS="$old_LIBS -lsnmp" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern char snmp_build_var_op(); -int -main () -{ - snmp_build_var_op() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - SNMP_LIBS="-lsnmp" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - SNMP_LIBS= -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - - if test "x$SNMP_LIBS" = "x"; then - for try in /usr/lib /usr/local/lib /usr/local/snmp/lib $with_snmp_lib_dir; do - LIBS="$old_LIBS -L$try -lsnmp" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern char snmp_build_var_op(); -int -main () -{ - snmp_build_var_op() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - SNMP_LIBS="-L$try -lsnmp" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - SNMP_LIBS= -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - if test "x$SNMP_LIBS" != "x"; then - break; - fi - LIBS="$old_LIBS -L$try -lsnmp -lcrypto" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern char snmp_build_var_op(); -int -main () -{ - snmp_build_var_op() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - SNMP_LIBS="-L$try -lsnmp -lcrypto" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - SNMP_LIBS= -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - if test "x$SNMP_LIBS" != "x"; then - break; - fi - LIBS="$old_LIBS -L$try -lsnmp -lcrypto -lkstat" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern char snmp_build_var_op(); -int -main () -{ - snmp_build_var_op() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - SNMP_LIBS="-L$try -lsnmp -lcrypto -lkstat" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - SNMP_LIBS= -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - if test "x$SNMP_LIBS" != "x"; then - break; - fi - done - fi - LIBS="$old_LIBS" - - CFLAGS="$old_CFLAGS" - if test "x$SNMP_LIBS" = "x"; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - SNMP_INCLUDE= - else - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -cat >>confdefs.h <<\_ACEOF -#define WITH_SNMP -_ACEOF - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_LIBSNMP -_ACEOF - - fi -fi - -fi - cat >>confdefs.h <<\_ACEOF #define GNUSTYLE 1 @@ -26081,13 +25532,13 @@ OPENSSL_LIBS!$OPENSSL_LIBS$ac_delim PCAP_LIBS!$PCAP_LIBS$ac_delim LIBPREFIX!$LIBPREFIX$ac_delim CRYPTLIB!$CRYPTLIB$ac_delim -SNMP_LIBS!$SNMP_LIBS$ac_delim -SNMP_INCLUDE!$SNMP_INCLUDE$ac_delim HOSTINFO!$HOSTINFO$ac_delim LIBLTDL!$LIBLTDL$ac_delim INCLTDL!$INCLTDL$ac_delim subdirs!$subdirs$ac_delim MODULES!$MODULES$ac_delim +INSTALLSTRIP!$INSTALLSTRIP$ac_delim +USE_SHARED_LIBS!$USE_SHARED_LIBS$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -26129,8 +25580,6 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF -INSTALLSTRIP!$INSTALLSTRIP$ac_delim -USE_SHARED_LIBS!$USE_SHARED_LIBS$ac_delim USE_STATIC_LIBS!$USE_STATIC_LIBS$ac_delim STATIC_MODULES!$STATIC_MODULES$ac_delim RADIUSD_MAJOR_VERSION!$RADIUSD_MAJOR_VERSION$ac_delim @@ -26140,7 +25589,7 @@ LIBOBJS!$LIBOBJS$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 9; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 7; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 @@ -26541,7 +25990,7 @@ echo "$as_me: executing $ac_file commands" >&6;} "stamp-h":C) echo timestamp > src/include/stamp-h ;; "build-radpaths-h":C) (cd ./src/include && /bin/sh ./build-radpaths-h) ;; "main-chmod":C) (cd ./src/main && chmod +x checkrad.pl radlast radtest) ;; - "scripts-chmod":C) (cd ./scripts && chmod +x rc.radiusd radwatch check-radiusd-config radiusd.cron.daily radiusd.cron.monthly cryptpasswd) ;; + "scripts-chmod":C) (cd ./scripts && chmod +x rc.radiusd radwatch radiusd.cron.daily radiusd.cron.monthly cryptpasswd) ;; esac done # for ac_tag diff --git a/configure.in b/configure.in index a8f624b..3cf8fb5 100644 --- a/configure.in +++ b/configure.in @@ -224,29 +224,6 @@ AC_ARG_WITH(threads, esac ] ) -dnl extra argument: --with-snmp -WITH_SNMP=yes -AC_ARG_WITH(snmp, -[ --with-snmp Compile in SNMP support. (default=yes)], -[ case "$withval" in - yes) - ;; - *) - WITH_SNMP=no - esac ] -) - -dnl # -dnl # extra argument: --with-snmp-include-dir -dnl # -AC_ARG_WITH(snmp-include-dir, -[ --with-snmp-include-dir=DIR Directory to look for include files used by SNMP], -[ case "$withval" in - *) - ;; - esac ] -) - dnl extra argument: --with-vmps WITH_VMPS=yes AC_ARG_WITH(vmps, @@ -413,7 +390,7 @@ dnl AC_SUBST(IQUOTE) dnl extra argument: --with-udpfromto WITH_UDPFROMTO=no AC_ARG_WITH(udpfromto, -[ --with-udpfromto Compile in UDPFROMTO support. (default=yes)], +[ --with-udpfromto Compile in UDPFROMTO support. (default=no)], [ case "$withval" in yes) WITH_UDPFROMTO=yes @@ -948,10 +925,6 @@ AC_CHECK_LIB(cipher, setkey, ) AC_SUBST(CRYPTLIB) -if test "x$WITH_SNMP" = "xyes"; then - SNMP_CHECKS -fi - dnl Check the style of gethostbyaddr, in order of preference dnl GNU (_r eight args) AC_DEFINE(GNUSTYLE, [1], [GNU-Style get*byaddr_r]) @@ -1165,7 +1138,7 @@ dnl ############################################################# AC_CONFIG_COMMANDS([stamp-h], [echo timestamp > src/include/stamp-h]) AC_CONFIG_COMMANDS([build-radpaths-h], [(cd ./src/include && /bin/sh ./build-radpaths-h)]) AC_CONFIG_COMMANDS([main-chmod], [(cd ./src/main && chmod +x checkrad.pl radlast radtest)]) -AC_CONFIG_COMMANDS([scripts-chmod], [(cd ./scripts && chmod +x rc.radiusd radwatch check-radiusd-config radiusd.cron.daily radiusd.cron.monthly cryptpasswd)]) +AC_CONFIG_COMMANDS([scripts-chmod], [(cd ./scripts && chmod +x rc.radiusd radwatch radiusd.cron.daily radiusd.cron.monthly cryptpasswd)]) dnl # dnl # Substitute whatever libraries we found to be necessary diff --git a/raddb/snmp.conf b/raddb/snmp.conf deleted file mode 100644 index 028a6ac..0000000 --- a/raddb/snmp.conf +++ /dev/null @@ -1,46 +0,0 @@ -# -*- text -*- -## -## snmp.conf -- snmp configuration directives -## -## $Id$ - -####################################################################### -# -# SNMP configuration -# -# NOTE: This part is only working if your radiusd is compiled with SNMP -# support. -# -# smux_password: Password used for SMUX registration. -# -# Specifies password used when connecting to the SNMP master agent. -# This must match the password as configured on the agent. The OID -# used to register the radius subagent is 1.3.6.1.4.1.11344.1.1.1. -# A sample entry for the ucd-snmp deamon looks like this: -# -# smuxpeer .1.3.6.1.4.1.11344.1.1.1 verysecret -# -# A sample entry for AIX 4.3 is: -# -# smux 1.3.6.1.4.1.11344.1.1.1 verysecret -# -# The default password is an empty password. -# -#smux_password = verysecret - -# -# snmp_write_access: -# -# Controls if write access to the radiusd via SNMP is enabled or not. -# Set this value to yes, if you want to be able to reload radiusd from -# your network management station. -# -# For this to work, you also have to make sure that your master agent -# is configured to allow SNMP set requests. For security reasons, this -# setting defaults to no. -# -# allowed values: {no, yes} -# -#snmp_write_access = yes - - diff --git a/src/include/autoconf.h.in b/src/include/autoconf.h.in index f6dedb9..a96194f 100644 --- a/src/include/autoconf.h.in +++ b/src/include/autoconf.h.in @@ -21,9 +21,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H -/* Define if you have the , and header file. */ -#undef HAVE_ASN1_SNMP_SNMPIMPL_H - /* Define to 1 if you have the `closefrom' function. */ #undef HAVE_CLOSEFROM @@ -113,9 +110,6 @@ /* Define to 1 if you have the `resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV -/* Define if you have the snmp library (-lsnmp). */ -#undef HAVE_LIBSNMP - /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET @@ -304,10 +298,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_WAIT_H -/* Define if you have the , and - header file. */ -#undef HAVE_UCD_SNMP_ASN1_SNMP_SNMPIMPL_H - /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H @@ -365,9 +355,6 @@ /* Include experimental support for DHCP */ #undef WITH_DHCP -/* Include SNMP subagent */ -#undef WITH_SNMP - /* define if you want udpfromto */ #undef WITH_UDPFROMTO diff --git a/src/include/radius_snmp.h b/src/include/radius_snmp.h deleted file mode 100644 index 19c74a6..0000000 --- a/src/include/radius_snmp.h +++ /dev/null @@ -1,56 +0,0 @@ -#ifndef _RADIUS_SNMP_H -#define _RADIUS_SNMP_H - -#include - -/* - * Version: $Id$ - */ - -#include -RCSIDH(radius_snmp_h, "$Id$") - -#ifdef WITH_SNMP - -#ifndef WITH_STATS -#error WITH_SNMP needs WITH_STATS -#endif - -typedef enum smux_event_t { - SMUX_NONE, SMUX_CONNECT, SMUX_READ -} smux_event_t; - -extern int radius_snmp_init(CONF_SECTION *); -extern int smux_connect(void); -extern int smux_read(void); - -/* - * The RADIUS server snmp data structures. - */ -typedef struct rad_snmp_server_t { - const char *ident; - time_t start_time; - int32_t uptime; /* in hundredths of a second */ - - time_t last_reset_time; - int32_t reset_time; - int32_t config_reset; -} rad_snmp_server_t; - -typedef struct rad_snmp_t { - rad_snmp_server_t auth; -#ifdef WITH_ACCOUNTING - rad_snmp_server_t acct; -#endif - smux_event_t smux_event; - const char *smux_password; - int snmp_write_access; - int smux_fd; - int smux_failures; - int smux_max_failures; -} rad_snmp_t; - -extern rad_snmp_t rad_snmp; -#endif /* WITH_SNMP */ - -#endif /* _RADIUS_SNMP_H */ diff --git a/src/include/radiusd.h b/src/include/radiusd.h index f1b63fb..ce56396 100644 --- a/src/include/radiusd.h +++ b/src/include/radiusd.h @@ -138,7 +138,6 @@ typedef enum RAD_LISTEN_TYPE { RAD_LISTEN_DETAIL, RAD_LISTEN_VQP, RAD_LISTEN_DHCP, - RAD_LISTEN_SNMP, RAD_LISTEN_MAX } RAD_LISTEN_TYPE; @@ -320,7 +319,6 @@ typedef struct main_config_t { radlog_dest_t radlog_dest; CONF_SECTION *config; const char *name; - int do_snmp; } MAIN_CONFIG_T; #define DEBUG if(debug_flag)log_debug diff --git a/src/include/smux.h b/src/include/smux.h deleted file mode 100644 index 507c772..0000000 --- a/src/include/smux.h +++ /dev/null @@ -1,163 +0,0 @@ -/* SNMP support - * Copyright (C) 2000 Jochen Friedrich - * Copyright (C) 1999 Kunihiro Ishiguro - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifndef _SMUX_H -#define _SMUX_H - -#include -RCSIDH(smux_h, "$Id$") - -#ifdef HAVE_ASN1_SNMP_SNMPIMPL_H -#include -#include -#include - -#elif defined (HAVE_NET_SNMP_NET_SNMP_CONFIG_H) -# include -# include -# include - -#elif defined(HAVE_UCD_SNMP_ASN1_SNMP_SNMPIMPL_H) -# include -# include -# include -# include -#endif - -#define SMUX_PORT_DEFAULT 199 - -#define SMUXMAXPKTSIZE 1500 -#define SMUXMAXSTRLEN 256 - -#define SMUX_OPEN (ASN_APPLICATION | ASN_CONSTRUCTOR | 0) -#define SMUX_CLOSE (ASN_APPLICATION | ASN_PRIMITIVE | 1) -#define SMUX_RREQ (ASN_APPLICATION | ASN_CONSTRUCTOR | 2) -#define SMUX_RRSP (ASN_APPLICATION | ASN_PRIMITIVE | 3) -#define SMUX_SOUT (ASN_APPLICATION | ASN_PRIMITIVE | 4) - -#define SMUX_GET (ASN_CONTEXT | ASN_CONSTRUCTOR | 0) -#define SMUX_GETNEXT (ASN_CONTEXT | ASN_CONSTRUCTOR | 1) -#define SMUX_GETRSP (ASN_CONTEXT | ASN_CONSTRUCTOR | 2) -#define SMUX_SET (ASN_CONTEXT | ASN_CONSTRUCTOR | 3) - -/* Structures here are mostly compatible with UCD SNMP 4.1.1 */ - -#define MATCH_FAILED (-1) -#define MATCH_SUCCEEDED 0 - -struct variable; - -#define SMUX_REGISTER_MIB(descr, var, vartype, theoid) \ - smux_register_mib(descr, (struct variable *)var, sizeof(struct vartype), \ - sizeof(var)/sizeof(struct vartype), \ - theoid, sizeof(theoid)/sizeof(oid)) - -typedef int (WriteMethod)(int action, - u_char *var_val, - u_char var_val_type, - size_t var_val_len, - const unsigned char *statP, - oid *name, - size_t length); - -typedef const unsigned char *(FindVarMethod)(struct variable *vp, - oid *name, - size_t *length, - int exact, - size_t *var_len, - WriteMethod **write_method); - -/* List */ -struct list -{ - struct list *next; - void *data; -}; - -/* SNMP variable */ -struct variable -{ - /* Index of the MIB.*/ - u_char magic; - - /* Type of variable. */ - char type; - - /* Access control list. */ - u_short acl; - - /* Callback function. */ - FindVarMethod *findVar; - - /* Suffix of the MIB. */ - u_char namelen; - oid name[MAX_OID_LEN]; -}; - -/* SNMP tree. */ -struct subtree -{ - /* Tree's oid. */ - oid name[MAX_OID_LEN]; - u_char name_len; - - /* List of the variables. */ - struct variable *variables; - - /* Length of the variables list. */ - int variables_num; - - /* Width of the variables list. */ - int variables_width; - - /* Registered flag. */ - int registered; -}; - -/* Declare SMUX return value. */ -#define SNMP_LOCAL_VARIABLES \ - static int32_t snmp_int_val; \ - static struct in_addr snmp_in_addr_val; - -#define SNMP_INTEGER(V) \ - ( \ - *var_len = sizeof (int32_t), \ - snmp_int_val = V, \ - (u_char *) &snmp_int_val \ - ) - -#define SNMP_IPADDRESS(V) \ - ( \ - *var_len = sizeof (struct in_addr), \ - snmp_in_addr_val = V, \ - (u_char *) &snmp_in_addr_val \ - ) - -void smux_init(oid [], size_t); -void smux_start(void); -void smux_stop(void); -void smux_register_mib(const char *, struct variable *, size_t, int, oid [], size_t); -int smux_header_generic (struct variable *, oid [], size_t *, int, size_t *, - WriteMethod **); -int smux_open(void); -int smux_str2oid (char *str, oid *my_oid, size_t *oid_len); -oid *smux_oid_dup (oid *objid, size_t objid_len); -int smux_register(void); - -#endif /* _SMUX_H */ diff --git a/src/main/event.c b/src/main/event.c index efe2a02..9479798 100644 --- a/src/main/event.c +++ b/src/main/event.c @@ -28,7 +28,6 @@ RCSID("$Id$") #include #include #include -#include #include @@ -2474,7 +2473,7 @@ static void event_socket_handler(fr_event_list_t *xel, UNUSED int fd, * This function is called periodically to see if any FD's are * available for reading. */ -static void event_poll_fds(UNUSED void *ctx) +static void event_poll_detail(UNUSED void *ctx) { int rcode; RAD_REQUEST_FUNP fun; @@ -2487,6 +2486,8 @@ static void event_poll_fds(UNUSED void *ctx) when.tv_sec += 1; for (this = mainconfig.listen; this != NULL; this = this->next) { + if (this->type != RAD_LISTEN_DETAIL) continue; + if (this->fd >= 0) continue; /* @@ -2503,40 +2504,12 @@ static void event_poll_fds(UNUSED void *ctx) if (!thread_pool_addrequest(request, fun)) { request->child_state = REQUEST_DONE; } - - /* - * We have an FD. Start watching it. - */ - if (this->fd >= 0) { -#ifdef WITH_DETAIL - /* - * ... unless it's a detail file. In - * that case, we rely on the signal to - * self to know when to continue - * processing the detail file. - */ - if (this->type == RAD_LISTEN_DETAIL) continue; -#endif - - /* - * FIXME: this should be SNMP handler, - * and we should do SOMETHING when the - * fd is closed! - */ - if (!fr_event_fd_insert(el, 0, this->fd, - event_socket_handler, this)) { - char buffer[256]; - - this->print(this, buffer, sizeof(buffer)); - rad_panic("Failed creating handler for snmp"); - } - } } /* * Reset the poll. */ - if (!fr_event_insert(el, event_poll_fds, NULL, + if (!fr_event_insert(el, event_poll_detail, NULL, &when, NULL)) { radlog(L_ERR, "Failed creating handler"); exit(1); @@ -2593,7 +2566,6 @@ static void event_status(struct timeval *wake) */ int radius_event_init(CONF_SECTION *cs, int spawn_flag) { - int has_snmp_listener = FALSE; rad_listen_t *this, *head = NULL; if (el) return 0; @@ -2716,13 +2688,6 @@ int radius_event_init(CONF_SECTION *cs, int spawn_flag) break; #endif -#ifdef WITH_SNMP - case RAD_LISTEN_SNMP: - DEBUG("Listening on SNMP %s", buffer); - has_snmp_listener = TRUE; - break; -#endif - #ifdef WITH_PROXY case RAD_LISTEN_PROXY: rad_assert(proxy_fds[this->fd & 0x1f] == -1); @@ -2744,8 +2709,8 @@ int radius_event_init(CONF_SECTION *cs, int spawn_flag) /* * The file descriptor isn't ready. Poll for - * when it will become ready. This is for SNMP - * and detail file fd's. + * when it will become ready. This is for the + * detail file fd's. */ if (this->fd < 0) { continue; @@ -2767,13 +2732,13 @@ int radius_event_init(CONF_SECTION *cs, int spawn_flag) } } - if (has_detail_listener || has_snmp_listener) { + if (has_detail_listener) { struct timeval when; gettimeofday(&when, NULL); when.tv_sec += 1; - if (!fr_event_insert(el, event_poll_fds, NULL, + if (!fr_event_insert(el, event_poll_detail, NULL, &when, NULL)) { radlog(L_ERR, "Failed creating handler"); exit(1); diff --git a/src/main/radius_snmp.c b/src/main/radius_snmp.c deleted file mode 100644 index 2f85e1a..0000000 --- a/src/main/radius_snmp.c +++ /dev/null @@ -1,628 +0,0 @@ -/* - * radius_snmp.c Radius SNMP support - * - * Version: $Id$ - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA - * - * Copyright 2000,2006 The FreeRADIUS server project - * Copyright 2000 Jochen Friedrich - */ - -#include -RCSID("$Id$") - -#include - -#ifdef WITH_SNMP - -#include -#include - -/* - * More globals (sigh); - */ -rad_snmp_t rad_snmp; - - -#define RADACCOID 1,3,6,1,2,1,67,2,1,1,1 -#define RADAUTHOID 1,3,6,1,2,1,67,1,1,1,1 -#define RADIUSOID 1,3,6,1,4,1,11344,1,1,1 - -static const oid radacc_oid [] = { RADACCOID }; -static const oid radauth_oid [] = { RADAUTHOID }; -static const oid radius_oid [] = { RADIUSOID }; - -#define COUNTER ASN_COUNTER -#define INTEGER ASN_INTEGER -#define GAUGE ASN_GAUGE -#define TIMETICKS ASN_TIMETICKS -#define IPADDRESS ASN_IPADDRESS -#define STRING ASN_OCTET_STR - -#define RADIUSACCSERVIDENT 1 -#define RADIUSACCSERVUPTIME 2 -#define RADIUSACCSERVRESETTIME 3 -#define RADIUSACCSERVCONFIGRESET 4 -#define RADIUSACCSERVTOTALREQUESTS 5 -#define RADIUSACCSERVTOTALINVALIDREQUESTS 6 -#define RADIUSACCSERVTOTALDUPREQUESTS 7 -#define RADIUSACCSERVTOTALRESPONSES 8 -#define RADIUSACCSERVTOTALMALFORMEDREQUESTS 9 -#define RADIUSACCSERVTOTALBADAUTHENTICATORS 10 -#define RADIUSACCSERVTOTALPACKETSDROPPED 11 -#define RADIUSACCSERVTOTALNORECORDS 12 -#define RADIUSACCSERVTOTALUNKNOWNTYPES 13 -/* */ -#define RADIUSACCCLIENTADDRESS 2 -#define RADIUSACCCLIENTID 3 -#define RADIUSACCSERVPACKETSDROPPED 4 -#define RADIUSACCSERVREQUESTS 5 -#define RADIUSACCSERVDUPREQUESTS 6 -#define RADIUSACCSERVRESPONSES 7 -#define RADIUSACCSERVBADAUTHENTICATORS 8 -#define RADIUSACCSERVMALFORMEDREQUESTS 9 -#define RADIUSACCSERVNORECORDS 10 -#define RADIUSACCSERVUNKNOWNTYPES 11 -/* */ -#define RADIUSAUTHSERVIDENT 1 -#define RADIUSAUTHSERVUPTIME 2 -#define RADIUSAUTHSERVRESETTIME 3 -#define RADIUSAUTHSERVCONFIGRESET 4 -#define RADIUSAUTHSERVTOTALACCESSREQUESTS 5 -#define RADIUSAUTHSERVTOTALINVALIDREQUESTS 6 -#define RADIUSAUTHSERVTOTALDUPACCESSREQUESTS 7 -#define RADIUSAUTHSERVTOTALACCESSACCEPTS 8 -#define RADIUSAUTHSERVTOTALACCESSREJECTS 9 -#define RADIUSAUTHSERVTOTALACCESSCHALLENGES 10 -#define RADIUSAUTHSERVTOTALMALFORMEDACCESSREQUESTS 11 -#define RADIUSAUTHSERVTOTALBADAUTHENTICATORS 12 -#define RADIUSAUTHSERVTOTALPACKETSDROPPED 13 -#define RADIUSAUTHSERVTOTALUNKNOWNTYPES 14 -/* */ -#define RADIUSAUTHCLIENTADDRESS 2 -#define RADIUSAUTHCLIENTID 3 -#define RADIUSAUTHSERVACCESSREQUESTS 4 -#define RADIUSAUTHSERVDUPACCESSREQUESTS 5 -#define RADIUSAUTHSERVACCESSACCEPTS 6 -#define RADIUSAUTHSERVACCESSREJECTS 7 -#define RADIUSAUTHSERVACCESSCHALLENGES 8 -#define RADIUSAUTHSERVMALFORMEDACCESSREQUESTS 9 -#define RADIUSAUTHSERVBADAUTHENTICATORS 10 -#define RADIUSAUTHSERVPACKETSDROPPED 11 -#define RADIUSAUTHSERVUNKNOWNTYPES 12 - -/* Hook functions. */ -#ifdef WITH_ACCOUNTING -static const u_char *radAccServ(struct variable *vp, - oid *name, - size_t *length, - int exact, - size_t *var_len, - WriteMethod **write_method); -static const u_char *radAccEntry(struct variable *vp, - oid *name, - size_t *length, - int exact, - size_t *var_len, - WriteMethod **write_method); -#endif -static const u_char *radAuthServ(struct variable *vp, - oid *name, - size_t *length, - int exact, - size_t *var_len, - WriteMethod **write_method); -static const u_char *radAuthEntry(struct variable *vp, - oid *name, - size_t *length, - int exact, - size_t *var_len, - WriteMethod **write_method); - -#ifdef WITH_ACCOUNTING -static const struct variable radiusacc_variables[] = -{ - {RADIUSACCSERVIDENT, STRING, RONLY, radAccServ, 1, {1}}, - {RADIUSACCSERVUPTIME, TIMETICKS, RONLY, radAccServ, 1, {2}}, - {RADIUSACCSERVRESETTIME, TIMETICKS, RONLY, radAccServ, 1, {3}}, - {RADIUSACCSERVCONFIGRESET, INTEGER, RWRITE, radAccServ, 1, {4}}, - {RADIUSACCSERVTOTALREQUESTS, COUNTER, RONLY, radAccServ, 1, {5}}, - {RADIUSACCSERVTOTALINVALIDREQUESTS, COUNTER, RONLY, radAccServ, 1, {6}}, - {RADIUSACCSERVTOTALDUPREQUESTS, COUNTER, RONLY, radAccServ, 1, {7}}, - {RADIUSACCSERVTOTALRESPONSES, COUNTER, RONLY, radAccServ, 1, {8}}, - {RADIUSACCSERVTOTALMALFORMEDREQUESTS, COUNTER, RONLY, radAccServ, 1, {9}}, - {RADIUSACCSERVTOTALBADAUTHENTICATORS, COUNTER, RONLY, radAccServ, 1, {10}}, - {RADIUSACCSERVTOTALPACKETSDROPPED, COUNTER, RONLY, radAccServ, 1, {11}}, - {RADIUSACCSERVTOTALNORECORDS, COUNTER, RONLY, radAccServ, 1, {12}}, - {RADIUSACCSERVTOTALUNKNOWNTYPES, COUNTER, RONLY, radAccServ, 1, {13}}, - {RADIUSACCCLIENTADDRESS, IPADDRESS, RONLY, radAccEntry, 3, {14,1,2}}, - {RADIUSACCCLIENTID, STRING, RONLY, radAccEntry, 3, {14,1,3}}, - {RADIUSACCSERVPACKETSDROPPED, COUNTER, RONLY, radAccEntry, 3, {14,1,4}}, - {RADIUSACCSERVREQUESTS, COUNTER, RONLY, radAccEntry, 3, {14,1,5}}, - {RADIUSACCSERVDUPREQUESTS, COUNTER, RONLY, radAccEntry, 3, {14,1,6}}, - {RADIUSACCSERVRESPONSES, COUNTER, RONLY, radAccEntry, 3, {14,1,7}}, - {RADIUSACCSERVBADAUTHENTICATORS, COUNTER, RONLY, radAccEntry, 3, {14,1,8}}, - {RADIUSACCSERVMALFORMEDREQUESTS, COUNTER, RONLY, radAccEntry, 3, {14,1,9}}, - {RADIUSACCSERVNORECORDS, COUNTER, RONLY, radAccEntry, 3, {14,1,10}}, - {RADIUSACCSERVUNKNOWNTYPES, COUNTER, RONLY, radAccEntry, 3, {14,1,11}}, -}; -#endif - -static const struct variable radiusauth_variables[] = -{ - {RADIUSAUTHSERVIDENT, STRING, RONLY, radAuthServ, 1, {1}}, - {RADIUSAUTHSERVUPTIME, TIMETICKS, RONLY, radAuthServ, 1, {2}}, - {RADIUSAUTHSERVRESETTIME, TIMETICKS, RONLY, radAuthServ, 1, {3}}, - {RADIUSAUTHSERVCONFIGRESET, INTEGER, RWRITE, radAuthServ, 1, {4}}, - {RADIUSAUTHSERVTOTALACCESSREQUESTS, COUNTER, RONLY, radAuthServ, 1, {5}}, - {RADIUSAUTHSERVTOTALINVALIDREQUESTS, COUNTER, RONLY, radAuthServ, 1, {6}}, - {RADIUSAUTHSERVTOTALDUPACCESSREQUESTS, COUNTER, RONLY, radAuthServ, 1, {7}}, - {RADIUSAUTHSERVTOTALACCESSACCEPTS, COUNTER, RONLY, radAuthServ, 1, {8}}, - {RADIUSAUTHSERVTOTALACCESSREJECTS, COUNTER, RONLY, radAuthServ, 1, {9}}, - {RADIUSAUTHSERVTOTALACCESSCHALLENGES, COUNTER, RONLY, radAuthServ, 1, {10}}, - {RADIUSAUTHSERVTOTALMALFORMEDACCESSREQUESTS, COUNTER, RONLY, radAuthServ, 1, {11}}, - {RADIUSAUTHSERVTOTALBADAUTHENTICATORS, COUNTER, RONLY, radAuthServ, 1, {12}}, - {RADIUSAUTHSERVTOTALPACKETSDROPPED, COUNTER, RONLY, radAuthServ, 1, {13}}, - {RADIUSAUTHSERVTOTALUNKNOWNTYPES, COUNTER, RONLY, radAuthServ, 1, {14}}, - {RADIUSAUTHCLIENTADDRESS, IPADDRESS, RONLY, radAuthEntry, 3, {15,1,2}}, - {RADIUSAUTHCLIENTID, STRING, RONLY, radAuthEntry, 3, {15,1,3}}, - {RADIUSAUTHSERVACCESSREQUESTS, COUNTER, RONLY, radAuthEntry, 3, {15,1,4}}, - {RADIUSAUTHSERVDUPACCESSREQUESTS, COUNTER, RONLY, radAuthEntry, 3, {15,1,5}}, - {RADIUSAUTHSERVACCESSACCEPTS, COUNTER, RONLY, radAuthEntry, 3, {15,1,6}}, - {RADIUSAUTHSERVACCESSREJECTS, COUNTER, RONLY, radAuthEntry, 3, {15,1,7}}, - {RADIUSAUTHSERVACCESSCHALLENGES, COUNTER, RONLY, radAuthEntry, 3, {15,1,8}}, - {RADIUSAUTHSERVMALFORMEDACCESSREQUESTS, COUNTER, RONLY, radAuthEntry, 3, {15,1,9}}, - {RADIUSAUTHSERVBADAUTHENTICATORS, COUNTER, RONLY, radAuthEntry, 3, {15,1,10}}, - {RADIUSAUTHSERVPACKETSDROPPED, COUNTER, RONLY, radAuthEntry, 3, {15,1,11}}, - {RADIUSAUTHSERVUNKNOWNTYPES, COUNTER, RONLY, radAuthEntry, 3, {15,1,12}}, -}; - -static RADCLIENT * -get_client(struct variable *v, oid objid[], size_t *objid_len, int exact) -{ - RADCLIENT *c; - int i, len; - - len = *objid_len - v->namelen; - - if (exact) { - /* Check the length. */ - if (len != 1) - return NULL; - if (objid[v->namelen] == 0) - return NULL; - - i = objid[v->namelen]-1; - - return client_findbynumber(NULL, i); - } - *objid_len = v->namelen + 1; - if (!len || (objid[v->namelen] == 0)) { - objid[v->namelen]=1; - return client_findbynumber(NULL, 0); - } - - i = objid[v->namelen]-1; - c = client_findbynumber(NULL, i); - if (c) { - objid[v->namelen]++; - } - return c; -} - -static int -radServReset(int action, u_char *var_val, u_char var_val_type, - size_t var_val_len, UNUSED const u_char *statP, - UNUSED oid *name, UNUSED size_t name_len) -{ - long i; - size_t big = SNMP_MAX_LEN; - - switch (action) { - case RESERVE1: - if (var_val_type != INTEGER) - return SNMP_ERR_WRONGTYPE; - if (var_val_len != sizeof (long)) - return SNMP_ERR_WRONGLENGTH; - if (! asn_parse_int(var_val, &big, &var_val_type, &i, sizeof(long))) - return SNMP_ERR_WRONGENCODING; - if (i != 2) - return SNMP_ERR_WRONGVALUE; - break; - case COMMIT: - radius_signal_self(RADIUS_SIGNAL_SELF_HUP); - break; - case FREE: - break; - default: - return SNMP_ERR_GENERR; - } - return SNMP_ERR_NOERROR; -} - -#ifdef WITH_ACCOUNTING -static const u_char * -radAccServ(struct variable *vp, oid *name, size_t *length, int exact, - size_t *var_len, WriteMethod **write_method) { - - static int result; - - /* check whether the instance identifier is valid */ - if (smux_header_generic(vp, name, length, exact, var_len, - write_method) == MATCH_FAILED) { - return NULL; - } - - /* return the current value of the variable */ - switch (vp->magic) { - case RADIUSACCSERVIDENT: - *var_len = strlen(rad_snmp.acct.ident); - return (const u_char *) rad_snmp.acct.ident; - - case RADIUSACCSERVUPTIME: - rad_snmp.acct.uptime = (time(NULL) - rad_snmp.acct.start_time) * 100; - *var_len = sizeof(int32_t); - return (u_char *) &rad_snmp.acct.uptime; - - case RADIUSACCSERVRESETTIME: - rad_snmp.acct.reset_time = (time(NULL) - rad_snmp.acct.last_reset_time) * 100; - *var_len = sizeof(int32_t); - return (u_char *) &rad_snmp.acct.reset_time; - - case RADIUSACCSERVCONFIGRESET: - *write_method = radServReset; - result = 4; - return (u_char *) &result; - - case RADIUSACCSERVTOTALREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_requests; - - case RADIUSACCSERVTOTALINVALIDREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_invalid_requests; - - case RADIUSACCSERVTOTALDUPREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_dup_requests; - - case RADIUSACCSERVTOTALRESPONSES: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_responses; - - case RADIUSACCSERVTOTALMALFORMEDREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_malformed_requests; - - case RADIUSACCSERVTOTALBADAUTHENTICATORS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_bad_authenticators; - - case RADIUSACCSERVTOTALPACKETSDROPPED: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_packets_dropped; - - case RADIUSACCSERVTOTALNORECORDS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_no_records; - - case RADIUSACCSERVTOTALUNKNOWNTYPES: - *var_len = sizeof(int32_t); - return (u_char *) &radius_acct_stats.total_unknown_types; - - } - - return NULL; -} - -static const u_char * -radAccEntry(struct variable *vp, oid *name, size_t *length, int exact, - size_t *var_len, WriteMethod **write_method) { - - RADCLIENT *c; - static uint32_t zero = 0; - - *write_method = NULL; /* table is read only */ - c = get_client(vp, name, length, exact); - if (!c) - return NULL; - - /* return the current value of the variable */ - - switch (vp->magic) { - case RADIUSACCCLIENTADDRESS: - if (c->ipaddr.af != AF_INET) return NULL; - - *var_len = sizeof(c->ipaddr.ipaddr.ip4addr); - return (u_char *)&(c->ipaddr.ipaddr.ip4addr); - - case RADIUSACCCLIENTID: - if (c->shortname && c->shortname[0]) { - *var_len = strlen(c->shortname); - return (u_char *) c->shortname; - } - *var_len = strlen(c->longname); - return (u_char *) c->longname; - - case RADIUSACCSERVPACKETSDROPPED: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_packets_dropped; - - case RADIUSACCSERVREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_requests; - - case RADIUSACCSERVDUPREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_dup_requests; - - case RADIUSACCSERVRESPONSES: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_responses; - - case RADIUSACCSERVBADAUTHENTICATORS: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_bad_authenticators; - - case RADIUSACCSERVMALFORMEDREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_malformed_requests; - - /* - * Received && responded to, but not - * recorded anywhere. This is always - * zero. - */ - case RADIUSACCSERVNORECORDS: - *var_len = sizeof(int32_t); - return (u_char *) &zero; - - case RADIUSACCSERVUNKNOWNTYPES: - *var_len = sizeof(int32_t); - return (u_char *) &c->acct->total_unknown_types; - } - return NULL; -} -#endif - -static const u_char * -radAuthServ(struct variable *vp, oid *name, size_t *length, int exact, - size_t *var_len, WriteMethod **write_method) { - - static int result; - /* check whether the instance identifier is valid */ - - if (smux_header_generic(vp, name, length, exact, var_len, - write_method) == MATCH_FAILED) { - return NULL; - } - - /* return the current value of the variable */ - - switch (vp->magic) { - case RADIUSAUTHSERVIDENT: - *var_len = strlen(rad_snmp.auth.ident); - return (const u_char *) rad_snmp.auth.ident; - - case RADIUSAUTHSERVUPTIME: - rad_snmp.auth.uptime = (time(NULL) - rad_snmp.auth.start_time) * 100; - *var_len = sizeof(int32_t); - return (u_char *) &rad_snmp.auth.uptime; - - case RADIUSAUTHSERVRESETTIME: - rad_snmp.auth.reset_time = (time(NULL) - rad_snmp.auth.last_reset_time) * 100; - *var_len = sizeof(int32_t); - return (u_char *) &rad_snmp.auth.reset_time; - - case RADIUSAUTHSERVCONFIGRESET: - *write_method = radServReset; - result = 4; - return (u_char *) &result; - - case RADIUSAUTHSERVTOTALACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_requests; - - case RADIUSAUTHSERVTOTALINVALIDREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_invalid_requests; - - case RADIUSAUTHSERVTOTALDUPACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_dup_requests; - - case RADIUSAUTHSERVTOTALACCESSACCEPTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_access_accepts; - - case RADIUSAUTHSERVTOTALACCESSREJECTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_access_rejects; - - case RADIUSAUTHSERVTOTALACCESSCHALLENGES: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_access_challenges; - - case RADIUSAUTHSERVTOTALMALFORMEDACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_malformed_requests; - - case RADIUSAUTHSERVTOTALBADAUTHENTICATORS: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_bad_authenticators; - - case RADIUSAUTHSERVTOTALPACKETSDROPPED: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_packets_dropped; - - case RADIUSAUTHSERVTOTALUNKNOWNTYPES: - *var_len = sizeof(int32_t); - return (u_char *) &radius_auth_stats.total_unknown_types; - - } - - return NULL; -} - -static const u_char * -radAuthEntry(struct variable *vp, oid *name, size_t *length, int exact, - size_t *var_len, WriteMethod **write_method) { - - RADCLIENT *c; - - *write_method = NULL; /* table is read only */ - c = get_client(vp, name, length, exact); - if (!c) - return NULL; - - /* return the current value of the variable */ - - switch (vp->magic) { - - case RADIUSAUTHCLIENTADDRESS: - if (c->ipaddr.af != AF_INET) return NULL; - - *var_len = sizeof(c->ipaddr.ipaddr.ip4addr); - return (u_char *)&(c->ipaddr.ipaddr.ip4addr); - - case RADIUSAUTHCLIENTID: - if (c->shortname && c->shortname[0]) { - *var_len = strlen(c->shortname); - return (u_char *) c->shortname; - } - *var_len = strlen(c->longname); - return (u_char *) c->longname; - - case RADIUSAUTHSERVACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_requests; - - case RADIUSAUTHSERVDUPACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_dup_requests; - - case RADIUSAUTHSERVACCESSACCEPTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_access_accepts; - - case RADIUSAUTHSERVACCESSREJECTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_access_rejects; - - case RADIUSAUTHSERVACCESSCHALLENGES: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_access_challenges; - - case RADIUSAUTHSERVMALFORMEDACCESSREQUESTS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_malformed_requests; - - case RADIUSAUTHSERVBADAUTHENTICATORS: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_bad_authenticators; - - case RADIUSAUTHSERVPACKETSDROPPED: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_packets_dropped; - - case RADIUSAUTHSERVUNKNOWNTYPES: - *var_len = sizeof(int32_t); - return (u_char *) &c->auth->total_unknown_types; - - } - return NULL; -} - -static const CONF_PARSER snmp_config[] = { - { "snmp", PW_TYPE_BOOLEAN, - 0, &mainconfig.do_snmp, "no" }, - { "smux_password", PW_TYPE_STRING_PTR, - 0, &rad_snmp.smux_password, "" }, - { "snmp_write_access", PW_TYPE_BOOLEAN, - 0, &rad_snmp.snmp_write_access, "no" }, - { NULL, -1, 0, NULL, NULL } -}; - - -/* Register RADIUS MIBs. */ -int -radius_snmp_init (CONF_SECTION *cs) -{ - static int initialized = FALSE; - - if (!initialized) { - /* - * Initialize the RADIUS SNMP data structure. - */ - memset(&rad_snmp, 0, sizeof(rad_snmp)); - - rad_snmp.auth.ident = radiusd_version; -#ifdef WITH_ACCOUNTING - rad_snmp.acct.ident = radiusd_version; - - -#endif - rad_snmp.smux_event = SMUX_NONE; - rad_snmp.smux_password = NULL; - rad_snmp.snmp_write_access = FALSE; - rad_snmp.smux_fd = -1; - rad_snmp.smux_max_failures = 3; /* FIXME! get from config */ - rad_snmp.smux_failures = 0; - - rad_snmp.auth.start_time = time(NULL); - rad_snmp.auth.last_reset_time = rad_snmp.auth.start_time; - -#ifdef WITH_ACCOUNTING - rad_snmp.acct.start_time = rad_snmp.auth.start_time; - rad_snmp.acct.last_reset_time = rad_snmp.auth.start_time; -#endif - } else { - rad_snmp.auth.last_reset_time = time(NULL); -#ifdef WITH_ACCOUNTING - rad_snmp.acct.last_reset_time = rad_snmp.auth.last_reset_time; -#endif - rad_snmp.smux_failures = 0; - } - - /* - * Parse the SNMP configuration information. - */ - cf_section_parse(cs, NULL, snmp_config); - - smux_stop(); - - if (!mainconfig.do_snmp) return 0; - - /* - * Do SMUX initialization. - */ - smux_init (radius_oid, sizeof (radius_oid) / sizeof (oid)); - - if (!initialized) { -#ifdef WITH_ACCOUNTING - SMUX_REGISTER_MIB("mibII/radius-acc-server", radiusacc_variables, variable, radacc_oid); -#endif - SMUX_REGISTER_MIB("mibII/radius-auth-server", radiusauth_variables, variable, radauth_oid); - } - - smux_start (); - - initialized = TRUE; - - return 1; -} - -#endif /* WITH_SNMP */ diff --git a/src/main/smux.c b/src/main/smux.c deleted file mode 100644 index 312f0f7..0000000 --- a/src/main/smux.c +++ /dev/null @@ -1,1129 +0,0 @@ -/* - * smux.c SNMP support - * - * Version: $Id$ - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA - * - * Copyright 2000,2006 The FreeRADIUS server project - * Copyright 1999 Jochen Friedrich - * Copyright 1999 Kunihiro Ishiguro - */ - -#include -RCSID("$Id$") - -#include - -#ifdef WITH_SNMP - -#include -#include - -#include - -#include -#include - -#define min(A,B) ((A) < (B) ? (A) : (B)) - - - -/* internal prototypes */ -static int oid_compare (oid *, size_t, oid *, size_t); - -/* SMUX subtree vector. */ -static struct list *treelist = NULL; - -/* SMUX oid. */ -static oid *smux_oid; -static size_t smux_oid_len; - -static void * -oid_copy (void *dest, void *src, size_t size) -{ - return memcpy (dest, src, size * sizeof (oid)); -} - -#if 0 -static void -oid2in_addr (oid my_oid[], int len, struct in_addr *addr) -{ - int i; - u_char *pnt; - - if (len == 0) - return; - - pnt = (u_char *) addr; - - for (i = 0; i < len; i++) - *pnt++ = my_oid[i]; -} - -static void -oid_copy_addr (oid my_oid[], struct in_addr *addr, int len) -{ - int i; - u_char *pnt; - - if (len == 0) - return; - - pnt = (u_char *) addr; - - for (i = 0; i < len; i++) - my_oid[i] = *pnt++; -} -#endif /* NOT USED */ - -static int -oid_compare (oid *o1, size_t o1_len, oid *o2, size_t o2_len) -{ - size_t i; - - for (i = 0; i < min (o1_len, o2_len); i++) { - if (o1[i] < o2[i]) - return -1; - else if (o1[i] > o2[i]) - return 1; - } - if (o1_len < o2_len) - return -1; - if (o1_len > o2_len) - return 1; - - return 0; -} - -static int -oid_compare_part (oid *o1, size_t o1_len, oid *o2, size_t o2_len) -{ - size_t i; - - for (i = 0; i < min (o1_len, o2_len); i++) { - if (o1[i] < o2[i]) - return -1; - else if (o1[i] > o2[i]) - return 1; - } - if (o1_len < o2_len) - return -1; - - return 0; -} - -static void -smux_oid_dump(const char *prefix, oid *my_oid, size_t oid_len) -{ - size_t i; - int first = 1; - char buf[MAX_OID_LEN * 3]; - - buf[0] = '\0'; - - for (i = 0; i < oid_len; i++) { - sprintf (buf + strlen (buf), "%s%d", first ? "" : ".", (int) my_oid[i]); - first = 0; - } - DEBUG2 ("SMUX %s: %s", prefix, buf); -} - -static int -smux_sock (void) -{ - int ret; - int on = 1; -#ifdef HAVE_IPV6 - struct addrinfo hints, *res0, *res; - int gai; -#else - struct sockaddr_in serv; - struct servent *sp; -#endif - int fd; - -#ifdef HAVE_IPV6 - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - gai = getaddrinfo(NULL, "smux", &hints, &res0); - if (gai == EAI_SERVICE) { - char servbuf[NI_MAXSERV]; - sprintf(servbuf,"%d",SMUX_PORT_DEFAULT); - gai = getaddrinfo(NULL, servbuf, &hints, &res0); - } - if (gai) { - DEBUG("Cannot locate loopback service smux"); - return -1; - } - for(res=res0; res; res=res->ai_next) { - fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (fd < 0) - continue; - setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof (on)); -#ifdef SO_REUSEPORT - setsockopt (fd, SOL_SOCKET, SO_REUSEPORT, (void *)&on, sizeof (on)); -#endif - ret = connect (fd, res->ai_addr, res->ai_addrlen); - if (ret < 0) { - close(fd); - fd = -1; - continue; - } - break; - } - freeaddrinfo(res0); - if (fd < 0) - DEBUG ("Can't connect to SNMP agent with SMUX"); -#else - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) { - DEBUG ("Can't make socket for SNMP"); - return -1; - } - - memset (&serv, 0, sizeof (struct sockaddr_in)); - serv.sin_family = AF_INET; -#ifdef HAVE_SIN_LEN - serv.sin_len = sizeof (struct sockaddr_in); -#endif /* HAVE_SIN_LEN */ - - sp = getservbyname ("smux", "tcp"); - if (sp != NULL) - serv.sin_port = sp->s_port; - else - serv.sin_port = htons (SMUX_PORT_DEFAULT); - - serv.sin_addr.s_addr = htonl (INADDR_LOOPBACK); - - setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof (on)); -#ifdef SO_REUSEPORT - setsockopt (fd, SOL_SOCKET, SO_REUSEPORT, (void *)&on, sizeof (on)); -#endif - - ret = connect (fd, (struct sockaddr *) &serv, sizeof (struct sockaddr_in)); - if (ret < 0) { - close (fd); - DEBUG ("Can't connect to SNMP agent with SMUX: %s", strerror(errno)); - fd = -1; - } -#endif - return fd; -} - -static void -smux_getresp_send (oid objid[], size_t objid_len, long reqid, long errstat, - long errindex, u_char val_type, void *arg, size_t arg_len) -{ - size_t ret; - u_char buf[BUFSIZ]; - u_char *ptr, *h1, *h1e, *h2, *h2e; - size_t len, length; - - ptr = buf; - len = BUFSIZ; - length = len; - - DEBUG3("SMUX GETRSP send"); - DEBUG3("SMUX GETRSP reqid: %ld", reqid); - - h1 = ptr; - /* Place holder h1 for complete sequence */ - ptr = asn_build_sequence (ptr, &len, (u_char) SMUX_GETRSP, 0); - h1e = ptr; - - ptr = asn_build_int (ptr, &len, - (u_char) (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &reqid, sizeof (reqid)); - - DEBUG3("SMUX GETRSP errstat: %ld", errstat); - - ptr = asn_build_int (ptr, &len, - (u_char) (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &errstat, sizeof (errstat)); - DEBUG3("SMUX GETRSP errindex: %ld", errindex); - - ptr = asn_build_int (ptr, &len, - (u_char) (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &errindex, sizeof (errindex)); - - h2 = ptr; - /* Place holder h2 for one variable */ - ptr = asn_build_sequence (ptr, &len, - (u_char)(ASN_SEQUENCE | ASN_CONSTRUCTOR), - 0); - h2e = ptr; - - ptr = snmp_build_var_op (ptr, objid, &objid_len, - val_type, arg_len, arg, &len); - - /* Now variable size is known, fill in size */ - asn_build_sequence(h2,&length,(u_char)(ASN_SEQUENCE|ASN_CONSTRUCTOR),ptr-h2e); - - /* Fill in size of whole sequence */ - asn_build_sequence(h1,&length,(u_char)SMUX_GETRSP,ptr-h1e); - - DEBUG2("SMUX getresp send: %d", ptr - buf); - - ret = send (rad_snmp.smux_fd, buf, (ptr - buf), 0); -} - -static u_char * -smux_var (u_char *ptr, size_t len, oid objid[], size_t *objid_len, - size_t *var_val_len, - u_char *var_val_type, - void **var_value) -{ - u_char type; - u_char val_type; - size_t val_len; - u_char *val; - - DEBUG3("SMUX var parse: len %d", len); - - /* Parse header. */ - ptr = asn_parse_header (ptr, &len, &type); - - DEBUG3("SMUX var parse: type %d len %d", type, len); - DEBUG3("SMUX var parse: type must be %d", (ASN_SEQUENCE | ASN_CONSTRUCTOR)); - - /* Parse var option. */ - *objid_len = MAX_OID_LEN; - ptr = snmp_parse_var_op(ptr, objid, objid_len, &val_type, - &val_len, &val, &len); - - if (var_val_len) - *var_val_len = val_len; - - if (var_value) - *var_value = (void*) val; - - if (var_val_type) - *var_val_type = val_type; - - /* Requested object id length is objid_len. */ - smux_oid_dump ("Request OID", objid, *objid_len); - - DEBUG3 ("SMUX val_type: %d", val_type); - - /* Check request value type. */ - switch (val_type) { - case ASN_NULL: - /* In case of SMUX_GET or SMUX_GET_NEXT val_type is set to - ASN_NULL. */ - DEBUG3 ("ASN_NULL"); - break; - - case ASN_INTEGER: - DEBUG3 ("ASN_INTEGER"); - break; - case ASN_COUNTER: - case ASN_GAUGE: - case ASN_TIMETICKS: - case ASN_UINTEGER: - DEBUG3 ("ASN_COUNTER"); - break; - case ASN_COUNTER64: - DEBUG3 ("ASN_COUNTER64"); - break; - case ASN_IPADDRESS: - DEBUG3 ("ASN_IPADDRESS"); - break; - case ASN_OCTET_STR: - DEBUG3 ("ASN_OCTET_STR"); - break; - case ASN_OPAQUE: - case ASN_NSAP: - case ASN_OBJECT_ID: - DEBUG3 ("ASN_OPAQUE"); - break; - case SNMP_NOSUCHOBJECT: - DEBUG3 ("SNMP_NOSUCHOBJECT"); - break; - case SNMP_NOSUCHINSTANCE: - DEBUG3 ("SNMP_NOSUCHINSTANCE"); - break; - case SNMP_ENDOFMIBVIEW: - DEBUG3 ("SNMP_ENDOFMIBVIEW"); - break; - case ASN_BIT_STR: - DEBUG3 ("ASN_BIT_STR"); - break; - default: - DEBUG3 ("Unknown type"); - break; - } - return ptr; -} - -/* NOTE: all 3 functions (smux_set, smux_get & smux_getnext) are based on - ucd-snmp smux and as such suppose, that the peer receives in the message - only one variable. Fortunately, IBM seems to do the same in AIX. */ - -static int -smux_set (oid *reqid, size_t *reqid_len, - u_char val_type, void *val, size_t val_len, int action) -{ - int j; - struct subtree *subtree; - struct variable *v; - struct list *l; - int subresult; - oid *suffix; - size_t suffix_len; - int result; - const unsigned char *statP = NULL; - WriteMethod *write_method = NULL; - - if (!rad_snmp.snmp_write_access) - return SNMP_ERR_NOSUCHNAME; - - /* Check */ - for (l = treelist; l; l=l->next) { - subtree = l->data; - subresult = oid_compare_part (reqid, *reqid_len, - subtree->name, subtree->name_len); - - /* Subtree matched. */ - if (subresult == 0) { - /* Prepare suffix. */ - suffix = reqid + subtree->name_len; - suffix_len = *reqid_len - subtree->name_len; - result = subresult; - - /* Check variables. */ - for (j = 0; j < subtree->variables_num; j++) { - v = &subtree->variables[j]; - - /* Always check suffix */ - result = oid_compare_part (suffix, suffix_len, - v->name, v->namelen); - - /* This is exact match so result must be zero. */ - if (result == 0) { - DEBUG3 ("SMUX function call index is %d", v->magic); - - statP = (*v->findVar) (v, suffix, &suffix_len, 1, - &val_len, &write_method); - - if (write_method) { - return (*write_method)(action, val, val_type, val_len, statP, suffix, suffix_len); - - } else { - return SNMP_ERR_READONLY; - } - } - - /* If above execution is failed or oid is small (so - there is no further match). */ - if (result < 0) - return SNMP_ERR_NOSUCHNAME; - } - } - } - return SNMP_ERR_NOSUCHNAME; -} - -static int -smux_get (oid *reqid, size_t *reqid_len, int exact, - u_char *val_type,u_char **val, size_t *val_len) -{ - int j; - struct subtree *subtree; - struct variable *v; - struct list *l; - int subresult; - oid *suffix; - size_t suffix_len; - int result; - WriteMethod *write_method=NULL; - - /* Check */ - for (l = treelist; l; l=l->next) { - subtree = l->data; - subresult = oid_compare_part (reqid, *reqid_len, - subtree->name, subtree->name_len); - - /* Subtree matched. */ - if (subresult == 0) { - /* Prepare suffix. */ - suffix = reqid + subtree->name_len; - suffix_len = *reqid_len - subtree->name_len; - result = subresult; - - /* Check variables. */ - for (j = 0; j < subtree->variables_num; j++) { - v = &subtree->variables[j]; - - /* Always check suffix */ - result = oid_compare_part (suffix, suffix_len, - v->name, v->namelen); - - /* This is exact match so result must be zero. */ - if (result == 0) { - DEBUG3 ("SMUX function call index is %d", v->magic); - - *val = (*v->findVar) (v, suffix, &suffix_len, exact, - val_len, &write_method); - /* There is no instance. */ - if (*val == NULL) - return SNMP_ERR_NOSUCHNAME; - - /* Call is suceed. */ - *val_type = v->type; - - return 0; - } - - /* If above execution is failed or oid is small (so - there is no further match). */ - if (result < 0) - return SNMP_ERR_NOSUCHNAME; - } - } - } - return SNMP_ERR_NOSUCHNAME; -} - -static int -smux_getnext (oid *reqid, size_t *reqid_len, int exact, - u_char *val_type, u_char **val, size_t *val_len) -{ - int j; - oid save[MAX_OID_LEN]; - int savelen = 0; - struct subtree *subtree; - struct variable *v; - struct list *l; - int subresult; - oid *suffix; - size_t suffix_len; - int result; - WriteMethod *write_method=NULL; - - /* Save incoming request. */ - oid_copy (save, reqid, *reqid_len); - savelen = *reqid_len; - - /* Check for best matching subtree */ - - for (l = treelist; l; l=l->next) { - subtree = l->data; - - subresult = oid_compare_part (reqid, *reqid_len, - subtree->name, subtree->name_len); - - /* If request is in the tree. The agent has to make sure we - only receive requests we have registered for. */ - /* Unfortunately, that's not true. In fact, a SMUX subagent has to - behave as if it manages the whole SNMP MIB tree itself. It's the - duty of the master agent to collect the best answer and return it - to the manager. See RFC 1227 chapter 3.1.6 for the glory details - :-). ucd-snmp really behaves bad here as it actually might ask - multiple times for the same GETNEXT request as it throws away the - answer when it expects it in a different subtree and might come - back later with the very same request. --jochen */ - - if (subresult <= 0) { - /* Prepare suffix. */ - suffix = reqid + subtree->name_len; - suffix_len = *reqid_len - subtree->name_len; - if (subresult < 0) { - oid_copy(reqid, subtree->name, subtree->name_len); - *reqid_len = subtree->name_len; - } - for (j = 0; j < subtree->variables_num; j++) { - result = subresult; - v = &subtree->variables[j]; - - /* Next then check result >= 0. */ - if (result == 0) - result = oid_compare_part (suffix, suffix_len, - v->name, v->namelen); - - if (result <= 0) { - DEBUG3 ("SMUX function call index is %d", v->magic); - if(result<0) { - oid_copy(suffix, v->name, v->namelen); - suffix_len = v->namelen; - } - *val = (*v->findVar) (v, suffix, &suffix_len, exact, - val_len, &write_method); - *reqid_len = suffix_len + subtree->name_len; - if (*val) { - *val_type = v->type; - return 0; - } - } - } - } - } - memcpy (reqid, save, savelen * sizeof(oid)); - *reqid_len = savelen; - - return SNMP_ERR_NOSUCHNAME; -} - -/* GET message header. */ -static u_char * -smux_parse_get_header (u_char *ptr, size_t *len, long *reqid) -{ - u_char type; - long errstat; - long errindex; - - /* Request ID. */ - ptr = asn_parse_int (ptr, len, &type, reqid, sizeof (*reqid)); - - DEBUG3 ("SMUX GET reqid: %ld len: %d", *reqid, (int) *len); - - /* Error status. */ - ptr = asn_parse_int (ptr, len, &type, &errstat, sizeof (errstat)); - - DEBUG3 ("SMUX GET errstat %ld len: %d", errstat, *len); - - /* Error index. */ - ptr = asn_parse_int (ptr, len, &type, &errindex, sizeof (errindex)); - - DEBUG3 ("SMUX GET errindex %ld len: %d", errindex, *len); - - return ptr; -} - -static void -smux_parse_set (u_char *ptr, size_t len, int action) -{ - long reqid; - oid my_oid[MAX_OID_LEN]; - size_t oid_len; - u_char val_type; - void *val; - size_t val_len; - int ret; - - DEBUG3 ("SMUX SET(%s) message parse: len %d", - (RESERVE1 == action) ? "RESERVE1" : ((FREE == action) ? "FREE" : "COMMIT"), - len); - - /* Parse SET message header. */ - ptr = smux_parse_get_header (ptr, &len, &reqid); - - /* Parse SET message object ID. */ - ptr = smux_var (ptr, len, my_oid, &oid_len, &val_len, &val_type, &val); - - ret = smux_set (my_oid, &oid_len, val_type, val, val_len, action); - DEBUG2 ("SMUX SET ret %d", ret); - - /* Return result. */ - if (RESERVE1 == action) - smux_getresp_send (my_oid, oid_len, reqid, ret, 3, ASN_NULL, NULL, 0); -} - -static void -smux_parse_get (u_char *ptr, size_t len, int exact) -{ - long reqid; - oid my_oid[MAX_OID_LEN]; - size_t oid_len; - u_char val_type; - u_char *val; - size_t val_len; - int ret; - - DEBUG3 ("SMUX GET message parse: len %d", len); - - /* Parse GET message header. */ - ptr = smux_parse_get_header (ptr, &len, &reqid); - - /* Parse GET message object ID. We needn't the value come */ - ptr = smux_var (ptr, len, my_oid, &oid_len, NULL, NULL, NULL); - - /* Traditional getstatptr. */ - if (exact) - ret = smux_get (my_oid, &oid_len, exact, &val_type, &val, &val_len); - else - ret = smux_getnext (my_oid, &oid_len, exact, &val_type, &val, &val_len); - - /* Return result. */ - if (ret == 0) - smux_getresp_send (my_oid, oid_len, reqid, 0, 0, val_type, val, val_len); - else - smux_getresp_send (my_oid, oid_len, reqid, ret, 3, ASN_NULL, NULL, 0); -} - -/* Parse SMUX_CLOSE message. */ -static void -smux_parse_close (u_char *ptr, size_t len) -{ - long reason = 0; - - while (len--) { - reason = (reason << 8) | (long) *ptr; - ptr++; - } - DEBUG ("SMUX_CLOSE with reason: %ld", reason); -} - -/* SMUX_RRSP message. */ -static void -smux_parse_rrsp (u_char *ptr, size_t len) -{ - u_char val; - long errstat; - - ptr = asn_parse_int (ptr, &len, &val, &errstat, sizeof (errstat)); - - DEBUG3 ("SMUX_RRSP value: %d errstat: %ld", val, errstat); -} - -/* Parse SMUX message. */ -static int -smux_parse (u_char *ptr, size_t len) -{ - /* this buffer we'll use for SOUT message. We could allocate it with malloc and - save only static pointer/lenght, but IMHO static buffer is a faster solusion */ - static u_char sout_save_buff[SMUXMAXPKTSIZE]; - static size_t sout_save_len = 0; - - int len_income = len; /* see note below: YYY */ - u_char type; - u_char rollback; - - rollback = ptr[2]; /* important only for SMUX_SOUT */ - -process_rest: /* see note below: YYY */ - - /* Parse SMUX message type and subsequent length. */ - ptr = asn_parse_header (ptr, &len, &type); - - DEBUG2 ("SMUX message received type: %d rest len: %d", type, len); - - switch (type) { - case SMUX_OPEN: - /* Open must be not send from SNMP agent. */ - DEBUG ("SMUX_OPEN received: resetting connection."); - return -1; - break; - case SMUX_RREQ: - /* SMUX_RREQ message is invalid for us. */ - DEBUG ("SMUX_RREQ received: resetting connection."); - return -1; - break; - case SMUX_SOUT: - /* SMUX_SOUT message is now valied for us. */ - DEBUG2 ("SMUX_SOUT(%s)", rollback ? "rollback" : "commit"); - - if (sout_save_len > 0) { - smux_parse_set (sout_save_buff, sout_save_len, rollback ? FREE : COMMIT); - sout_save_len = 0; - } else - DEBUG ("SMUX_SOUT sout_save_len=%d - invalid", (int) sout_save_len); - - if (len_income > 3) { - /* YYY: this strange code has to solve the "slow peer" - problem: When agent sends SMUX_SOUT message it doesn't - wait any responce and may send some next message to - subagent. Then the peer in 'smux_read()' will recieve - from socket the 'concatenated' buffer, contaning both - SMUX_SOUT message and the next one - (SMUX_GET/SMUX_GETNEXT/SMUX_GET). So we should check: if - the buffer is longer than 3 ( length of SMUX_SOUT ), we - must process the rest of it. This effect may be observed - if DEBUG is set to >1 */ - ptr++; - len = len_income - 3; - goto process_rest; - } - break; - case SMUX_GETRSP: - /* SMUX_GETRSP message is invalid for us. */ - DEBUG ("SMUX_GETRSP received: resetting connection."); - return -1; - break; - case SMUX_CLOSE: - /* Close SMUX connection. */ - DEBUG3 ("SMUX_CLOSE"); - smux_parse_close (ptr, len); - return -1; - break; - case SMUX_RRSP: - /* This is response for register message. */ - DEBUG3 ("SMUX_RRSP"); - smux_parse_rrsp (ptr, len); - break; - case SMUX_GET: - /* Exact request for object id. */ - DEBUG3 ("SMUX_GET"); - smux_parse_get (ptr, len, 1); - break; - case SMUX_GETNEXT: - /* Next request for object id. */ - DEBUG3 ("SMUX_GETNEXT"); - smux_parse_get (ptr, len, 0); - break; - case SMUX_SET: - /* SMUX_SET is supported with some limitations. */ - DEBUG3 ("SMUX_SET"); - /* save the data for future SMUX_SOUT */ - memcpy (sout_save_buff, ptr, len); - sout_save_len = len; - smux_parse_set (ptr, len, RESERVE1); - break; - default: - DEBUG ("SMUX Unknown type: %d", type); - break; - } - return 0; -} - -/* SMUX message read function. */ -int -smux_read () -{ - int len; - u_char buf[SMUXMAXPKTSIZE]; - int ret; - - rad_snmp.smux_event=SMUX_NONE; - DEBUG3 ("SMUX read start"); - - /* Read message from SMUX socket. */ - len = recv (rad_snmp.smux_fd, buf, SMUXMAXPKTSIZE, 0); - - if (len < 0) { - DEBUG ("Can't read all SMUX packet: %s", strerror (errno)); - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; - rad_snmp.smux_event=SMUX_CONNECT; - return -1; - } - - if (len == 0) { - DEBUG ("SMUX connection closed: %d", rad_snmp.smux_fd); - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; - rad_snmp.smux_event=SMUX_CONNECT; - return -1; - } - - DEBUG3 ("SMUX read len: %d", len); - - /* Parse the message. */ - ret = smux_parse (buf, len); - - if (ret < 0) { - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; - rad_snmp.smux_event=SMUX_CONNECT; - return -1; - } - - rad_snmp.smux_event=SMUX_READ; - - return 0; -} - -int -smux_open(void) -{ - u_char buf[BUFSIZ]; - u_char *ptr; - size_t len; - long smux_proto_version; - char rad_progname[] = "radiusd"; - - smux_oid_dump ("SMUX open oid", smux_oid, smux_oid_len); - DEBUG2 ("SMUX open progname: %s", rad_progname); - DEBUG2 ("SMUX open password: %s", rad_snmp.smux_password); - - ptr = buf; - len = BUFSIZ; - - /* SMUX Header. As placeholder. */ - ptr = asn_build_header (ptr, &len, (u_char) SMUX_OPEN, 0); - - /* SMUX Open. */ - smux_proto_version = 0; - ptr = asn_build_int (ptr, &len, - (u_char)(ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &smux_proto_version, sizeof (u_long)); - - /* SMUX connection oid. */ - ptr = asn_build_objid (ptr, &len, - (u_char) - (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_OBJECT_ID), - smux_oid, smux_oid_len); - - /* SMUX connection description. */ - ptr = asn_build_string (ptr, &len, - (u_char) - (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_OCTET_STR), - (u_char *) rad_progname, strlen(rad_progname)); - - /* SMUX connection password. */ - ptr = asn_build_string (ptr, &len, - (u_char) - (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_OCTET_STR), - (const u_char *) rad_snmp.smux_password, strlen(rad_snmp.smux_password)); - - /* Fill in real SMUX header. We exclude ASN header size (2). */ - len = BUFSIZ; - asn_build_header (buf, &len, (u_char) SMUX_OPEN, (ptr - buf) - 2); - - return send (rad_snmp.smux_fd, buf, (ptr - buf), 0); -} - -int -smux_register(void) -{ - u_char buf[BUFSIZ]; - u_char *ptr; - size_t len; - int ret; - long priority; - long operation; - struct subtree *subtree; - struct list *l; - - ret = 0; - - for (l = treelist; l; l=l->next) { - subtree = l->data; - - ptr = buf; - len = BUFSIZ; - - /* SMUX RReq Header. */ - ptr = asn_build_header (ptr, &len, (u_char) SMUX_RREQ, 0); - - /* Register MIB tree. */ - ptr = asn_build_objid (ptr, &len, - (u_char) - (ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_OBJECT_ID), - subtree->name, subtree->name_len); - - /* Priority. */ - priority = -1; - ptr = asn_build_int (ptr, &len, - (u_char)(ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &priority, sizeof (u_long)); - - /* Operation. */ - operation = rad_snmp.snmp_write_access ? 2 : 1; /* Register R/O or R/W */ - ptr = asn_build_int (ptr, &len, - (u_char)(ASN_UNIVERSAL | ASN_PRIMITIVE | ASN_INTEGER), - &operation, sizeof (u_long)); - - smux_oid_dump ("SMUX register oid", subtree->name, subtree->name_len); - DEBUG2 ("SMUX register priority: %ld", priority); - DEBUG2 ("SMUX register operation: %ld", operation); - - len = BUFSIZ; - asn_build_header (buf, &len, (u_char) SMUX_RREQ, (ptr - buf) - 2); - ret = send (rad_snmp.smux_fd, buf, (ptr - buf), 0); - if (ret < 0) { - return ret; - } - } - return ret; -} - -/* Try to connect to SNMP agent. */ -int -smux_connect () -{ - int ret; - - rad_snmp.smux_event=SMUX_NONE; - DEBUG2 ("SMUX connect try %d", rad_snmp.smux_failures + 1); - - /* Make socket. Try to connect. */ - rad_snmp.smux_fd = smux_sock (); - if (rad_snmp.smux_fd < 0) { - if (++rad_snmp.smux_failures < rad_snmp.smux_max_failures) - rad_snmp.smux_event=SMUX_CONNECT; - return 0; - } - - /* Send OPEN PDU. */ - ret = smux_open (); - if (ret < 0) { - DEBUG ("SMUX open message send failed: %s", strerror (errno)); - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; - rad_snmp.smux_event=SMUX_CONNECT; - return -1; - } - - /* Send any outstanding register PDUs. */ - ret = smux_register (); - if (ret < 0) { - DEBUG ("SMUX register message send failed: %s", strerror (errno)); - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; - rad_snmp.smux_event=SMUX_CONNECT; - return -1; - } - - /* Everything goes fine. */ - rad_snmp.smux_event=SMUX_READ; - - return 0; -} - -/* Clear all SMUX related resources. */ -void -smux_stop(void) -{ - rad_snmp.smux_event=SMUX_NONE; - if (rad_snmp.smux_fd >= 0) - close (rad_snmp.smux_fd); - rad_snmp.smux_fd = -1; -} - -int -smux_str2oid (char *str, oid *my_oid, size_t *oid_len) -{ - int len; - int val; - - len = 0; - val = 0; - *oid_len = 0; - - if (*str == '.') - str++; - if (*str == '\0') - return 0; - - while (1) { - if (! isdigit ((int) *str)) - return -1; - - while (isdigit ((int) *str)) { - val *= 10; - val += (*str - '0'); - str++; - } - - if (*str == '\0') - break; - if (*str != '.') - return -1; - - my_oid[len++] = val; - val = 0; - str++; - } - - my_oid[len++] = val; - *oid_len = len; - - return 0; -} - -oid * -smux_oid_dup (oid *objid, size_t objid_len) -{ - oid *new; - - new = (oid *)rad_malloc(sizeof (oid) * objid_len); - oid_copy (new, objid, objid_len); - - return new; -} - -int -smux_header_generic (struct variable *v, oid *name, size_t *length, int exact, - size_t *var_len, WriteMethod **write_method) -{ - oid fulloid[MAX_OID_LEN]; - int ret; - - oid_copy (fulloid, v->name, v->namelen); - fulloid[v->namelen] = 0; - /* Check against full instance. */ - ret = oid_compare (name, *length, fulloid, v->namelen + 1); - - /* Check single instance. */ - if ((exact && (ret != 0)) || (!exact && (ret >= 0))) - return MATCH_FAILED; - - /* In case of getnext, fill in full instance. */ - memcpy (name, fulloid, (v->namelen + 1) * sizeof (oid)); - *length = v->namelen + 1; - - *write_method = 0; - *var_len = sizeof(long); /* default to 'long' results */ - - return MATCH_SUCCEEDED; -} - -/* Initialize some values then schedule first SMUX connection. */ -void -smux_init (oid defoid[], size_t defoid_len) -{ - smux_oid = defoid; - smux_oid_len = defoid_len; -} - -/* Register subtree to smux master tree. */ -void -smux_register_mib(UNUSED const char *descr, struct variable *var, size_t width, - int num, oid name[], size_t namelen) -{ - struct subtree *tree, *tt; - struct list *l, *ll; - - tree = (struct subtree *)rad_malloc(sizeof(struct subtree)); - oid_copy (tree->name, name, namelen); - tree->name_len = namelen; - tree->variables = var; - tree->variables_num = num; - tree->variables_width = width; - tree->registered = 0; - l = (struct list *)rad_malloc(sizeof(struct list)); - l->data = tree; - l->next = NULL; -/* Build a treelist sorted by the name. This makes GETNEXT simpler */ - if (treelist == NULL) { - treelist = l; - return; - } - tt = (struct subtree*) treelist->data; - if (oid_compare(name, namelen, tt->name, tt->name_len) < 0) { - l->next = treelist; - treelist = l; - return; - } - for (ll = treelist; ll->next; ll=ll->next) { - tt = (struct subtree*) ll->next->data; - if (oid_compare(name, namelen, tt->name, tt->name_len) < 0) { - l->next = ll->next; - ll->next = l; - return; - } - } - ll->next = l; -} - -void -smux_start(void) -{ - rad_snmp.smux_event=SMUX_CONNECT; - smux_connect(); -} -#endif /* WITH_SNMP */ diff --git a/src/main/version.c b/src/main/version.c index aa14268..f17f582 100644 --- a/src/main/version.c +++ b/src/main/version.c @@ -41,9 +41,6 @@ void NEVER_RETURNS version(void) #if defined(OSFC2) printf(" OSFC2"); #endif -#if defined(WITH_SNMP) - printf(" WITH_SNMP"); -#endif printf("\n"); #endif printf("Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.\n"); diff --git a/src/main/vmps.c b/src/main/vmps.c index 3643a49..bc06c73 100644 --- a/src/main/vmps.c +++ b/src/main/vmps.c @@ -26,7 +26,6 @@ RCSID("$Id$") #include #include -#include #include #include #include diff --git a/suse/freeradius.spec b/suse/freeradius.spec index 2e4713c..60bb045 100644 --- a/suse/freeradius.spec +++ b/suse/freeradius.spec @@ -33,7 +33,6 @@ BuildRequires: gettext-devel BuildRequires: glibc-devel BuildRequires: libtool BuildRequires: ncurses-devel -BuildRequires: net-snmp-devel BuildRequires: openldap2-devel BuildRequires: openssl-devel BuildRequires: pam-devel @@ -326,7 +325,6 @@ rm -rf $RPM_BUILD_ROOT %attr(640,-,radiusd) %config(noreplace) /etc/raddb/preproxy_users %attr(640,-,radiusd) %config(noreplace) /etc/raddb/proxy.conf %attr(640,-,radiusd) %config(noreplace) /etc/raddb/radiusd.conf -%attr(640,-,radiusd) %config(noreplace) /etc/raddb/snmp.conf %attr(640,-,radiusd) %config(noreplace) /etc/raddb/sql.conf %dir %attr(640,-,radiusd) /etc/raddb/sql %attr(640,-,radiusd) %config(noreplace) /etc/raddb/sql/*/*.conf -- 2.1.4