nut/tools/nut-scanner/scan_snmp.c

521 lines
13 KiB
C
Raw Normal View History

2011-09-29 18:14:46 +00:00
/* scan_snmp.c: detect NUT supported SNMP devices
*
* Copyright (C) 2011 - Frederic Bohe <fredericbohe@eaton.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "common.h"
#ifdef HAVE_NET_SNMP_NET_SNMP_CONFIG_H
#include "nut-scan.h"
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <string.h>
/* workaround for buggy Net-SNMP config
* from drivers/snmp-ups.h */
#ifdef PACKAGE_BUGREPORT
#undef PACKAGE_BUGREPORT
#endif
#ifdef PACKAGE_NAME
#undef PACKAGE_NAME
#endif
#ifdef PACKAGE_VERSION
#undef PACKAGE_VERSION
#endif
#ifdef PACKAGE_STRING
#undef PACKAGE_STRING
#endif
#ifdef PACKAGE_TARNAME
#undef PACKAGE_TARNAME
#endif
#include <net-snmp/net-snmp-config.h>
#include <net-snmp/net-snmp-includes.h>
#ifdef HAVE_PTHREAD
#include <pthread.h>
#endif
#include "nutscan-snmp.h"
#define SysOID ".1.3.6.1.2.1.1.2.0"
static nutscan_device_t * dev_ret = NULL;
#ifdef HAVE_PTHREAD
static pthread_mutex_t dev_mutex;
static pthread_t * thread_array = NULL;
static int thread_count = 0;
#endif
long g_usec_timeout ;
static void scan_snmp_add_device(nutscan_snmp_t * sec, struct snmp_pdu *response,char * mib)
{
nutscan_device_t * dev = NULL;
struct snmp_session * session;
char * buf;
session = snmp_sess_session(sec->handle);
/* SNMP device found */
dev = nutscan_new_device();
dev->type = TYPE_SNMP;
dev->driver = strdup("snmp-ups");
dev->port = strdup(session->peername);
buf = malloc( response->variables->val_len + 1 );
if( buf ) {
memcpy(buf,response->variables->val.string,
response->variables->val_len);
buf[response->variables->val_len]=0;
nutscan_add_option_to_device(dev,"desc",buf);
free(buf);
}
nutscan_add_option_to_device(dev,"mibs",mib);
/* SNMP v3 */
if( session->community == NULL || session->community[0] == 0) {
if( sec->secLevel ) {
nutscan_add_option_to_device(dev,"secLevel",
sec->secLevel);
}
if( sec->secName ) {
nutscan_add_option_to_device(dev,"secName",
sec->secName);
}
if( sec->authPassword ) {
nutscan_add_option_to_device(dev,"authPassword",
sec->authPassword);
}
if( sec->privPassword ) {
nutscan_add_option_to_device(dev,"privPassword",
sec->privPassword);
}
if( sec->authProtocol ) {
nutscan_add_option_to_device(dev,"authProtocol",
sec->authProtocol);
}
if( sec->privProtocol ) {
nutscan_add_option_to_device(dev,"privProtocol",
sec->privProtocol);
}
}
else {
buf = malloc( session->community_len + 1 );
if( buf ) {
memcpy(buf,session->community,
session->community_len);
buf[session->community_len]=0;
nutscan_add_option_to_device(dev,"community",buf);
free(buf);
}
}
#ifdef HAVE_PTHREAD
pthread_mutex_lock(&dev_mutex);
#endif
dev_ret = nutscan_add_device_to_device(dev_ret,dev);
#ifdef HAVE_PTHREAD
pthread_mutex_unlock(&dev_mutex);
#endif
}
static struct snmp_pdu * scan_snmp_get_manufacturer(char* oid_str,void* handle)
{
size_t name_len;
oid name[MAX_OID_LEN];
struct snmp_pdu *pdu, *response = NULL;
int status;
int index = 0;
/* create and send request. */
name_len = MAX_OID_LEN;
if (!snmp_parse_oid(oid_str, name, &name_len)) {
index++;
return NULL;
}
pdu = snmp_pdu_create(SNMP_MSG_GET);
if (pdu == NULL) {
index++;
return NULL;
}
snmp_add_null_var(pdu, name, name_len);
status = snmp_sess_synch_response(handle,pdu, &response);
if( response == NULL ) {
index++;
return NULL;
}
if(status!=STAT_SUCCESS||response->errstat!=SNMP_ERR_NOERROR||
response->variables == NULL ||
response->variables->name == NULL ||
snmp_oid_compare(response->variables->name,
response->variables->name_length,
name, name_len) != 0 ||
response->variables->val.string == NULL ) {
snmp_free_pdu(response);
index++;
return NULL;
}
return response;
}
static void try_all_oid(void * arg)
{
struct snmp_pdu *response = NULL;
int index = 0;
nutscan_snmp_t * sec = (nutscan_snmp_t *)arg;
while(snmp_device_table[index].oid != NULL) {
response = scan_snmp_get_manufacturer(snmp_device_table[index].oid,sec->handle);
if( response == NULL ) {
index++;
continue;
}
scan_snmp_add_device(sec,response,snmp_device_table[index].mib);
snmp_free_pdu(response);
response = NULL;
index++;
}
}
static int init_session(struct snmp_session * snmp_sess, nutscan_snmp_t * sec)
{
snmp_sess_init(snmp_sess);
snmp_sess->peername = sec->peername;
if( sec->community != NULL || sec->secLevel == NULL ) {
snmp_sess->version = SNMP_VERSION_1;
if( sec->community != NULL ) {
snmp_sess->community = (unsigned char *)sec->community;
snmp_sess->community_len = strlen(sec->community);
}
else {
snmp_sess->community = (unsigned char *)"public";
snmp_sess->community_len = strlen("public");
}
}
else { /* SNMP v3 */
snmp_sess->version = SNMP_VERSION_3;
/* Security level */
if (strcmp(sec->secLevel, "noAuthNoPriv") == 0)
snmp_sess->securityLevel = SNMP_SEC_LEVEL_NOAUTH;
else if (strcmp(sec->secLevel, "authNoPriv") == 0)
snmp_sess->securityLevel = SNMP_SEC_LEVEL_AUTHNOPRIV;
else if (strcmp(sec->secLevel, "authPriv") == 0)
snmp_sess->securityLevel = SNMP_SEC_LEVEL_AUTHPRIV;
else {
fprintf(stderr,"Bad SNMPv3 securityLevel: %s\n",
sec->secLevel);
return 0;
}
/* Security name */
if( sec->secName == NULL ) {
fprintf(stderr,"securityName is required for SNMPv3\n");
return 0;
}
snmp_sess->securityName = strdup(sec->secName);
snmp_sess->securityNameLen = strlen(snmp_sess->securityName);
/* Everything is ready for NOAUTH */
if( snmp_sess->securityLevel == SNMP_SEC_LEVEL_NOAUTH ) {
return 1;
}
/* Process mandatory fields, based on the security level */
switch (snmp_sess->securityLevel) {
case SNMP_SEC_LEVEL_AUTHNOPRIV:
if (sec->authPassword == NULL) {
fprintf(stderr,
"authPassword is required for SNMPv3 in %s mode\n",
sec->secLevel);
return 0;
}
break;
case SNMP_SEC_LEVEL_AUTHPRIV:
if ((sec->authPassword == NULL) ||
(sec->privPassword == NULL)) {
fprintf(stderr,
"authPassword and privPassword are required for SNMPv3 in %s mode\n",
sec->secLevel);
return 0;
}
break;
default:
/* nothing else needed */
break;
}
/* Process authentication protocol and key */
snmp_sess->securityAuthKeyLen = USM_AUTH_KU_LEN;
/* default to MD5 */
snmp_sess->securityAuthProto = usmHMACMD5AuthProtocol;
snmp_sess->securityAuthProtoLen =sizeof(usmHMACMD5AuthProtocol)/
sizeof(oid);
if( sec->authProtocol ) {
if (strcmp(sec->authProtocol, "SHA") == 0) {
snmp_sess->securityAuthProto =
usmHMACSHA1AuthProtocol;
snmp_sess->securityAuthProtoLen =
sizeof(usmHMACSHA1AuthProtocol)/
sizeof(oid);
}
else {
if (strcmp(sec->authProtocol, "MD5") != 0) {
fprintf(stderr,
"Bad SNMPv3 authProtocol: %s",
sec->authProtocol);
return 0;
}
}
}
/* set the authentication key to a MD5/SHA1 hashed version of
* our passphrase (must be at least 8 characters long) */
if (generate_Ku(snmp_sess->securityAuthProto,
snmp_sess->securityAuthProtoLen,
(u_char *) sec->authPassword,
strlen(sec->authPassword),
snmp_sess->securityAuthKey,
&snmp_sess->securityAuthKeyLen)
!= SNMPERR_SUCCESS) {
fprintf(stderr,
"Error generating Ku from authentication pass phrase\n");
return 0;
}
/* Everything is ready for AUTHNOPRIV */
if( snmp_sess->securityLevel == SNMP_SEC_LEVEL_AUTHNOPRIV ) {
return 1;
}
/* default to DES */
snmp_sess->securityPrivProto=usmDESPrivProtocol;
snmp_sess->securityPrivProtoLen =
sizeof(usmDESPrivProtocol)/sizeof(oid);
if( sec->privProtocol ) {
if (strcmp(sec->privProtocol, "AES") == 0) {
snmp_sess->securityPrivProto=usmAESPrivProtocol;
snmp_sess->securityPrivProtoLen =
sizeof(usmAESPrivProtocol)/sizeof(oid);
}
else {
if (strcmp(sec->privProtocol, "DES") != 0) {
fprintf(stderr,
"Bad SNMPv3 authProtocol: %s\n"
,sec->authProtocol);
return 0;
}
}
}
/* set the private key to a MD5/SHA hashed version of
* our passphrase (must be at least 8 characters long) */
snmp_sess->securityPrivKeyLen = USM_PRIV_KU_LEN;
if (generate_Ku(snmp_sess->securityAuthProto,
snmp_sess->securityAuthProtoLen,
(u_char *) sec->privPassword,
strlen(sec->privPassword),
snmp_sess->securityPrivKey,
&snmp_sess->securityPrivKeyLen)
!= SNMPERR_SUCCESS) {
fprintf(stderr,
"Error generating Ku from private pass phrase\n");
return 0;
}
}
return 1;
}
static void * try_SysOID(void * arg)
{
struct snmp_session snmp_sess;
void * handle;
struct snmp_pdu *pdu, *response = NULL;
oid name[MAX_OID_LEN];
size_t name_len = MAX_OID_LEN;
nutscan_snmp_t * sec = (nutscan_snmp_t *)arg;
int index = 0;
int sysoid_found = 0;
/* Initialize session */
if( !init_session(&snmp_sess,sec) ) {
goto try_SysOID_free;
}
snmp_sess.retries = 0;
snmp_sess.timeout = g_usec_timeout;
/* Open the session */
handle = snmp_sess_open(&snmp_sess); /* establish the session */
if (handle == NULL) {
fprintf(stderr,"Failed to open SNMP session for %s.\n",
sec->peername);
goto try_SysOID_free;
}
/* create and send request. */
if (!snmp_parse_oid(SysOID, name, &name_len)) {
fprintf(stderr,"SNMP errors: %s\n",
snmp_api_errstring(snmp_errno));
snmp_sess_close(handle);
goto try_SysOID_free;
}
pdu = snmp_pdu_create(SNMP_MSG_GET);
if (pdu == NULL) {
fprintf(stderr,"Not enough memory\n");
snmp_sess_close(handle);
goto try_SysOID_free;
}
snmp_add_null_var(pdu, name, name_len);
snmp_sess_synch_response(handle,
pdu, &response);
if (response) {
sec->handle = handle;
/* SNMP device found */
/* SysOID is supposed to give the required MIB. */
/* Check if the received OID match with a known sysOID */
if(response->variables != NULL &&
response->variables->val.objid != NULL){
while(snmp_device_table[index].oid != NULL) {
if(snmp_device_table[index].sysoid == NULL ) {
index++;
continue;
}
name_len = MAX_OID_LEN;
if (!snmp_parse_oid(
snmp_device_table[index].sysoid,
name, &name_len)) {
index++;
continue;
}
if ( snmp_oid_compare(
response->variables->val.objid,
response->variables->val_len/sizeof(oid),
name, name_len) == 0 ) {
/* we have found a relevent sysoid */
snmp_free_pdu(response);
response = scan_snmp_get_manufacturer(
snmp_device_table[index].oid,
handle);
scan_snmp_add_device(sec,response,
snmp_device_table[index].mib);
sysoid_found = 1;
}
index++;
}
}
/* try a list of known OID */
if( !sysoid_found ) {
try_all_oid(sec);
}
snmp_free_pdu(response);
response = NULL;
}
snmp_sess_close(handle);
try_SysOID_free:
if( sec->peername ) {
free(sec->peername);
}
free(sec);
return NULL;
}
nutscan_device_t * nutscan_scan_snmp(const char * start_ip, const char * stop_ip,long usec_timeout, nutscan_snmp_t * sec)
{
int i;
nutscan_snmp_t * tmp_sec;
nutscan_ip_iter_t ip;
char * ip_str = NULL;
#ifdef HAVE_PTHREAD
pthread_t thread;
pthread_mutex_init(&dev_mutex,NULL);
#endif
g_usec_timeout = usec_timeout;
/* Initialize the SNMP library */
init_snmp("nut-scanner");
ip_str = nutscan_ip_iter_init(&ip, start_ip, stop_ip);
while(ip_str != NULL) {
tmp_sec = malloc(sizeof(nutscan_snmp_t));
memcpy(tmp_sec, sec, sizeof(nutscan_snmp_t));
tmp_sec->peername = ip_str;
#ifdef HAVE_PTHREAD
if (pthread_create(&thread,NULL,try_SysOID,(void*)tmp_sec)==0){
thread_count++;
thread_array = realloc(thread_array,
thread_count*sizeof(pthread_t));
thread_array[thread_count-1] = thread;
}
#else
try_SysOID((void *)tmp_sec);
#endif
ip_str = nutscan_ip_iter_inc(&ip);
};
#ifdef HAVE_PTHREAD
for ( i=0; i < thread_count ; i++) {
pthread_join(thread_array[i],NULL);
}
pthread_mutex_destroy(&dev_mutex);
free(thread_array);
#endif
return dev_ret;
}
#endif /* HAVE_NET_SNMP_NET_SNMP_CONFIG_H */