Let the config parser make use of the mib_string2oid().
If a descriptor is not found in the loaded MIB files it falls back to
the old smi_oid2string(), which then throws a deprecation warning. This
w

Let the config parser make use of the mib_string2oid().
If a descriptor is not found in the loaded MIB files it falls back to
the old smi_oid2string(), which then throws a deprecation warning. This
won't trigger for most cases in the default install, but the
UCD-DISKIO-MIB and dependencies aren't included (yet?) (which can be
fixed by manually including them via "mib directory") and there's a
couple of misspellings (e.g. mib_2 vs mib-2, and
usmStatsNotInTimeWindow vs usmStatsNotInTimeWindows).

Feedback and OK tb@

show more ...

Replace most smi_oid2string() calls with the new mib_oid2string().
smi_oid2string() is still called from trap handle context to not break
any existing scripts.

OK tb@

Convert to imsg_get_fd() and remove unused proc_forward_imsg().
OK martijn@

mib_init() and MIB() disappeared with mib.c, remove their declarations.
MIBDECL() and MIBEND are only used inside mib.h, so move their definition
in there.

OK tb@

Clean up snmpd's header situation.

With the help of tb@ and include-what-you-use.

OK tb@

Apparently base-gcc doesn't like having OID() inside MIBDECL(). Handroll
the OID() logic into MIBDECL().

Found, tested, and OK jca@
OK tb@

Move struct oid from snmpd.h into smi.c and trim a lot of the now unused
fat. This includes all the o_flags member related defines.

if it compiles ship it/OK tb@

Remove a bunch of unused smi_ functions and move a couple of definitions
out of snmpd.h, which aren't used outside of smi.c

OK tb@

Let MIBDECL() make use of OID(). This gives use bo_n for free and we
won't have to rely on error-prone smi_oidlen.

OK tb@

Now that smi.c is basically an oid/name translator, let smi_insert()
create the struct oid and let parse.y supply the arguments.

OK tb@

Now that the last consumer of mps.c is gone, remove it and its
application_legacy.c companion.

OK tb@

Move SNMPv2-MIB::system from mib.c into the new application_internal.c.
This was the last consumer of mib.c, so send it to the great bitbucket
in the sky.

This move removes the sysORTable, but it wa

Move SNMPv2-MIB::system from mib.c into the new application_internal.c.
This was the last consumer of mib.c, so send it to the great bitbucket
in the sky.

This move removes the sysORTable, but it was basically non-functioning
anyway and removal of previous entries from the table didn't caused
any fallout that reached my ears.
I hope to add proper sysORTable/agent-capabilities support, which
is compatible with AgentX's {Add,Remove}AgentCaps, soon.

OK tb@

show more ...

Introduce application_internal.c. This backend is meant to replace
application_legacy.c, mps.c, and mib.c. This commit just introduces the
backend. The existing MIBs inside mib.c will be copied over

Introduce application_internal.c. This backend is meant to replace
application_legacy.c, mps.c, and mib.c. This commit just introduces the
backend. The existing MIBs inside mib.c will be copied over in
subsequent commits.

OK tb@

show more ...

Remove a lot of old (dead) code that's either been superseded, or moved to
snmpd_metrics.

OK benno@ sthen@

Add privilege separation to snmpd.

This uses the just imported snmpd_metrics as a new (agentx-based) backend.
Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions
registered by these

Add privilege separation to snmpd.

This uses the just imported snmpd_metrics as a new (agentx-based) backend.
Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions
registered by these binaries as authorative, so that no other agentx
backends can overwrite them. The snmpe process is now pledged
"stdio recvfd inet unix".

This removes quite a few entries from the sysORTable, but the current
entries are non-compliant anyway and should be completely revisisted at a
later time.

Reduces the time for a full walk by about a factor of 4, bringing us close
to the original speed before application.c was introduced.

General design discussed with claudio@
Tested by and OK sthen
Release build test and OK tb@

show more ...

(Re)add support for agentx in snmpd
Current omissions in protocol support are notifications,
index (de)allocation, and agent capabilities.

Help testing sthen@
Feedback/tweaks/OK jmatthew@

Introduce a blocklist backend and keyword.

This allows the admin to specify a full region of the OID tree to be
blocked and simply returns NOSUCHOBJECT/ENDOFMIBVIEW.

This deprecates filter-pf-addre

Introduce a blocklist backend and keyword.

This allows the admin to specify a full region of the OID tree to be
blocked and simply returns NOSUCHOBJECT/ENDOFMIBVIEW.

This deprecates filter-pf-addresses in favour of:
blocklist pfTblAddrTable

OK tb@

show more ...

Move some smi.c functions to their own header.
These are needed for a new application layer, where a lot of the snmpd.h
stuff just clutter.

OK jmatthew@
tested as part of larger diff by sthen@ and J

Move some smi.c functions to their own header.
These are needed for a new application layer, where a lot of the snmpd.h
stuff just clutter.

OK jmatthew@
tested as part of larger diff by sthen@ and Joel Carnat

show more ...

Move log.c functions to their own header.
This is needed for a new application layer where, where a lot of the
snmpd.h stuff just clutter.

Requested by benno@
OK jmatthew@
tested as part of larger d

Move log.c functions to their own header.
This is needed for a new application layer where, where a lot of the
snmpd.h stuff just clutter.

Requested by benno@
OK jmatthew@
tested as part of larger diff by sthen@ and Joel Carnat

show more ...

Allow snmpd(8) to send SNMPv3 traps.

OK jmatthew@

Allow setting the engineid.

The previous engineid was based aronud the engine boottime and a random
value, which gives problems when sending/receiving unacknowledged PDUs
(trapv2) over SNMPv3 with a

Allow setting the engineid.

The previous engineid was based aronud the engine boottime and a random
value, which gives problems when sending/receiving unacknowledged PDUs
(trapv2) over SNMPv3 with authentication enabled, which need a consistent
engineid across restarts to determine the correct user from the sender.

The new default engineid takes a sha256 hash (chosen for its longer output)
of gethostname(3) and places the first 27 bytes after the new format number
129. This should give us a very low probability of collisions, assuming
all machines have a unique name.

The other formats as specified in SNMP-FRAMEWORK-MIB (RFC3411) are also
supported as well as arbitrary formats in the range 128-255 for other
private enterprise numbers in hex format.

OK jmatthew@

show more ...

Switch default snmpd and snmp auth back to hmac-sha1.

Practical experience on several machines after updates suggests the snmp
world isn't really ready for hmac-sha2-256, and the HMAC construction d

Switch default snmpd and snmp auth back to hmac-sha1.

Practical experience on several machines after updates suggests the snmp
world isn't really ready for hmac-sha2-256, and the HMAC construction doesn't
require collision resistance (which is the weakness of MD5/SHA1; see e.g.
"New proofs for NMAC and HMAC: Security without collision-resistance",
Bellare 2014).

Feedback from martijn@ (who would prefer to keep using the sha2 hmac),
deraadt@, tb@.

show more ...

Change default user auth to hmac-sha256 and enc to aes.
The old defaults are just not sane anymore.

OK sthen@

Tighten default security for snmpd(8). This is done by doing several
things:
- Only allow SNMPv3 by default. SNMPv1 and SNMPv2c can be enabled by
setting the new snmpv* flags on the "liston on" sta

Tighten default security for snmpd(8). This is done by doing several
things:
- Only allow SNMPv3 by default. SNMPv1 and SNMPv2c can be enabled by
setting the new snmpv* flags on the "liston on" statements.
- Remove the default community names. They're not secure to use.
- Change the default seclevel to enc.

Initial idea, help from and OK sthen@

show more ...

Rename context to pdutype. This is in line with the naming schema from the
RFCs.

While here remove a duplicate sm_type that snuck in during traphandler
merger and use human readable names in debug l

Rename context to pdutype. This is in line with the naming schema from the
RFCs.

While here remove a duplicate sm_type that snuck in during traphandler
merger and use human readable names in debug log entries from packages.

OK jan@

show more ...